--------------- QuickDiag | g3n-h@ckm@n | 2_17.07.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 23/07/2016 13:11:07 Updated 17/07/2016 | 08.15 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jean- (Administrator)] - [DESKTOP-9LM40BG] (S-1-5-21-2956268689-1280340557-608612402-1001) System: Microsoft Windows 10 Famille - - (10.0.10586) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : SafeMode with network PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: Unknown - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 HD Webcam C310 - Status: Unknown - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_081B&MI_02\7&4D0A220&1&0002 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25344 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\prodad-codec.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 607256 - Manufacturer: proDAD GmbH - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34632 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27136 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % Total Overall CPU Usage value:0 % ---------- | Network Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) - Ethernet 802.3 - Qualcomm Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_2AE3103C&REV_C1\4&186C6B44&0&00A9 Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - - - Status: - PnPID : Microsoft ISATAP Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 3748 | Free (MB) : 2947 Pagefile = Total (MB) : 5976 | Free (MB) : 5292 Virtual = Total (MB) : 4194 | Free (MB) : 3977 Physical Memory 0 : Capacity: 4294967296 - A1_DIMM0 - Posit.: 0 - Manufacturer: Micron - PartNumber: 8JTF51264AZ-1G6E1 - S/N: DEA02E9 ---------- | SID Users Administrateur : [S-1-5-21-2956268689-1280340557-608612402-500] DefaultAccount : [S-1-5-21-2956268689-1280340557-608612402-503] Invité : [S-1-5-21-2956268689-1280340557-608612402-501] jean- : [S-1-5-21-2956268689-1280340557-608612402-1001] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-2956268689-1280340557-608612402-1002] ---------- | Drives Y:\ -> [Fixed] | [My Passport] | Total : 2794.49 Go | Free : 905.15 Go -> NTFS [USB] X:\ -> [Removable] | [sandisk con] | Total : 119.04 Go | Free : 112.61 Go -> exFAT [USB] W:\ -> [Removable] | [NO NAME] | Total : 59.48 Go | Free : 17.37 Go -> FAT32 [USB] R:\ -> [Removable] | [louvre] | Total : 476.69 Go | Free : 476.69 Go -> exFAT [USB] N:\ -> [Removable] | [] | Total : 30.02 Go | Free : 2.11 Go -> FAT32 [USB] M:\ -> [Removable] | [AUTORAD] | Total : 14.83 Go | Free : 14.57 Go -> FAT32 [USB] K:\ -> [Removable] | [FramaLive] | Total : 14.41 Go | Free : 8.54 Go -> FAT32 [USB] J:\ -> [Fixed] | [POWER2GO 11 SETUP] | Total : 0.46 Go | Free : 0.42 Go -> NTFS [SATA] I:\ -> [Removable] | [FRAMAKEY SA] | Total : 1.86 Go | Free : 0.22 Go -> FAT [USB] H:\ -> [CDROM] | [WD Unlocker] | Total : 0.01 Go | Free : 0 Go -> UDF [USB] F:\ -> [Fixed] | [100% s finalis blini benchmarkin] | Total : 0.42 Go | Free : 0.25 Go -> NTFS [SATA] E:\ -> [Fixed] | [widen & barrow 2] | Total : 30.4 Go | Free : 7.39 Go -> NTFS [SATA] D:\ -> [Fixed] | [Recovery Image] | Total : 12.6 Go | Free : 1.13 Go -> NTFS [SATA] C:\ -> [Fixed] | [OS] | Total : 557.71 Go | Free : 266.49 Go -> NTFS [SATA] Disk Usage Information [14 total Physical Disks] Physical Drive #0 [C:, E:, F:, D:, J:] : Read:0 bytes/sec, Written:360,308 bytes/sec Max Read:0 bytes/sec, Max Write:360,308 bytes/sec Physical Drive #1 [Y:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [S:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [T:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [V:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [W:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #7 [P:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #8 [Q:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #9 [R:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, M:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, N:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, X:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:360,308 bytes/sec DeviceID: \\.\PHYSICALDRIVE13 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_WIRELESS_STICK&REV_1\D0E40BF4E788&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - External hard disk media - 1 Part. - PnPID : USBSTOR\DISK&VEN_WD&PROD_MY_PASSPORT_0827&REV_1012\575831314438354450483744&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 10 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-60ZF5A0\4&32E8E4A0&0&000000 DeviceID: \\.\PHYSICALDRIVE8 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_EPSON&PROD_STORAGE&REV_1.00\8&39D170AA&0&534E4A593030303390&1 DeviceID: \\.\PHYSICALDRIVE9 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_REALSIL&PROD_RTSUERLUN0&REV_1.00\0000 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-SM/XD&REV_2.10\50000007EDC1&1 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-MS&REV_2.10\50000007EDC1&3 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-SD&REV_2.10\50000007EDC1&2 DeviceID: \\.\PHYSICALDRIVE11 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_3.0&REV_PMAP\AC220B280C8CB030D9732DE0&0 DeviceID: \\.\PHYSICALDRIVE7 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_EPSON&PROD_STORAGE&REV_1.00\8&39D170AA&0&534E4A593030303390&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-CF&REV_2.10\50000007EDC1&0 DeviceID: \\.\PHYSICALDRIVE12 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1100\0116000000008682&0 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_&PROD_FIXMESTICK&REV_8.07\D2BF4C401E2763FP1289&0 DeviceID: \\.\PHYSICALDRIVE10 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0815\000000000004&GL&23 ---------- | Windows updates No detected update !!! ---------- | Browsers IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" %1 ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.209 ---------- | Security AS : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Auto(2)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 580 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe [30/10/2015 09:18:03] CPU Usage:0 % 772 | [Owner : | Parent : 704() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe [18/06/2016 12:09:12] CPU Usage:0 % 836 | [Owner : | Parent : 772(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe [20/06/2016 21:04:20] CPU Usage:0 % 852 | [Owner : | Parent : 772(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe [30/10/2015 09:18:03] CPU Usage:0 % 872 | [Owner : | Parent : 764() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe [20/06/2016 21:04:22] CPU Usage:0 % 976 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 68 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1028 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1068 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1076 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1148 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1216 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1260 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1520 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1748 | [Owner : jean- | Parent : 1076(svchost.exe) | 20.89 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe [30/10/2015 09:18:01] CPU Usage:0 % 1852 | [Owner : jean- | Parent : 1832() | 99.45 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [18/07/2016 17:13:01] CPU Usage:0 % 1944 | [Owner : jean- | Parent : 1852(explorer.exe) | 12.12 Mo] - (.IvoSoft - Classic Start Menu.) - (4.2.5.0) = C:\Program Files\Classic Shell\ClassicStartMenu.exe [21/05/2016 08:12:48] CPU Usage:0 % 1968 | [Owner : jean- | Parent : 1852(explorer.exe) | 6.16 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.10586.0) = C:\Windows\System32\ctfmon.exe [30/10/2015 09:18:18] CPU Usage:0 % 2264 | [Owner : jean- | Parent : 976(svchost.exe) | 21.47 Mo] - (.Microsoft Corporation - Aide et support Microsoft.) - (10.0.10586.494) = C:\Windows\HelpPane.exe [18/07/2016 15:17:01] CPU Usage:0 % 2532 | [Owner : jean- | Parent : 976(svchost.exe) | 19.06 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10586.0) = C:\Windows\System32\ApplicationFrameHost.exe [30/10/2015 09:18:16] CPU Usage:0 % 2556 | [Owner : jean- | Parent : 1852(explorer.exe) | 7.3 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe [18/07/2016 18:15:22] CPU Usage:0 % 3068 | [Owner : jean- | Parent : 976(svchost.exe) | 83.61 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [18/07/2016 17:13:01] CPU Usage:0 % 2000 | [Owner : jean- | Parent : 976(svchost.exe) | 11.22 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.10586.0) = C:\Windows\System32\dllhost.exe [30/10/2015 09:17:51] CPU Usage:0 % 1712 | [Owner : jean- | Parent : 3068(explorer.exe) | 31.8 Mo] - (.SosVirus - QuickDiag.) - (17.7.2016.1) = C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe [23/07/2016 13:09:57] CPU Usage:0 % ---------- | MD5 [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 17:13:01] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.494) : C:\WINDOWS\Explorer.exe [MD5.41E25E514D90E9C8BC570484DBAFF62B] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [228.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [20/06/2016 21:04:20] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\WINDOWS\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [18/06/2016 12:09:28] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [18/06/2016 12:09:12] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [20/06/2016 21:04:22] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [20/06/2016 21:04:00] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [20/06/2016 21:03:31] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [20/06/2016 21:03:48] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [20/06/2016 21:03:40] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [20/06/2016 21:03:45] - (.© Microsoft Corporation. - MBT Transport driver.) - [272 Ko] - (10.0.10586.420) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [20/06/2016 21:04:04] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [20/06/2016 21:03:04] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [18/07/2016 17:03:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2346.84 Ko] - (10.0.10586.494) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [20/06/2016 21:03:57] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Windows\system32\ccavguard64.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\CoreUIComponents.dll (.IvoSoft.-.Classic Start Menu.) - (4.2.5.0) -- C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySyncExplorerOverlayX64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.38) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll (.Rebit, Inc..-.Rebit Pro Shell Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~2.DLL (.Rebit, Inc..-.Rebit Pro Translations.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\cqt.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtCore4.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\LIBEAY32.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\SSLEAY32.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtSql4.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtNetwork4.dll (.Rebit, Inc..-.Rebit Pro Namespace Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~1.DLL (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- : 3068 (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Windows\system32\ccavguard64.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySyncExplorerOverlayX64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.38) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll (.Rebit, Inc..-.Rebit Pro Shell Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~2.DLL (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtCore4.dll (.Rebit, Inc..-.Rebit Pro Translations.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\cqt.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\LIBEAY32.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\SSLEAY32.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtSql4.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtNetwork4.dll (.Rebit, Inc..-.Rebit Pro Namespace Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~1.DLL (..-..) - (0.0.0.0) -- C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SysWOW64\WPShellExt64.dll (..-..) - (1.0.0.0) -- C:\WINDOWS\SysWOW64\WSCM64.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\encoding-conversion.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\atom.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\logger.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\brand.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\notification-service.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\root-service-provider.dll (..-..) - (1.0.0.2) -- C:\WINDOWS\SysWOW64\ISCM64.dll (.COMODO Security Solutions.-.COMODO BackUp Language DLL.) - (1.0.0.1808) -- C:\Program Files\COMODO\COMMON\LANG\GUILANG_FRA.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Windows\system32\ccavguard64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up SpybotPostWindows10UpgradeReInstall - ("C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\S-1-5-18\...\Run]) - User: AUTORITE NT\Système OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU EaseUS EverySync - (C:\PROGRA~2\EaseUS\EaseUS EverySync\bin\EverySync.exe 0 [Startup]) - User: DESKTOP-9LM40BG\jean- PortableApps.com Platform - (Y:\PORTAB~1\PORTAB~1.COM\PortableAppsPlatform.exe [Startup]) - User: DESKTOP-9LM40BG\jean- Power2GoExpress10 - ("C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- ultracopier - ("C:\Program Files\Ultracopier\ultracopier.exe" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- USBListener - (C:\Users\jean-\AppData\Local\Temp\{438E237C-C9D2-4803-A1FE-EE77D929E548}\USBListener.exe -autorun [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- CCD - (C:\Program Files\COMODO\cDrive\cDrive.exe [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- FileHippo.com - ("C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe" /background [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- SpybotPostWindows10UpgradeReInstall - ("C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\.DEFAULT\...\Run]) - User: .DEFAULT RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\...\Run]) - User: Public Classic Start Menu - ("C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress10"="C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup "ultracopier"="C:\Program Files\Ultracopier\ultracopier.exe" "USBListener"=C:\Users\jean-\AppData\Local\Temp\{438E237C-C9D2-4803-A1FE-EE77D929E548}\USBListener.exe -autorun "CCD"=C:\Program Files\COMODO\cDrive\cDrive.exe [20/07/2016 12:29:52] "FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe" /background [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide "YouCam Service7"="C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe" /s "InstantBurn"=C:\PROGRA~2\CYBERL~1\InstantBurn\Win2K\IBurn.exe [16/07/2016 15:10:49] "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "CLMLServer_For_P2G10"="C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe" "PowerDVD16Agent"="C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe" "ccav"="C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe" -autorun "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup "Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [19/07/2016 08:44:59] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\COMODO PC TuneUp] : c:\program files\comodo\pc tuneup\cpctuneup.exe /startup ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=553aa36f-b973-4e9b-a4b7-8aef5fd "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "BootExecute"=autocheck autochk * sdnclean64.exe "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkTimeout"=5 [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "SystemStartOptions"= NOEXECUTE=OPTIN SAFEBOOT:NETWORK NOGUIBOOT BOOTLOGO "SystemBootDevice"=multi(0)disk(0)rdisk(1)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(1)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=6 "WaitToKillServiceTimeout"=200 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [10/06/2016 10:59:41] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "fullprivilegeauditing"=0x80 "LsaPid"=852 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ---------- | .LNK C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\jean-\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk (-togglenew) C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\Startup\EaseUS EverySync.lnk (0) � Uqpbinh2(l*SG�m EverySync.exeL ��H��H�.�TEverySync. C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\Startup\PortableApps.com Platform.lnk () �H�!PORTAB~1J ᄌH�!�H�.@�PortableAppsn1�HFN0PORTAB~1.COMR � C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EaseUS EverySync.lnk (0) � Uqpbinh2(l*SG�m EverySync.exeL ��H��H�.�TEverySync. C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PortableApps.com Platform.lnk () �H�!PORTAB~1J ᄌH�!�H�.@�PortableAppsn1�HFN0PORTAB~1.COMR � C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\jean-\Desktop\AdsFix_Donate.lnk (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) C:\Users\jean-\Desktop\Dropbox.lnk (/home) C:\Users\jean-\Desktop\Pre_Scan_Donate.lnk (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) C:\Users\jean-\Desktop\Pre_Scan_Restore.lnk (C:\Pre_Scan) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\jean-\Local Settings\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\jean-\Menu Démarrer\startscreen.lnk (-togglenew) C:\Users\jean-\Menu Démarrer\Programmes\Startup\EaseUS EverySync.lnk (0) � Uqpbinh2(l*SG�m EverySync.exeL ��H��H�.�TEverySync. C:\Users\jean-\Menu Démarrer\Programmes\Startup\PortableApps.com Platform.lnk () �H�!PORTAB~1J ᄌH�!�H�.@�PortableAppsn1�HFN0PORTAB~1.COMR � C:\Users\jean-\Menu Démarrer\Programmes\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\jean-\Menu Démarrer\Programs\Startup\EaseUS EverySync.lnk (0) � Uqpbinh2(l*SG�m EverySync.exeL ��H��H�.�TEverySync. C:\Users\jean-\Menu Démarrer\Programs\Startup\PortableApps.com Platform.lnk () �H�!PORTAB~1J ᄌH�!�H�.@�PortableAppsn1�HFN0PORTAB~1.COMR � C:\Users\jean-\Menu Démarrer\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\jean-\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Public\Desktop\Manuels EPSON.lnk ( /LA "FR" /FR "DESKTOP") C:\Users\Public\Desktop\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Bureau\Manuels EPSON.lnk ( /LA "FR" /FR "DESKTOP") C:\ProgramData\Bureau\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Menu Démarrer\Programmes\CyberLink YouCam 7 Mirror.lnk (/m) C:\ProgramData\Menu Démarrer\Programmes\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Menu Démarrer\Programmes\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\AMD Catalyst Control Center\Help.lnk (Start Help -help) C:\ProgramData\Menu Démarrer\Programmes\Classic Shell\Paramètres de menu démarrer Classique.lnk (-settings) C:\ProgramData\Menu Démarrer\Programmes\CyberLink Media Suite\CyberLink MediaEspresso 7.5\CyberLink MediaEspresso 7.5 Gadget.lnk (gadget) C:\ProgramData\Menu Démarrer\Programmes\DivX Plus\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Menu Démarrer\Programmes\DivX Plus\Enregistrez.lnk (/start=registration) C:\ProgramData\Menu Démarrer\Programmes\DivX Plus\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Menu Démarrer\Programmes\Dropbox\Dropbox.lnk (/home) C:\ProgramData\Menu Démarrer\Programmes\e-Carte Bleue LCL\Uninstall e-Carte Bleue LCL.lnk (/x {44A9E188-470F-40D1-80E0-C1E429FAEEE1}) C:\ProgramData\Menu Démarrer\Programmes\EPSON Software\EPSON Software Updater.lnk (/ST) C:\ProgramData\Menu Démarrer\Programmes\EPSON Software\Manuels EPSON.lnk ( /LA "FR" /FR "STARTMENU") C:\ProgramData\Menu Démarrer\Programmes\HitmanPro\Supprimer HitmanPro 3.7.lnk (/uninstall) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\DirectVobSub.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll",DirectVobSub) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\LAV Audio.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\LAV Splitter.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\LAV Video.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration) C:\ProgramData\Menu Démarrer\Programmes\K-Lite Codec Pack\Configuration\madVR.lnk (editLocalSettingsDontWait) C:\ProgramData\Menu Démarrer\Programmes\Rebit Pro\Rebit Pro.lnk (--show=full) C:\ProgramData\Menu Démarrer\Programmes\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Menu Démarrer\Programmes\System Tools\Task Manager.lnk (/7) C:\ProgramData\Menu Démarrer\Programmes\TreeSize Free\TreeSize Free.lnk (/NOADMIN) C:\ProgramData\Menu Démarrer\Programmes\Western Digital\WD Backup\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Menu Démarrer\Programmes\Zemana AntiLogger Free\Generate Log File\Generate Log File.lnk (/CRASH) C:\ProgramData\Menu Démarrer\Programs\CyberLink YouCam 7 Mirror.lnk (/m) C:\ProgramData\Menu Démarrer\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Menu Démarrer\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\AMD Catalyst Control Center\Help.lnk (Start Help -help) C:\ProgramData\Menu Démarrer\Programs\Classic Shell\Paramètres de menu démarrer Classique.lnk (-settings) C:\ProgramData\Menu Démarrer\Programs\CyberLink Media Suite\CyberLink MediaEspresso 7.5\CyberLink MediaEspresso 7.5 Gadget.lnk (gadget) C:\ProgramData\Menu Démarrer\Programs\DivX Plus\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Menu Démarrer\Programs\DivX Plus\Enregistrez.lnk (/start=registration) C:\ProgramData\Menu Démarrer\Programs\DivX Plus\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Menu Démarrer\Programs\Dropbox\Dropbox.lnk (/home) C:\ProgramData\Menu Démarrer\Programs\e-Carte Bleue LCL\Uninstall e-Carte Bleue LCL.lnk (/x {44A9E188-470F-40D1-80E0-C1E429FAEEE1}) C:\ProgramData\Menu Démarrer\Programs\EPSON Software\EPSON Software Updater.lnk (/ST) C:\ProgramData\Menu Démarrer\Programs\EPSON Software\Manuels EPSON.lnk ( /LA "FR" /FR "STARTMENU") C:\ProgramData\Menu Démarrer\Programs\HitmanPro\Supprimer HitmanPro 3.7.lnk (/uninstall) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll",DirectVobSub) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration) C:\ProgramData\Menu Démarrer\Programs\K-Lite Codec Pack\Configuration\madVR.lnk (editLocalSettingsDontWait) C:\ProgramData\Menu Démarrer\Programs\Rebit Pro\Rebit Pro.lnk (--show=full) C:\ProgramData\Menu Démarrer\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Menu Démarrer\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Menu Démarrer\Programs\TreeSize Free\TreeSize Free.lnk (/NOADMIN) C:\ProgramData\Menu Démarrer\Programs\Western Digital\WD Backup\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Menu Démarrer\Programs\Zemana AntiLogger Free\Generate Log File\Generate Log File.lnk (/CRASH) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7 Mirror.lnk (/m) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk (Start Help -help) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Paramètres de menu démarrer Classique.lnk (-settings) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink MediaEspresso 7.5\CyberLink MediaEspresso 7.5 Gadget.lnk (gadget) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Enregistrez.lnk (/start=registration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk (/home) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL\Uninstall e-Carte Bleue LCL.lnk (/x {44A9E188-470F-40D1-80E0-C1E429FAEEE1}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON Software Updater.lnk (/ST) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Manuels EPSON.lnk ( /LA "FR" /FR "STARTMENU") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Supprimer HitmanPro 3.7.lnk (/uninstall) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll",DirectVobSub) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madVR.lnk (editLocalSettingsDontWait) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit Pro\Rebit Pro.lnk (--show=full) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free.lnk (/NOADMIN) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Backup\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free\Generate Log File\Generate Log File.lnk (/CRASH) ---------- | AppCertDlls | AppInit_DLLs [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=0 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "LeftOverlapChars"=3 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "Wallpaper"=C:\Users\jean-\AppData\Local\Microsoft\BingDesktop\themes\2016-07-23.jpg [23/07/2016 07:17:15] "ActiveWndTrkTimeout"=0 "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100BCD7070080070000B00400009826E879A1E4D10143003A005C00550073006500720073005C006A00650061006E002D005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00420069006E0067004400650073006B0074006F0070005C007400680065006D00650073005C0032003000310036002D00300037002D00320033002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "AutoColorization"=1 "ImageColor"=2940358323 "PreferredUILanguages"=fr-FR "ForegroundLockTimeout"=0 "MenuShowDelay"=0 "AutoEndTasks"=1 "HungAppTimeout"=4000 "ConvertedWallpaper"= "OriginalWallpaper"= "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutoRun-"=0 "NoDriveTypeAutoRun-"=0 "NoDriveAutoRun"=67108863 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 "{E31EA727-12ED-4702-820C-4B6445F28E1A}"=1 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003328000000000000000000000000000001000000130000000000000062000000 "UserSignedIn"=1 "AllowStartMenuToDefaultOn"=1 "TelemetrySalt"=2 "SlowContextMenuEntries"=0x0D24645B365B9F4BA75F4925B6A53D5B5BF00000BD0E0C47735D584D9CEDE91E22E232823FFD06000114020000000000C0000000000000469E8009006024B221EA3A6910A2DC08002B30309D8E6F01005E16EA8E8B0BA74B979650214C76717159370400 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "GlobalAssocChangedCounter"=189 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=315 "link"=0x00000000 "DesktopProcess"=1 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "EnableStartMenu"=1 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=1 "SeparateProcess"=1 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewShadow"=1 "StartMenuInit"=11 "ReindexedProfile"=1 "nonetcrawling"=1 "ListviewAlphaSelect"=0 "TaskbarAnimations"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 "EnableLinkedConnections"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=95 "NoDriveAutoRun-"=0 "NoDriveTypeAutoRun-"=0 "NoDriveAutoRun"=67108863 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=22 "MultipleInvokePromptMinimum"=10000 "Max Cached Icons"=2000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 "EnableLinkedConnections"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=95 "NoDriveAutoRun-"=0 "NoDriveTypeAutoRun-"=0 "NoDriveAutoRun"=67108863 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=123 "Max Cached Icons"=2000 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=10586 "FirstLogon"=0 "PUUActive"=0x53A5712D030000000D003700894A010035540100C0F10400D000000001002E008C203E97A0030500A0030500A1740000824D0000AA2800000000000096000500AD0C000056010000D6721546D1E4D101 "ParseAutoexec"=1 "AutoRestartShell"=0 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=0 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "ShutdownStartTime"=131137451646657366 "UserSessionShutdownStopTime"=131137451649916618 "ShutdownFlags"=2147484711 "AutoAdminLogon"=0 "DefaultUserName"=jean-marie.carribon@wanadoo.fr "DisableCAD"=1 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "AutoRestartShell"=1 "userinit"=C:\WINDOWS\SYSWOW64\userinit.exe, ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C8F0890013408A0001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\filmora_setup_full1084.exe"=0x5341435001000000000000000700000028000000906812003E4D130001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FC130200000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\supercopier-windows-x86-1.2.1.0-setup.exe"=0x5341435001000000000000000700000028000000DCA86900000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000534A0100000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\teracopy.exe"=0x534143500100000000000000070000002800000088BB2800BE8329000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004F033400000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\unlocker-setup.exe"=0x5341435001000000000000000700000028000000C8692500E60026000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002BA20000000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\filmora_resource.exe"=0x5341435001000000000000000700000028000000C0665116434752160100000000000000000001060001000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000070C00700000000000500000005000000 "SIGN.MEDIA=922F12CD barrow 2 & widen 100% sécurisé\ultracopier-windows-x86_64-1.2.3.0-setup.exe"=0x534143500100000000000000070000002800000044E26600000000000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000001C470000000000000100000001000000 "SIGN.MEDIA=4711798 barrow 2 & widen 100% sécurisé\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\macarons domi'gru\lws280.exe"=0x5341435001000000000000000700000028000000981771044C3371040100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B013100000000000100000001000000 "SIGN.MEDIA=101F8E barrow 2 & widen 100% sécurisé\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\CyberLink_Power2Go_Downloader.exe"=0x5341435001000000000000000700000028000000B83D10000B2B110001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C3520000000000000100000001000000 "C:\Users\jean-\Downloads\CyberLink_Power2Go_Downloader.exe"=0x5341435001000000000000000700000028000000189F10006028110001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AB142C00000000000100000001000000 "SIGN.MEDIA=1EA9848 barrow 2 & widen 100% sécurisé\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\quel tri'toir nadia winifred\Paragon-283-PEF_WinInstallSNx64_10.1.25.813_000.exe"=0x534143500100000000000000070000002800000058EF3103509632030100000000000000000000067102000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A46F0300000000000100000001000000 "SIGN.MEDIA=922F12CD barrow 2 & widen 100% sécurisé\CyberLink_YouCam_Downloader.exe"=0x5341435001000000000000000700000028000000B8BD0F0086B7100001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BA982000000000000100000001000000 "SIGN.MEDIA=922F12CD barrow 2 & widen 100% sécurisé\CyberLink_VideoMeetingPlus_Downloader.exe"=0x5341435001000000000000000700000028000000B8BD0F00C61A100001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BB951300000000000200000002000000 "C:\Program Files (x86)\CyberLink\YouCam7\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000B8BD0200F45103000100000000000000000002067102000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006E340000000000000100000001000000 "C:\Users\jean-\Documents\barrow 2 & widen 100% sécurisé\CyberLink_PresenterLinkPlus_Downloader.exe"=0x534143500100000000000000070000002800000018DF0F00E574100001000000000000000000000A7120000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009A631100000000000100000001000000 "C:\Program Files (x86)\CyberLink\VideoMeetingPlus\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000183503007DFC030001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002C180000000000000100000001000000 "C:\Program Files (x86)\CyberLink\PresenterLinkPlus\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000183703006B6F030001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B1140000000000000100000001000000 "C:\Users\jean-\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe"=0x534143500100000000000000070000002800000010A61400A6A914000100000000000000000001067122000019B4C529E312D1010000008000000000020000002800000000000000000000000000000000000000000000000000000008C90100000000002A0000002A000000 "SIGN.MEDIA=64FFE barrow 2 & widen 100% sécurisé\PortableApps\FirefoxPortable\FirefoxPortable.exe"=0x53414350010000000000000007000000280000005837030086C803000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000099511E00000000000200000002000000 "C:\Program Files (x86)\Wondershare\1-Click PC Care\1ClickPCCare.exe"=0x5341435001000000000000000700000028000000685F0B00FAA10B000100000000000000000001067122000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000029950700000000000100000001000000 "C:\Program Files (x86)\Wondershare\TidyMyMusic\TidyMyMusic.exe"=0x5341435001000000000000000700000028000000386D0D0047C80D0001000000000000000000000AF122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006A2D0300000000000400000004000000 "SIGN.MEDIA=318A4 LiberKey\Apps\CCleaner\CCleanerLKL.exe"=0x5341435001000000000000000700000028000000A8C1000011D500000100000000000000000001060021000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004004100000000000000000000000000000162F0500000000000100000001000000 "C:\Program Files (x86)\Wondershare\VideoConverterFree\WSVCUSplash.exe"=0x5341435001000000000000000700000028000000683B3100C9EB31000100000000000000000001066120000019B4C529E312D1010000000000000000020000002800000000000000000000000010000000000000000000000000000029449003000000000300000003000000 "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\Temp\player_full1374.exe"=0x5341435001000000000000000700000028000000A059A60145D7A6010100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000099059003000000000100000001000000 "C:\Program Files (x86)\Wondershare\Player\WSPlayer.exe"=0x534143500100000000000000070000002800000048B22800714329000100000000000000000003067102000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000091023B00000000000600000006000000 "C:\Program Files\Paragon Software\Migrate OS to SSD 4.0\program\migrateos.exe"=0x5341435001000000000000000700000028000000D8A2000017E800000100000000000000000003060001000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DDF0C100000000000300000003000000 "C:\Users\jean-\Downloads\BingDesktopSetup.exe"=0x5341435001000000000000000700000028000000D86AA00040A2A0000100000000000000000001057100000019B4C529E312D101000000000000000002000000280000000000000080090040000000000000000000000000000000000E290100000000000100000001000000 "C:\Users\jean-\Downloads\FreeStudio_6.6.24.627_d.exe"=0x5341435001000000000000000700000028000000F89A22005147230001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EA432500000000000100000001000000 "C:\Program Files (x86)\e-Carte Bleue\LCL\LCL.exe"=0x5341435001000000000000000700000028000000F8D90400A862050001000000000000000000000AF522000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000266E8800000000000200000002000000 "C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe"=0x534143500100000000000000070000002800000000BE11000000000001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008C921700000000000100000001000000 "C:\Users\jean-\Downloads\avast-browser-cleanup-sfx.exe"=0x5341435001000000000000000700000028000000D861410049E041000100000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A7400900000000000100000001000000 "C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\BrowserCleanup.exe"=0x5341435001000000000000000700000028000000480D4100012C410001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000090C90200000000000200000002000000 "C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8190600C0F9060001000000000000000000000A0021000059193B14E312D1010000000100000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000F04400851F450001000000010000000000000A7322000059193B14E312D1010000000000000000 "C:\Users\jean-\Documents\Setup.exe"=0x534143500100000000000000070000002800000018109B000000000001000000000000000000000A0021000019B4C529E312D1010000000000000000020000005000000000000000000000000000000000000000000000000000000034EF03000000000003000000030000000000000000000040000000000000000000000000000000005C530E00000000000100000000000000 "C:\Program Files (x86)\Sony\Media Go\MediaGo.exe"=0x534143500100000000000000070000002800000050E66202AB76630201000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000041504C00000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe"=0x5341435001000000000000000700000028000000701322005572220001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000019C61C01000000000400000004000000 "C:\Program Files\PDF Architect 4\architect.exe"=0x5341435001000000000000000700000028000000E032270099EB27000100000000000000000003060001000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000DDAA001000000000600000006000000 "SIGN.MEDIA=A53C295 events nouveau logo blini\FreeVideoToMP3Converter_5.0.96.627_o.exe"=0x5341435001000000000000000700000028000000C09A2200C867230001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002B220400000000000100000001000000 "C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe"=0x5341435001000000000000000700000028000000D8D30A006E7B0B000100000000000000000002067122000019B4C529E312D10100000000000000000200000028000000000000000000000000000200000000000000000000000000F9100300000000000100000001000000 "C:\Users\jean-\Desktop\HitmanPro_x64.exe"=0x5341435001000000000000000700000028000000108AAE001A21AF0001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000016E57F00000000000200000002000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x534143500100000000000000070000002800000018E0290064292A000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A8820100000000000300000003000000 "C:\Users\jean-\Downloads\CyberLink_Media_Suite_Downloader.exe"=0x5341435001000000000000000700000028000000189F10002871110001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D9F3E900000000000500000005000000 "C:\Users\jean-\Downloads\ashampoo_slideshow_studio_hd_4_e4.0.0_sm.exe"=0x534143500100000000000000070000002800000010DA3203A56C330301000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008B2A0D00000000000100000001000000 "C:\Program Files\CyberLink\PhotoDirector7\PhotoDirector7.exe"=0x5341435001000000000000000700000028000000186102008882020001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C4E30100000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Slideshow Studio HD 4\slideshowstudiohd4.exe"=0x53414350010000000000000007000000280000006867950023C6950001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A9BC0000000000000100000001000000 "C:\Program Files\HitmanPro\HitmanPro.exe"=0x5341435001000000000000000700000028000000108AAE001A21AF0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000BFDF3500000000000300000003000000 "C:\Program Files (x86)\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0840C00DDCA0C0001000000010000000000000A0021000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\CSU_FREE_Setup.exe"=0x5341435001000000000000000700000028000000E075CE003EA7CE000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000433E0300000000000100000001000000 "C:\Users\jean-\Downloads\BDUSBImmunizerLauncher.exe"=0x5341435001000000000000000700000028000000F8203E0007383E000100000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000008000004000000000000000000000000000000000B4CE1C01000000000100000001000000 "C:\Program Files\Nitro\Reader 5\NitroPDFReader.exe"=0x5341435001000000000000000700000028000000A014700090BE70000100000000000000000002060001000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000084BA1E00000000000300000003000000 "C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe"=0x534143500100000000000000070000002800000078B40500DFDA050001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000CA92C00000000000100000001000000 "C:\Users\jean-\Downloads\epm_trial(1).exe"=0x534143500100000000000000070000002800000060230003D202010301000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000ECEB0200000000000100000001000000 "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\epm0.exe"=0x5341435001000000000000000700000028000000C07C09006A96090001000000000000000000000A7122000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000005AB00200000000000100000001000000 "C:\Users\jean-\Downloads\epm.exe"=0x5341435001000000000000000700000028000000A032E8028594E80201000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000006E143C00000000000100000001000000 "C:\Users\jean-\Downloads\BackupperFull.exe"=0x53414350010000000000000007000000280000001837EF04567FEF040100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000004AEC3A00000000000100000001000000 "C:\Program Files\CyberLink\ActionDirector1.1\UACAgent.exe"=0x5341435001000000000000000700000028000000183F01009CF7010001000000000000000000000A7322000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DCD80000000000000100000001000000 "C:\Program Files\CyberLink\ActionDirector1.1\OLRSubmission\OLRStateCheck.exe"=0x5341435001000000000000000700000028000000185102009C64020001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B2D0000000000000100000001000000 "C:\Users\jean-\Downloads\EmsisoftEmergencyKit.exe"=0x5341435001000000000000000700000028000000A8F0870E9F27880E01000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000095D30800000000000100000001000000 "C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe"=0x534143500100000000000000070000002800000018FF04007074050001000000000000000000000A0021000019B4C529E312D1010000000000000000 "C:\Program Files\DAEMON Tools Pro\DTAgent.exe"=0x5341435001000000000000000700000028000000C08A4000A387410001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000DDEA0000000000000600000006000000 "C:\Users\jean-\Downloads\ashampoo_snap_9_e9.0.1_sm.exe"=0x5341435001000000000000000700000028000000504D6203F87F620301000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C98C4300000000000200000002000000 "C:\Users\Public\Desktop\Post Win10 Spybot-install.exe"=0x5341435001000000000000000700000028000000A08A0C00C19C0C000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A6B30200000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe"=0x534143500100000000000000070000002800000030496E0051236F0001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000014CBD500000000000100000001000000 "C:\Users\jean-\Downloads\JRT.exe"=0x534143500100000000000000070000002800000040931800A3DF18000100000000000000000001067102000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000DF542900000000000100000001000000 "C:\Users\jean-\Downloads\EaseUS_DiskCopy_Home.exe"=0x534143500100000000000000070000002800000010D5B502A5C7B6020100000000000000000001067102000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\apowersoft-online-launcher.exe"=0x5341435001000000000000000700000028000000A8AA12009995130001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000000000000000000000000000000000000000D08B0100000000000100000001000000 "C:\Users\jean-\Downloads\apowersoft-online-launcher (1).exe"=0x5341435001000000000000000700000028000000A8AA12009995130001000000000000000000000A0021000019B4C529E312D1010000000000000000 "C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe"=0x534143500100000000000000070000002800000060C70600150E070001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000068E90300000000000100000001000000 "C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe"=0x534143500100000000000000070000002800000050DD040087C0050001000000000000000000000AF122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000902D0500000000000300000003000000 "C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe"=0x5341435001000000000000000700000028000000704717003F68170001000000000000000000000AF522000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000094384D02000000000600000006000000 "C:\Users\jean-\Downloads\aceutils.exe"=0x534143500100000000000000070000002800000000718B0040A28B0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000005F0C700000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0740C00BD6F0D0001000000010000000000000A0021000059193B14E312D1010000000000000000 "SIGN.MEDIA=1FC3C6 WD Drive Unlock.exe"=0x534143500100000000000000070000002800000058C31F008AC51F0001000000000000000000000A7122000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000044920200000000000F0000000F000000 "C:\Program Files (x86)\CyberLink\YouCam7\YouCam7.exe"=0x5341435001000000000000000700000028000000B84D08000342090001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004C451900000000000100000001000000 "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe"=0x534143500100000000000000070000002800000050491300C18313000100000000000000000002067122000019B4C529E312D10100000080000000000200000028000000000000000000000000000000000000000000000000000000C7FCE902000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go10\OLRSubmission\OLRStateCheck.exe"=0x534143500100000000000000070000002800000018BF010076AB02000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000921F2000000000001300000013000000 "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe"=0x534143500100000000000000070000002800000018DF0800A839090001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000055747D00000000000400000004000000 "C:\UsbFix\UsbFix.exe"=0x5341435001000000000000000700000028000000E0AD1B0095BE1B0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000413E4200000000000100000001000000 "C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0\PartAssist.exe"=0x5341435001000000000000000700000028000000B8894C003E634D0001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000006B600100000000000300000003000000 "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EPMStartLoader.exe"=0x5341435001000000000000000700000028000000C0B404003002050001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D71E0900000000000400000004000000 "C:\Program Files\MiniTool Partition Wizard Free 9.1\loader.exe"=0x5341435001000000000000000700000028000000A82F0D006D510D0001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000DFAE0300000000000400000004000000 "SIGN.MEDIA=248ED47 SETUP.EXE"=0x534143500100000000000000070000002800000060CC2600C3AE27000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D6F60600000000000100000001000000 "C:\Program Files (x86)\mov Audio Extractor\movAudioExtractor.exe"=0x534143500100000000000000070000002800000000B47C000000000001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005ECE0300000000000300000003000000 "C:\Users\jean-\Downloads\ccav_installer.exe"=0x534143500100000000000000070000002800000088495D004C1B5E0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000058338300000000000100000001000000 "C:\Users\jean-\Downloads\cptsetup.exe"=0x534143500100000000000000070000002800000078CCE200327FE3000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000046371500000000000100000001000000 "C:\Program Files\COMODO\PC TuneUP\CPCTuneUp.exe"=0x5341435001000000000000000700000028000000C8509600FB6D96000100000000000000000002067322000059193B14E312D101000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000040000000000000000000000000000000009D890603000000000800000002000000000000000000000000000000000000000000000000000000BAE57700000000000300000000000000 "C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious\Blockulicious.exe"=0x5341435001000000000000000700000028000000F8285D0034ED5D0001000000000000000000000A7122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C2C5B303000000000400000004000000 "C:\Users\jean-\Downloads\ashampoo_uninstaller_6_e6.00.14_sm.exe"=0x5341435001000000000000000700000028000000F8F21801D9A3190101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EE220900000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6.exe"=0x534143500100000000000000070000002800000048DB5E00418C5F0001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000005D541D00000000000400000004000000 "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe"=0x5341435001000000000000000700000028000000C0342400BB6724000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000419C5002000000000700000007000000 "C:\Program Files\RogueKiller\RogueKiller64.exe"=0x534143500100000000000000070000002800000048DC82019C9B830101000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000003FFC2201000000000300000003000000 "C:\Users\jean-\Downloads\everysync_trial.exe"=0x5341435001000000000000000700000028000000A87F91014209920101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A6F50100000000000100000001000000 "C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe"=0x5341435001000000000000000700000028000000286C2A00FBFE2A0001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000026110000000000000200000002000000 "C:\Program Files\Ultracopier\ultracopier.exe"=0x534143500100000000000000070000002800000000F6110021C8120001000000000000000000000A7320000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F992AB00000000000200000002000000 "C:\Users\jean-\Downloads\EmsisoftEmergencyKit(1).exe"=0x5341435001000000000000000700000028000000E8DD800E8005810E01000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000079571000000000000300000003000000 "C:\Program Files\PDFCreator\PDFCreator.exe"=0x5341435001000000000000000700000028000000C0D00D00C6E10D0001000000000000000000000AF522000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F1B71800000000000100000001000000 "C:\Program Files (x86)\Folder Size\FolderSize.exe"=0x534143500100000000000000070000002800000000EE4A00000000000100000000000000000003067122000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000001000030800000000000000000000000023440C0000000000020000000100000000000000000000400000000800000000000000000000000075CD0600000000000100000000000000 "C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe"=0x53414350010000000000000007000000280000007058500092CD500001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BA510000000000000200000002000000 "C:\Program Files\Classic Shell\ClassicStartMenu.exe"=0x5341435001000000000000000700000028000000D8750200EE45030001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000036040000000000000100000001000000 "SIGN.MEDIA=4933F8 Start Emergency Kit Scanner.exe"=0x534143500100000000000000070000002800000070D038007B77390001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FBDF3900000000000100000001000000 "C:\Users\jean-\Downloads\cDrive_Setup.exe"=0x534143500100000000000000070000002800000098A2DB0002E2DB000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000001DDD0100000000000100000001000000 "C:\Program Files\COMODO\cDrive\cDrive.exe"=0x5341435001000000000000000700000028000000B04C7500024C76000100000000000000000003067302000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F2447501000000000200000002000000 "SIGN.MEDIA=C94AE0 Setup.exe"=0x534143500100000000000000070000002800000070383500D58935000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FD270600000000000100000001000000 "SIGN.MEDIA=3399E0 extender-free-setup.exe"=0x5341435001000000000000000700000028000000E09933003E1134000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000064850F00000000000100000001000000 "Y:\PortableApps\IObitUninstallerPortable\IObitUninstallerPortable.exe"=0x534143500100000000000000070000002800000060870300A90004000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000011FD3400000000000100000001000000 "C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe"=0x534143500100000000000000070000002800000020AE1400355C15000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000034AB0000000000000200000002000000 "Y:\resizer-free\resizer-free.exe"=0x53414350010000000000000007000000280000002F533A00000000000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000001EC61400000000000100000001000000 "C:\Program Files\IM-Magic\Partition Resizer\dm.resizer.exe"=0x5341435001000000000000000700000028000000005683000000000001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000077520300000000000100000001000000 "Y:\LiberKey\LiberKey.exe"=0x534143500100000000000000070000002800000098B600005AF100000100000000000000000003067100000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000410000000000000000000000000000018935900000000000300000003000000 "Y:\nucleus-0.3.1-alpha\Nucleus.exe"=0x5341435001000000000000000700000028000000001A040000000000010000000000000000000206F102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C2560500000000000100000001000000 "C:\Program Files (x86)\Remembr\Remembr.exe"=0x5341435001000000000000000700000028000000009612000000000001000000000000000000000AF522000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007DBE0000000000000200000002000000 "C:\Program Files\CyberLink\ActionDirector1.1\ACD.exe"=0x5341435001000000000000000700000028000000189F3B002FED3B0001000000000000000000000A0021000059193B14E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000001F9DD500000000000300000003000000 "SIGN.MEDIA=272F660 PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000000D1290044D9290001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000FE0B2900000000000100000001000000 "Y:\LikeNewPC-lo095rf\Setup.exe"=0x5341435001000000000000000700000028000000587C3B00DB813B0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000099D60000000000000100000001000000 "C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe"=0x534143500100000000000000070000002800000000CC1F008544200001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C2B31000000000000400000004000000 "C:\Program Files (x86)\Anvsoft\Any Audio Converter\AACFree.exe"=0x534143500100000000000000070000002800000080A010002DBA100001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005C4B0100000000000100000001000000 "C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe"=0x5341435001000000000000000700000028000000087E3D0059313E0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000036C40100000000000100000001000000 "C:\Users\jean-\Downloads\Defogger.exe"=0x53414350010000000000000007000000280000002DC5000022B001000100000000000000000001067102000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000FF500000000000000100000001000000 "C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe"=0x5341435001000000000000000700000028000000D03AA100D031A20001000000000000000000000AF122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F50E0000000000000200000002000000 "C:\Users\jean-\Desktop\SEAF.exe"=0x5341435001000000000000000700000028000000B49C0700000000000100000000000000000000067100000019B4C529E312D10100000000000000000200000028000000000000000008004000000000000000000000000000000000A2D66100000000000200000002000000 "C:\Users\jean-\Downloads\video-to-picture.exe"=0x53414350010000000000000007000000280000001069C50086A0C5000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C2720600000000000100000001000000 "C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe"=0x5341435001000000000000000700000028000000A8BF5F002243600001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000BBBC0600000000000200000002000000 "C:\Users\jean-\Downloads\processclose_1.0.0.3.exe"=0x534143500100000000000000070000002800000000140F0001DC0F0001000000000000000000000A0021000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003C730000000000000100000001000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:DoesNotExist [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=0 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131121064306434248 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallTime"=0x17C3F80AE9D5D101 "ManagedDefenderProductType"=0 "ProductStatus"=0 "OOBEInstallTime"=0x03F5F67CEBD5D101 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 "OneTimeSqmDataSent"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hitmanpro37] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hitmanpro37.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HitmanPro37Crusader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HitmanPro37CrusaderBoot] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts # Hosts file cleared by RogueKiller (Adlice Software) # http://www.adlice.com 127.0.0.1 localhost ---------- | @ [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\WINDOWS\System32\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=https://www.google.com/search?bcutc=sp-004-752&q={searchTerms} "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://www.google.com/ "OperationalData"=13 "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160527-1834 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF240000002400000044030000A4020000 "ImageStoreRandomFolder"=z3649au "Start Page Redirect Cache_TIMESTAMP"=0xF2E48E2C34DCD101 "Start Page Redirect Cache AcceptLangs"=fr-FR "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x2E54C2C0CDDBD101 "IE10TourShown"=1 "IE10TourShownTime"=0x2E54C2C0CDDBD101 "Start Page_TIMESTAMP"=0x4A82E93934DCD101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000002C0000000B2D1EE0CA77909AAEA178F45B086AA958BE76D96A820476DEEC3AE4D27E19DED038A66187297445E84E1C22020000000E0000006A345633494F584B733530253364 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "TabShutdownDelay"=0 "Use FormSuggest"=no "Search Bar"=https://www.google.com/?bcutc=sp-004-752 "Isolation"=PMIL "NoUpdateCheck"=0 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=1 "ZonesSecurityUpgrade"=0x2E54C2C0CDDBD101 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "MaxConnectionsPerServer"=10 "MaxConnectionsPer1_0Server"=10 "EnableHttp1_1"=1 "ProxyHttp1.1"=1 "ProxyOverride"=*.local "AutoConfigProxy"=wininet.dll "WarNonBadCertReceving"=1 "WarNonHTTPSToHTTPRedirect"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=https://www.google.com/ "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\WINDOWS\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=https://www.google.com/ "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Search Bar"=https://www.google.com/?bcutc=sp-004-752 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=https://www.google.com/ [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100001001600000001000000000700005E01000006000000410300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030F11C209CE25C4EA73FCD197DEFA6AE0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0AA24E16-07B3-4694-8357-3C21ACC5F516} "KnownProvidersUpgradeTime"=0x9DD95A49EAD5D101 "Version"=5 "UpgradeTime"=0x9DD95A49EAD5D101 "DoNotAskAgain"=google.com [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DoNotAskAgain"=google.com ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}] - (Google) - https://www.google.com/search?bcutc=sp-004-752&q={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}] - (Google) - https://www.google.com/search?bcutc=sp-004-752&q={searchTerms} : ---------- | Browser Helper Objects [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}] -> (Wondershare AllMyTube 4.9.0) : C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [04/07/2016 18:19:39] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 11:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}] -> (PDF Architect 4 Helper) : C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [04/05/2016 18:01:46] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43D9786F-A485-683B-9B5B-ACC97ABC17FC}] -> (Wondershare Player 1.6.0) : C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [04/07/2016 18:51:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}] -> (iSkysoft iMedia Converter Deluxe 5.1.0) : C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL [13/07/2016 12:53:35] ---------- | Chrome [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Google\Chrome\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "pdf_architect_4_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension\ [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "AllMyTube@Wondershare.com"=C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi "{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}"=C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt\ "Player@Wondershare.com"=C:\ProgramData\Wondershare\Player\Player@Wondershare.com\ "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on "ISVCU@iSkysoft.com"=C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi "youcam@cyberlink.com"=C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox\ [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MozillaPlugins\sony.com/MediaGoDetector] - () : C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nitropdf.com/NitroPDF] - (NitroPDF Web Browser Plugin) : C:\Program Files (x86)\Nitro\Reader 5\npnitromozilla.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0] - () : [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\PDF Architect 4] - () : C:\Program Files (x86)\PDF Architect 4\np-previewer.dll C:\Users\jean-\AppData\Roaming\Mozilla\Firefox\Profiles\ld4f53gm.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160623154057"); user_pref("browser.startup.homepage_override.mstone", "47.0.1"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.baseURI", "resource://ascsurfingprotectionnew-at-iobit-dot-com/"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.domain", "ascsurfingprotectionnew-at-iobit-dot-com"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.load.reason", "startup"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.rootURI", "jar:file:///C:/Users/jean-/AppData/Roaming/Mozilla/Firefox/Profiles/ld4f53gm.default/extensions/ascsurfingprotectionnew@iobit.com.xpi!/"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.version", "2.0.0"); user_pref("extensions.blocklist.pingCountTotal", 14); user_pref("extensions.blocklist.pingCountVersion", 14); user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"loop@mozilla.org\":{\"version\":\"1.4.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}\":{\"version\":\"5.20.3.1-signed\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\extensions\\\\{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", true); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0.1"); user_pref("extensions.getAddons.cache.lastUpdate", 1469192048); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0.1"); user_pref("extensions.lastPlatformVersion", "47.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.searchadsfn.insertFlag", false); user_pref("extensions.searchadsfn.replaceFlag", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\",\"addons\":{\"e10srollout@mozilla.org\":{\"version\":\"1.0\"},\"firefox@getpocket.com\":{\"version\":\"1.0.2\"},\"loop@mozilla.org\":{\"version\":\"1.4.2\"}}}"); user_pref("extensions.xpiState", "{\"app-system-addons\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1468330378968},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1468330379066},\"loop@mozilla.org\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.4.2\",\"st\":1468330378782}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1466736750000},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":false,\"v\":\"1.0.2\",\"st\":1466736751000},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":false,\"v\":\"1.3.2\",\"st\":1466736751000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0.1\",\"st\":1466736750000}},\"winreg-app-global\":{\"pdf_architect_4_conv@pdfarchitect.org\":{\"d\":\"C:\\\\Program Files\\\\PDF Architect 4\\\\resources\\\\pdfarchitect4firefoxextension\",\"e\":false,\"v\":\"1.0\",\"st\":1467705198632,\"mt\":1462371550000}},\"app-profile\":{\"{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\extensions\\\\{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}.xpi\",\"e\":true,\"v\":\"5.20.3.1-signed\",\"st\":1468814163471}}}"); user_pref("network.http.max-persistent-connections-per-proxy", 16); ---------- | Active Connections TCP 127.0.0.1:1545 DESKTOP-9LM40BG:20158 ESTABLISHED 1852 TCP 127.0.0.1:1546 DESKTOP-9LM40BG:20158 ESTABLISHED 3068 TCP 127.0.0.1:20158 DESKTOP-9LM40BG:1545 ESTABLISHED 2556 TCP 127.0.0.1:20158 DESKTOP-9LM40BG:1546 ESTABLISHED 2556 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{29bc317c-65d1-43e7-8ebf-f7b59e4ed51f}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{29bc317c-65d1-43e7-8ebf-f7b59e4ed51f}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\expresszip.exe] : "C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe" "%L" [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PDF Architect 4.exe] : "C:\Program Files\PDF Architect 4\architect.exe" --file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\WSPlayer.exe] : "C:\Program Files (x86)\Wondershare\Player\WSPlayer.exe" "ID_STARTUP_DEFAULT" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\expresszip.exe] : "C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe" "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDF Architect 4.exe] : "C:\Program Files\PDF Architect 4\architect.exe" --file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WSPlayer.exe] : "C:\Program Files (x86)\Wondershare\Player\WSPlayer.exe" "ID_STARTUP_DEFAULT" "%1" ---------- | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ---------- | Software [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Acelogix] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Adlice Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Adobe] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Anvsoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Apowersoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AppDataLow] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Ashampoo] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\ATI] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AVAST Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BDUSBImmunizer] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BitTorrentPlus] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Blockulicious] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BugSplat] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Clients] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Code Sector] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\COMODO] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\ComodoGroup] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\CyberLink] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Disc Soft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DivX] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DivXNetworks] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Dropbox] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DropboxUpdate] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DVDVideoSoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EaseUS] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EpmNewsInfo] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EPSON] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\FileHippo.com] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Freecom] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\FreeDownloadManager.ORG] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\GNU] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Google] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Greatis] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Haali] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Icaros] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\iSkysoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\IvoSoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\JAM Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\KC Softwares] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Leadertech] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\LogiShrd] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Logitech] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Macromedia] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\madshi] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MediaInfo] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MiniTool Solution Ltd.] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Mozilla] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MozillaPlugins] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MPC-HC] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\NCH Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\NewBlue] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Nitro] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Ordinarysoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\PDF Architect 4] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Policies] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\QtProject] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Realtek] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Reason] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Rebit] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\RegisteredApplications] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Safer Networking Limited] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Sony Corporation] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\SyncEngines] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\sysinternals] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Teorex] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Trolltech] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Ultracopier] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\UsbFix] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\UsbFix Standard] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\uTorrentPlus] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Western Digital] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Wondershare] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Wow6432Node] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\WSVCUPlugin] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Zemana] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{3E130920-7C40-4938-9222-4C357069EC21}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{4692CB1F-0DF0-4D99-ABAD-7CB66ACB109E}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{6487FE51-5D05-4253-8338-2B2FAF2E0214}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{747B5AE4-397F-4dad-8A7E-3B0ECD9C191A}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AdsFix] [HKLM\Software\AMD] [HKLM\Software\Ashampoo] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\AVC3] [HKLM\Software\Bitdefender] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\ComodoGroup] [HKLM\Software\CyberLink] [HKLM\Software\Disc Soft] [HKLM\Software\DivX] [HKLM\Software\EPSON] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GNU] [HKLM\Software\HaaliMkx] [HKLM\Software\HitmanPro] [HKLM\Software\Icaros] [HKLM\Software\Intel] [HKLM\Software\IvoSoft] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\NewBlue] [HKLM\Software\Nitro] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Ordinarysoft] [HKLM\Software\PDF Architect 4] [HKLM\Software\Policies] [HKLM\Software\proDAD] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Trolltech] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\Software\Zemana] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Ashampoo] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Auslogics] [HKLM\Software\WOW6432Node\Comodo] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DigitalWave] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\EaseUS Todo Backup] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\g3n-h@ckm@n] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Greatis] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\iSkysoft] [HKLM\Software\WOW6432Node\iSkysoftSysMenuDATA] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\logishrd] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes Anti-Exploit] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\NCH Software] [HKLM\Software\WOW6432Node\NewBlue] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OldTimer Tools] [HKLM\Software\WOW6432Node\PDF Architect 4] [HKLM\Software\WOW6432Node\Safer Networking Limited] [HKLM\Software\WOW6432Node\SEIKO EPSON CORPORATION] [HKLM\Software\WOW6432Node\Softgogo] [HKLM\Software\WOW6432Node\Sony Corporation] [HKLM\Software\WOW6432Node\SOSVirus] [HKLM\Software\WOW6432Node\sysinternals] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Western Digital] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\WondershareSysMenuDATA] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives Y: [23/07/2016 04:31:40] - |A| - (.-.) - [1225] - (0.0.0.0) - Y:\AdsFix_Donate.lnk [14/07/2016 11:22:44] - |A| - (.-.) - [1274] - (0.0.0.0) - Y:\Any Audio Converter.lnk [13/06/2016 08:43:05] - |A| - (.-.) - [1154] - (0.0.0.0) - Y:\Avast Browser Cleanup.lnk [23/06/2016 07:51:44] - |A| - (.-.) - [1474] - (0.0.0.0) - Y:\barrow 2 & widen 100% sécurisé - Raccourci.lnk [05/07/2016 10:06:16] - |A| - (.-.) - [1301] - (0.0.0.0) - Y:\Dropbox.lnk [22/07/2016 15:55:52] - |A| - (.-.) - [2101] - (0.0.0.0) - Y:\FileHippo App Manager.lnk [19/07/2016 15:18:12] - |A| - (.-.) - [1113] - (0.0.0.0) - Y:\Folder Size.lnk [22/07/2016 15:55:52] - |A| - (.-.) - [1073] - (0.0.0.0) - Y:\IM-Magic Partition Resizer Free.lnk [22/07/2016 15:55:52] - |A| - (.-.) - [1059] - (0.0.0.0) - Y:\Internet Explorer.lnk [17/07/2016 15:45:35] - |A| - (.-.) - [1316] - (0.0.0.0) - Y:\mov Audio Extractor.lnk [22/07/2016 15:55:53] - |A| - (.-.) - [1225] - (0.0.0.0) - Y:\Pre_Scan_Donate.lnk [22/07/2016 15:55:53] - |A| - (.-.) - [1573] - (0.0.0.0) - Y:\Pre_Scan_Restore.lnk [22/07/2016 15:55:54] - |A| - (.-.) - [1308] - (0.0.0.0) - Y:\TreeSize Free.lnk [14/07/2016 16:02:31] - |A| - (.-.) - [1487] - (0.0.0.0) - Y:\UsbFix.lnk [23/07/2016 05:21:55] - |A| - (.-.) - [1441] - (0.0.0.0) - Y:\Video to Picture.lnk [22/07/2016 15:55:54] - |A| - (.-.) - [668] - (0.0.0.0) - Y:\Wondershare 1-Click PC Care Restore Center.lnk [12/05/2016 12:04:54] - |A| - (.Copyright © 1999-2012 - BASS.) - [219136] - (2.4.9.0) - Y:\bass.dll [12/05/2016 12:04:54] - |A| - (.Copyright © 2005-2012 by radio42: Bernd Niedergesaess, Germany. http://www.bass.radio42.com/ - bn@radio42.com - BASS.NET API for .Net.) - [638976] - (2.4.9.1) - Y:\Bass.Net.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2003-2009 - BASSCD.) - [35328] - (2.4.3.1) - Y:\basscd.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [48128] - (2.4.1.0) - Y:\bassflac.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2005-2010 - BASSmix.) - [33280] - (2.4.4.0) - Y:\bassmix.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2012 - BASSOPUS.) - [103424] - (0.0.0.1) - Y:\bassopus.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [34816] - (2.4.4.0) - Y:\basswma.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2007-2009 - BASSWV.) - [59904] - (2.4.1.0) - Y:\basswv.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9416] - (2.4.3.0) - Y:\bass_alac.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [81408] - (2.4.0.1) - Y:\bass_ape.dll [12/05/2016 12:04:57] - |A| - (.2003-2006, MaresWEB - Musepack add-on for the BASS library.) - [45056] - (2.4.1.0) - Y:\bass_mpc.dll [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBXPExt.) - [68608] - (4.5.7.6229) - Y:\CDBXP.dll [12/05/2016 12:05:09] - |A| - (. - .) - [337408] - (13.0.0.0) - Y:\LogicNP.FolderView.dll [12/05/2016 12:05:15] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2016. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3622784] - (15.6.1.1025) - Y:\StarBurn.dll [11/07/2016 08:44:19] - |A| - (.Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [371303208] - (18.0.0.329) - Y:\10295_Video-facile-1.exe [11/07/2016 08:43:51] - |A| - (.Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [371303208] - (18.0.0.329) - Y:\10295_Video-facile.exe [11/07/2016 08:44:52] - |A| - (.-.) - [318714912] - (0.0.0.0) - Y:\ABBYY_BCR20Win_ESD.exe [14/06/2016 07:35:24] - |A| - (.-.) - [368371848] - (0.0.0.0) - Y:\ABBYY_FR12_PRO_TRIAL.exe [09/07/2016 23:53:01] - |A| - (.-.) - [252432728] - (0.0.0.0) - Y:\ABBYY_ScreenshotReader_11_ESD.exe [14/06/2016 07:27:21] - |A| - (.-.) - [71143096] - (0.0.0.0) - Y:\ABBYY_Screenshot_Reader_ESD.exe [16/07/2016 06:47:43] - |A| - (.© 2016 Acelogix Software - System maintenance and Optimizer utility.) - [9138432] - (6.2.0.289) - Y:\aceutils.exe [11/07/2016 08:45:17] - |A| - (.c Lavasoft Limited. - Web Companion Installer.) - [340568] - (2.3.1411.2698) - Y:\Ad-Aware Web Companion Pro 2.3.1411.2698.exe [23/07/2016 04:31:40] - |A| - (.Copyright (C) 2013-2016 SosVirus Software - AdsFix.) - [6274984] - (22.7.2016.2) - Y:\adsfix_3_22.07.2016.2.exe [14/07/2016 11:17:41] - |A| - (.-.) - [42799000] - (0.0.0.0) - Y:\any-audio-converter(1).exe [06/07/2016 18:35:50] - |A| - (.-.) - [42799000] - (0.0.0.0) - Y:\any-audio-converter.exe [15/07/2016 13:48:43] - |A| - (.Copyright (c) Apowersoft Ltd. 2016 All rights reserved - Apowersoft Online Launcher Setup .) - [1223336] - (1.4.4.0) - Y:\apowersoft-online-launcher (1).exe [15/07/2016 13:47:19] - |A| - (.Copyright (c) Apowersoft Ltd. 2016 All rights reserved - Apowersoft Online Launcher Setup .) - [1223336] - (1.4.4.0) - Y:\apowersoft-online-launcher.exe [11/07/2016 08:45:18] - |A| - (.-.) - [1006637056] - (0.0.0.0) - Y:\appstore lfs ultra, power2go 11, & efm du musée de l'homme.exe [10/07/2016 19:04:24] - |A| - (. - Ashampoo Backup 2016 Setup .) - [2608520] - (1.0.0.0) - Y:\ashampoo_backup_2016_dl.exe [10/07/2016 19:04:25] - |A| - (. - Ashampoo Backup Pro 10 Setup .) - [2610664] - (1.0.0.0) - Y:\ashampoo_backup_pro_10_dl.exe [11/07/2016 08:48:01] - |A| - (. - Ashampoo Burning Studio 16 Setup .) - [92298344] - (16.0.6.0) - Y:\ashampoo_burning_studio_16_e16.0.6_sm.exe [11/07/2016 08:48:11] - |A| - (. - Ashampoo Core Tuner 2 Setup .) - [2493632] - (1.0.0.0) - Y:\ashampoo_core_tuner_2_dl.exe [11/07/2016 08:48:12] - |A| - (. - Ashampoo Cover Studio 2 Setup .) - [40270904] - (2.2.0.0) - Y:\ashampoo_cover_studio_2_2.2.0_sm.exe [14/07/2016 04:03:31] - |A| - (. - Ashampoo Media Sync Setup .) - [12641832] - (1.0.2.0) - Y:\ashampoo_media_sync_e1.0.2_sm.exe [09/07/2016 23:58:12] - |A| - (. - Ashampoo Music Studio 4 Setup .) - [43875848] - (4.1.2.0) - Y:\ashampoo_music_studio_4_4.1.2_16904.exe [11/07/2016 08:48:16] - |A| - (. - Ashampoo Music Studio 5 Setup .) - [50101560] - (5.0.7.0) - Y:\ashampoo_music_studio_5_e5.0.7_sm.exe [11/07/2016 08:48:22] - |A| - (. - Ashampoo Music Studio 6 Setup .) - [45366192] - (6.0.2.0) - Y:\ashampoo_music_studio_6_e6.0.2_sm.exe [10/07/2016 19:04:58] - |A| - (. - Ashampoo Photo Commander Free Setup .) - [163570320] - (11.2.0.0) - Y:\ashampoo_photo_commander_free_21556.exe [09/07/2016 23:58:35] - |A| - (. - Ashampoo Photo Recovery Setup .) - [8033992] - (1.0.3.0) - Y:\ashampoo_photo_recovery_e1.0.3_sm.exe [12/07/2016 11:11:22] - |A| - (. - Ashampoo Slideshow Studio HD 4 Setup .) - [53664272] - (4.0.0.0) - Y:\ashampoo_slideshow_studio_hd_4_e4.0.0_sm.exe [10/07/2016 19:05:42] - |A| - (. - Ashampoo Snap 2017 Setup .) - [52382680] - (1.0.1.0) - Y:\ashampoo_snap_2017_23494.exe [14/07/2016 14:52:15] - |A| - (. - Ashampoo Snap 9 Setup .) - [56773968] - (9.0.1.0) - Y:\ashampoo_snap_9_e9.0.1_sm.exe [11/07/2016 08:48:27] - |A| - (. - Ashampoo Undeleter Setup .) - [2493176] - (1.0.0.0) - Y:\ashampoo_undeleter_dl.exe [10/07/2016 07:45:11] - |A| - (. - Ashampoo UnInstaller 5 Setup .) - [21088224] - (5.4.0.0) - Y:\ashampoo_uninstaller_5_e5.0.4_sm.exe [10/07/2016 19:05:58] - |A| - (. - Ashampoo UnInstaller 5 Setup .) - [22345192] - (5.6.0.0) - Y:\ashampoo_uninstaller_5_e5.0.6_sm.exe [17/07/2016 17:17:52] - |A| - (. - Ashampoo UnInstaller 6 Setup .) - [18412280] - (6.0.14.0) - Y:\ashampoo_uninstaller_6_e6.00.14_sm.exe [10/07/2016 07:45:14] - |A| - (. - Ashampoo Video Styler Setup .) - [27869488] - (1.0.1.0) - Y:\ashampoo_video_styler_e1.0.1_sm.exe [11/07/2016 08:48:30] - |A| - (. - Ashampoo WinOptimizer 14 Setup .) - [28220040] - (14.0.0.0) - Y:\ashampoo_winoptimizer_14_e14.00.00_sm.exe [11/07/2016 08:48:33] - |A| - (.Copyright (C) 2004-2012 - Astroburn Audio Setup.) - [6086824] - (1.6.0.47) - Y:\AstroburnAudio160-0047.exe [08/07/2016 07:22:41] - |A| - (.-.) - [4999096] - (0.0.0.0) - Y:\ausetup.exe [09/07/2016 05:48:53] - |A| - (.2007-2015@Auslogics Software Pty Ltd - Auslogics BitReplica Installation File .) - [6628472] - (2.1.1.0) - Y:\auslogics-bitreplica-setup.exe [05/07/2016 10:02:25] - |A| - (.Copyright (c) 2012 AVAST Software - Avast! Browser Cleanup Sfx.) - [4284888] - (12.1.2272.125) - Y:\avast-browser-cleanup-sfx.exe [10/07/2016 19:07:11] - |A| - (.Copyright 2003 Avery - Création d'étiquettes et de pochettes .) - [7744030] - (4.1.100.1332) - Y:\AveryDesignPro_FR.exe [10/07/2016 19:07:13] - |A| - (.Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors - Avira Launcher.) - [4630840] - (1.1.63.21885) - Y:\avira_fr_av_57559d7b12d97__wsd.exe [10/06/2016 11:13:32] - |A| - (.-.) - [13915352] - (0.0.0.0) - Y:\BDAntiCryptoWall_Release.exe [11/07/2016 08:49:00] - |A| - (.Copyright © 1997-2015 Bitdefender - BDAntiRansomware Setup .) - [4677896] - (0.0.0.0) - Y:\BDAntiRansomwareSetup.exe [05/07/2016 06:10:33] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [10513112] - (6.0.2800.1168) - Y:\BingDesktopSetup.exe [11/07/2016 08:49:03] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - Y:\BitTorrent (1).exe [10/07/2016 00:00:15] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - Y:\BitTorrent (2).exe [10/07/2016 00:00:16] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - Y:\BitTorrent (3).exe [11/07/2016 08:49:04] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - Y:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FAq2NsdKU).exe [11/07/2016 08:49:04] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - Y:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FjSAg97W0).exe [10/07/2016 19:07:22] - |A| - (.Copyright (c) BlueStack Systems Inc. - BlueStacks Thin Installer.) - [319729248] - (0.0.0.0) - Y:\BlueStacks2_native_mobile-retention.exe [14/06/2016 07:47:58] - |A| - (.PortableApps.com Installer Copyright 2007-2010 PortableApps.com. - CamStudio Portable.) - [1433632] - (2.0.0.1) - Y:\CamStudioPortable_2.0_English.paf.exe [11/07/2016 08:50:13] - |A| - (.-.) - [252605800] - (8.1.2.1327) - Y:\camtasia_864c253ee677b4609b331d451009a871.exe [10/07/2016 19:08:48] - |A| - (.Copyright (C) Piriform 2013-2015 - CCleaner Cloud Installer.) - [6259936] - (1.4.0.1817) - Y:\CCleanerCloudSetup_1_4_1817.exe [10/07/2016 19:08:46] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [6868672] - (2.0.0.0) - Y:\ccleaner_5-16_fr_14492.exe [13/06/2016 14:08:59] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [6868672] - (2.0.0.0) - Y:\ccsetup_516.exe [11/07/2016 08:50:47] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [7033368] - (2.0.0.0) - Y:\ccsetup_517.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP command line version.) - [25712] - (4.5.7.6229) - Y:\cdbxpcmd.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP.) - [1746544] - (4.5.7.6229) - Y:\cdbxpp.exe [10/07/2016 12:08:39] - |A| - (.2001-2014 Canneverbe Limited - CDBurnerXP .) - [6230152] - (4.5.7.6140) - Y:\cdbxp_setup_4.5.7.6139.exe [11/07/2016 08:50:54] - |A| - (.Copyright (C) 2009-2015, Ivo Beltchev - Adds classic shell features to Windows 7 and Windows 8.) - [6968048] - (4.2.5.0) - Y:\ClassicShellSetup_4_2_5.exe [10/06/2016 12:33:10] - |A| - (.-.) - [497903] - (0.0.0.0) - Y:\CLCleaner2-PhotoDirector_5.exe [10/07/2016 00:03:34] - |A| - (.Copyright (c) 2009-2015, Comodo Security Solutions, Inc. - Comodo Dragon.) - [55056152] - (45.8.12.389) - Y:\Comodo Dragon 45.8.12.389 + Portable.exe [10/07/2016 00:04:08] - |A| - (.2005-2014 COMODO. - COMODO Internet Security.) - [230403208] - (7.0.55655.4142) - Y:\Comodo Firewall 7.0.317799.4142.exe [11/07/2016 08:52:47] - |A| - (.2005-2015 COMODO. - COMODO Internet Security.) - [217812544] - (8.2.0.4792) - Y:\Comodo Internet Security Premium 8.2.0.4792 Final.exe [10/07/2016 19:10:42] - |A| - (.8pecxstudios 2012-2016 - Cyberfox Web Browser Fibre optics of the web .) - [50060432] - (45.0.2.0) - Y:\Cyberfox-45.0.2.en-US.win64-x86_64.intel.exe [10/07/2016 00:07:23] - |A| - (.-.) - [1887724608] - (0.0.0.0) - Y:\CyberLinkDirectorSuite2.0_DRS131210-01_TR131226-021.part1.exe [10/07/2016 19:10:55] - |A| - (.-.) - [1048863800] - (0.0.0.0) - Y:\CyberLinkMediaSuite12.0_Ultimate_MES140428-01_TR140718-022.part1.exe [10/07/2016 19:10:55] - |A| - (.-.) - [1048863800] - (0.0.0.0) - Y:\cyberlinkmediasuite12.0_ultimate_mes140428-01_tr140718-022.part1.exe [11/07/2016 12:50:06] - |A| - (.-.) - [1993434200] - (0.0.0.0) - Y:\CyberLinkMediaSuite14.0_Trial_MES160530-01_TR160628-024.exe [16/07/2016 12:28:02] - |A| - (.-.) - [1048870784] - (0.0.0.0) - Y:\CyberLinkMediaSuite14.0_Ultimate_MES160511-03_TR160627-004.part1.exe [16/07/2016 13:46:34] - |A| - (.-.) - [111981936] - (0.0.0.0) - Y:\CyberLink_CreativeDesignPack_TravelPack4_CDP160425-01.exe [10/07/2016 19:10:54] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_Director_Suite_Downloader.exe [13/05/2016 06:34:57] - |A| - (.-.) - [97557896] - (0.0.0.0) - Y:\CyberLink_MediaEspresso7.5_MEX160302-01.exe [10/07/2016 19:10:54] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_MediaEspresso_Downloader.exe [11/07/2016 12:49:02] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1089304] - (2.9.1.7801) - Y:\CyberLink_Media_Suite_Downloader.exe [11/07/2016 08:55:24] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_PhotoDirector_Downloader.exe [11/07/2016 08:55:25] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_PhotoDirector_Downloader_1.exe [04/07/2016 15:01:26] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1089304] - (2.9.1.7801) - Y:\CyberLink_Power2Go_Downloader.exe [14/06/2016 07:48:31] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_PowerDirector_Downloader.exe [11/07/2016 08:55:25] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_PowerDirector_Ultimate_Suite_Downloader.exe [11/07/2016 08:55:25] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_PowerDirector_Ultimate_Suite_Downloader_1.exe [14/06/2016 07:33:45] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - Y:\CyberLink_PowerDVD_Downloader.exe [14/06/2016 07:48:33] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [967200] - (2.9.1.3520) - Y:\CyberLink_PowerProducer_Downloader.exe [16/07/2016 12:29:00] - |A| - (.-.) - [78368488] - (0.0.0.0) - Y:\CyberLink_TravelPack3_YouCam_CDP150508-01.exe [16/07/2016 12:29:13] - |A| - (.-.) - [411978176] - (0.0.0.0) - Y:\CyberLink_YouCam7_Deluxe_YUC150721-01.exe [11/07/2016 08:55:26] - |A| - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Setup.) - [19062208] - (10.1.0.74) - Y:\DAEMON Tools Lite 10.1.0.74.exe [10/07/2016 19:32:06] - |A| - (.Copyright © BVRP Software 2004 - .) - [60183082] - (4.1.100.1332) - Y:\DigitalVideoDuplicator3_FR(1).exe [14/06/2016 07:26:45] - |A| - (. - .) - [61197060] - (4.1.100.1332) - Y:\DigitalVideoDuplicator3_FR.exe [15/07/2016 11:47:10] - |A| - (.Copyright (c) 2006-2012 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short). - EaseUS Disk Copy Home Edition 2.3.) - [45470992] - (1.1.0.1) - Y:\EaseUS_DiskCopy_Home.exe [11/07/2016 09:03:40] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Anti-Malware Setup .) - [237135456] - (11.7.0.6394) - Y:\EmsisoftAntiMalwareSetup.exe [11/07/2016 09:04:18] - |A| - (.-.) - [232114840] - (0.0.0.0) - Y:\EmsisoftEmergencyKit (1).exe [19/07/2016 09:36:47] - |A| - (.-.) - [243326440] - (0.0.0.0) - Y:\EmsisoftEmergencyKit(1).exe [19/07/2016 13:32:45] - |A| - (.-.) - [243326440] - (0.0.0.0) - Y:\EmsisoftEmergencyKit(2).exe [14/07/2016 07:34:44] - |A| - (.-.) - [243789992] - (0.0.0.0) - Y:\EmsisoftEmergencyKit.exe [11/07/2016 09:04:37] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Internet Security Setup .) - [226980568] - (11.5.1.6247) - Y:\EmsisoftInternetSecuritySetup.exe [14/06/2016 07:59:26] - |A| - (.Serif WebPlus Starter Edition 4.0.2 © 2014 Serif (Europe) Ltd. Tous droits réservés. - Serif WebPlus Starter Edition Install.) - [175768400] - (1.0.0.0) - Y:\ESDPK-WLX7-WebPlusStarterEdition-fr-FR.exe [11/07/2016 09:06:33] - |A| - (.Serif WebPlus Starter Edition 4.0.2 © 2014 Serif (Europe) Ltd. Tous droits réservés. - Serif WebPlus Starter Edition Install.) - [175768400] - (1.0.0.0) - Y:\ESDPK-WLX7-WebPlusStarterEdition-fr-FR_1.exe [10/07/2016 19:38:19] - |A| - (.Copyright (c) ESET 1992-2011. - ESET Smart Installer.) - [2870984] - (1.0.0.6421) - Y:\esetsmartinstaller_enu.exe [11/07/2016 09:06:53] - |A| - (.© 2006 Microsoft Corporation. -.) - [53610536] - (12.0.6320.5000) - Y:\ExcelViewer.exe [11/07/2016 09:07:05] - |A| - (.© 2013-2016 F-Secure Corporation. - F-Secure Download Tool.) - [524248] - (1.0.265.0) - Y:\F-SecureOnlineScanner.exe [10/06/2016 12:23:44] - |A| - (.-.) - [167034] - (0.0.0.0) - Y:\fileassassin-setup-1.06.exe [14/06/2016 08:08:08] - |A| - (.PortableApps.com Installer Copyright 2007-2011 PortableApps.com. - Mozilla Firefox, Portable Edition (Legacy 3.6).) - [9178672] - (3.6.25.0) - Y:\FirefoxPortableLegacy36_3.6.25_English.paf.exe [19/07/2016 13:57:07] - |A| - (.MindGems, Inc. - Folder Size .) - [2301330] - (3.4.0.0) - Y:\foldersize_2-6_en_18550.exe [10/07/2016 07:41:44] - |A| - (.-.) - [983040] - (0.8.0.5) - Y:\Framakey.exe [10/07/2016 02:11:31] - |A| - (.2005-2007© by Framakey Team - Framakey Installer pour Windows XP et suivants.) - [515917547] - (1.13.0.8) - Y:\FramakeyInstaller_Full-1.13.0.8.exe [11/07/2016 09:07:01] - |A| - (.Copyright © 2016 iSkysoft. - iSkysoft Free Video Downloader Setup .) - [33832392] - (4.9.1.0) - Y:\free-video-downloader_full1683.exe [19/07/2016 13:39:42] - |A| - (. - Freemake Video Converter Setup .) - [1866512] - (4.1.9.29) - Y:\FreemakeVideoConverterSetup.exe [05/07/2016 08:16:43] - |A| - (. - Free Studio Setup .) - [2267896] - (1.0.1.0) - Y:\FreeStudio_6.6.24.627_d.exe [05/07/2016 14:13:23] - |A| - (. - Free Video to MP3 Converter Setup .) - [2267840] - (1.0.1.0) - Y:\FreeVideoToMP3Converter_5.0.96.627_o.exe [26/01/2016 18:30:26] - |A| - (.© Microsoft Corporation. - GWX WEB WINDOWS.) - [7635472] - (6.3.9600.18124) - Y:\GetWindows10-Web_Default_Attr(1).exe [26/01/2016 18:30:27] - |A| - (.© Microsoft Corporation. - GWX WEB WINDOWS.) - [7635472] - (6.3.9600.18124) - Y:\GetWindows10-Web_Default_Attr.exe [10/06/2016 11:27:21] - |A| - (.-.) - [14892728] - (0.0.0.0) - Y:\Glary_Utilities_Pro_v5.17.0.30.exe [11/07/2016 09:07:09] - |A| - (.Copyright Reason Company Software Inc. - herdProtect Anti-Malware Scanner.) - [2873112] - (1.0.3.9) - Y:\herdProtectScan_Setup.exe [11/07/2016 09:07:11] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11441168] - (3.7.14.263) - Y:\HitmanPro_x64(1).exe [15/06/2016 09:06:30] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11438608] - (3.7.14.265) - Y:\HitmanPro_x64.exe [10/07/2016 17:02:53] - |A| - (.Copyright(c) 2005-2012 - IObit Uninstaller.) - [1688408] - (2.2.0.127) - Y:\iobit-uninstaller.exe [10/07/2016 19:39:30] - |A| - (.Copyright © 1998-2015 KC Softwares - KC Softwares KCleaner Setup .) - [1414720] - (0.0.0.0) - Y:\kcleaner.exe [10/07/2016 02:20:28] - |A| - (.Copyright Lavasoft. - Lavasoft Digital Lock .) - [6089248] - (7.7.0.2) - Y:\LavasoftDigitalLock_30days.exe [10/07/2016 02:20:30] - |A| - (.Lavasoft © 2001-2007 - Lavasoft Encrypted File (SFX).) - [126312] - (7.7.0.8) - Y:\LavasoftEncryptionReader.exe [10/07/2016 02:20:30] - |A| - (.Copyright Lavasoft. - Lavasoft File Shredder .) - [5263480] - (7.7.0.2) - Y:\LavasoftFileShredder_30days.exe [10/07/2016 02:20:31] - |A| - (.Copyright Lavasoft. - Lavasoft Privacy Toolbox .) - [6443280] - (7.7.0.2) - Y:\LavasoftPrivacyToolbox_30days.exe [11/07/2016 09:23:55] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.2.0.0 - LibreOffice Portable.) - [174042352] - (5.1.3.0) - Y:\LibreOfficePortable_5.1.3_MultilingualAll.paf.exe [10/07/2016 19:39:50] - |A| - (.Copyright (C) 2007 Macrovision Corporation - Setup Launcher .) - [11309264] - (14.0.0.166) - Y:\LightScribeTemplateLabeler_1.18.15.1.exe [15/07/2016 14:11:16] - |A| - (.(c) Malwarebytes. - Malwarebytes Anti-Malware .) - [22851472] - (2.2.1.1043) - Y:\mbam-setup-cnet.35891-2.2.1.1043.exe [10/07/2016 17:04:21] - |A| - (.Copyright © Malwarebytes Corporation - Malwarebytes Anti-Rootkit.) - [16563352] - (1.9.3.1001) - Y:\mbar-1.09.3.1001.exe [10/07/2016 19:40:12] - |A| - (.© MOVAVI. - Movavi Video Suite 11.) - [100766168] - (11.2.0.0) - Y:\MovaviVideoSuiteSetup.exe [10/07/2016 19:40:59] - |A| - (.© Movavi. - Video Suite.) - [140213832] - (15.3.0.0) - Y:\MovaviVideoSuiteSetupF(1).exe [10/07/2016 19:41:26] - |A| - (.© Movavi. - Video Suite.) - [140213832] - (15.3.0.0) - Y:\MovaviVideoSuiteSetupF(2).exe [10/07/2016 19:40:31] - |A| - (.© Movavi. - Video Suite.) - [153857904] - (15.2.0.0) - Y:\movavivideosuitesetupf.exe [10/07/2016 02:27:17] - |A| - (.Copyright 2011 Nero AG and its licensors - Nero Self Extractor.) - [262941032] - (12.0.3.0) - Y:\Nero2015-16.0.05500_trial.exe [10/07/2016 02:27:59] - |A| - (.Copyright 2011 Nero AG and its licensors - Nero Self Extractor.) - [803581360] - (12.0.3.0) - Y:\Nero2015_ContentPack-16.0.00300.exe [10/07/2016 19:41:54] - |A| - (.(c) 2015 Nero AG and its affiliates - NeroInstaller.) - [2559496] - (1.6.0.0) - Y:\Nero2016-17.09.2015_stub_trial.exe [11/07/2016 09:24:27] - |A| - (.(c) 2015 Nero AG and its affiliates - NeroInstaller.) - [2563536] - (1.7.0.8) - Y:\Nero_CoverDesigner_3p.exe [10/07/2016 19:41:55] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [307200] - (0.1.1.986) - Y:\Ninite AdAware Classic Start Dropbox Essentials Installer.exe [20/07/2016 09:03:17] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [307200] - (0.1.1.986) - Y:\Ninite Classic Start Installer.exe [04/07/2016 18:45:35] - |A| - (.(c) 2009 Nitro PDF Software - Installation and setup files for Nitro PDF Reader (fr-FR).) - [56666816] - (2.1.1009.0) - Y:\nitro_reader5_64.exe [14/06/2016 07:43:08] - |A| - (. - Online Video Recorder Setup .) - [16879392] - (3.4.4.1) - Y:\OnlineVideoRecorder_3_4_4_AQFR.exe [11/07/2016 09:24:30] - |A| - (.Copyright 2013 O&O Software GmbH - O&O SafeErase Professional.) - [772296] - (6.0.0.0) - Y:\OOSafeEraseProfessional10ENU.exe [10/07/2016 19:42:18] - |A| - (.© Panda 2016 - Panda Security SFX.) - [2252720] - (15.14.2.0) - Y:\PANDAFREEAV.exe [11/07/2016 09:24:33] - |A| - (.© pdfforge GmbH - PDFCreator is the easy way of creating PDFs..) - [27980440] - (2.2.2.0) - Y:\PDFCreator_Plus-2_2_2-setup.exe [14/06/2016 07:32:38] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PhotoFiltre Portable.) - [5878212] - (7.1.2.0) - Y:\PhotoFiltrePortable_7.1.2.paf.exe [11/07/2016 09:24:37] - |A| - (.Copyright 2011, 2012, 2013, 2014, 2015, 2016 Sony Corporation - PlayMemories Home Installer.) - [16496720] - (8.0.7600.16385) - Y:\PMHOME_5100DL.exe [14/06/2016 09:05:05] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PortableApps.com AppCompactor.) - [895480] - (3.1.0.0) - Y:\PortableApps.comAppCompactor_3.1.0_English.paf.exe [14/06/2016 07:38:15] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PortableApps.com Launcher.) - [767904] - (2.2.0.0) - Y:\PortableApps.comLauncher_2.2.paf (1).exe [14/06/2016 07:44:26] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PortableApps.com Launcher.) - [767904] - (2.2.0.0) - Y:\PortableApps.comLauncher_2.2.paf.exe [14/06/2016 08:06:15] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [3793168] - (12.2.0.0) - Y:\PortableApps.com_Platform_Setup_12.2.paf.exe [11/07/2016 09:24:39] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4409424] - (13.0.0.0) - Y:\PortableApps.com_Platform_Setup_13.0.paf.exe [11/07/2016 09:24:39] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4353008] - (14.0.0.0) - Y:\PortableApps.com_Platform_Setup_14.0.paf.exe [19/07/2016 09:39:56] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4140968] - (14.1.0.0) - Y:\PortableApps.com_Platform_Setup_14.1.paf(1).exe [14/07/2016 07:35:44] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4140968] - (14.1.0.0) - Y:\PortableApps.com_Platform_Setup_14.1.paf.exe [14/06/2016 08:21:22] - |A| - (.PortableApps.com - PortableApps.com Suite.) - [140562568] - (1.6.1.0) - Y:\PortableApps.com_Suite_Setup_1.6.1_English (1).exe [14/06/2016 08:07:07] - |A| - (.PortableApps.com - PortableApps.com Suite.) - [140562568] - (1.6.1.0) - Y:\PortableApps.com_Suite_Setup_1.6.1_English.exe [10/06/2016 11:45:21] - |A| - (.-.) - [258331888] - (0.0.0.0) - Y:\Power2Go_10.0.2522.0_Essential_b_Essential_P2G151125-04.exe [11/07/2016 09:24:42] - |A| - (.© 2010 Microsoft Corporation. -.) - [63347104] - (14.0.4730.1010) - Y:\PowerPointViewer.exe [22/07/2016 15:55:52] - |A| - (.Copyright (C) 2013-2015 SosVirus Software - Pre_Scan.) - [3454376] - (20.7.2016.1) - Y:\Pre_Scan.exe [14/06/2016 07:57:59] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - Private Browsing by PortableApps.com.) - [1487280] - (3.0.0.0) - Y:\PrivateBrowsingByPortableApps_3.0.paf.exe [10/07/2016 19:42:55] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.1.1.0 - qBittorrent Portable.) - [9120168] - (3.3.3.0) - Y:\qBittorrentPortable_3.3.3.paf.exe [23/07/2016 10:00:03] - |A| - (.Copyright (C) 2013-2016 SosVirus Software - QuickDiag.) - [2154920] - (17.7.2016.1) - Y:\quickdiag_2_17.07.2016.1.exe [11/07/2016 09:24:54] - |A| - (.Copyright © 2016 Reason Software Company Inc. - Reason Core Security Setup.) - [3919376] - (1.1.2.0) - Y:\reason-core-security-setup (1).exe [11/07/2016 09:24:53] - |A| - (.Copyright © 2016 Reason Software Company Inc. - Reason Core Security Setup.) - [3919376] - (1.1.2.0) - Y:\reason-core-security-setup.exe [11/07/2016 09:24:54] - |A| - (.Copyright © 2015 Reason Software Company Inc. - Reason Core Security Setup.) - [3855576] - (1.1.1.0) - Y:\reason-core-security-setup_1.1.1.0.exe [10/06/2016 15:20:24] - |A| - (.(c) Malwarebytes - Malwarebytes' RegASSASSIN.) - [65232] - (1.0.0.3) - Y:\regassassin-setup-1.03.exe [09/07/2016 14:19:14] - |A| - (.Copyright © 2008-2014 Auslogics Labs Pty Ltd - Auslogics Registry Cleaner Installation File .) - [7253752] - (4.1.0.0) - Y:\registry-cleaner-setup.exe [14/07/2016 03:58:35] - |A| - (.© Reimage 2013 - Reimage Express Downloader.) - [591624] - (1.0.3.9) - Y:\ReimageExpress.exe [11/07/2016 09:24:59] - |A| - (.-.) - [409449] - (1.3.0.0) - Y:\rstassociations-version-exe_1.3.exe [22/07/2016 16:44:24] - |A| - (.© 2008/2010 C_XX - SEAF.) - [498868] - (1.0.1.0) - Y:\SEAF.exe [11/07/2016 09:29:03] - |A| - (.-.) - [487400] - (3.3.9.4) - Y:\Search_The_Crack.exe [10/07/2016 19:44:49] - |A| - (.kastorsoft.com - Free Video Converter Setup .) - [6509896] - (2.3.0.0) - Y:\SetupFreeVideoConverter.exe [11/07/2016 09:29:08] - |A| - (. - ShadowExplorer Setup .) - [969845] - (0.9.462.0) - Y:\ShadowExplorer-0.9-setup.exe [11/07/2016 09:29:08] - |A| - (.© 2015 simplitec GmbH - simplitec setup .) - [21595680] - (2.2.22.27) - Y:\simplitec_simpliclean_int.exe [11/07/2016 09:29:59] - |A| - (.Copyright 1989-2016 Sophos Limited. - Sophos Extractor.) - [196786040] - (1.3.3.7) - Y:\SophosInstall.exe [09/07/2016 05:50:18] - |A| - (.Stellar Information Technology Pvt Ltd. - Stellar Information Technology Pvt Ltd. .) - [5979488] - (6.0.0.1) - Y:\StellarPhoenixWindowsDataRecovery-Professional.exe [10/07/2016 19:46:38] - |A| - (.1995-2013 Stellar Information Systems Ltd. - Stellar Information Systems Ltd .) - [6471304] - (6.0.0.0) - Y:\StellarPhoenixWindowsDataRecovery-ProfessionalV6_AQFR.exe [14/06/2016 07:25:56] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - Sumatra PDF Portable.) - [2541384] - (2.3.2.0) - Y:\SumatraPDFPortable_2.3.2.paf.exe [05/07/2016 09:39:21] - |A| - (.-.) - [7233888] - (0.0.0.0) - Y:\susetupPro.exe [11/07/2016 09:30:26] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - TeamViewer Portable.) - [10876344] - (11.0.59518.0) - Y:\TeamViewerPortable_11.0.59518.paf.exe [10/07/2016 19:46:51] - |A| - (.TeamViewer GmbH -.) - [9666224] - (11.0.59518.0) - Y:\TeamViewer_Setup_fr.exe [11/07/2016 09:30:28] - |A| - (.-.) - [23398464] - (0.0.0.0) - Y:\tenorshare-android-data-recovery-trial.exe [14/06/2016 07:43:53] - |A| - (.-.) - [24727614] - (0.0.0.0) - Y:\tenorshare-free-video-converter.exe [11/07/2016 09:30:33] - |A| - (.-.) - [8074734] - (0.0.0.0) - Y:\tenorshare-pdf-password-recovery-trial.exe [11/07/2016 09:30:34] - |A| - (.-.) - [5015718] - (0.0.0.0) - Y:\tenorshare-pdf-password-remover-trial.exe [05/07/2016 13:46:37] - |A| - (.-.) - [25106954] - (0.0.0.0) - Y:\tenorshare-samsung-data-recovery-trial.exe [14/06/2016 07:45:03] - |A| - (.-.) - [24343000] - (0.0.0.0) - Y:\tenorshare-video-converter-trial.exe [14/06/2016 08:03:50] - |A| - (.-.) - [266046792] - (0.0.0.0) - Y:\tenorshare-windows-boot-genius-trial.exe [14/06/2016 08:06:43] - |A| - (.-.) - [32563203] - (0.0.0.0) - Y:\tenorshare-windows-video-downloader-trial.exe [11/07/2016 04:50:20] - |A| - (.-.) - [271572636] - (1.1.3.70) - Y:\tentatives lfs ultra finalis efm et didinser.exe [19/07/2016 19:23:09] - |A| - (.Mozilla - Thunderbird.) - [35165800] - (4.42.0.0) - Y:\Thunderbird Setup 45.2.0.exe [19/07/2016 13:55:05] - |A| - (.© 1996-2016 by Joachim Marder e.K. - TreeSize Free Setup .) - [5963008] - (3.4.5.343) - Y:\TreeSizeFreeSetup.exe [11/07/2016 09:31:52] - |A| - (.Copyright ©2011 - 2016 - Setup Application.) - [21382440] - (3.9.0.0) - Y:\tweaking.com_windows_repair_aio_setup.exe [11/07/2016 09:31:55] - |A| - (.Copyright - Geza Kovacs - License - GNU GPL v2+ - UNetbootin - Universal Netboot Installer - http://unetbootin.sourceforge.net.) - [4831744] - (1.1.1.1) - Y:\unetbootin-windows-613.exe [10/06/2016 11:10:42] - |A| - (.© 2008/2014 - El Desaparecido - www.SosVirus.net - UsbFix - Remove Malware From Your Drive!.) - [3989160] - (7.8.0.6) - Y:\UsbFix-7.806.exe [10/07/2016 17:04:37] - |A| - (.© 2008/2016 - El Desaparecido - www.SOSVirus.net - UsbFix - Remove Malware From Your Drive!.) - [3124797] - (8.2.2.8) - Y:\UsbFix_2016_8.233.exe [11/07/2016 09:31:58] - |A| - (.Copyright (c) 2016 Steganos Software GmbH - Steganos PortableSafe USB Starter.) - [4127744] - (17.1.3.11700) - Y:\usbstarter.exe [10/07/2016 19:48:12] - |A| - (. - Panda USB Vaccine Setup .) - [848856] - (1.0.1.4) - Y:\USBVaccineSetup.exe [11/07/2016 09:31:59] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.1.1.0 - uTorrent Portable.) - [2370592] - (3.4.6.42178) - Y:\uTorrentPortable_3.4.6.42178_online.paf.exe [10/07/2016 16:14:51] - |A| - (.Copyright 2015 Wondershare Corporation - videoconverterfree_setup_full1129.exe.) - [800840] - (1.2.1.1) - Y:\video-converter-free_setup_full1129.exe [10/07/2016 19:48:31] - |A| - (. - .) - [46736640] - (9.0.18.0) - Y:\video-converter-ultimate(1).exe [10/07/2016 19:48:19] - |A| - (. - .) - [46736640] - (9.0.18.0) - Y:\video-converter-ultimate.exe [11/07/2016 09:32:12] - |A| - (.- Video to Picture Setup.) - [12890984] - (1.0.0.0) - Y:\video-to-picture.exe [11/07/2016 09:32:15] - |A| - (.- Professional video watermarking program.) - [16786240] - (5.1.0.0) - Y:\video-watermark-pro.exe [11/07/2016 09:32:13] - |A| - (.- Video watermarking program.) - [16733504] - (5.1.0.0) - Y:\video-watermark.exe [10/07/2016 19:48:17] - |A| - (.Copyright © 2014 UpdateStar - Video Converter Setup .) - [8704008] - (7.0.3.91) - Y:\VideoConverter.exe [24/06/2016 11:31:58] - |A| - (.-.) - [89589712] - (0.0.0.0) - Y:\VideoMeetingPlus_1.0.1711.0_Beta_VMX160226-03.exe [10/07/2016 12:33:54] - |A| - (.Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [453686816] - (17.0.0.717) - Y:\Video_Explosion_Deluxe_Setup.exe [10/07/2016 07:41:44] - |A| - (.- Télécharge et installe VirtualBox portable.) - [301259] - (3.3.6.1) - Y:\VirtualBoxPortable.exe [14/06/2016 07:15:38] - |A| - (.2007-2015 PortableApps.com, PortableApps.com Installer 3.0.17.0 - VLC Media Player Portable.) - [26948496] - (2.2.1.0) - Y:\VLCPortable_2.2.1.paf.exe [14/06/2016 07:23:56] - |A| - (.tenorshare.com - Windows Care Genius .) - [16035976] - (3.9.4.355) - Y:\windows-care-genius-trial.exe [11/07/2016 09:32:28] - |A| - (.© 2006 Microsoft Corporation. -.) - [25746416] - (12.0.6038.3000) - Y:\wordview_fr-fr.exe [11/07/2016 09:32:31] - |A| - (.-.) - [33087576] - (0.0.0.0) - Y:\x-audio-maker6-fr.exe [11/07/2016 09:32:34] - |A| - (.-.) - [16868162] - (0.0.0.0) - Y:\x-dailymotion-video-downloader-fr.exe [11/07/2016 09:32:36] - |A| - (.-.) - [28206392] - (0.0.0.0) - Y:\x-download-youtube-video5-fr.exe [11/07/2016 09:32:39] - |A| - (.-.) - [37509928] - (0.0.0.0) - Y:\x-video-converter-ultimate7-fr.exe [11/07/2016 09:32:43] - |A| - (.-.) - [26640091] - (0.0.0.0) - Y:\x-video-editor2-fr.exe [10/07/2016 19:49:27] - |A| - (.Nicolas Coolman - ZHPDiag.) - [2207232] - (2016.5.17.97) - Y:\ZHPDiag3.exe [11/07/2016 09:32:49] - |A| - (.Copyright © 1998-2016, Check Point, LTD - ZoneAlarm.) - [3412200] - (14.1.48.0) - Y:\zonealarm-free-antivirus-firewall_14-1-048-000_fr_10494.exe [11/07/2016 09:32:48] - |A| - (.Copyright © 1999-2011 Pro Softnet Corp. - ZoneAlarm Backup Powered by IDrive Setup .) - [9468744] - (0.0.0.0) - Y:\ZoneAlarmBackupSetup.exe [08/07/2016 19:32:32] - |A| - (.-.) - [262] - (0.0.0.0) - Y:\.label.info [10/07/2016 19:01:41] - |A| - (.-.) - [4248] - (0.0.0.0) - Y:\0x0404.ini [10/07/2016 19:01:41] - |A| - (.-.) - [7094] - (0.0.0.0) - Y:\0x0407.ini [10/07/2016 19:01:41] - |A| - (.-.) - [6129] - (0.0.0.0) - Y:\0x0409.ini [10/07/2016 19:01:41] - |A| - (.-.) - [7022] - (0.0.0.0) - Y:\0x040a.ini [10/07/2016 19:01:41] - |A| - (.-.) - [7242] - (0.0.0.0) - Y:\0x040c.ini [10/07/2016 19:01:41] - |A| - (.-.) - [6897] - (0.0.0.0) - Y:\0x0410.ini [10/07/2016 19:01:41] - |A| - (.-.) - [6623] - (0.0.0.0) - Y:\0x0411.ini [10/07/2016 19:01:42] - |A| - (.-.) - [5724] - (0.0.0.0) - Y:\0x0412.ini [10/07/2016 19:01:42] - |A| - (.-.) - [4315] - (0.0.0.0) - Y:\0x0804.ini [11/07/2016 08:44:52] - |A| - (.-.) - [6848] - (0.0.0.0) - Y:\a2settings.ini [11/07/2016 08:44:52] - |A| - (.-.) - [64] - (0.0.0.0) - Y:\a2whitelist.ini [12/05/2016 12:04:59] - |A| - (.-.) - [24] - (0.0.0.0) - Y:\Config.ini [10/07/2016 19:10:42] - |A| - (.-.) - [142] - (0.0.0.0) - Y:\Custom.ini [10/07/2016 19:31:48] - |A| - (.-.) - [40] - (0.0.0.0) - Y:\Define.ini [18/07/2016 18:18:04] - |A| - (.-.) - [282] - (0.0.0.0) - Y:\desktop(1).ini [10/07/2016 19:31:48] - |A| - (.-.) - [282] - (0.0.0.0) - Y:\desktop_FromLFS_ULTRA.ini [10/07/2016 07:41:44] - |A| - (.-.) - [2141] - (0.0.0.0) - Y:\Framakey.ini [10/07/2016 19:39:27] - |A| - (.-.) - [101] - (0.0.0.0) - Y:\info.ini [11/07/2016 09:24:15] - |A| - (.-.) - [0] - (0.0.0.0) - Y:\LogAnalyZer.ini [10/07/2016 19:44:47] - |A| - (.-.) - [1953] - (0.0.0.0) - Y:\Setup.ini [10/07/2016 19:48:12] - |A| - (.-.) - [208] - (0.0.0.0) - Y:\ureg.ini [12/05/2016 12:06:17] - |A| - (.-.) - [1598] - (0.0.0.0) - Y:\UserSettings.ini [11/07/2016 09:32:19] - |A| - (.-.) - [27] - (0.0.0.0) - Y:\VTU.ini X: [05/03/2016 05:03:37] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - X:\CyberLink_VideoMeetingPlus_Downloader.exe [05/03/2016 05:03:49] - |A| - (.Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [371303208] - (18.0.0.329) - X:\10295_Video-facile.exe [19/02/2016 07:20:58] - |A| - (. - Ashampoo Core Tuner 2 Setup .) - [2493632] - (1.0.0.0) - X:\ashampoo_core_tuner_2_dl.exe [19/02/2016 07:21:01] - |A| - (. - Ashampoo Undeleter Setup .) - [2493176] - (1.0.0.0) - X:\ashampoo_undeleter_dl.exe [23/03/2016 09:07:02] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - X:\CyberLink_PowerDirector_Ultimate_Suite_Downloader.exe [05/03/2016 05:06:44] - |A| - (.Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [371303208] - (18.0.0.329) - X:\10295_Video-facile-1.exe [23/03/2016 09:07:02] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - X:\CyberLink_PhotoDirector_Downloader.exe [24/02/2016 05:49:33] - |A| - (.© pdfforge GmbH - PDFCreator is the easy way of creating PDFs..) - [27980440] - (2.2.2.0) - X:\PDFCreator_Plus-2_2_2-setup.exe [24/02/2016 05:49:49] - |A| - (. - Ashampoo Cover Studio 2 Setup .) - [40270904] - (2.2.0.0) - X:\ashampoo_cover_studio_2_2.2.0_sm.exe [23/03/2016 19:12:36] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - X:\CyberLink_PhotoDirector_Downloader_1.exe [24/02/2016 05:50:08] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Anti-Malware Setup .) - [224621328] - (11.0.0.6131) - X:\EmsisoftAntiMalwareSetup.exe [24/02/2016 05:51:51] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [10513112] - (6.0.2800.1168) - X:\BingDesktopSetup.exe [23/03/2016 19:12:35] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - X:\CyberLink_PowerDirector_Ultimate_Suite_Downloader_1.exe [24/02/2016 05:53:16] - |A| - (. - Ashampoo Music Studio 6 Setup .) - [45366192] - (6.0.2.0) - X:\ashampoo_music_studio_6_e6.0.2_sm.exe [24/02/2016 05:53:34] - |A| - (. - Ashampoo Music Studio 5 Setup .) - [50101560] - (5.0.7.0) - X:\ashampoo_music_studio_5_e5.0.7_sm.exe [24/02/2016 05:54:56] - |A| - (.Copyright 2013 O&O Software GmbH - O&O SafeErase Professional.) - [772296] - (6.0.0.0) - X:\OOSafeEraseProfessional10ENU.exe [24/02/2016 05:54:57] - |A| - (.Serif WebPlus Starter Edition 4.0.2 © 2014 Serif (Europe) Ltd. Tous droits réservés. - Serif WebPlus Starter Edition Install.) - [175768400] - (1.0.0.0) - X:\ESDPK-WLX7-WebPlusStarterEdition-fr-FR.exe [23/03/2016 19:12:37] - |A| - (.Copyright © 1998-2016, Check Point, LTD - ZoneAlarm.) - [3412200] - (14.1.48.0) - X:\zonealarm-free-antivirus-firewall_14-1-048-000_fr_10494.exe [29/02/2016 09:55:33] - |A| - (.Serif WebPlus Starter Edition 4.0.2 © 2014 Serif (Europe) Ltd. Tous droits réservés. - Serif WebPlus Starter Edition Install.) - [175768400] - (1.0.0.0) - X:\ESDPK-WLX7-WebPlusStarterEdition-fr-FR_1.exe [29/02/2016 09:56:57] - |A| - (.Xplode - AdwCleaner.) - [1511936] - (5.0.3.6) - X:\adwcleaner_5.036(2).exe [29/02/2016 09:57:21] - |A| - (.tenorshare.com - Windows Care Genius .) - [16035976] - (3.9.4.355) - X:\windows-care-genius-trial.exe [29/02/2016 09:57:31] - |A| - (.-.) - [24727614] - (0.0.0.0) - X:\tenorshare-free-video-converter.exe [29/02/2016 09:57:43] - |A| - (.-.) - [266046792] - (0.0.0.0) - X:\tenorshare-windows-boot-genius-trial.exe [29/02/2016 09:59:55] - |A| - (. - Online Video Recorder Setup .) - [16879392] - (3.4.4.1) - X:\OnlineVideoRecorder_3_4_4_AQFR.exe [29/02/2016 10:02:09] - |A| - (.Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [453686816] - (17.0.0.717) - X:\Video_Explosion_Deluxe_Setup.exe [29/02/2016 10:05:55] - |A| - (.-.) - [32563203] - (0.0.0.0) - X:\tenorshare-windows-video-downloader-trial.exe [29/02/2016 10:06:09] - |A| - (. - .) - [61197060] - (4.1.100.1332) - X:\DigitalVideoDuplicator3_FR.exe [29/02/2016 10:06:40] - |A| - (.-.) - [24343000] - (0.0.0.0) - X:\tenorshare-video-converter-trial.exe [29/02/2016 12:07:11] - |A| - (.Nicolas Coolman - ZHPDiag.) - [2132480] - (2016.2.25.60) - X:\ZHPDiag3.exe [10/03/2016 18:27:33] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1064376] - (2.9.1.7325) - X:\CyberLink_Power2Go_Downloader.exe [10/03/2016 18:27:33] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - X:\CyberLink_YouCam_Downloader.exe [31/05/2016 09:22:30] - |A| - (.2001-2014 Canneverbe Limited - CDBurnerXP .) - [6230152] - (4.5.7.6140) - X:\cdbxp_setup_4.5.7.6139.exe W: [12/05/2016 12:04:54] - |A| - (.Copyright © 1999-2012 - BASS.) - [219136] - (2.4.9.0) - W:\bass.dll [12/05/2016 12:04:54] - |A| - (.Copyright © 2005-2012 by radio42: Bernd Niedergesaess, Germany. http://www.bass.radio42.com/ - bn@radio42.com - BASS.NET API for .Net.) - [638976] - (2.4.9.1) - W:\Bass.Net.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2003-2009 - BASSCD.) - [35328] - (2.4.3.1) - W:\basscd.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [48128] - (2.4.1.0) - W:\bassflac.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2005-2010 - BASSmix.) - [33280] - (2.4.4.0) - W:\bassmix.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2012 - BASSOPUS.) - [103424] - (0.0.0.1) - W:\bassopus.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [34816] - (2.4.4.0) - W:\basswma.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2007-2009 - BASSWV.) - [59904] - (2.4.1.0) - W:\basswv.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9416] - (2.4.3.0) - W:\bass_alac.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [81408] - (2.4.0.1) - W:\bass_ape.dll [12/05/2016 12:04:57] - |A| - (.2003-2006, MaresWEB - Musepack add-on for the BASS library.) - [45056] - (2.4.1.0) - W:\bass_mpc.dll [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBXPExt.) - [68608] - (4.5.7.6229) - W:\CDBXP.dll [12/05/2016 12:05:09] - |A| - (. - .) - [337408] - (13.0.0.0) - W:\LogicNP.FolderView.dll [12/05/2016 12:05:15] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2016. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3622784] - (15.6.1.1025) - W:\StarBurn.dll [14/07/2016 03:58:35] - |A| - (.© Reimage 2013 - Reimage Express Downloader.) - [591624] - (1.0.3.9) - W:\ReimageExpress.exe [14/07/2016 04:03:31] - |A| - (. - Ashampoo Media Sync Setup .) - [12641832] - (1.0.2.0) - W:\ashampoo_media_sync_e1.0.2_sm.exe [13/05/2016 06:34:57] - |A| - (.-.) - [97557896] - (0.0.0.0) - W:\CyberLink_MediaEspresso7.5_MEX160302-01.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP command line version.) - [25712] - (4.5.7.6229) - W:\cdbxpcmd.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP.) - [1746544] - (4.5.7.6229) - W:\cdbxpp.exe [12/05/2016 12:06:17] - |A| - (.-.) - [1598] - (0.0.0.0) - W:\UserSettings.ini [12/05/2016 12:04:59] - |A| - (.-.) - [24] - (0.0.0.0) - W:\Config.ini R: N: [05/05/2016 17:15:18] - |A| - (.© 2008/2016 - El Desaparecido - www.SOSVirus.net - UsbFix - Remove Malware From Your Drive!.) - [3124797] - (8.2.2.8) - N:\UsbFix_2016_8.233.exe [08/05/2016 13:18:31] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - N:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FAq2NsdKU).exe [08/05/2016 13:18:36] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [7033368] - (2.0.0.0) - N:\ccsetup_517.exe [08/05/2016 13:18:42] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Anti-Malware Setup .) - [237135456] - (11.7.0.6394) - N:\EmsisoftAntiMalwareSetup.exe [08/05/2016 13:19:02] - |A| - (.-.) - [232114840] - (0.0.0.0) - N:\EmsisoftEmergencyKit (1).exe [08/05/2016 13:19:19] - |A| - (.-.) - [232114840] - (0.0.0.0) - N:\EmsisoftEmergencyKit.exe [08/05/2016 13:19:43] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11441168] - (3.7.14.263) - N:\hitmanpro_x64.exe [08/05/2016 13:20:35] - |A| - (.Copyright © Malwarebytes Corporation - Malwarebytes Anti-Rootkit.) - [16563352] - (1.9.3.1001) - N:\mbar-1.09.3.1001.exe [08/05/2016 13:20:43] - |A| - (.Copyright ©2011 - 2016 - Setup Application.) - [21258848] - (3.8.0.7) - N:\tweaking.com_windows_repair_aio_setup.exe [08/05/2016 13:20:46] - |A| - (.© Copyright 2015 - AntiMalware .) - [5479312] - (2.20.613.0) - N:\Zemana.AntiMalware.Setup.exe [07/06/2016 10:44:01] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4140968] - (14.1.0.0) - N:\PortableApps.com_Platform_Setup_14.1.paf.exe [11/05/2016 19:55:40] - |A| - (.-.) - [505346176] - (0.0.0.0) - N:\CyberLink_ActionDirector_ACD160414-01.exe M: [21/07/2016 06:27:33] - |SH| - (.-.) - [32768] - (0.0.0.0) - M:\autorun.inf K: [31/01/2016 11:57:05] - |A| - (.-.) - [983040] - (0.8.0.5) - K:\Framakey.exe [21/07/2016 06:20:02] - |SH| - (.-.) - [4096] - (0.0.0.0) - K:\autorun.inf [31/01/2016 11:43:52] - |A| - (.-.) - [2141] - (0.0.0.0) - K:\Framakey.ini J: I: H: [14/03/2015 03:48:01] - |A| - (.© 2015 Western Digital Technologies, Inc. - Unlock Utility for WD Encrypted Drive.) - [2081624] - (1.2.0.9) - H:\WD Drive Unlock.exe [01/11/2011 22:39:30] - |A| - (.-.) - [79] - (0.0.0.0) - H:\autorun.inf F: E: D: [10/06/2016 09:49:59] - |A| - (.-.) - [44] - (0.0.0.0) - D:\language.ini ---------- | C: [23/07/2016 03:58:56] - |SHD| - [129] - C:\$RECYCLE.BIN [04/07/2016 13:38:47] - |D| - [1208092] - C:\$SysReset [14/07/2016 06:50:02] - |D| - [345] - C:\@RestoreQuarantine [22/07/2016 18:54:27] - |D| - [113827694] - C:\AdsFix [MD5.433E9E6A4E1AE7C13789F6C9C831AA5A] - [23/07/2016 09:50:15] - |A| - (.-.) - [161] - (0.0.0.0) - C:\AdsFix.txt [MD5.DD1795F2F69F186C0686C7DEB4914FBC] - [22/07/2016 18:54:59] - |A| - (.-.) - [44134] - (0.0.0.0) - C:\AdsFix_23_07_2016_03_48_03.txt [15/07/2016 15:52:04] - |D| - [1023077] - C:\AdwCleaner [10/06/2016 11:10:09] - |D| - [126954006] - C:\AMD [MD5.E058FDBB6999DE0D28819DA6A0BABD0E] - [13/07/2016 11:47:28] - |N| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [17/07/2016 13:14:52] - |RASHD| - [3] - C:\Autorun.inf [02/08/2012 04:02:18] - |SHD| - [18187548] - C:\Boot [MD5.0DBACCF6F62484244F6A48B7584019A8] - [30/10/2015 10:13:43] - |RASH| - (.-.) - [400228] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/10/2015 10:13:44] - |N| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [20/07/2016 21:48:43] - |AD| - [3444] - C:\cce_linux [10/06/2016 10:13:42] - |D| - [0] - C:\Config.Msi [MD5.DB42011BE360E93E82A86FEC4BA126A7] - [12/07/2016 11:48:41] - |A| - (.-.) - [952] - (0.0.0.0) - C:\DelFix.txt [26/07/2012 09:22:08] - |SD| - [0] - C:\Documents and Settings [19/06/2016 15:01:42] - |D| - [0] - C:\Downloads [MD5.7F3249873BC5E1593D5ACF6C244B0284] - [22/02/2011 18:00:42] - |A| - (.-.) - [729] - (0.0.0.0) - C:\drvopt.ini [MD5.3F252A8134EEEAB15324F3BE01FA2756] - [24/06/2016 08:33:23] - |A| - (.-.) - [3562] - (0.0.0.0) - C:\EamClean.log [19/07/2016 04:20:16] - |D| - [0] - C:\EverySync [15/07/2016 18:22:32] - |D| - [86413571] - C:\FRST [MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/07/2016 03:48:04] - |ASH| - (.-.) - [1535000576] - (0.0.0.0) - C:\hiberfil.sys [07/01/2013 13:49:41] - |D| - [3785648] - C:\hp [MD5.E2EF79EE6E04EF21F6D3665FCBB206D4] - [20/01/2016 12:20:16] - |A| - (.-.) - [51412] - (0.0.0.0) - C:\License.rtf [23/06/2016 18:11:13] - |D| - [0] - C:\Log [MD5.B8757B5EFEFFA88B375A3818194A5709] - [20/07/2016 06:35:30] - |A| - (.-.) - [35271] - (0.0.0.0) - C:\Look_my_hardware.tmp [14/07/2016 07:02:57] - |D| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 09:30:46] - |N| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2016 03:30:36] - |ASH| - (.-.) - [2281701376] - (0.0.0.0) - C:\pagefile.sys [25/06/2016 18:31:09] - |D| - [11162351] - C:\PcPinPoint [MD5.2F74B657971E6E5476E5DF4F2F6F4131] - [15/07/2016 18:33:29] - |A| - (.-.) - [13030] - (0.0.0.0) - C:\PDOXUSRS.NET [04/07/2016 14:13:00] - |D| - [0] - C:\PerfLogs [22/07/2016 08:20:51] - |D| - [5063316805] - C:\Pre_Scan [MD5.08A37D73F962E7D65C4CB8DE63ED1593] - [22/07/2016 14:41:00] - |RA| - (.-.) - [76150] - (0.0.0.0) - C:\Pre_Scan_22_07_2016_14_40_58.txt [04/07/2016 13:40:15] - |RD| - [5505471322] - C:\Program Files [04/07/2016 13:40:15] - |RD| - [11818765416] - C:\Program Files (x86) [04/07/2016 14:13:00] - |HD| - [44273151167] - C:\ProgramData [20/07/2016 06:10:50] - |D| - [262073] - C:\QuickDiag [MD5.76AA21BEA2DAE37516A0D76BF88D688E] - [23/07/2016 13:11:07] - |A| - (.-.) - [228799] - (0.0.0.0) - C:\QuickDiag.txt [MD5.0C42C172417377DA02029BA3A89231F2] - [20/07/2016 08:09:50] - |RA| - (.-.) - [814746] - (0.0.0.0) - C:\QuickDiag_20_07_2016_08_09_50.txt [01/08/2012 19:05:35] - |SHD| - [302183507] - C:\Recovery [21/06/2016 13:33:44] - |D| - [0] - C:\SauvegardePersonnelle [MD5.E401F896A58F4736BF0D3A6580667D72] - [11/07/2016 17:14:23] - |A| - (.-.) - [215] - (0.0.0.0) - C:\summary.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/06/2016 07:40:55] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [02/08/2012 05:15:28] - |AD| - [1021170935] - C:\SWSETUP [10/06/2016 07:40:53] - |SHD| - [0] - C:\System Volume Information [01/08/2012 11:57:15] - |D| - [38369859] - C:\SYSTEM.SAV [23/06/2016 15:25:46] - |D| - [1024] - C:\Temp [26/06/2016 12:38:46] - |D| - [0] - C:\TsTemp [14/07/2016 15:55:14] - |AD| - [46607009] - C:\UsbFix [04/07/2016 13:40:15] - |RD| - [259058726745] - C:\Users [26/06/2016 06:11:46] - |D| - [429355369] - C:\VTRoot [04/07/2016 13:40:15] - |D| - [19207661784] - C:\Windows [04/07/2016 14:33:54] - |D| - [42040030874] - C:\Windows.old [11/06/2016 06:38:23] - |D| - [2342] - C:\_Backup ---------- | C:\WINDOWS [04/07/2016 14:13:01] - |D| - [802] - C:\WINDOWS\addins [17/07/2016 14:07:21] - |D| - [7389] - C:\WINDOWS\amlog [MD5.5C5F66B72868C46D9DC872AF5B2233B0] - [13/07/2016 11:46:58] - |A| - (.-.) - [1920624] - (0.0.0.0) - C:\WINDOWS\ampa.exe [MD5.F7800E92FC8BF0DD62C778CDA9597D36] - [17/07/2016 14:06:13] - |A| - (.-.) - [424] - (0.0.0.0) - C:\WINDOWS\ampa.ini [04/07/2016 14:13:01] - |D| - [27819606] - C:\WINDOWS\appcompat [04/07/2016 14:13:01] - |D| - [12360910] - C:\WINDOWS\AppPatch [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\AppReadiness [04/07/2016 14:13:00] - |RSD| - [1028864743] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 13:45:01] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [04/07/2016 14:13:01] - |D| - [241412] - C:\WINDOWS\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\WINDOWS\bfsvc.exe [04/07/2016 14:13:01] - |D| - [32716961] - C:\WINDOWS\Boot [MD5.AFD631C44EF5336A3F3252C07217C3BA] - [04/07/2016 13:42:18] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [04/07/2016 14:13:01] - |D| - [2380376] - C:\WINDOWS\Branding [04/07/2016 13:55:34] - |D| - [48105304] - C:\WINDOWS\CbsTemp [20/07/2016 12:34:56] - |D| - [104857600] - C:\WINDOWS\ComodoVirtualDrives [04/07/2016 14:13:01] - |D| - [8970858] - C:\WINDOWS\Cursors [04/07/2016 14:13:01] - |D| - [4325967] - C:\WINDOWS\debug [04/07/2016 14:13:01] - |RD| - [20934] - C:\WINDOWS\DesktopTileResources [04/07/2016 14:13:01] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [04/07/2016 14:13:01] - |D| - [4217368] - C:\WINDOWS\diagnostics [04/07/2016 14:24:00] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.572F23380BF5169D68F70D09E254576E] - [20/07/2016 19:19:31] - |A| - (.-.) - [352] - (0.0.0.0) - C:\WINDOWS\dm.dmap [04/07/2016 14:13:01] - |SD| - [0] - C:\WINDOWS\Downloaded Program Files [04/07/2016 14:13:01] - |D| - [44568] - C:\WINDOWS\ELAMBKUP [04/07/2016 14:24:00] - |D| - [0] - C:\WINDOWS\en-US [MD5.538E0206CB36BDBF84CEA11A167D4593] - [17/07/2016 14:15:48] - |A| - (.-.) - [3213] - (0.0.0.0) - C:\WINDOWS\EPMBatch.ept [12/07/2016 11:48:46] - |D| - [85343332] - C:\WINDOWS\ERUNT [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 17:13:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.494) - C:\WINDOWS\explorer.exe [04/07/2016 14:13:01] - |RSD| - [356947094] - C:\WINDOWS\Fonts [04/07/2016 14:24:00] - |D| - [134144] - C:\WINDOWS\fr-FR [04/07/2016 14:13:01] - |D| - [20838848] - C:\WINDOWS\Globalization [04/07/2016 14:13:01] - |D| - [1589372] - C:\WINDOWS\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [18/07/2016 15:17:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.494) - C:\WINDOWS\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\WINDOWS\hh.exe [04/07/2016 14:13:01] - |D| - [173194846] - C:\WINDOWS\IME [04/07/2016 14:13:01] - |RD| - [6840341] - C:\WINDOWS\ImmersiveControlPanel [04/07/2016 14:08:46] - |D| - [75877591] - C:\WINDOWS\INF [04/07/2016 14:34:22] - |D| - [931024796] - C:\WINDOWS\InfusedApps [04/07/2016 14:13:01] - |D| - [36258450] - C:\WINDOWS\InputMethod [04/07/2016 14:13:01] - |SHD| - [834744391] - C:\WINDOWS\Installer [04/07/2016 14:13:01] - |D| - [89407] - C:\WINDOWS\L2Schemas [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\LiveKernelReports [04/07/2016 14:13:01] - |D| - [44284770] - C:\WINDOWS\Logs [04/07/2016 14:13:01] - |RSD| - [20145669] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - |N| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [04/07/2016 14:13:00] - |D| - [775286261] - C:\WINDOWS\Microsoft.NET [04/07/2016 14:13:01] - |D| - [2371] - C:\WINDOWS\Migration [18/07/2016 15:50:54] - |D| - [0] - C:\WINDOWS\Minidump [04/07/2016 14:13:01] - |RD| - [470257] - C:\WINDOWS\MiracastView [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.60336413E419C2EA5E215F1A32061E40] - [30/10/2015 09:19:28] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [244736] - (10.0.10586.0) - C:\WINDOWS\notepad.exe [MD5.6087E137D03FE5CAD214B4F536565730] - [23/07/2016 13:10:44] - |A| - (.-.) - [114] - (0.0.0.0) - C:\WINDOWS\ntbtlog.txt [04/07/2016 14:25:44] - |D| - [199124] - C:\WINDOWS\OCR [04/07/2016 14:13:01] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [04/07/2016 14:34:22] - |DC| - [0] - C:\WINDOWS\Panther [04/07/2016 14:13:01] - |D| - [28864584] - C:\WINDOWS\Performance [04/07/2016 14:13:01] - |D| - [1136442] - C:\WINDOWS\PLA [04/07/2016 14:13:01] - |D| - [2566565] - C:\WINDOWS\PolicyDefinitions [04/07/2016 14:13:01] - |D| - [35940855] - C:\WINDOWS\prefetch [04/07/2016 14:13:01] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [04/07/2016 14:13:01] - |D| - [1297393] - C:\WINDOWS\Provisioning [04/07/2016 14:13:01] - |RD| - [770223] - C:\WINDOWS\PurchaseDialog [MD5.D9D56AFAA121BD6B4206F7FF3DA84BBA] - [30/10/2015 09:17:48] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.10586.0) - C:\WINDOWS\regedit.exe [04/07/2016 14:13:01] - |D| - [1102632] - C:\WINDOWS\registration [04/07/2016 14:13:01] - |D| - [3424794] - C:\WINDOWS\rescache [04/07/2016 14:13:01] - |D| - [3728883] - C:\WINDOWS\Resources [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\SchCache [04/07/2016 14:13:01] - |D| - [121229] - C:\WINDOWS\schemas [04/07/2016 14:13:01] - |D| - [3637248] - C:\WINDOWS\security [04/07/2016 14:31:14] - |D| - [61175892] - C:\WINDOWS\ServiceProfiles [04/07/2016 13:40:15] - |D| - [90120248] - C:\WINDOWS\servicing [04/07/2016 14:28:55] - |D| - [42] - C:\WINDOWS\Setup [04/07/2016 14:13:01] - |D| - [9383] - C:\WINDOWS\ShellNew [04/07/2016 14:13:01] - |D| - [3070736] - C:\WINDOWS\SKB [04/07/2016 13:44:47] - |D| - [201814993] - C:\WINDOWS\SoftwareDistribution [04/07/2016 14:13:01] - |D| - [103543755] - C:\WINDOWS\Speech [04/07/2016 14:13:01] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - |N| - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\WINDOWS\splwow64.exe [MD5.271208ACE1D260AD45F208F9B3445464] - [20/05/2016 11:17:50] - |A| - (.-.) - [86448] - (0.0.0.0) - C:\WINDOWS\suite.vssMgr.exe [04/07/2016 14:13:01] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [04/07/2016 14:13:10] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [04/07/2016 13:40:15] - |D| - [4538708422] - C:\WINDOWS\System32 [04/07/2016 14:13:02] - |D| - [155460814] - C:\WINDOWS\SystemApps [04/07/2016 14:13:02] - |D| - [18175861] - C:\WINDOWS\SystemResources [04/07/2016 14:13:02] - |D| - [1397448983] - C:\WINDOWS\syswow64 [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\TAPI [04/07/2016 14:13:03] - |D| - [8292] - C:\WINDOWS\Tasks [04/07/2016 14:13:03] - |D| - [1483169] - C:\WINDOWS\Temp [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\tracing [04/07/2016 14:13:03] - |D| - [43083340] - C:\WINDOWS\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - |N| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [04/07/2016 14:13:03] - |D| - [12420] - C:\WINDOWS\Vss [MD5.98540955F498DF125A5199E1C1DFBCFD] - [07/07/2016 09:08:40] - |A| - (.-.) - [86448] - (0.0.0.0) - C:\WINDOWS\vssMgr.exe [04/07/2016 14:13:03] - |D| - [15729830] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [04/07/2016 14:13:10] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - |N| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\WINDOWS\winhlp32.exe [MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - [17/07/2016 17:59:12] - |A| - (.-.) - [85] - (0.0.0.0) - C:\WINDOWS\wininit.ini [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [13/07/2016 11:00:57] - |RASOT| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\winstart.bat [04/07/2016 13:40:15] - |D| - [7787815398] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - |N| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - |N| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\WINDOWS\write.exe [MD5.178206A134A273A2AD2CFF774DE71E56] - [23/07/2016 03:56:26] - |A| - (.-.) - [2200371] - (0.0.0.0) - C:\WINDOWS\ZAM.krnl.trace [MD5.80B61BC0F4929672749559B8820F336D] - [23/07/2016 03:56:26] - |A| - (.-.) - [2270018] - (0.0.0.0) - C:\WINDOWS\ZAM_Guard.krnl.trace ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [04/07/2016 19:01:03] - C:\WINDOWS\Installer\135be1.msi : (LCL - e-Carte Bleue LCL) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/07/2016 12:01:33] - C:\WINDOWS\Installer\21ad29.msi : (Rebit Pro - Rebit, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/06/2015 18:00:00] - C:\WINDOWS\Installer\23c57a.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/02/2016 09:39:18] - C:\WINDOWS\Installer\24166f.msi : (swMSM - Adobe Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 19:57:14] - C:\WINDOWS\Installer\268a3a.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:10:27] - C:\WINDOWS\Installer\268a45.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/07/2011 20:36:38] - C:\WINDOWS\Installer\268a4d.msi : ( - DivX, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:30:13] - C:\WINDOWS\Installer\268b92.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:33:02] - C:\WINDOWS\Installer\268caf.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/06/2016 14:41:34] - C:\WINDOWS\Installer\268cc3.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/06/2016 23:22:41] - C:\WINDOWS\Installer\268cc7.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/06/2016 19:30:38] - C:\WINDOWS\Installer\268ccb.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 21:25:01] - C:\WINDOWS\Installer\268ccf.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/11/2015 18:45:46] - C:\WINDOWS\Installer\278f0b1.msi : (Media Go Network Downloader - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 11:00:04] - C:\WINDOWS\Installer\278f0b8.msi : (Media Go Video Playback Engine-2.20.103.05220 - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/11/2015 21:22:47] - C:\WINDOWS\Installer\278f0be.msi : (Media Go - Sony. Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:51:37] - C:\WINDOWS\Installer\3429b56.msi : (PDF Architect 4 View Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:52:52] - C:\WINDOWS\Installer\3429b5c.msi : (PDF Architect 4 Edit Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:53:09] - C:\WINDOWS\Installer\3429b62.msi : (PDF Architect 4 Create Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:53:39] - C:\WINDOWS\Installer\3429b68.msi : (Manager - 2015 pdfforge GmbH. All rights reserved) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:56:16] - C:\WINDOWS\Installer\3429b74.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 10:04:10] - C:\WINDOWS\Installer\3603535.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:34:20] - C:\WINDOWS\Installer\3bc50b.msi : (LWS Help_main - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:18] - C:\WINDOWS\Installer\3bc511.msi : (LWS Webcam Software - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:16] - C:\WINDOWS\Installer\3bc517.msi : (CameraHelperMsi - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2012 19:55:20] - C:\WINDOWS\Installer\3bc51d.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2012 00:15:18] - C:\WINDOWS\Installer\3bc523.msi : (LWS Facebook - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:19:08] - C:\WINDOWS\Installer\3bc529.msi : (LWS Gallery - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:36:58] - C:\WINDOWS\Installer\3bc52f.msi : (LWS Launcher - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:12] - C:\WINDOWS\Installer\3bc535.msi : (LWS Motion Detection - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:22] - C:\WINDOWS\Installer\3bc53b.msi : (LWS Pictures And Video - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2011 04:51:16] - C:\WINDOWS\Installer\3bc541.msi : (LWS Twitter - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/06/2011 05:26:48] - C:\WINDOWS\Installer\3bc547.msi : (LWS WLM Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:14:28] - C:\WINDOWS\Installer\3bc54d.msi : (LWS YouTube Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/07/2016 15:11:57] - C:\WINDOWS\Installer\49e5ab.msi : (Program - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/07/2016 07:44:32] - C:\WINDOWS\Installer\5ffebd.msi : (COMODO Cloud Antivirus - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:24] - C:\WINDOWS\Installer\975fd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 10:49:56] - C:\WINDOWS\Installer\97603.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:16] - C:\WINDOWS\Installer\97609.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:22] - C:\WINDOWS\Installer\9760f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:30] - C:\WINDOWS\Installer\97615.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:36] - C:\WINDOWS\Installer\9761b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:44] - C:\WINDOWS\Installer\97621.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:52] - C:\WINDOWS\Installer\97627.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:00] - C:\WINDOWS\Installer\9762d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:06] - C:\WINDOWS\Installer\97633.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:16] - C:\WINDOWS\Installer\97639.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:22] - C:\WINDOWS\Installer\9763f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:30] - C:\WINDOWS\Installer\97645.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:38] - C:\WINDOWS\Installer\9764b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:46] - C:\WINDOWS\Installer\97651.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:54] - C:\WINDOWS\Installer\97657.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:02] - C:\WINDOWS\Installer\9765d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:10] - C:\WINDOWS\Installer\97663.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:18] - C:\WINDOWS\Installer\97669.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:26] - C:\WINDOWS\Installer\9766f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:34] - C:\WINDOWS\Installer\97675.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:42] - C:\WINDOWS\Installer\9767b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:50] - C:\WINDOWS\Installer\97681.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:58] - C:\WINDOWS\Installer\97687.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:06] - C:\WINDOWS\Installer\9768d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:40] - C:\WINDOWS\Installer\97693.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:07:30] - C:\WINDOWS\Installer\97699.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:12] - C:\WINDOWS\Installer\9769f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2016 04:41:00] - C:\WINDOWS\Installer\a77355.msi : (Epson Software Updater - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:11] - C:\WINDOWS\Installer\aadb48.msi : (PDF Architect 4 Secure Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:35] - C:\WINDOWS\Installer\aadb4f.msi : (PDF Architect 4 Convert Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:16] - C:\WINDOWS\Installer\aadb56.msi : (PDF Architect 4 Review Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:21] - C:\WINDOWS\Installer\aadb5d.msi : (PDF Architect 4 Insert Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:14] - C:\WINDOWS\Installer\aadb64.msi : (PDF Architect 4 Forms Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:45:04] - C:\WINDOWS\Installer\b498c0.msi : (PDF Architect 4 OCR Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2016 12:09:58] - C:\WINDOWS\Installer\b64844.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/08/2015 00:00:00] - C:\WINDOWS\Installer\b6484b.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 08:45:36] - C:\WINDOWS\Installer\b64859.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2016 09:03:52] - C:\WINDOWS\Installer\d43827.msi : (Classic Shell - IvoSoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2015 17:11:46] - C:\WINDOWS\Installer\e9fb70.msi : (Installs WD Security - Western Digital Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2016 11:47:42] - C:\WINDOWS\Installer\e9fb77.msi : (Installs WD Drive Utilities - Western Digital Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2016 11:59:48] - C:\WINDOWS\Installer\e9fb7e.msi : (WD Backup plugin - Western Digital Technologies, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\WINDOWS\System32\ieuinit.inf [26/10/2012 16:42:24] - [29494] - C:\WINDOWS\System32\lvcoin64.ini [04/07/2016 14:00:41] - [1848398] - C:\WINDOWS\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\WINDOWS\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\WINDOWS\System32\WimBootCompress.ini [05/07/2016 07:26:48] - [17134] - C:\WINDOWS\Syswow64\GeneStor.INF [30/10/2015 09:19:39] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [30/10/2015 09:18:25] - [2269] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | [jean-] [10/06/2016 20:03:44] - |D| - [2391] - C:\Users\jean-\.android [13/06/2016 07:11:26] - |D| - [1240] - C:\Users\jean-\.cache [26/06/2016 10:41:34] - |D| - [130524] - C:\Users\jean-\.VirtualBox [04/07/2016 13:54:53] - |HD| - [1581126124] - C:\Users\jean-\AppData [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Application Data [10/06/2016 11:01:11] - |RD| - [412] - C:\Users\jean-\Contacts [04/07/2016 13:54:55] - |SHD| - [201] - C:\Users\jean-\Cookies [22/07/2016 06:44:59] - |A| - [0] - C:\Users\jean-\defogger_reenable [10/06/2016 10:59:41] - |RD| - [114447624647] - C:\Users\jean-\Desktop [16/06/2016 09:16:23] - |D| - [5620710129] - C:\Users\jean-\Doctor Web [10/06/2016 10:59:41] - |RD| - [30029918615] - C:\Users\jean-\Documents [10/06/2016 10:59:41] - |RD| - [6621782517] - C:\Users\jean-\Downloads [14/06/2016 06:35:45] - |RD| - [51255596602] - C:\Users\jean-\Dropbox [10/06/2016 10:59:41] - |RD| - [32718] - C:\Users\jean-\Favorites [10/06/2016 10:59:41] - |RD| - [3658] - C:\Users\jean-\Links [04/07/2016 13:54:55] - |SHD| - [729149948] - C:\Users\jean-\Local Settings [04/07/2016 13:54:55] - |SHD| - [90332] - C:\Users\jean-\Menu Démarrer [04/07/2016 13:54:55] - |SHD| - [30029918615] - C:\Users\jean-\Mes documents [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Modèles [10/06/2016 10:59:41] - |RD| - [1781480565] - C:\Users\jean-\Music [04/07/2016 13:54:53] - |ASH| - [2621440] - C:\Users\jean-\ntuser.dat [04/07/2016 13:54:55] - |ASH| - [24576] - C:\Users\jean-\ntuser.dat.LOG1 [04/07/2016 13:54:55] - |ASH| - [376832] - C:\Users\jean-\ntuser.dat.LOG2 [16/07/2016 06:07:00] - |ASH| - [65536] - C:\Users\jean-\ntuser.dat{45428003-4b0a-11e6-b97f-4c72b9f956a2}.TM.blf [16/07/2016 06:07:00] - |ASH| - [524288] - C:\Users\jean-\ntuser.dat{45428003-4b0a-11e6-b97f-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [16/07/2016 06:07:00] - |ASH| - [524288] - C:\Users\jean-\ntuser.dat{45428003-4b0a-11e6-b97f-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [04/07/2016 13:54:55] - |ASH| - [65536] - C:\Users\jean-\NTUSER.DAT{786831fd-41db-11e6-b965-8a5c5cb95714}.TM.blf [04/07/2016 13:54:55] - |ASH| - [524288] - C:\Users\jean-\NTUSER.DAT{786831fd-41db-11e6-b965-8a5c5cb95714}.TMContainer00000000000000000001.regtrans-ms [04/07/2016 13:54:55] - |ASH| - [524288] - C:\Users\jean-\NTUSER.DAT{786831fd-41db-11e6-b965-8a5c5cb95714}.TMContainer00000000000000000002.regtrans-ms [04/07/2016 13:59:11] - |SH| - [20] - C:\Users\jean-\ntuser.ini [10/06/2016 11:07:58] - |RD| - [16040321074] - C:\Users\jean-\OneDrive [10/06/2016 10:59:41] - |RD| - [63570987] - C:\Users\jean-\Pictures [04/07/2016 13:54:55] - |SHD| - [156223] - C:\Users\jean-\Recent [10/06/2016 10:59:41] - |RD| - [282] - C:\Users\jean-\Saved Games [04/07/2016 13:59:24] - |RD| - [1875] - C:\Users\jean-\Searches [04/07/2016 13:54:55] - |SHD| - [3727] - C:\Users\jean-\SendTo [26/06/2016 05:35:59] - |A| - [0] - C:\Users\jean-\Sti_Trace.log [01/07/2016 09:40:35] - |D| - [0] - C:\Users\jean-\ultracopier [10/06/2016 10:59:41] - |RD| - [113104619] - C:\Users\jean-\Videos [26/06/2016 10:45:11] - |D| - [0] - C:\Users\jean-\VirtualBox VMs [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Voisinage d'impression [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Voisinage réseau [14/06/2016 10:48:05] - |A| - [2219008] - C:\Users\jean-\ZHPDiag3.exe [04/07/2016 13:59:20] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Adobe [14/07/2016 11:22:35] - |D| - [6789516] - C:\Users\jean-\AppData\Roaming\Anvsoft [15/07/2016 13:48:09] - |D| - [6462] - C:\Users\jean-\AppData\Roaming\Apowersoft [12/07/2016 12:28:42] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Ashampoo Slideshow Studio HD 4 [04/07/2016 14:06:42] - |D| - [0] - C:\Users\jean-\AppData\Roaming\ATI [09/07/2016 05:49:56] - |D| - [5128] - C:\Users\jean-\AppData\Roaming\Auslogics [05/07/2016 10:03:45] - |D| - [16073691] - C:\Users\jean-\AppData\Roaming\AVAST Software [05/07/2016 10:21:49] - |D| - [19457164] - C:\Users\jean-\AppData\Roaming\Comodo [04/07/2016 15:08:44] - |D| - [4276883] - C:\Users\jean-\AppData\Roaming\CyberLink [13/07/2016 12:12:08] - |D| - [0] - C:\Users\jean-\AppData\Roaming\DAEMON Tools Pro [17/07/2016 06:14:33] - |D| - [0] - C:\Users\jean-\AppData\Roaming\DivX [04/07/2016 18:46:15] - |D| - [229855232] - C:\Users\jean-\AppData\Roaming\Downloaded Installations [05/07/2016 09:58:37] - |D| - [280916] - C:\Users\jean-\AppData\Roaming\Dropbox [05/07/2016 08:17:00] - |D| - [4495183] - C:\Users\jean-\AppData\Roaming\DVDVideoSoft [18/07/2016 18:16:33] - |D| - [384] - C:\Users\jean-\AppData\Roaming\EASEUS [13/07/2016 11:28:45] - |D| - [64] - C:\Users\jean-\AppData\Roaming\epm [06/07/2016 14:56:31] - |D| - [6777] - C:\Users\jean-\AppData\Roaming\Epson [18/07/2016 18:15:22] - |D| - [95937102] - C:\Users\jean-\AppData\Roaming\eufsc [13/07/2016 10:14:41] - |D| - [0] - C:\Users\jean-\AppData\Roaming\IceDragon [19/07/2016 13:57:47] - |D| - [76229] - C:\Users\jean-\AppData\Roaming\JAM Software [18/07/2016 09:18:48] - |D| - [32208] - C:\Users\jean-\AppData\Roaming\KC Softwares [04/07/2016 14:58:31] - |D| - [345] - C:\Users\jean-\AppData\Roaming\Leadertech [04/07/2016 14:50:26] - |D| - [506] - C:\Users\jean-\AppData\Roaming\Macromedia [04/07/2016 13:54:53] - |SD| - [1196276] - C:\Users\jean-\AppData\Roaming\Microsoft [17/07/2016 15:46:00] - |D| - [1252] - C:\Users\jean-\AppData\Roaming\mov Audio Extractor [05/07/2016 11:33:14] - |D| - [153418709] - C:\Users\jean-\AppData\Roaming\Mozilla [19/07/2016 10:55:54] - |D| - [0] - C:\Users\jean-\AppData\Roaming\MPC-HC [17/07/2016 15:46:30] - |D| - [0] - C:\Users\jean-\AppData\Roaming\New Version Available [04/07/2016 18:48:45] - |D| - [1182] - C:\Users\jean-\AppData\Roaming\Nitro [05/07/2016 09:52:45] - |D| - [247317] - C:\Users\jean-\AppData\Roaming\PDF Architect 4 [17/07/2016 15:56:12] - |AD| - [9217859] - C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious [16/07/2016 17:13:37] - |D| - [48913] - C:\Users\jean-\AppData\Roaming\proDAD [21/07/2016 06:23:13] - |D| - [0] - C:\Users\jean-\AppData\Roaming\SingularLabs [05/07/2016 06:14:18] - |D| - [183286004] - C:\Users\jean-\AppData\Roaming\Sony [05/07/2016 06:18:37] - |D| - [822] - C:\Users\jean-\AppData\Roaming\Sony Corporation [04/07/2016 18:03:36] - |D| - [0] - C:\Users\jean-\AppData\Roaming\spotmau [14/07/2016 14:39:22] - |D| - [300856] - C:\Users\jean-\AppData\Roaming\StartMenuX [04/07/2016 14:54:26] - |D| - [13705941] - C:\Users\jean-\AppData\Roaming\TeraCopy [19/07/2016 19:32:34] - |D| - [8439520] - C:\Users\jean-\AppData\Roaming\Thunderbird [12/07/2016 07:13:00] - |D| - [29261131] - C:\Users\jean-\AppData\Roaming\UsbFix [13/07/2016 10:41:33] - |D| - [0] - C:\Users\jean-\AppData\Roaming\UserData [04/07/2016 18:03:31] - |A| - [87647] - C:\Users\jean-\AppData\Roaming\userenv.xml [14/07/2016 15:50:06] - |D| - [7226] - C:\Users\jean-\AppData\Roaming\Western Digital [05/07/2016 11:43:14] - |D| - [1731864] - C:\Users\jean-\AppData\Roaming\Wondershare [05/07/2016 09:10:29] - |D| - [1051608] - C:\Users\jean-\AppData\Roaming\Wondershare Free YouTube Downloader [04/07/2016 18:28:53] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Wondershare Video Converter Free [15/07/2016 18:23:18] - |D| - [133525] - C:\Users\jean-\AppData\Roaming\ZHP [16/07/2016 07:35:29] - |D| - [126992] - C:\Users\jean-\AppData\Local\Acelogix [04/07/2016 14:02:29] - |D| - [0] - C:\Users\jean-\AppData\Local\ActiveSync [04/07/2016 14:07:10] - |D| - [8] - C:\Users\jean-\AppData\Local\AMD [13/07/2016 12:35:12] - |D| - [29153] - C:\Users\jean-\AppData\Local\AntiLogger Free [15/07/2016 13:47:53] - |D| - [3883624] - C:\Users\jean-\AppData\Local\Apowersoft [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\AppData\Local\Application Data [12/07/2016 11:26:23] - |D| - [366364] - C:\Users\jean-\AppData\Local\ashampoo [04/07/2016 14:06:42] - |D| - [66104] - C:\Users\jean-\AppData\Local\ATI [12/07/2016 11:57:42] - |D| - [0] - C:\Users\jean-\AppData\Local\CEF [20/07/2016 09:49:40] - |D| - [959459] - C:\Users\jean-\AppData\Local\ClassicShell [04/07/2016 14:04:46] - |D| - [22028392] - C:\Users\jean-\AppData\Local\Comms [13/07/2016 10:14:16] - |D| - [815117] - C:\Users\jean-\AppData\Local\Comodo [12/07/2016 13:11:15] - |D| - [1071665] - C:\Users\jean-\AppData\Local\CrashDumps [04/07/2016 15:08:33] - |D| - [28512656] - C:\Users\jean-\AppData\Local\CyberLink [04/07/2016 15:12:07] - |D| - [43752960] - C:\Users\jean-\AppData\Local\Downloaded Installations [05/07/2016 09:56:49] - |D| - [283763413] - C:\Users\jean-\AppData\Local\Dropbox [12/07/2016 11:57:20] - |D| - [44032] - C:\Users\jean-\AppData\Local\Free Download Manager [19/07/2016 13:44:13] - |D| - [1566] - C:\Users\jean-\AppData\Local\FreemakeVideoConverter [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\AppData\Local\Historique [13/07/2016 12:52:55] - |D| - [82] - C:\Users\jean-\AppData\Local\iSkysoft [04/07/2016 15:02:54] - |D| - [2914129] - C:\Users\jean-\AppData\Local\Logitech® Webcam Software [04/07/2016 13:54:53] - |D| - [197449742] - C:\Users\jean-\AppData\Local\Microsoft [04/07/2016 14:07:29] - |D| - [87469] - C:\Users\jean-\AppData\Local\MicrosoftEdge [05/07/2016 11:33:15] - |D| - [12301266] - C:\Users\jean-\AppData\Local\Mozilla [04/07/2016 13:59:21] - |D| - [87333228] - C:\Users\jean-\AppData\Local\Packages [05/07/2016 09:53:55] - |D| - [2877] - C:\Users\jean-\AppData\Local\PDFCreator [04/07/2016 15:08:58] - |D| - [40960] - C:\Users\jean-\AppData\Local\Power2Go10 [04/07/2016 14:53:23] - |D| - [0] - C:\Users\jean-\AppData\Local\Programs [04/07/2016 14:02:22] - |D| - [0] - C:\Users\jean-\AppData\Local\Publishers [05/07/2016 06:17:34] - |D| - [9975] - C:\Users\jean-\AppData\Local\Sony [04/07/2016 13:54:53] - |D| - [17019784] - C:\Users\jean-\AppData\Local\Temp [04/07/2016 13:54:55] - |SHD| - [5243120] - C:\Users\jean-\AppData\Local\Temporary Internet Files [19/07/2016 19:32:35] - |D| - [2324703] - C:\Users\jean-\AppData\Local\Thunderbird [04/07/2016 13:59:17] - |D| - [12001280] - C:\Users\jean-\AppData\Local\TileDataLayer [04/07/2016 13:59:37] - |D| - [370] - C:\Users\jean-\AppData\Local\VirtualStore [04/07/2016 14:54:35] - |D| - [82] - C:\Users\jean-\AppData\Local\Wondershare [13/07/2016 12:35:12] - |D| - [7006816] - C:\Users\jean-\AppData\Local\Zemana [05/07/2016 10:03:45] - |D| - [1140] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup [04/07/2016 13:59:24] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [17/07/2016 15:45:35] - |A| - [1340] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\mov Audio Extractor.lnk [04/07/2016 13:54:55] - |SD| - [42760] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [04/07/2016 13:54:53] - |RD| - [42760] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/07/2016 09:49:27] - |A| - [2158] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk [04/07/2016 13:54:53] - |RD| - [3888] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [04/07/2016 13:54:53] - |RD| - [2927] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [04/07/2016 13:59:25] - |RD| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [23/07/2016 05:20:39] - |D| - [4185] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Digital Studio [17/07/2016 16:10:24] - |D| - [2630] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COMODO [04/07/2016 13:59:24] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [22/07/2016 07:37:48] - |A| - [2131] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk [19/07/2016 13:43:20] - |D| - [1525] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [21/07/2016 05:09:03] - |D| - [3146] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free [20/07/2016 19:09:47] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Partition Extender Free [04/07/2016 13:54:53] - |D| - [170] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [04/07/2016 14:08:45] - |A| - [2409] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [20/07/2016 11:50:20] - |A| - [761] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PortableApps.com Platform.lnk [04/07/2016 13:59:25] - |RD| - [2335] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [04/07/2016 14:53:08] - |D| - [2043] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier [04/07/2016 13:54:53] - |RD| - [5318] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [04/07/2016 14:56:00] - |D| - [1706] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier [04/07/2016 13:54:53] - |RSD| - [7238] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [04/07/2016 13:59:25] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [18/07/2016 18:15:38] - |A| - [1400] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EaseUS EverySync.lnk [20/07/2016 11:50:19] - |A| - [761] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PortableApps.com Platform.lnk ---------- | [Public] [10/06/2016 11:01:11] - |RHD| - [196] - C:\Users\Public\AccountPictures [04/07/2016 15:24:09] - |D| - [16932] - C:\Users\Public\CyberLink [30/10/2015 09:24:24] - |RHD| - [872167] - C:\Users\Public\Desktop [04/07/2016 14:13:09] - |ASH| - [174] - C:\Users\Public\desktop.ini [30/10/2015 09:24:24] - |RD| - [725153995] - C:\Users\Public\Documents [30/10/2015 09:24:24] - |RD| - [174] - C:\Users\Public\Downloads [04/07/2016 14:13:01] - |RHD| - [1135] - C:\Users\Public\Libraries [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Music [30/10/2015 09:24:24] - |RD| - [8854459] - C:\Users\Public\Pictures [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [23/07/2016 03:57:13] - |D| - [304] - C:\ProgramData\AMD [13/07/2016 11:54:43] - |D| - [121] - C:\ProgramData\AomeiBR [04/07/2016 13:58:02] - |SHD| - [40670877251] - C:\ProgramData\Application Data [05/07/2016 13:03:50] - |D| - [523938] - C:\ProgramData\Ashampoo [04/07/2016 14:06:42] - |D| - [186] - C:\ProgramData\ATI [09/07/2016 05:50:02] - |D| - [0] - C:\ProgramData\Auslogics [04/07/2016 13:58:02] - |SHD| - [872167] - C:\ProgramData\Bureau [04/07/2016 14:13:00] - |D| - [0] - C:\ProgramData\Comms [23/07/2016 03:57:18] - |D| - [67142943] - C:\ProgramData\COMODO [04/07/2016 15:01:09] - |D| - [59019581] - C:\ProgramData\CyberLink [13/07/2016 12:11:01] - |D| - [1916] - C:\ProgramData\DAEMON Tools Pro [16/07/2016 15:42:29] - |D| - [4086116] - C:\ProgramData\DivX [04/07/2016 13:58:02] - |SHD| - [725153995] - C:\ProgramData\Documents [05/07/2016 09:56:49] - |D| - [481038] - C:\ProgramData\Dropbox [23/07/2016 04:18:06] - |D| - [16121403] - C:\ProgramData\EPSON [19/07/2016 13:43:14] - |D| - [10977015] - C:\ProgramData\Freemake [06/07/2016 13:55:17] - |D| - [2319430] - C:\ProgramData\HitmanPro [12/07/2016 11:55:45] - |D| - [122] - C:\ProgramData\Informer Technologies, Inc [13/07/2016 12:43:26] - |D| - [4515725] - C:\ProgramData\iSkysoft [13/07/2016 12:45:49] - |D| - [5191] - C:\ProgramData\iSkysoft iMedia Converter Deluxe [04/07/2016 14:59:10] - |D| - [274] - C:\ProgramData\LogiShrd [15/07/2016 14:15:06] - |D| - [54455] - C:\ProgramData\Malwarebytes [19/07/2016 08:45:10] - |D| - [17182140] - C:\ProgramData\Malwarebytes Anti-Exploit [04/07/2016 13:58:02] - |SHD| - [628474] - C:\ProgramData\Menu Démarrer [04/07/2016 14:13:00] - |SD| - [1759035850] - C:\ProgramData\Microsoft [04/07/2016 14:06:36] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [19/07/2016 13:57:30] - |D| - [293690] - C:\ProgramData\MindGems [04/07/2016 13:58:02] - |SHD| - [0] - C:\ProgramData\Modèles [20/07/2016 19:02:30] - |D| - [0] - C:\ProgramData\NCH Software [04/07/2016 18:48:02] - |D| - [35130762] - C:\ProgramData\Nitro [04/07/2016 13:46:10] - |D| - [55864988] - C:\ProgramData\Package Cache [05/07/2016 09:50:50] - |D| - [168974274] - C:\ProgramData\PDF Architect 4 [11/07/2016 16:58:21] - |D| - [36] - C:\ProgramData\PDVD [16/07/2016 17:13:31] - |D| - [66867486] - C:\ProgramData\proDAD [13/07/2016 12:01:28] - |D| - [105019327] - C:\ProgramData\Rebit [04/07/2016 14:13:01] - |D| - [1000] - C:\ProgramData\regid.1991-06.com.microsoft [13/07/2016 11:02:41] - |D| - [0] - C:\ProgramData\RegRun [13/07/2016 12:31:11] - |D| - [607554] - C:\ProgramData\RogueKiller [18/07/2016 13:46:01] - |D| - [1754] - C:\ProgramData\RogueKillerPE [04/07/2016 14:13:01] - |D| - [0] - C:\ProgramData\SoftwareDistribution [05/07/2016 06:17:21] - |D| - [12893] - C:\ProgramData\Sony Corporation [14/07/2016 10:50:02] - |D| - [674148] - C:\ProgramData\Spybot - Search & Destroy [14/07/2016 14:40:09] - |D| - [5622] - C:\ProgramData\StartMenuX [04/07/2016 15:06:10] - |AD| - [0] - C:\ProgramData\Temp [04/07/2016 18:02:55] - |D| - [5640] - C:\ProgramData\TuneUp360 [06/07/2016 15:01:29] - |D| - [4680] - C:\ProgramData\UDL [04/07/2016 14:13:01] - |D| - [2498] - C:\ProgramData\USOPrivate [04/07/2016 13:44:55] - |D| - [1753088] - C:\ProgramData\USOShared [14/07/2016 14:29:36] - |D| - [93290] - C:\ProgramData\Western Digital [04/07/2016 14:54:47] - |D| - [13440029] - C:\ProgramData\Wondershare [04/07/2016 18:13:22] - |D| - [1419] - C:\ProgramData\Wondershare Application Common Data [04/07/2016 18:13:37] - |D| - [2036] - C:\ProgramData\Wondershare Free YouTube Downloader [04/07/2016 18:51:04] - |D| - [60582] - C:\ProgramData\Wondershare Player [04/07/2016 18:25:39] - |D| - [5629] - C:\ProgramData\Wondershare Video Converter Free [04/07/2016 14:52:59] - |D| - [485333281] - C:\ProgramData\Wondershare Video Editor [14/07/2016 15:45:30] - |D| - [0] - C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [04/07/2016 14:13:09] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [04/07/2016 13:58:02] - |SHD| - [314150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [04/07/2016 14:13:00] - |RD| - [314150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [04/07/2016 14:13:00] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [04/07/2016 14:13:00] - |RD| - [15666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [04/07/2016 14:13:00] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/07/2016 13:47:50] - |D| - [4373] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [13/07/2016 11:47:14] - |D| - [2914] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.0 [05/07/2016 13:06:20] - |D| - [5441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [05/07/2016 06:12:06] - |D| - [1608] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau [17/07/2016 15:56:15] - |D| - [1157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blockulicious [20/07/2016 09:04:04] - |D| - [3588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell [05/07/2016 10:21:23] - |D| - [10832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [13/07/2016 12:25:16] - |A| - [2091] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ActionDirector 1.1 (64-Bit).lnk [11/07/2016 15:03:17] - |RD| - [39598] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite [16/07/2016 18:18:25] - |RD| - [2288] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 7 [04/07/2016 17:49:30] - |A| - [2486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PresenterLink+.lnk [04/07/2016 15:42:14] - |A| - [2414] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink VideoMeeting+.lnk [16/07/2016 14:17:16] - |A| - [1970] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7 Mirror.lnk [16/07/2016 14:17:15] - |A| - [2248] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7.lnk [13/07/2016 12:12:09] - |D| - [1910] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [18/07/2016 18:15:20] - |ASH| - [1566] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |A| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |A| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [16/07/2016 15:44:11] - |D| - [4969] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [19/07/2016 04:06:12] - |D| - [1314] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [05/07/2016 08:22:04] - |D| - [8696] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [04/07/2016 19:01:17] - |D| - [4688] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL [18/07/2016 18:15:37] - |D| - [2846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS EverySync 3.0 [13/07/2016 11:55:19] - |D| - [3175] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0 [13/07/2016 12:09:42] - |D| - [2721] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 9.2 [14/07/2016 11:00:33] - |D| - [2871] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans [06/07/2016 14:58:56] - |D| - [2051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [06/07/2016 14:37:11] - |D| - [7064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [20/07/2016 19:02:37] - |A| - [1229] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk [19/07/2016 13:57:30] - |D| - [5079] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size [19/07/2016 13:43:20] - |D| - [1443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [06/07/2016 13:57:17] - |D| - [3982] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [30/10/2015 09:19:28] - |A| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [13/07/2016 12:52:00] - |D| - [1211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft [05/07/2016 09:54:01] - |D| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [04/07/2016 14:57:57] - |D| - [1733] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [04/07/2016 14:13:00] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [19/07/2016 08:45:29] - |D| - [2483] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit [13/07/2016 11:54:47] - |D| - [3333] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1 [30/10/2015 09:17:57] - |A| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [17/07/2016 15:45:34] - |D| - [2674] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mov Audio Extractor [05/07/2016 10:12:41] - |A| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [19/07/2016 19:26:13] - |A| - [1292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [16/07/2016 17:12:15] - |D| - [1406] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue [04/07/2016 18:48:10] - |A| - [2503] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 5.lnk [04/07/2016 15:13:59] - |D| - [3354] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Migrate OS to SSD™ 4.0 [05/07/2016 09:50:31] - |D| - [5672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [30/10/2015 09:19:28] - |A| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [13/07/2016 12:03:59] - |D| - [1153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit Pro [21/07/2016 06:15:06] - |D| - [1080] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remembr [13/07/2016 12:32:09] - |D| - [923] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [18/07/2016 13:50:20] - |D| - [953] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKillerPE [05/07/2016 06:18:08] - |D| - [1984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [14/07/2016 14:56:08] - |D| - [2790] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X [04/07/2016 14:13:00] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [04/07/2016 14:13:00] - |RD| - [4033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [04/07/2016 14:13:00] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [04/07/2016 14:53:36] - |D| - [4249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy [19/07/2016 13:57:45] - |D| - [5298] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [14/07/2016 14:24:41] - |D| - [4845] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital [13/07/2016 12:43:02] - |D| - [1320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Downloader [04/07/2016 14:54:25] - |D| - [46226] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [13/07/2016 12:41:42] - |D| - [3765] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free [14/07/2016 04:56:38] - |D| - [1165] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [04/07/2016 14:13:09] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [14/07/2016 11:20:18] - |D| - [126898391] - C:\Program Files (x86)\Anvsoft [23/07/2016 05:20:38] - |D| - [31681644] - C:\Program Files (x86)\AoaoPhoto Digital Studio [13/07/2016 11:46:42] - |AD| - [53829722] - C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0 [05/07/2016 13:02:05] - |D| - [399774185] - C:\Program Files (x86)\Ashampoo [04/07/2016 13:46:33] - |AD| - [106367910] - C:\Program Files (x86)\ATI Technologies [04/07/2016 13:40:15] - |D| - [398915876] - C:\Program Files (x86)\Common Files [05/07/2016 10:16:22] - |D| - [125733926] - C:\Program Files (x86)\Comodo [04/07/2016 15:03:25] - |AD| - [5620173386] - C:\Program Files (x86)\CyberLink [04/07/2016 14:13:08] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [16/07/2016 15:42:33] - |D| - [8932831] - C:\Program Files (x86)\DivX [05/07/2016 09:56:49] - |D| - [251271176] - C:\Program Files (x86)\Dropbox [05/07/2016 08:18:28] - |AD| - [1326341009] - C:\Program Files (x86)\DVDVideoSoft [04/07/2016 19:01:17] - |D| - [317944] - C:\Program Files (x86)\e-Carte Bleue [13/07/2016 11:21:31] - |D| - [905145292] - C:\Program Files (x86)\EaseUS [06/07/2016 14:54:41] - |D| - [2947568] - C:\Program Files (x86)\EPSON [06/07/2016 14:37:09] - |AD| - [233857814] - C:\Program Files (x86)\EPSON Software [22/07/2016 07:37:45] - |D| - [10955385] - C:\Program Files (x86)\FileHippo.com [19/07/2016 13:57:29] - |AD| - [5939373] - C:\Program Files (x86)\Folder Size [05/07/2016 08:21:54] - |D| - [20645164] - C:\Program Files (x86)\FreeCodecPack [19/07/2016 13:41:09] - |AD| - [81616759] - C:\Program Files (x86)\Freemake [05/07/2016 07:26:48] - |D| - [17134] - C:\Program Files (x86)\Genesyslogic [05/07/2016 09:56:14] - |D| - [8808168] - C:\Program Files (x86)\Google [05/07/2016 09:56:31] - |D| - [7807856] - C:\Program Files (x86)\GUM907.tmp [04/07/2016 15:04:53] - |HD| - [241017497] - C:\Program Files (x86)\InstallShield Installation Information [04/07/2016 14:13:00] - |D| - [2154939] - C:\Program Files (x86)\Internet Explorer [13/07/2016 12:43:25] - |D| - [160204677] - C:\Program Files (x86)\iSkysoft [19/07/2016 13:57:43] - |D| - [5910723] - C:\Program Files (x86)\JAM Software [05/07/2016 09:52:57] - |AD| - [158072643] - C:\Program Files (x86)\K-Lite Codec Pack [13/07/2016 12:41:38] - |D| - [197482] - C:\Program Files (x86)\KeyCryptSDK [04/07/2016 14:57:56] - |D| - [38884251] - C:\Program Files (x86)\Logitech [19/07/2016 08:44:59] - |AD| - [6807368] - C:\Program Files (x86)\Malwarebytes Anti-Exploit [15/07/2016 14:15:06] - |D| - [4024186] - C:\Program Files (x86)\Malwarebytes Anti-Malware [05/07/2016 06:11:38] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [04/07/2016 14:13:00] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [17/07/2016 15:44:35] - |AD| - [121436692] - C:\Program Files (x86)\mov Audio Extractor [05/07/2016 10:12:37] - |D| - [260719] - C:\Program Files (x86)\Mozilla Maintenance Service [19/07/2016 19:25:18] - |AD| - [88533157] - C:\Program Files (x86)\Mozilla Thunderbird [04/07/2016 14:25:40] - |D| - [25757] - C:\Program Files (x86)\MSBuild [20/07/2016 19:02:24] - |D| - [4773687] - C:\Program Files (x86)\NCH Software [11/07/2016 15:49:30] - |D| - [54782380] - C:\Program Files (x86)\NewBlue [04/07/2016 18:48:02] - |D| - [27237984] - C:\Program Files (x86)\Nitro [04/07/2016 15:04:53] - |D| - [65460881] - C:\Program Files (x86)\NSIS Uninstall Information [05/07/2016 09:52:01] - |AD| - [6636048] - C:\Program Files (x86)\PDF Architect 4 [04/07/2016 14:25:40] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [21/07/2016 06:15:06] - |AD| - [2312085] - C:\Program Files (x86)\Remembr [22/07/2016 16:44:05] - |D| - [505707] - C:\Program Files (x86)\SEAF [05/07/2016 06:16:27] - |D| - [160359540] - C:\Program Files (x86)\Sony [12/07/2016 11:58:59] - |D| - [10484459] - C:\Program Files (x86)\Sony Media Go Install [14/07/2016 10:47:12] - |D| - [94975775] - C:\Program Files (x86)\Spybot - Search & Destroy 2 [04/07/2016 14:53:08] - |D| - [23102104] - C:\Program Files (x86)\Supercopier [14/07/2016 14:23:44] - |AD| - [66311316] - C:\Program Files (x86)\Western Digital [04/07/2016 14:13:00] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [04/07/2016 14:13:00] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [04/07/2016 14:13:00] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [04/07/2016 14:13:00] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [04/07/2016 14:13:00] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [04/07/2016 14:13:00] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [04/07/2016 14:13:00] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [04/07/2016 14:13:00] - |SD| - [0] - C:\Program Files (x86)\Windows Sidebar [04/07/2016 14:13:00] - |SD| - [2685232] - C:\Program Files (x86)\WindowsPowerShell [13/07/2016 12:42:32] - |D| - [8010151] - C:\Program Files (x86)\Wise [04/07/2016 14:55:19] - |D| - [415646111] - C:\Program Files (x86)\Wondershare [15/07/2016 18:31:29] - |D| - [202442514] - C:\Program Files (x86)\ZebHelpProcess [13/07/2016 12:40:24] - |AD| - [10323221] - C:\Program Files (x86)\Zemana AntiLogger Free [13/07/2016 12:38:39] - |AD| - [16081174] - C:\Program Files (x86)\Zemana AntiMalware ---------- | C:\Program Files [04/07/2016 13:44:42] - |D| - [96636696] - C:\Program Files\AMD [04/07/2016 13:47:20] - |AD| - [5595872] - C:\Program Files\ATI Technologies [20/07/2016 09:03:50] - |D| - [9669383] - C:\Program Files\Classic Shell [04/07/2016 13:40:15] - |D| - [92029722] - C:\Program Files\Common Files [13/07/2016 12:36:52] - |D| - [109163252] - C:\Program Files\COMODO [11/07/2016 15:23:11] - |D| - [2531490028] - C:\Program Files\CyberLink [13/07/2016 12:11:22] - |D| - [55323989] - C:\Program Files\DAEMON Tools Pro [04/07/2016 14:13:08] - |ASH| - [174] - C:\Program Files\desktop.ini [16/07/2016 15:43:26] - |D| - [2125120] - C:\Program Files\DivX [15/07/2016 07:50:38] - |D| - [3509689] - C:\Program Files\EPSON [04/07/2016 13:58:02] - |SHD| - [92029722] - C:\Program Files\Fichiers communs [06/07/2016 13:55:55] - |AD| - [11744976] - C:\Program Files\HitmanPro [21/07/2016 05:08:42] - |D| - [10120291] - C:\Program Files\IM-Magic [04/07/2016 14:13:00] - |D| - [2776230] - C:\Program Files\Internet Explorer [04/07/2016 14:47:15] - |D| - [46921935] - C:\Program Files\Lavasoft [13/07/2016 11:54:31] - |AD| - [58673672] - C:\Program Files\MiniTool Partition Wizard Free 9.1 [05/07/2016 10:09:37] - |AD| - [106977406] - C:\Program Files\Mozilla Firefox [04/07/2016 14:25:40] - |D| - [25757] - C:\Program Files\MSBuild [11/07/2016 15:50:06] - |D| - [70721537] - C:\Program Files\NewBlue [04/07/2016 18:48:02] - |D| - [121488170] - C:\Program Files\Nitro [04/07/2016 15:13:36] - |D| - [105864724] - C:\Program Files\Paragon Software [05/07/2016 09:52:01] - |AD| - [306745529] - C:\Program Files\PDF Architect 4 [05/07/2016 09:50:15] - |D| - [34753145] - C:\Program Files\PDFCreator [16/07/2016 17:13:28] - |AD| - [4540643] - C:\Program Files\proDAD [04/07/2016 13:45:15] - |D| - [44101568] - C:\Program Files\Realtek [13/07/2016 12:03:55] - |D| - [67605555] - C:\Program Files\Rebit [04/07/2016 14:25:40] - |D| - [36850857] - C:\Program Files\Reference Assemblies [13/07/2016 12:31:19] - |AD| - [48698464] - C:\Program Files\RogueKiller [18/07/2016 13:50:10] - |AD| - [39671819] - C:\Program Files\RogueKillerPE [14/07/2016 14:39:22] - |AD| - [18493352] - C:\Program Files\Start Menu X [04/07/2016 14:53:35] - |AD| - [6506587] - C:\Program Files\TeraCopy [04/07/2016 14:56:00] - |D| - [22453209] - C:\Program Files\Ultracopier [04/07/2016 13:44:55] - |HD| - [0] - C:\Program Files\Uninstall Information [04/07/2016 14:13:00] - |D| - [11400666] - C:\Program Files\Windows Defender [04/07/2016 14:13:00] - |D| - [8974456] - C:\Program Files\Windows Journal [04/07/2016 14:13:00] - |D| - [6322176] - C:\Program Files\Windows Mail [04/07/2016 14:13:00] - |D| - [5394547] - C:\Program Files\Windows Media Player [04/07/2016 14:13:00] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [04/07/2016 14:13:00] - |D| - [7862330] - C:\Program Files\Windows NT [04/07/2016 14:13:00] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [04/07/2016 14:13:00] - |D| - [258280] - C:\Program Files\Windows Portable Devices [04/07/2016 14:13:00] - |SHD| - [0] - C:\Program Files\Windows Sidebar [04/07/2016 14:13:00] - |HD| - [1000628028] - C:\Program Files\WindowsApps [04/07/2016 14:13:00] - |SD| - [2856133] - C:\Program Files\WindowsPowerShell [04/07/2016 14:52:59] - |D| - [291826105] - C:\Program Files\Wondershare ---------- | C:\Program Files (x86)\Common Files [15/07/2016 18:32:12] - |D| - [2014588] - C:\Program Files (x86)\Common Files\Borland Shared [04/07/2016 15:04:49] - |D| - [34529296] - C:\Program Files (x86)\Common Files\CyberLink [16/07/2016 15:43:01] - |D| - [37301248] - C:\Program Files (x86)\Common Files\DivX Shared [05/07/2016 08:18:59] - |D| - [135818315] - C:\Program Files (x86)\Common Files\DVDVideoSoft [19/07/2016 13:43:15] - |D| - [631296] - C:\Program Files (x86)\Common Files\Freemake Shared [16/07/2016 15:09:41] - |D| - [1150965] - C:\Program Files (x86)\Common Files\InstallShield [13/07/2016 12:52:38] - |D| - [6104905] - C:\Program Files (x86)\Common Files\iSkysoft [04/07/2016 13:46:11] - |AD| - [90787536] - C:\Program Files (x86)\Common Files\logishrd [04/07/2016 14:13:00] - |D| - [16022961] - C:\Program Files (x86)\Common Files\Microsoft Shared [11/07/2016 15:50:04] - |D| - [286720] - C:\Program Files (x86)\Common Files\NewBlue [12/07/2016 07:59:19] - |D| - [1488873] - C:\Program Files (x86)\Common Files\Nikon [05/07/2016 09:52:01] - |AD| - [737280] - C:\Program Files (x86)\Common Files\PDF Software [04/07/2016 14:13:00] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [05/07/2016 06:17:21] - |D| - [22422184] - C:\Program Files (x86)\Common Files\Sony Shared [04/07/2016 14:13:00] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System [14/07/2016 14:31:21] - |AD| - [5339277] - C:\Program Files (x86)\Common Files\Western Digital [04/07/2016 14:54:33] - |D| - [34601047] - C:\Program Files (x86)\Common Files\Wondershare ---------- | C:\Program Files\Common files [14/07/2016 11:57:56] - |D| - [1839998] - C:\Program Files\Common files\AV [05/07/2016 17:18:16] - |D| - [152640] - C:\Program Files\Common files\EPSON [04/07/2016 14:15:55] - |D| - [0] - C:\Program Files\Common files\Lavasoft [04/07/2016 13:45:54] - |D| - [23196117] - C:\Program Files\Common files\logishrd [04/07/2016 14:13:00] - |D| - [39440272] - C:\Program Files\Common files\microsoft shared [11/07/2016 15:50:35] - |D| - [352768] - C:\Program Files\Common files\NewBlue [04/07/2016 18:48:01] - |D| - [16539614] - C:\Program Files\Common files\Nitro [04/07/2016 14:13:00] - |D| - [2702] - C:\Program Files\Common files\Services [04/07/2016 14:13:00] - |D| - [10505611] - C:\Program Files\Common files\System ---------- | Tasks [MD5.BEA19BCC5552189A3684EE1F772CE523] - [23/07/2016 13:01:13] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [MD5.2BAD441F2AF4D40CF1160343E6D2D7DF] - [05/07/2016 09:57:03] - |A| - [1212] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.AD99BDECC035A2C8A54563F01A2E9ADE] - [05/07/2016 09:57:04] - |A| - [1216] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.A3EE2E216ADCB03DB7F7491C237687E4] - [05/07/2016 17:18:16] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {C7585BD3-EA9F-42A5-8895-DEB12E50A980}.job [MD5.875D8EC36354554BC4698C9E664FF46C] - [05/07/2016 17:18:53] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {CECF00F4-C802-4D19-A8D9-021F15DFDFB7}.job [MD5.0AC5CC1140BDBCC6CD9B5747687D9825] - [05/07/2016 17:18:16] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {C7585BD3-EA9F-42A5-8895-DEB12E50A980}.job [MD5.6BB7836CF2DA4279DFCBD6F47C98F7D0] - [05/07/2016 17:18:53] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {CECF00F4-C802-4D19-A8D9-021F15DFDFB7}.job [MD5.78247F9BA28840795F91D4C6399BE506] - [05/07/2016 09:56:39] - |A| - [1104] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.17428837E2275280AC5C6853F23A803F] - [05/07/2016 09:56:39] - |A| - [1108] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.00000000000000000000000000000000] - [14/07/2016 15:25:47] - |D| - [0] - C:\WINDOWS\Tasks\ImCleanDisabled [MD5.708EA029F398E51E2AEBBD0AD5E5CA73] - [04/07/2016 13:41:41] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.FF103FA641C6F7258D74A57D25C62057] - [05/07/2016 10:05:15] - |A| - [2686] - C:\WINDOWS\System32\Tasks\avastBCLS-1-5-21-2956268689-1280340557-608612402-1001 : C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [MD5.41F61A52054027CFDC1C78771DFDC33D] - [21/07/2016 15:05:55] - |A| - [3410] - C:\WINDOWS\System32\Tasks\Blockulicious : C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious\Blockulicious.exe [MD5.35881027BC837CB9381DB38A8A3CD92F] - [16/07/2016 15:39:49] - |A| - [3296] - C:\WINDOWS\System32\Tasks\DeviceDetector7.5 : C:\Program Files (x86)\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [MD5.C3FB1DBA862F5E4509BA85EC3096613D] - [05/07/2016 09:57:04] - |A| - [4044] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.826F09EFF444B90D8263F922DDC6A52B] - [05/07/2016 09:57:04] - |A| - [4276] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.EE98179C4A291D0B6F654AB9AA1AF151] - [05/07/2016 17:18:16] - |A| - [3970] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {C7585BD3-EA9F-42A5-8895-DEB12E50A980} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.43A49C769D4F41E5BCBE8254118BF520] - [05/07/2016 17:18:53] - |A| - [3970] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {CECF00F4-C802-4D19-A8D9-021F15DFDFB7} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.F0A7C98EF8CFA884225D82279DA366FF] - [05/07/2016 17:18:16] - |A| - [4148] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {C7585BD3-EA9F-42A5-8895-DEB12E50A980} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.7B8DD5F21242498AEDFDBD6C9F922E09] - [05/07/2016 17:18:53] - |A| - [4148] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {CECF00F4-C802-4D19-A8D9-021F15DFDFB7} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.1E0873C844475468E4142A7ED3F9377E] - [05/07/2016 09:56:39] - |A| - [3934] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.1F658FC4A05541E1ACFEEF6FBF0BBA3D] - [05/07/2016 09:56:39] - |A| - [4166] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.D861CAA217D07E2561FA2B07E3E0849A] - [05/07/2016 09:55:56] - |A| - [2798] - C:\WINDOWS\System32\Tasks\klcp_update : "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [426068] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [20/07/2016 19:06:05] - |D| - [0] - C:\WINDOWS\System32\Tasks\NCH Software [MD5.00000000000000000000000000000000] - [14/07/2016 10:51:52] - |D| - [0] - C:\WINDOWS\System32\Tasks\Safer-Networking [MD5.8B6E8781C08B7A14967323C5BC1E8F6B] - [04/07/2016 14:08:35] - |A| - [4176] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2C6FFD4A-47DA-4070-AAE5-86112A3E9256} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "{FFBE6CE3-1CCB-499F-9F28-FE20B37C2BE3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{75E7149A-BB4A-424B-BA33-3A7EF71EB93A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{57EC5D18-8394-4AC8-A692-FF5CAF942D36}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{829CF0EE-1D11-4EDA-B45E-D9D5576485E6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{FBDCC87D-6512-4064-9CC9-F29CC5567F53}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D439C743-210E-4662-9550-1134AC091805}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B79CCB6F-13EB-4E38-9C92-B7DAEB49534B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{939B94A3-34A4-49BB-B622-51EC650CBCAE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{24EFC25E-F763-441F-81E9-E593CD8900C4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{3745F71E-514C-4354-9C79-F098DDCD7C1C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{14BD0A29-4A32-4C5B-8610-30F6F3BD03F7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{84310FDE-E71A-47B4-B584-7F90BF487429}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C2191F06-B3EE-4255-85FE-CA3E3D93BB48}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{18B8EF81-5AFF-420E-9C9C-3F12B1D8F7F0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{64610E98-EE85-448C-B3F6-841DF152930A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{9C73DA0B-6096-472F-AADA-7AD3A3BEBDB0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{63465B1B-A5CA-44EC-96B9-98A746C45DB9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0DD6E0C1-E0EB-45E6-9581-9462C7AC1E68}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F931457E-9F7D-4D01-824C-BE10A9F6750F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{6FA94FC1-B6C5-4087-A99B-F287C3C28DD3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe|Name=CyberLink VideoMeetingPlus|Desc=CyberLink VideoMeetingPlus| "{CAC443E4-D87F-49B4-9F4E-6F703282C3CE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{44509C68-DC40-4A97-9427-3F6D5BD270CD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{62C88160-4B00-44F7-815A-3BC7507966F6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A6063264-9937-44D9-92E0-AFF3AE57D8A7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{3CDFCEDE-632C-4302-9941-EC39E446E277}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0309B23B-CB65-4996-A4E5-F455CAC1F486}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{AFAEA13E-5B2A-4ACE-9AF3-634CF94234EA}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5468EAFB-F7AA-4369-B85F-E36A76FFD91D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{C5FC58E8-FC5F-43F5-BB78-688F519C9293}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{85DE42CE-9037-43A5-A8F2-6DC6CF0494FD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{C0A75A69-5AA7-4565-83C3-60EFDA9335CF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{2ED49721-2DE5-47C3-9EAB-57910B75620A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{A8B5F6FB-9490-4119-8D55-6CA32A51EA9A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1C3C736C-60BA-4A51-9481-B990BA2E83C0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F2CD8283-6112-4277-8425-4CB1BA5FA240}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{CF836F9F-53B5-4C2C-AC47-BE405B917CBC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{FFD11D5E-F05F-45DA-83D3-107BFE3DF48D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1E3D32EC-3B81-463A-B3D4-E0D8BD44DAC9}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1901F63F-16A4-41B3-85E4-AF20FC1A712E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{5488D789-0602-49E7-989C-CC1BDCC124A7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{840B3CF1-26C9-4866-BDAB-6A5015078688}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe|Name=Free Torrent Download (ANY)|Desc=Free Torrent Download (ANY)|EmbedCtxt=Free Torrent Download (ANY)|Edge=TRUE| "{94E90628-3206-4AB0-985E-E3A8D6AFD149}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe|Name=Free Torrent Download (ANY)|Desc=Free Torrent Download (ANY)|EmbedCtxt=Free Torrent Download (ANY)| "{04CBB899-8EF4-458B-BFD1-014D5193FE8B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)| "{A27446BC-24F6-4CE3-B36B-5592DB6B500E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)| "{16D661F4-F232-4D8A-A82C-F18E382B712F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{DD1B2147-243F-400D-A5E4-7041098476B2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{B503E00C-1896-46D1-8CA6-3987337C00E1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{C26EA141-5CC2-41EB-B9A6-17D3802550E5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{263A0F17-AFE2-4F50-9A5A-DB56915B9F4F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{F18D9F12-A147-4F0E-9341-79B85583EBBD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{506F5925-37A3-450E-BFF1-1AE3D09D39E5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{A76EFBB2-8333-4CB3-AB66-27D4AC3B776A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{F0862DF8-43C9-4ECC-B928-5C92746C2D56}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{59104552-6E56-4123-93C4-2FF7BF8DB78E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "TCP Query User{3E404E9C-F96C-4745-B7B1-288BBD8107A3}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe|Name=Todo PCTrans|Desc=Todo PCTrans|Defer=User| "UDP Query User{58CA560D-36FA-4D41-BA05-ABD13E1A336A}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe|Name=Todo PCTrans|Desc=Todo PCTrans|Defer=User| "{5CC6BF6E-8339-41F6-8096-259F17DDCB82}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=EaseUS_SMART| "{9CBF4D2D-26AE-4E5E-9C56-C8A9E4DAD2EC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=EaseUS_SMART| "{366026E6-9E09-4EEA-8909-C703EE443494}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{715ABB72-67FB-4C8C-8F70-EDBD89EE2F3A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{7026D596-815B-4AC5-8940-2E88550779C0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe|Name=CyberLink PowerDVD16|Desc=CyberLink PowerDVD16| "{AEED3FEF-CE65-4870-B336-FD7FE03CE20B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe|Name=CyberLink PowerDVD 16 Media Server Service|Desc=CyberLink Media Server| "{9F5E0BEA-7830-4D7B-ADBE-E26156392281}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe|Name=CyberLink PowerDVD16 Agent|Desc=CyberLink PowerDVD16 Agent| "{7ECF5D2A-724D-45C3-BCB2-EA57E7351B92}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe|Name=CyberLink PowerDVD16 Movie Module|Desc=CyberLink PowerDVD16 Movie Module| "{8473D1B3-8544-4ED7-B49E-41061890C881}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\CastingStation.exe|Name=CyberLink PowerDVD16 CastingStation|Desc=CyberLink PowerDVD16 CastingStation| "{33620DFC-ADF9-4EAA-9D23-CAAAA448B0F8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| "{D290028D-C69C-4E78-92CB-266A3C6459A3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\COMODO\cDrive\cDrive.exe|Name=cDrive.exe| "{F3350B70-2C56-4FF4-B6F8-6129AD058DC0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\COMODO\cDrive\cDrive.exe|Name=cDrive.exe| "{577ABBEA-541B-467A-805D-7FEB4C99C03B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{D8459DCE-77C8-40C3-BFCB-F3C182FF0ADD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=Y:\BIN\BIN\USB-to-Cloud.exe|Name=USB-to-Cloud| "{F20E099E-2A7D-41F7-BBB1-3F9A5CCD6ABF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=Y:\BIN\BIN\USB-to-Cloud.exe|Name=USB-to-Cloud| "{6E1BCA1C-1A11-4657-B1E3-8668EEA03FBE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{048C6EED-A1E0-4DAC-9098-115F3A9A0617}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{08FBB3CF-0D13-43CC-87DB-BDA92F775EF1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{341FF554-B8C1-465F-A4BA-58C6F9A0FA47}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{24578D11-9D05-4203-BDF5-8629F0EF077B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A8064AE8-6CBA-412B-A1EC-D72343F79773}C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=19844|App=C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe|Name=AdsFix|Desc=AdsFix|Enable=yes|Defer=User| "UDP Query User{8012CD5F-78FA-489A-B2C4-2168ADE624EB}C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=19844|App=C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe|Name=AdsFix|Desc=AdsFix|Enable=yes|Defer=User| "{330A5609-286A-4D0D-8A96-E51D8024F50C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{9EAB882D-74A6-480C-BD3D-9F18D1B87AFE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{D0EF687D-A2C6-430B-B154-1165A0DA01BD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F876C421-C88E-4809-9A7B-9F382EB0EE79}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\jean-\Desktop\quickdiag_2_01.07.2016.4.exe"=C:\Users\jean-\Desktop\quickdiag_2_01.07.2016.4.exe:*:Enabled:quickdiag_2_01.07.2016.4 "C:\Users\jean-\Desktop\AdsFix.exe"=C:\Users\jean-\Desktop\AdsFix.exe:*:Enabled:AdsFix "C:\Users\jean-\Desktop\adsfix_3_18.07.2016.2.exe"=C:\Users\jean-\Desktop\adsfix_3_18.07.2016.2.exe:*:Enabled:adsfix_3_18.07.2016.2 "C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe"=C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe:*:Enabled:adsfix_3_19.07.2016.2 "C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe:*:Enabled:quickdiag_2_17.07.2016.1 "C:\Users\jean-\Desktop\pre-scan_6_20.07.2016.1.exe"=C:\Users\jean-\Desktop\pre-scan_6_20.07.2016.1.exe:*:Enabled:pre-scan_6_20.07.2016.1 "C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe"=C:\Users\jean-\Desktop\adsfix_3_22.07.2016.2.exe:*:Enabled:adsfix_3_22.07.2016.2 ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem4.inf,%ClassName%;Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem29.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [30/10/2015 09:17:23] - (10.6.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver) - C:\WINDOWS\System32\drivers\nvraid.sys [30/10/2015 09:17:22] - (7.12.2.3) - (QLogic Corporation - QLogic 10 GigE VBD) - C:\WINDOWS\System32\drivers\evbda.sys [30/10/2015 09:17:23] - (5.1.0.10) - (Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64) - C:\WINDOWS\System32\drivers\stexstor.sys [30/10/2015 09:17:22] - (5.1.0.51) - (LSI - LSI 3ware SCSI Storport Driver) - C:\WINDOWS\System32\drivers\3ware.sys [30/10/2015 09:17:22] - (3.7.1540.43) - (AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform) - C:\WINDOWS\System32\drivers\amdsbs.sys [30/10/2015 09:17:22] - (7.5.0.32048) - (PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver) - C:\WINDOWS\System32\drivers\arcsas.sys [30/10/2015 09:17:23] - (1.34.3.83) - (LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas.sys [30/10/2015 09:17:23] - (2.0.76.80) - (LSI Corporation - LSI SAS Gen2 Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys [30/10/2015 09:17:23] - (2.50.96.80) - (Avago Technologies - Avago SAS Gen3 Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys [30/10/2015 09:17:23] - (2.10.61.81) - (LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sss.sys [30/10/2015 09:17:23] - (6.706.6.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\megasas.sys [30/10/2015 09:17:23] - (15.2.2013.129) - (LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver) - C:\WINDOWS\System32\drivers\megasr.sys [30/10/2015 09:17:23] - (1.0.5.1016) - (Marvell Semiconductor, Inc. - Marvell Flash Controller Driver) - C:\WINDOWS\System32\drivers\mvumis.sys [30/10/2015 09:17:23] - (10.6.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver) - C:\WINDOWS\System32\drivers\nvstor.sys [30/10/2015 09:17:23] - (6.803.21.0) - (LSI Corporation - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\percsas2i.sys [30/10/2015 09:17:23] - (6.602.12.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\percsas3i.sys [30/10/2015 09:17:23] - (5.1.1039.2600) - (Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver) - C:\WINDOWS\System32\drivers\SiSRaid2.sys [30/10/2015 09:17:23] - (5.1.1039.3600) - (Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver) - C:\WINDOWS\System32\drivers\sisraid4.sys [30/10/2015 09:17:23] - (7.0.9600.6352) - (VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64) - C:\WINDOWS\System32\drivers\vsmraid.sys [30/10/2015 09:17:23] - (8.0.9200.8110) - (VIA Corporation - VIA StorX RAID Controller Driver) - C:\WINDOWS\System32\drivers\vstxraid.sys [30/10/2015 09:17:22] - (1.3.0.10769) - (PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller) - C:\WINDOWS\System32\drivers\ADP80XX.SYS [30/10/2015 09:17:22] - (8.0.4.0) - (Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver) - C:\WINDOWS\System32\drivers\HpSAMD.sys [11/07/2016 06:41:40] - (1.3.1079.265) - (COMODO - COMODO Cloud Antivirus Driver) - C:\WINDOWS\system32\DRIVERS\CmdCCAV.sys [07/10/2014 13:14:42] - (7.0.0.1618) - (COMODO Security Solutions Inc. - COMODO BackUp Minifilter Driver) - C:\WINDOWS\system32\DRIVERS\CBReparse.sys [07/10/2014 13:14:42] - (1.0.0.975) - (COMODO Security Solutions Inc. - COMODO BackUp Safe FileSystem Driver) - C:\WINDOWS\system32\DRIVERS\CBUFS.sys [07/10/2014 13:14:40] - (1.0.0.972) - (COMODO Security Solutions Inc. - COMODO Backup Disk Driver) - C:\WINDOWS\system32\DRIVERS\bdisk.sys [07/10/2014 13:14:44] - (7.0.0.1619) - (COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Driver) - C:\WINDOWS\system32\DRIVERS\cbvd.sys [20/07/2016 11:22:13] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\pwdrvio.sys [13/07/2016 12:09:46] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\drivers\EUBKMON.sys [13/07/2016 12:09:48] - (1.0.1.0) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver) - C:\WINDOWS\system32\drivers\eubakup.sys [16/07/2016 15:10:56] - (5.0.0.10524) - (Cyberlink Co.,Ltd. - Cyberlink Storage Helper Driver (WindowsNT5.x)) - C:\WINDOWS\system32\DRIVERS\CLBStor.sys [25/06/2016 16:15:32] - (10.0.10586.31222) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\WINDOWS\system32\Drivers\RtsUer.sys [25/06/2016 15:54:29] - (4.5.0.6) - (GenesysLogic - GeneStor) - C:\WINDOWS\system32\DRIVERS\GeneStor.sys [25/06/2016 16:04:33] - (2.1.0.17) - (Qualcomm Atheros, Inc. - Killer e2200 PCI-E Gigabit Ethernet Controller) - C:\WINDOWS\System32\drivers\L1C63x64.sys [10/06/2016 11:53:02] - (2.0.0.3505) - (CyberLink - CyberLink Virtual CDROM Bus Enumerator) - C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [07/10/2014 13:14:46] - (1.0.0.973) - (COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Bus Driver) - C:\WINDOWS\System32\drivers\vdbus.sys [13/07/2016 12:12:10] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtproscsibus.sys [13/07/2016 12:42:00] - (1.8.2.320) - (Zemana Ltd. - Zemana AntiLogger Free) - C:\WINDOWS\system32\DRIVERS\KeyCrypt64.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys R0 - ADP80XX () -> System32\drivers\ADP80XX.SYS R0 - amdsata () -> System32\drivers\amdsata.sys R0 - amdsbs () -> System32\drivers\amdsbs.sys R0 - amdxata () -> System32\drivers\amdxata.sys R0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys R0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys R0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - bdisk (Comodo Disk Raw Access Filter) -> system32\DRIVERS\bdisk.sys R0 - CBUFS (CBUFS) -> system32\DRIVERS\CBUFS.sys R0 - cbvd (Comodo Backup Virtual Disk) -> system32\DRIVERS\cbvd.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - cmdccav (cmdccav) -> system32\DRIVERS\CmdCCAV.sys R0 - CNG () -> System32\Drivers\cng.sys S0 - Compbatt () -> (?) R0 - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys R0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys S0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys R0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - EUBAKUP (EUBAKUP) -> system32\drivers\eubakup.sys R0 - EUBKMON (EUBKMON) -> system32\drivers\EUBKMON.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys R0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys R0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys R0 - intelide () -> System32\drivers\intelide.sys R0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys R0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - LSI_SAS () -> System32\drivers\lsi_sas.sys R0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys R0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys R0 - LSI_SSS () -> System32\drivers\lsi_sss.sys R0 - megasas () -> System32\drivers\megasas.sys R0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - nvraid () -> System32\drivers\nvraid.sys R0 - nvstor () -> System32\drivers\nvstor.sys R0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys R0 - pciide () -> System32\drivers\pciide.sys R0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys R0 - percsas2i () -> System32\drivers\percsas2i.sys R0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - pwdrvio (pwdrvio) -> system32\pwdrvio.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - Reparse (Reparse) -> system32\DRIVERS\CBReparse.sys R0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys R0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys R0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys R0 - stexstor () -> System32\drivers\stexstor.sys R0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys R0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys R0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys R0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys R0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys R0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys R0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys R0 - vsmraid () -> System32\drivers\vsmraid.sys R0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys R1 - CLBStor (InstantBurn Storage Helper Driver) -> system32\DRIVERS\CLBStor.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys S1 - epp (epp) -> \??\I:\BARROW 2 & WIDEN 100% SéCURISé\BIN64\epp.sys S1 - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys S1 - EUDSKACS (EUDSKACS) -> \??\C:\WINDOWS\system32\drivers\eudskacs.sys S1 - EUFDDISK (EUFDDISK) -> \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys S1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys S1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys S1 - HWiNFO32 (HWiNFO32/64 Kernel Driver) -> \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) S1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys S1 - SDHookDriver (Hook Test Driver) -> \??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys S1 - ZAM (ZAM Helper Driver) -> \??\C:\WINDOWS\System32\drivers\zam64.sys S1 - ZAM_Guard (ZAM Guard Driver) -> \??\C:\WINDOWS\System32\drivers\zamguard64.sys S2 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe S2 - AMD FUEL Service (AMD FUEL Service) -> "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService S2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork S2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - ccavsrv (ccavsrv) -> C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe -service S2 - CLBUDF (CyberLink InstantBurn UDF Filesystem) -> (?) R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork S2 - COSService.exe (COMODO Online Storage Service) -> C:\Program Files\COMODO\COMMON\COSService.exe S2 - CPluginService (CPluginService) -> "C:\Program Files\COMODO\PC TuneUP\CPluginService.exe" R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - Eaphost (@%systemroot%\system32\eapsvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - EaseUS Agent (Service Agent EaseUS) -> "C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe" S2 - EpsonScanSvc (Epson Scanner Service) -> C:\WINDOWS\system32\EscSvc64.exe S2 - ERSvc () -> (?) R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - Freemake Improver (Freemake Improver) -> "C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe" S2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc S2 - IAStorDataMgrsvc () -> (?) S2 - IceDragonUpdater (COMODO IceDragon Update Service) -> C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs S2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S2 - MbaeSvc (Malwarebytes Anti-Exploit Service) -> "C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe" S2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys S2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys S2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys S2 - NIHardwareService () -> (?) R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService S2 - NVSvc () -> (?) S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_23246 (Hôte de synchronisation_23246) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2f7da (Hôte de synchronisation_2f7da) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3b90b (Hôte de synchronisation_3b90b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3bd0c (Hôte de synchronisation_3bd0c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3f5a1 (Hôte de synchronisation_3f5a1) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_443bd (Hôte de synchronisation_443bd) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4479b (Hôte de synchronisation_4479b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_494d6 (Hôte de synchronisation_494d6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5ae57 (Hôte de synchronisation_5ae57) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5f5c6 (Hôte de synchronisation_5f5c6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_75145 (Hôte de synchronisation_75145) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_ae38b (Hôte de synchronisation_ae38b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - Parvdm () -> (?) S2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-200) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - RichVideo64 (Cyberlink RichVideo64 Service(CRVS)) -> "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss S2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys S2 - RtkAudioService (Realtek Audio Service) -> C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe S2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe S2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - SharedAccess (@%SystemRoot%\system32\ipnathlp.dll,-106) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe S2 - srService () -> (?) S2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys S2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc S2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys S2 - SynchronizationService.exe (COMODO BackUp Service) -> C:\Program Files\COMODO\COMMON\SynchronizationService.exe S2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys S2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel S2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S2 - UI5IFS (Ashampoo Uninstaller FileSystemChanges Driver) -> \??\C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - WbioSrvc (@%systemroot%\system32\wbiosrvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k WbioSvcGroup R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S2 - WerSvc (@%SystemRoot%\System32\wersvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k WerSvcGroup S2 - WinDefend (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310) -> "%ProgramFiles%\Windows Defender\MsMpEng.exe" R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WlanSvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding S2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - wudfsvc (@%SystemRoot%\system32\wudfsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S2 - {41E8078B-96D9-42DC-8789-A1CF102CD880} (Power Control [2016/07/16 18:02:23]) -> \??\C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl ---------- | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.D1F059A530620DCF71303B525D52CA97] - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [21141.48 Ko] - (8.1.1.1500) - C:\WINDOWS\System32\Drivers\atikmdag.sys [MD5.AD96CC96B6A0CEE8910A13679426C970] - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [658.48 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\Drivers\atikmpag.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.AF3E1ABAB951FC9064267ED76268F41B] - [16/02/2016 16:52:38] - (.Copyright (C) BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - [104.98 Ko] - (7.0.0.12) - C:\WINDOWS\System32\Drivers\bdfndisf6.sys [MD5.C7C6393C540A1EE534BCEE74626DE987] - [07/10/2014 13:14:40] - (.© 2014 COMODO Security Solutions Inc. - COMODO Backup Disk Driver.) - [83.48 Ko] - (1.0.0.972) - C:\WINDOWS\System32\Drivers\bdisk.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.D7F279E28D757821232E7AF1DFDC57BA] - [07/10/2014 13:14:42] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Minifilter Driver.) - [658.36 Ko] - (7.0.0.1618) - C:\WINDOWS\System32\Drivers\CBreparse.sys [MD5.10CDB598B555D2A06DA52A6C2D5F7DFE] - [07/10/2014 13:14:42] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Safe FileSystem Driver.) - [225.3 Ko] - (1.0.0.975) - C:\WINDOWS\System32\Drivers\CBUFS.sys [MD5.8D73FFFD9762EECF7680C4368A38B653] - [07/10/2014 13:14:44] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Driver.) - [661.86 Ko] - (7.0.0.1619) - C:\WINDOWS\System32\Drivers\cbvd.sys [MD5.19863788DFFBE37CB63BF19D1FD5C247] - [16/07/2016 15:10:56] - (.Copyright(C) Cyberlink Co.,Ltd. - Cyberlink Storage Helper Driver (WindowsNT5.x).) - [25.26 Ko] - (5.0.0.10524) - C:\WINDOWS\System32\Drivers\CLBStor.sys [MD5.C3EE731B310E6C563A47F80C0ADD39CD] - [16/07/2016 15:11:21] - (.Copyright (C) CyberLink Corporation. - UDF File System Driver.) - [370.26 Ko] - (5.0.0.10524) - C:\WINDOWS\System32\Drivers\CLBUDF.sys [MD5.EFC50A6C4C6B6F9AA09AFAC5C15881B6] - [10/06/2016 12:22:17] - (.Copyright (C) CyberLink 2015- - Virtual Audio-In Device.) - [39.44 Ko] - (1.0.1.1522) - C:\WINDOWS\System32\Drivers\clvad.sys [MD5.0C7626AFB2419207B2ABCB6F8AEA334F] - [10/06/2016 11:53:02] - (.Copyright (C) 2014 CyberLink - CyberLink Virtual CDROM Bus Enumerator.) - [100.76 Ko] - (2.0.0.3505) - C:\WINDOWS\System32\Drivers\CLVirtualBus01.sys [MD5.8B6143C42CD0A28325880C166D695702] - [02/07/2016 13:04:12] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [41.96 Ko] - (1.2.0.7524) - C:\WINDOWS\System32\Drivers\clwvd7.sys [MD5.0FBA6EDE873360E0AD44BB74A8B1ED85] - [10/06/2016 12:22:10] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [53.95 Ko] - (2.0.0.8821) - C:\WINDOWS\System32\Drivers\clwvdVM.sys [MD5.7B0D718779B0AFC2156C9C55B0F4ECC6] - [11/07/2016 06:41:40] - (.2005-2016 COMODO. - COMODO Cloud Antivirus Driver.) - [130.8 Ko] - (1.3.1079.265) - C:\WINDOWS\System32\Drivers\CmdCCAV.sys [MD5.726E40B11612664486BB6C6105283C95] - [13/07/2016 12:12:10] - (.Copyright (C) 2000-2015 - DAEMON Tools Pro Virtual SCSI Bus Driver.) - [29.55 Ko] - (5.28.0.0) - C:\WINDOWS\System32\Drivers\dtproscsibus.sys [MD5.83EF0C33B56360761AE2DDB86E47B2E8] - [13/07/2016 12:09:48] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Driver.) - [59.54 Ko] - (1.0.1.0) - C:\WINDOWS\System32\Drivers\eubakup.sys [MD5.CCF2072C27B5F84447A0829014C43760] - [13/07/2016 12:09:46] - (.-.) - [47.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\EUBKMON.sys [MD5.44A0838432C8A31A5D6CBE0BF348CED6] - [13/07/2016 12:09:49] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Access Driver.) - [18.04 Ko] - (1.2.0.1) - C:\WINDOWS\System32\Drivers\eudskacs.sys [MD5.D05585505CB20235E7C665158464551D] - [13/07/2016 12:09:49] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Image Preview Driver.) - [188.04 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\EuFdDisk.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.27C992DA9AC769D1826D897766D7A246] - [25/06/2016 15:54:29] - (.Copyright (c) 2013 - GeneStor.) - [112.99 Ko] - (4.5.0.6) - C:\WINDOWS\System32\Drivers\GeneStor.sys [MD5.7FD586369B597798535C098E63818AAC] - [16/07/2016 10:59:22] - (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) - [45.86 Ko] - (1.3.8.12) - C:\WINDOWS\System32\Drivers\hitmanpro37.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.547E9B25B4407A125D5F187E918BC217] - [13/07/2016 12:42:00] - (.Zemana Ltd. - Zemana AntiLogger Free.) - [140.53 Ko] - (1.8.2.320) - C:\WINDOWS\System32\Drivers\KeyCrypt64.sys [MD5.A9E95471762BFCC39B1A3C391F00A2A1] - [25/06/2016 16:04:33] - (.2015 Rivet Networks, LLC. - Killer e2200 PCI-E Gigabit Ethernet Controller.) - [158.07 Ko] - (2.1.0.17) - C:\WINDOWS\System32\Drivers\L1C63x64.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.81F2B52C47B8AD32CC4FF967FC8D73DA] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Filter Driver.) - [26.16 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvbflt64.sys [MD5.A0A527569856B9814E8920F52EBB67F5] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Kernel Audio Improvement Filter Driver.) - [343.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvrs64.sys [MD5.415E344294D1C0D04627B29146F68481] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Driver.) - [4646.66 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvuvc64.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.5455252E556F4BBDA7874F5A9DF88BBD] - [01/08/2013 14:12:34] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4966.75 Ko] - (6.0.1.7829) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.AE4607D7C7AA83A863BFA214483E8EE4] - [25/06/2016 16:15:32] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS USB READER Driver.) - [404.21 Ko] - (10.0.10586.31222) - C:\WINDOWS\System32\Drivers\RtsUer.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.D722BC26F7431A4DA9A183E56CA9FEE3] - [25/04/2016 00:35:52] - (.Copyright ⓒ SAMSUNG - SAMSUNG USB Composite Device Driver (MSS Ver.3).) - [126.13 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.36C3697CA09B23C77BDF95A6B0B57310] - [25/04/2016 00:35:58] - (.Copyright ⓒ SAMSUNG - SAMSUNG Android Modem Device Driver (MSS Ver.3).) - [216.63 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.C1ED726BA51C0A470E196F9BD9BD75CC] - [25/04/2016 00:36:00] - (.(c) QUALCOMM, Inc. - Filter Driver for the Qualcomm USB Driver Stack.) - [63.13 Ko] - (1.0.2.5) - C:\WINDOWS\System32\Drivers\ssudqcfilter.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [19/07/2016 12:20:15] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Drivers\TrueSight.sys [MD5.7181DACBD6699770F027A049594A3DCF] - [07/10/2014 13:14:46] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Bus Driver.) - [806.68 Ko] - (1.0.0.973) - C:\WINDOWS\System32\Drivers\vdbus.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.A556768CC1FA4F36022BEE2F0EDE2566] - [12/11/2015 22:50:10] - (.© 2006-2015 Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SAM) driver.) - [26.25 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\wdcsam64.sys [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [13/07/2016 12:40:45] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zam64.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [13/07/2016 12:40:37] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zamguard64.sys [MD5.EF558A02D734A1403583E95CCEEC2487] - [05/07/2016 17:14:13] - (.Copyright (c)1999-2015 Martin Malík - REALiX - HWiNFO AMD64 Kernel Driver.) - [26.91 Ko] - (8.98.0.0) - C:\WINDOWS\Syswow64\Drivers\HWiNFO64A.SYS ---------- | Uninstall [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Avast Browser Cleanup] : (Avast Browser Cleanup.-.AVAST Software) -> "C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\browsercleanup.exe" /setup [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC1] : (.-.) -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1] : (Apowersoft Online Launcher version 1.4.4.-.APOWERSOFT LIMITED) -> "C:\Users\jean-\AppData\Local\Apowersoft\Apowersoft Online Launcher\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8B3D7924-ED89-486B-8322-E8594065D5CB_is1] : (RogueKiller version 12.-.Adlice Software) -> "C:\Program Files\RogueKiller\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BEC55C5D-D6D0-4A41-B82C-264EC5EE8052_is1] : (RogueKillerPE version 1.-.Adlice Software) -> "C:\Program Files\RogueKillerPE\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Pro] : (DAEMON Tools Pro.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Pro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON XP-710 Series] : (EPSON XP-710 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSLPE.EXE /R /APD /P:"EPSON XP-710 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HitmanPro37] : (HitmanPro 3.7.-.SurfRight B.V.) -> "C:\Program Files\HitmanPro\HitmanPro.exe" /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Exploit_is1] : (Malwarebytes Anti-Exploit version 1.8.1.2563.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Exploit\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0.1 (x64 en-US)] : (Mozilla Firefox 47.0.1 (x64 en-US).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\proDAD-Adorage-3.0] : (proDAD Adorage 3.0 (64bit).-.proDAD GmbH) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeraCopy_is1] : (TeraCopy 2.3.-.Code Sector) -> "C:\Program Files\TeraCopy\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Filmora_is1] : (Wondershare Filmora(Build 7.3.1).-.Wondershare Software) -> "C:\Program Files\Wondershare\Filmora\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.pdfforge GmbH) -> C:\Program Files\PDFCreator\unins000.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{001676F2-4A2D-4D85-9A00-ED2A54DCFF81}] : (PDF Architect 4 Forms Module.-.pdfforge GmbH) -> MsiExec.exe /X{001676F2-4A2D-4D85-9A00-ED2A54DCFF81} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1] : (MiniTool Partition Wizard Free 9.1.-.MiniTool Solution Ltd.) -> "C:\Program Files\MiniTool Partition Wizard Free 9.1\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0}] : (PDF Architect 4 Create Module.-.pdfforge GmbH) -> MsiExec.exe /I{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0893CB6D-8936-4882-8303-8C0769AA6750}] : (PDF Architect 4 View Module.-.pdfforge GmbH) -> MsiExec.exe /I{0893CB6D-8936-4882-8303-8C0769AA6750} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{115C1C6A-15A2-48B1-A599-79F1AA1A03F6}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{28349A67-1D99-45A6-A1C1-C5B6D1DF937A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3E494002-985C-4908-B72C-5B4DD15BE090}_is1] : (Start Menu X version 5.87.-.OrdinarySoft) -> "C:\Program Files\Start Menu X\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{43419429-3CD8-40A2-8245-D7C8CC59D27E}] : (PDF Architect 4 Secure Module.-.pdfforge GmbH) -> MsiExec.exe /X{43419429-3CD8-40A2-8245-D7C8CC59D27E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100}] : (Nitro Reader 5.-.Nitro) -> MsiExec.exe /X{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D}] : (Rebit Pro (64-bit).-.Rebit, Inc.) -> MsiExec.exe /I{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7BFE8C40-F176-4320-91AC-39B08E1C623E}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7F697B24-63AE-4433-8DF6-36F8171CAB70}] : (PDF Architect 4 Edit Module.-.pdfforge GmbH) -> MsiExec.exe /X{7F697B24-63AE-4433-8DF6-36F8171CAB70} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{857BC7F8-F054-4324-9CAA-108661EA3C8D}] : (PDF Architect 4 Insert Module.-.pdfforge GmbH) -> MsiExec.exe /X{857BC7F8-F054-4324-9CAA-108661EA3C8D} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8}] : (PDF Architect 4 Convert Module.-.pdfforge GmbH) -> MsiExec.exe /X{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9020CD42-CEF8-E9E8-089D-FC33F95991EA}] : (cDrive.-.COMODO) -> C:\WINDOWS\Installer\{9020CD42-CEF8-E9E8-089D-FC33F95991EA}\uninstall.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{915D3B70-542D-4DEE-8F98-AA75FBADEFBA}] : (PDF Architect 4 OCR Module.-.pdfforge GmbH) -> MsiExec.exe /X{915D3B70-542D-4DEE-8F98-AA75FBADEFBA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{92565CD9-F8E0-4330-BEEC-A6041F79A880}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA}] : (Epson Customer Research Participation.-.Seiko Epson Corporation) -> MsiExec.exe /I{B26449A6-6007-4460-B4FE-C4776115BCEA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}] : (COMODO BackUp.-.COMODO) -> C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4378A80-C713-11DF-9399-005056C00008}] : (Paragon Migrate OS to SSD™ 4.0.-.Paragon Software) -> MsiExec.exe /I{D4378A80-C713-11DF-9399-005056C00008} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4B3454F-7529-4F5F-851D-2C36933F7D64}] : (Classic Shell.-.IvoSoft) -> MsiExec.exe /X{D4B3454F-7529-4F5F-851D-2C36933F7D64} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D806EA29-CA16-43E5-9B63-CD591B0AF432}] : (PDF Architect 4 Review Module.-.pdfforge GmbH) -> MsiExec.exe /X{D806EA29-CA16-43E5-9B63-CD591B0AF432} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7366CA8-7179-77AE-E712-BA18D70A0A07}] : (AMD Fuel.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}] : (CPCTuneUp.-.COMODO) -> C:\WINDOWS\Installer\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Shockwave Player] : (Adobe Shockwave Player 12.2.-.Adobe Systems, Inc.) -> "C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Any Audio Converter] : (Any Audio Converter 5.9.7.-.Anvsoft) -> C:\Program Files (x86)\Anvsoft\Any Audio Converter\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Aomei Partition Assistant_is1] : (.-.) -> C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0\unins000.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Blockulicious_is1] : (Blockulicious version 1.0.0.-.Phrozen SAS) -> "C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Comodo IceDragon] : (Comodo IceDragon.-.COMODO) -> "C:\Program Files (x86)\Comodo\IceDragon\uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DivX Setup] : (Configuration DivX.-.DivX, LLC) -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS EverySync_is1] : (EaseUS EverySync 3.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS EverySync\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Partition Master_is1] : (EaseUS Partition Master 11.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Todo Backup_is1] : (EaseUS Todo Backup Free 9.2.-.CHENGDU YIWO Tech Development Co., Ltd) -> "C:\Program Files (x86)\EaseUS\Todo Backup\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Todo PCTrans_is1] : (EaseUS Todo PCTrans 9.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ExpressZip] : (Express Zip.-.NCH Software) -> "C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FileHippo.com] : (FileHippo App Manager.-.FileHippo.com) -> "C:\Program Files (x86)\FileHippo.com\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Studio_is1] : (Free Studio.-.Digital Wave Ltd) -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe /app FreeStudio [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Video to MP3 Converter_is1] : (Free Video to MP3 Converter.-.Digital Wave Ltd) -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe /app FreeVideoToMP3Converter [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Freemake Video Converter_is1] : (Freemake Video Converter version 4.1.9.-.Ellora Assets Corporation) -> "C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IM_Magic_PR] : (IM-Magic Partition Resizer Free 2016.-.IM-Magic Inc.) -> C:\Program Files\IM-Magic\Partition Resizer\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{0c8ebb00-4909-459c-8347-b2068b7f0319}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{0c8ebb00-4909-459c-8347-b2068b7f0319}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}] : (CyberLink Media Suite 14.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\iSkysoft iMedia Converter Deluxe_is1] : (iSkysoft iMedia Converter Deluxe(Build 8.7.0.5).-.iSkysoft Software) -> "C:\Program Files (x86)\iSkysoft\VCU\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] : (K-Lite Codec Pack 12.2.5 Full.-.KLCP) -> "C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\mov Audio Extractor_is1] : (mov Audio Extractor 9.1.5.-.CoolMedia Co.,Ltd.) -> "C:\Program Files (x86)\mov Audio Extractor\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Thunderbird 45.2.0 (x86 fr)] : (Mozilla Thunderbird 45.2.0 (x86 fr).-.Mozilla) -> C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NewBlue Video Essentials for Windows] : (NewBlue Video Essentials for Windows.-.NewBlue) -> "C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SEAF] : (SEAF By C_XX.-.C_XX) -> "C:\Program Files (x86)\SEAF\Un-SEAF.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Supercopier] : (Supercopier 1.2.1.0.-.Supercopier) -> C:\Program Files (x86)\Supercopier\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TreeSize Free_is1] : (TreeSize Free V3.4.5.-.JAM Software) -> "C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Ultracopier] : (Ultracopier 1.2.3.0.-.Ultracopier) -> C:\Program Files\Ultracopier\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Usbfix] : (UsbFix Basic.-.El Desaparecido - www.usbfix.net - www.sosvirus.net) -> C:\UsbFix\Un-UsbFix.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Video to Picture] : (Video to Picture 5.3.-.AoaoPhoto Digital Studio.) -> C:\Program Files (x86)\AoaoPhoto Digital Studio\Video to Picture\unins000.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Video Downloader_is1] : (Wise Video Downloader 1.61.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Video Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Player_is1] : (Wondershare Player(Build 1.6.1).-.Wondershare) -> "C:\Program Files (x86)\Wondershare\Player\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare TidyMyMusic_is1] : (Wondershare TidyMyMusic(Build 1.5.0.1).-.Wondershare Software) -> "C:\Program Files (x86)\Wondershare\TidyMyMusic\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Video Converter Free_is1] : (Wondershare Video Converter Free(Build 6.0.1.0).-.Wondershare Software) -> "C:\Program Files (x86)\Wondershare\VideoConverterFree\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WUCCCApp] : (AMD Catalyst Control Center.-.AMD) -> "C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}] : (CyberLink YouCam 7.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1] : (AOMEI Partition Assistant Standard Edition 6.0.-.AOMEI Technology Co., Ltd.) -> "C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07326A3E-02B3-1078-25D7-B8666BA8FE15}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}] : (Epson Easy Photo Print 2.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}\setup.exe" -runfromtemp -l0x040c UNINST -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}] : (LWS Pictures And Video.-.Logitech) -> MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1] : (Ashampoo Snap 9.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0C5A57BA-435E-43F3-8040-ADF08D715C8A}] : (CyberLink Travel Pack 3.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{0C5A57BA-435E-43F3-8040-ADF08D715C8A}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{0C5A57BA-435E-43F3-8040-ADF08D715C8A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0c8ebb00-4909-459c-8347-b2068b7f0319}] : (CyberLink OEM Share Pack 2.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{0c8ebb00-4909-459c-8347-b2068b7f0319}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D9815CB-32F7-4842-8D16-5E411FA919C0}_is1] : (Remembr version 0.5.-.SingularLabs) -> "C:\Program Files (x86)\Remembr\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10AC3DD9-90D5-4560-930A-FFB939849175}] : (CyberLink VideoMeeting+.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{10AC3DD9-90D5-4560-930A-FFB939849175}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{10AC3DD9-90D5-4560-930A-FFB939849175} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}] : (CameraHelperMsi.-.Logitech) -> MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}] : (LWS Help_main.-.Logitech) -> MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}] : (LWS Twitter.-.Logitech) -> MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE}] : (Media Go Video Playback Engine 2.20.103.05220.-.Sony) -> MsiExec.exe /X{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}\Setup.exe" -uninstall -l0x40c [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1AD99E77-37CC-744E-39CA-67F6FD34565A}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 14.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}] : (LWS YouTube Plugin.-.Logitech) -> MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}] : (WD Security.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}\WDSecuritySetup.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1] : (Folder Size 3.4.0.0.-.MindGems, Inc.) -> "C:\Program Files (x86)\Folder Size\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}] : (CyberLink WaveEditor 2.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{38251B9A-C44B-42D9-9A6A-0697986E334A}] : (Manager.-.2015 pdfforge GmbH. All rights reserved) -> MsiExec.exe /I{38251B9A-C44B-42D9-9A6A-0697986E334A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4209F371-7DE5-9DF2-5DEF-91667EBBBBC5}_is1] : (Ashampoo UnInstaller 6.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48996CDD-DD81-4197-93FE-0971E73C5CA7}] : (WD Drive Utilities.-.Western Digital Technologies, Inc.) -> MsiExec.exe /X{48996CDD-DD81-4197-93FE-0971E73C5CA7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}] : (WD Backup.-.Western Digital Technologies, Inc) -> MsiExec.exe /I{4AACAFC7-951A-4215-B430-3DFCFF2E6CED} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1] : (Wondershare Helper Compact 2.5.0.-.Wondershare) -> "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}] : (Media Go.-.Sony) -> MsiExec.exe /X{65256C0D-3FE7-4D2E-BB3E-53F1175481C8} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BADCD73-E925-46F7-A295-FF2448632728}] : (CyberLink PowerDirector 14.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{6BADCD73-E925-46F7-A295-FF2448632728}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{6BADCD73-E925-46F7-A295-FF2448632728} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}] : (LWS Gallery.-.Logitech) -> MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{71E66D3F-A009-44AB-8784-75E2819BA4BA}] : (LWS Motion Detection.-.Logitech) -> MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}] : (CyberLink Wedding Pack.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}] : (CyberLink PhotoDirector 7.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}] : (CyberLink PresenterLink+.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7A3F3715-7953-4247-8B5C-5D03050B9EA9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}] : (WD Security.-.Western Digital Technologies, Inc.) -> MsiExec.exe /X{7CC2EDF2-83EC-4707-BDD3-72469236A6CC} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}] : (CyberLink PowerDVD 16.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}] : (CyberLink Power2Go 10.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82CA1714-13EA-F419-91FE-12834424745E}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}] : (LWS Launcher.-.Logitech) -> MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.SEIKO EPSON CORPORATION) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8792EE1C-91A0-43A7-977A-E710C4223C96}] : (CyberLink ActionDirector 1.1.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{8792EE1C-91A0-43A7-977A-E710C4223C96}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{8792EE1C-91A0-43A7-977A-E710C4223C96} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}] : (LWS Webcam Software.-.Logitech) -> MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}] : (CyberLink MediaEspresso 7.5.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1] : (Zemana AntiMalware.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiMalware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}] : (CyberLink MediaShow 6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1] : (Ashampoo Slideshow Studio HD 4.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Slideshow Studio HD 4\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1] : (Ashampoo Privacy Protector.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}] : (VC80CRTRedist - 8.0.50727.6195.-.DivX, Inc) -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}] : (LWS WLM Plugin.-.Logitech) -> MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9E04F23D-3E2E-4A62-AEBF-8BC952394295}] : (COMODO Cloud Antivirus.-.COMODO) -> MsiExec.exe /X{9E04F23D-3E2E-4A62-AEBF-8BC952394295} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A80DB23D-0618-405B-89D9-28F99814E287}_is1] : (AntiLogger Free version 1.8.2.320.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiLogger Free\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}] : (WD Backup.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}\WD Backup.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ADD5DB49-72CF-11D8-9D75-000129760D75}] : (CyberLink PowerBackup 2.6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B839153C-D4D2-F89C-5033-0A160C62706B}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1EA3764-1138-AE27-AD63-549BAD99BA15}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C52148B9-19E0-433A-9422-3451B1BEE20F}] : (Media Go Network Downloader.-.Sony) -> MsiExec.exe /X{C52148B9-19E0-433A-9422-3451B1BEE20F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (CyberLink LabelPrint 2.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7AA3D65-1F84-4590-AFAA-0777A04B6687}] : (Epson Software Updater.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{C7AA3D65-1F84-4590-AFAA-0777A04B6687} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}] : (LCL.-.e-Carte Bleue LCL) -> MsiExec.exe /I{CB94CFB5-AE04-4A66-9445-D2798D2F42EE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D16A31F9-276D-4968-A753-FFEAC56995D0}] : (Epson Print CD.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{D16A31F9-276D-4968-A753-FFEAC56995D0}\setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D36DD326-7280-11D8-97C8-000129760CBE}] : (PhotoNow.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D40EB009-0499-459c-A8AF-C9C110766215}] : (Logitech Webcam Software.-.Logitech Inc.) -> "C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=FRA /guid="{D40EB009-0499-459c-A8AF-C9C110766215}" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}] : (CyberLink PowerProducer 6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3D04529-6EDB-11D8-A372-0050BAE317E1}] : (CyberLink PowerDVD Copy 1.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E817E580-6318-AFC8-2102-322C73117EC4}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}] : (WD Drive Utilities.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}\WDDriveUtilitiesSetup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F77474EE-EB6C-C87B-88AF-3310C848E068}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC216422-E2C7-47BF-8010-F858811CC86C}] : (CyberLink Holiday Pack vol 7.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{FC216422-E2C7-47BF-8010-F858811CC86C}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{FC216422-E2C7-47BF-8010-F858811CC86C} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}] : (LWS Facebook.-.Logitech) -> MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} ---------- | Installer [HKCR\Installer\Products\00bbe8c09094c95438742b60b8f73091] : OEM Share Pack -> C:\WINDOWS\Installer\{0c8ebb00-4909-459c-8347-b2068b7f0319}\ARPPRODUCTICON.exe [HKCR\Installer\Products\07B3D519D245EED4F889AA57BFDAFEAB] : PDF Architect 4 OCR Module -> C:\WINDOWS\Installer\{915D3B70-542D-4DEE-8F98-AA75FBADEFBA}\ocr_icon [HKCR\Installer\Products\085E718E81368CFA122023C23711E74C] : CCC Help Polish -> C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\08A8734D317CFD1139990005650C0080] : Paragon Migrate OS to SSD™ 4.0 -> C:\WINDOWS\Installer\{D4378A80-C713-11DF-9399-005056C00008}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0CCA1DC70DD34984097CFBA231C670D4] : [HKCR\Installer\Products\0D4A6A5A500250A2E212948580FC59DE] : CCC Help Norwegian -> C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0F76E360892CA2A8F06A481C35224A0E] : ccc-utility64 -> C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\10743651ECAB9444B8525176ADC8F93D] : CameraHelperMsi [HKCR\Installer\Products\13B3A47134C4DD3468F6379CBD88B784] : LWS Twitter [HKCR\Installer\Products\1D5F27E1E3559FFC603AC8A55F70DDC1] : CCC Help French -> C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\224612CF7C2EFB7408018F8518C18CC6] : [HKCR\Installer\Products\241A5D4605DBE627DEE92D05D8A2712E] : Catalyst Control Center InstallProxy -> C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\25E8C8C9A2A4D674B9C07CFE43048F0F] : [HKCR\Installer\Products\2EB941D82456A6F4EA4CD7166ECDEABF] : [HKCR\Installer\Products\2F676100D2A458D4A900DEA245CDFF18] : PDF Architect 4 Forms Module -> C:\WINDOWS\Installer\{001676F2-4A2D-4D85-9A00-ED2A54DCFF81}\forms_icon [HKCR\Installer\Products\2FDE2CC7CE387074DB3D276429636ACC] : WD Security -> C:\WINDOWS\Installer\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}\icon.ico [HKCR\Installer\Products\307BCCF8FBF37e944AF38AE1729D0BE7] : MediaShow -> C:\WINDOWS\Installer\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\37DCDAB6529E7F642A59FF4284367282] : [HKCR\Installer\Products\37E58BB129D0A406A0FA7CAA5D3E3A6C] : CCC Help English -> C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3A56CBC8BA0456EDC21B99A7DB8ADF86] : CCC Help Turkish -> C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3C1BCDF6CDE9CBC374C3DD58DEE54049] : CCC Help German -> C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3EFCAE7DA6CBbb842BC8D4FB1328523E] : PowerProducer -> C:\WINDOWS\Installer\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3F78D2E7CB3F5af4F927FB20E16DC63B] : [HKCR\Installer\Products\4171AC28AE31914F19EF2138444247E5] : CCC Help Italian -> C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42B796F7EA363344D86F638F71C1BA07] : PDF Architect 4 Edit Module -> C:\WINDOWS\Installer\{7F697B24-63AE-4433-8DF6-36F8171CAB70}\edit_icon [HKCR\Installer\Products\42C6FBF1Df1C10144AB2C065F4E9E897] : [HKCR\Installer\Products\42D78011D76588D7966C7D0AB8F5C474] : Catalyst Control Center - Branding -> C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4673AE1C831172EADA3645B9DA99AB51] : CCC Help Japanese -> C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\472D7398182C4E24C8BD0A2BFD791998] : LWS Webcam Software [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\4920FD12D9B61474BAF62BBABF2D83E7] : LWS YouTube Plugin [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\5104B339816461748A822598CF3061F5] : VC80CRTRedist - 8.0.50727.6195 [HKCR\Installer\Products\5173F3A735977424B8C5D53050B0E99A] : [HKCR\Installer\Products\554590D7179DC4D4E9DFA96F6A85F4A3] : Bing Bureau -> C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}\icon.ico [HKCR\Installer\Products\56D3AA7C48F10954FAAA70770AB46678] : Epson Software Updater -> C:\WINDOWS\Installer\{C7AA3D65-1F84-4590-AFAA-0777A04B6687}\icon.ico [HKCR\Installer\Products\591761FF4EE90C64C87DBF3A54E788BA] : LWS Facebook [HKCR\Installer\Products\59EBDD8FEBCD5B303595ED631041E612] : CCC Help Danish -> C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\5ACF48976BB16e64192EDEC503A11FA1] : [HKCR\Installer\Products\5BFC49BC40EA66A449542D97D8F224EE] : LCL -> C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5C9D7C552C04F0E468B30DFA4CCA1200] : Nitro Reader 5 -> C:\WINDOWS\Installer\{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100}\Reader.ico [HKCR\Installer\Products\5E16E053C2C6C3F2A341E790A46B3D0A] : CCC Help Spanish -> C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\623DD63D08278D11798C00109267C0EB] : PhotoNow -> C:\WINDOWS\Installer\{D36DD326-7280-11D8-97C8-000129760CBE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\66122D971C874DA2407EDB22DB85DF64] : CCC Help Chinese Traditional -> C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68ADF0FAB7E6C6A1154D34FA0581E12D] : AMD Catalyst Control Center -> C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6A94462B700606444BEF4C771651CBAE] : Epson Customer Research Participation [HKCR\Installer\Products\6AA82BF801D532C45852DE7D8A70C48B] : PDF Architect 4 Convert Module -> C:\WINDOWS\Installer\{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8}\convert_icon [HKCR\Installer\Products\72BCCFF8D2EEF85DA5DBDEC5609BE118] : CCC Help Swedish -> C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe [HKCR\Installer\Products\77E99DA1CC73E44793AC766FDF4365A5] : Catalyst Control Center Localization All -> C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\797ECA52ADBEB4E090F6F99EA7E1A2F6] : CCC Help Russian -> C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\WINDOWS\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7CFACAA4A15951244B03D3CFFFE2C6DE] : WD Backup [HKCR\Installer\Products\89201680EA92B5443BD7FEEB50089276] : LWS Pictures And Video [HKCR\Installer\Products\8AC6637E9717EA777E21AB817DA0A070] : AMD Fuel -> C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BA31D3CA8644710D160BDA9EAA831B1] : CCC Help Czech -> C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F7CB758450F4234C9AA016816AEC3D8] : PDF Architect 4 Insert Module -> C:\WINDOWS\Installer\{857BC7F8-F054-4324-9CAA-108661EA3C8D}\insert_icon [HKCR\Installer\Products\924914348DC32A0428547D8CCC952DE7] : PDF Architect 4 Secure Module -> C:\WINDOWS\Installer\{43419429-3CD8-40A2-8245-D7C8CC59D27E}\secure_icon [HKCR\Installer\Products\92540D3EBDE68D113A270005AB3E711E] : PowerDVD Copy -> C:\WINDOWS\Installer\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\92AE608D61AC5E34B936DC95B1A04F23] : PDF Architect 4 Review Module -> C:\WINDOWS\Installer\{D806EA29-CA16-43E5-9B63-CD591B0AF432}\review_icon [HKCR\Installer\Products\94BD5DDAFC278D11D95700109267D057] : PowerBackup -> C:\WINDOWS\Installer\{ADD5DB49-72CF-11D8-9D75-000129760D75}\ARPPRODUCTICON.exe [HKCR\Installer\Products\966BDC60F6BB7B74F9383ABECC79790E] : PDF Architect 4 Create Module -> C:\WINDOWS\Installer\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0}\create_icon [HKCR\Installer\Products\9B84125C0E91A334492243151BEB2EF0] : Media Go Network Downloader -> C:\WINDOWS\Installer\{C52148B9-19E0-433A-9422-3451B1BEE20F}\Media_Go_icon [HKCR\Installer\Products\9C58CB7154AE7A484FBD0C6DB3EB89ED] : Media Go Video Playback Engine 2.20.103.05220 -> C:\WINDOWS\Installer\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE}\MediaGo__0001.ico [HKCR\Installer\Products\9DD3CA015D09065439A0FF9B93481957] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A748067A9D4CFE7E17F6706CBC6F1B74] : CCC Help Thai -> C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A9B15283B44C9D24A9A6607989E633A4] : Manager [HKCR\Installer\Products\AB75A5C0E5343F340804DA0FD817C5A8] : [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B67AEAD9F05E27245A5910428E6255D3] : LWS WLM Plugin [HKCR\Installer\Products\BD536147AD63FCB4BB25F0C4C1E4D0BF] : Wedding Pack -> C:\WINDOWS\Installer\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C0DBE580E42F49BED633A222FE465CFC] : CCC Help Finnish -> C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C1EE29780A197A3479A77E014C22C369] : [HKCR\Installer\Products\C2F1EB77C255E834E8B6C48061DBCED5] : Rebit Pro (64-bit) -> C:\WINDOWS\Installer\{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D}\InstallerIcon [HKCR\Installer\Products\C351938B2D4DC98F0533A061C02607B6] : CCC Help Portuguese -> C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C3AF8C38AE4F4C6438293DEC5373836D] : LWS Launcher [HKCR\Installer\Products\C3CE67F61B43E63479BF845CD8B7DEDC] : LWS Gallery [HKCR\Installer\Products\C51E70D24A9A6D8D3D1729CE78975E78] : CCC Help Hungarian -> C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC67F423DD8D78D47BD74DFAE5A17A3B] : [HKCR\Installer\Products\D0C652567EF3E2D4BBE3351F7145188C] : Media Go -> C:\WINDOWS\Installer\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}\mediago.ico [HKCR\Installer\Products\D32F40E9E2E326A4EAFBB89C25932459] : COMODO Cloud Antivirus -> C:\WINDOWS\Installer\{9E04F23D-3E2E-4A62-AEBF-8BC952394295}\icon.ico [HKCR\Installer\Products\D4DC8700641B77D4C80F62B8631C3ACE] : [HKCR\Installer\Products\D6BC3980639828843830C87096AA7605] : PDF Architect 4 View Module -> C:\WINDOWS\Installer\{0893CB6D-8936-4882-8303-8C0769AA6750}\main_icon [HKCR\Installer\Products\DDC6998418DD791439EF90177EC3C57A] : WD Drive Utilities -> C:\WINDOWS\Installer\{48996CDD-DD81-4197-93FE-0971E73C5CA7}\icon.ico [HKCR\Installer\Products\DED17A5318AD313153A2CEA8B072FDB3] : CCC Help Chinese Standard -> C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E3A623703B208701527D8B66B68AEF51] : CCC Help Korean -> C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E6121561DA7E0524291ABFE86D31199C] : LWS Help_main [HKCR\Installer\Products\EE47477FC6BEB78C88FA33018C840E86] : CCC Help Greek -> C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3D66E17900ABA447848572E18B94AAB] : LWS Motion Detection [HKCR\Installer\Products\F4543B4D9257F5F458D1C26339F3D746] : Classic Shell -> C:\WINDOWS\Installer\{D4B3454F-7529-4F5F-851D-2C36933F7D64}\icon.ico [HKCR\Installer\Products\F75D59AC3CF97DD0C76363F2478D0CE4] : CCC Help Dutch -> C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 954G No No 1 953,525,167 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: AMI System Manufacturer: Hewlett-Packard System Product Name: CQ2904EF Logical Drives Mask: 0x01eff7fc Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Nom du module défaillant : DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000089f1 ID du processus défaillant : 0x3c4 Heure de début de l’application défaillante : 0x01d1e4d1a278d9db Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 6e9727b5-3154-4758-89f5-1dcf8370bc33 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Nom du module défaillant : SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001b05b7 ID du processus défaillant : 0x303c Heure de début de l’application défaillante : 0x01d1e4d1401b8c59 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : 58822549-a97d-4f4a-89e8-03bba98cf7b8 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Nom du module défaillant : SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001b05b7 ID du processus défaillant : 0x2e7c Heure de début de l’application défaillante : 0x01d1e4d13c73890d Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : 5287d706-d213-4f4a-8d7e-ccfc3460e377 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Nom du module défaillant : SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001b05b7 ID du processus défaillant : 0x2098 Heure de début de l’application défaillante : 0x01d1e4d137fcf20c Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : 430564be-d8f1-4a10-ab0b-22788ae1b33a Nom complet du package défaillant : Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Nom du module défaillant : SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001b05b7 ID du processus défaillant : 0xbc0 Heure de début de l’application défaillante : 0x01d1e4d131b9562e Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : fa24b468-d778-4cc9-a431-cdb5a00ebe4e Nom complet du package défaillant : Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Nom du module défaillant : SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001b05b7 ID du processus défaillant : 0x1500 Heure de début de l’application défaillante : 0x01d1e4d12b7d2bb4 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : a62b629e-ac7d-4aa2-b387-2dc5607b744d Nom complet du package défaillant : Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Nom du module défaillant : SearchUI.exe, version : 10.0.10586.494, horodatage : 0x5775e69a Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001b05b7 ID du processus défaillant : 0x818 Heure de début de l’application défaillante : 0x01d1e4d127dbd03b Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : edb9bd61-4138-4a6b-a40f-323418ae9a08 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000085831 ID du processus défaillant : 0x1a78 Heure de début de l’application défaillante : 0x01d1e4d125c2256b Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : d8c53a18-8a1e-436f-a351-179f5a4834bd Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000085831 ID du processus défaillant : 0x6d0 Heure de début de l’application défaillante : 0x01d1e4d122d9fc1f Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : 88ed3a36-1399-4d70-91ea-987a73be930c Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000085831 ID du processus défaillant : 0x20a8 Heure de début de l’application défaillante : 0x01d1e4d11fd4153e Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : a3c0a433-3faa-4077-80dd-98d889adea1a Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante plugin-container.exe, version : 47.0.1.6018, horodatage : 0x576c9d72 Nom du module défaillant : mozglue.dll, version : 47.0.1.6018, horodatage : 0x576c88ad Code d’exception : 0x80000003 Décalage d’erreur : 0x00000000000102cb ID du processus défaillant : 0x2900 Heure de début de l’application défaillante : 0x01d1e4d0eeccc17c Chemin d’accès de l’application défaillante : C:\Program Files\Mozilla Firefox\plugin-container.exe Chemin d’accès du module défaillant: C:\Program Files\Mozilla Firefox\mozglue.dll ID de rapport : 50001bdb-888a-4680-93bf-386a0383097b Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000085831 ID du processus défaillant : 0x411c Heure de début de l’application défaillante : 0x01d1e4b600222986 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : 09d547d9-814f-4a63-8c1b-5160d768e531 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_CacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_AudioCacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_CacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_AudioCacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ Nom de l’application défaillante explorer.exe, version : 10.0.10586.494, horodatage : 0x5775e575 Nom du module défaillant : support.dll_unloaded, version : 4.1.4.27684, horodatage : 0x572a0944 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000053c0 ID du processus défaillant : 0x4ec Heure de début de l’application défaillante : 0x01d1e491e15e3658 Chemin d’accès de l’application défaillante : C:\WINDOWS\explorer.exe Chemin d’accès du module défaillant: support.dll ID de rapport : bcf63e36-0614-4b18-8e72-310c3cf969e8 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante explorer.exe, version : 10.0.10586.494, horodatage : 0x5775e575 Nom du module défaillant : support.dll_unloaded, version : 4.1.4.27684, horodatage : 0x572a0944 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000053c0 ID du processus défaillant : 0x13a8 Heure de début de l’application défaillante : 0x01d1e485f283a966 Chemin d’accès de l’application défaillante : C:\WINDOWS\explorer.exe Chemin d’accès du module défaillant: support.dll ID de rapport : 972775e1-016c-46b5-914e-ba25bdd3199a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000085831 ID du processus défaillant : 0xb38 Heure de début de l’application défaillante : 0x01d1e48a705ba752 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : e0ea6f53-52bf-4375-acdb-0b1d43a0ca2a Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ ----------( EOF)---------- - 4415 | 14:19:35