Format du document : text/plain
Prévisualisation
~ ZHPDiag v2018.7.20.150 Par Nicolas Coolman (2018/07/20)
~ Démarré par BAMOGO (Administrator) (2018/07/20 19:38:45)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\BAMOGO\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\BAMOGO\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation
---\\ NAVIGATEURS INTERNET (3) - 0s
~ MFIE: Mozilla Firefox 61.0.1 (x64 fr)
~ MFIE: Opera 54.0.2952.60
~ MSIE: Internet Explorer v11.0.9600.19080
---\\ INFORMATIONS SUR LES PRODUITS WINDOWS (10) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : GPDD4
Windows License : OK
Expiration Licence Windows : 254340 minute(s) (176 jour(s))
~ Windows Remaining Initializations Number : 1
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ LOGICIELS DE PROTECTION (1) - 2s
AVG 2012 v12.0.2082 (Protection)
---\\ LOGICIELS ANTI-MALWARE (1) - 2s
~ IObit Malware Fighter 6 v6.0 (Anti-Malware)
---\\ SURVEILLANCE LOGICIEL (2) - 2s
~ Adobe Flash Player 30 ActiveX (Surveillance)
~ Adobe Reader 9 - Français (Surveillance)
---\\ LOGICIELS D'OPTIMISATION (1) - 2s
~ Driver Booster 5 v5.5.1 (Optimisation)
---\\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 6189.424 MB (48% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 308 GB (83%) free of 368 GB : OK =>.Disk Space
---\\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: BAMOGO-PC
~ User Name: BAMOGO
~ Logged in as Administrator
---\\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (3) - 0s
~ Drive C: has 308 GB free of 368 GB (System)
~ Drive D: has 0 GB free of 0 GB
~ Drive E: has 33 GB free of 346 GB
---\\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (13) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (26) - 1s
[MD5.38AE1B3C38FAEF56FE4907922F0385BA] - 29/08/2016 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [3229696] =>.Microsoft Corporation
[MD5.C36BB659F08F046B139C8D1B980BF1AC] - 30/03/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [46080] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.A11391166113D74AA4F34FA9373EE68D] - 16/06/2018 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [3241472] =>.Microsoft Corporation
[MD5.11D6A262B617130F7C16E308C12E0D41] - 01/01/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [455680] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.9B86DF86D1EFF32893BC3FB49BFAA993] - 08/06/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.4A35D7B172AFF9C6B362D7297568836A] - 08/06/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [269824] =>.Microsoft Corporation
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - 12/04/2011 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] =>.Microsoft Corporation
[MD5.0DC2A9882540DEA4A55B08785E09D8FC] - 04/04/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [496128] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Corporation
[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.63705A08981F7EDD376241D6E0A9C2AC] - 25/04/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [115200] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.A21C2034FC556EBCA6478E434B5AF693] - 08/06/2018 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159744] =>.Microsoft Corporation
[MD5.734837208CAFD6E0959A7A0333C95C9D] - 11/08/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [262656] =>.Microsoft Corporation
[MD5.8422AFBD1C2D30FFC913309D7F1A366D] - 15/05/2018 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1681088] =>.Microsoft Corporation
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.4DD986720F7CB7A8A5D1226793097B9A] - 29/07/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Corporation
---\\ LISTE DES SERVICES (Non désactivés) (54) - 5s
O23 - Service: Advanced SystemCare Service 11 (AdvancedSystemCareService11) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: C:\Windows\System32\audiosrv.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) - C:\Program Files (x86)\AOMEI Backupper\ABService.exe =>.AOMEI Tech Co., Ltd.
O23 - Service: C:\Windows\System32\bfe.dll (BFE) . (.Microsoft Corporation - Moteur de filtrage de base.) - C:\Windows\System32\bfe.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) - C:\Windows\System32\qmgr.dll =>.Microsoft Corporation
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) . (.Microsoft Corporation - .NET Runtime Optimization Service.) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe {3300000180101C50F78C2FD0AA000100000180} =>.Microsoft Corporation
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) . (.Microsoft Corporation - .NET Runtime Optimization Service.) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe {3300000180101C50F78C2FD0AA000100000180} =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Services de chiffrement.) - C:\Windows\System32\cryptsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cscsvc.dll (CscService) . (.Microsoft Corporation - DLL du service CSC.) - C:\Windows\System32\cscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - Service client DHCP.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\UtcResources.dll (DiagTrack) . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) - C:\Windows\System32\diagtrack.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - Service de résolution du cache DNS.) - C:\Windows\System32\dnsrslvr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wevtsvc.dll (eventlog) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Service de cache de police Windows.) - C:\Windows\System32\FntCache.dll =>.Microsoft Corporation
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) - C:\Windows\System32\gpsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - Extension IKE.) - C:\Windows\System32\ikeext.dll =>.Microsoft Corporation
O23 - Service: IMF Service (IMFservice) . (.IObit - IObit Malware Fighter Service.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe =>.IObit Information Technology®
O23 - Service: IOTransfer Updater (IOTUpdaterSvc) . (...) - C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe
O23 - Service: C:\Windows\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - C:\Windows\System32\iphlpsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - DLL du service Serveur.) - C:\Windows\System32\srvsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - DLL du service Station de travail.) - C:\Windows\System32\wkssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\lmhsvc.dll (lmhosts) . (.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - C:\Windows\System32\lmhsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\mmcss.dll (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) - C:\Windows\System32\mmcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (MpsSvc) . (.Microsoft Corporation - Service de protection Microsoft.) - C:\Windows\System32\mpssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Connaissance des emplacements réseau 2.) - C:\Windows\System32\nlasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Serveur RPC de l’interface du magasin résea.) - C:\Windows\System32\nsisvc.dll =>.Microsoft Corporation
O23 - Service: Office Software Protection Platform (osppsvc) . (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE =>.Microsoft Corporation®
O23 - Service: C:\Windows\System32\pcasvc.dll (PcaSvc) . (.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) - C:\Windows\System32\pcasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpnpmgr.dll (PlugPlay) . (.Microsoft Corporation - Service mode utilisateur de Plug-and-Play.) - C:\Windows\System32\umpnpmgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - Service d’alimentation en mode utilisateur.) - C:\Windows\System32\umpo.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - Mappeur de point de terminaison RPC.) - C:\Windows\System32\RpcEpMap.dll =>.Microsoft Corporation
O23 - Service: @oleres.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) - C:\Windows\System32\schedsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) - C:\Windows\System32\Sens.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) - C:\Windows\System32\shsvcs.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Application sous-système spouleur.) - C:\Windows\System32\spoolsv.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Service de la plateforme de protection logi.) - C:\Windows\System32\sppsvc.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Service de périphériques d’images fixes.) - C:\Windows\System32\wiaservc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - Hôte de service Superfetch.) - C:\Windows\System32\sysmain.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\termsrv.dll (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) - C:\Windows\System32\termsrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) - C:\Windows\System32\themeservice.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dwm.exe,-2000 (UxSms) . (.Microsoft Corporation - Microsoft User Experience Session Managemen.) - C:\Windows\System32\uxsms.dll =>.Microsoft Corporation
O23 - Service: WC Assistant (WCAssistantService) . (. - SPWindowsService.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe =>.Lavasoft Software Canada®
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) . (.Microsoft Corporation - Service Module.) - C:\Program Files\Windows Defender\MpSvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wlansvc.dll (Wlansvc) . (.Microsoft Corporation - DLL du service de configuration automatique.) - C:\Windows\System32\wlansvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Service Centre de sécurité de Windows.) - C:\Windows\System32\wscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - C:\Windows\System32\SearchIndexer.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) - C:\Windows\System32\wuaueng.dll =>.Microsoft Corporation
O23 - Service: Power Control [2018/07/11 16:57:43] ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) . (...) - \C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (.not file.)
---\\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (9) - 9s
SS - Demand [14/07/2018] [ 335872] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [21/03/2018] [ 1057552] Advanced SystemCare Service 11 (AdvancedSystemCareService11) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
SR - Auto [27/04/2018] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SS - Auto [11/07/2018] [ 253800] AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd..) - C:\Program Files (x86)\AOMEI Backupper\ABService.exe =>.AOMEI Tech Co., Ltd.
SS - Demand [01/06/2015] [ 290224] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX®
SR - Auto [24/04/2018] [ 2130192] IMF Service (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe =>.IObit Information Technology®
SS - Auto [19/07/2018] [ 3436159] IOTransfer Updater (IOTUpdaterSvc) . (...) - C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe
SS - Demand [20/07/2018] [ 776448] Lenovo EasyPlus Hotspot (Lenovo EasyPlus Hotspot) . (...) - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
SR - Auto [19/07/2018] [ 25704] WC Assistant (WCAssistantService) . (...) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe =>.Lavasoft Software Canada®
---\\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (26) - 8s
O38 - TASK: {2C16873C-D81B-41E7-BE4E-18071BFE1421} [64Bits][\SmartDefrag_Startup] - (...) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [6505175]
O38 - TASK: {2C707C23-C355-4414-9981-56395DA90E27} [64Bits][\IOTransfer SkipUAC (BAMOGO)] - (...) -- C:\Program Files (x86)\IOTransfer\IOT\IOTransfer.exe [6489784]
O38 - TASK: {4950BD48-51BF-48C2-B812-B704C1D98445} [64Bits][\{E64031CD-F365-443E-A23B-293CB3C2EC0C}] - (.Tencent - QQPlayer 3.6.883.400 Installation.) -- E:\DELL\LECTEURS\QQPlayer_Setup_French.exe [30674761] =>.SUP.Tencent
O38 - TASK: {4D259E9C-E9C7-4440-A9B6-6E493FF6F68F} [64Bits][\{551F92D1-DDB8-46CF-83DD-7D59A06D1F25}] - (. - Setup/Uninstall.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe [1275304]
O38 - TASK: {7305C3CC-413C-4964-BB69-265982BCB931} [64Bits][\{C29574DC-2821-4627-8E68-7A97675EAFBC}] - (...) -- E:\Nouveau dossier (2)\Adobe Photoshop 8 FR\Adobe Photoshop 8 FR\setup.exe [420742]
O38 - TASK: {7F3D55FB-01AD-4212-93C8-B46B5A444138} [64Bits][\{F46C756C-7915-41EB-8E86-EECE28587023}] - (...) -- E:\DELL\Downloads\Shareit\Document\Adobe Photoshop 8 FR\Adobe Photoshop 8 FR\setup.exe [387462]
O38 - TASK: {9AE995E8-CAFD-4193-BD48-22A2CFD0F593} [64Bits][\Opera scheduled Autoupdate 1532023275] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe [1311832] =>.Opera Software
O38 - TASK: {B869CEC6-E6A7-4EB2-8D4B-663020614513} [64Bits][\SmartDefrag_Update] - (.IObit - Smart Defrag Updater.) -- C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [4151056] =>.IObit
O38 - TASK: {BB9947F2-F150-49FA-960C-7C09392BBADC} [64Bits][\{E64E1C3B-DE1E-4994-A54B-C6A1EA83F71B}] - (...) -- E:\DELL\encarta\INSTALL.EXE [524966]
O38 - TASK: {D8AC1D26-5B83-4684-97DE-5AAD6DF209EF} [64Bits][\ASC11_SkipUac_BAMOGO] - (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8473872]
O38 - TASK: {F5B6D8E9-1B42-49E4-A5FA-0008A8739E35} [64Bits][\Apple\AppleSoftwareUpdate] - (...) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [1795904]
O38 - TASK: {F630D2BE-69ED-486B-B81E-1E78D365A787} [64Bits][\Lenovo\Lenovo Customer Feedback Program 64 35] - (.Lenovo - Lenovo.TVT.CustomerFeedback.Agent.) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184] =>.Lenovo
O38 - TASK: {F68D857B-937F-46A0-A208-EC45202AF569} [64Bits][\{B7BAC747-5011-4A68-8766-5D92CCD3D69D}] - (.Mozilla Corporation - .) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe [992143] =>.Mozilla Corporation
C:\Windows\System32\Tasks\SmartDefrag_Startup - (...) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [/STARTUP]
C:\Windows\System32\Tasks\IOTransfer SkipUAC (BAMOGO) - (...) -- C:\Program Files (x86)\IOTransfer\IOT\IOTransfer.exe [/skipuac]
C:\Windows\System32\Tasks\{E64031CD-F365-443E-A23B-293CB3C2EC0C} - (.Tencent.) -- E:\DELL\LECTEURS\QQPlayer_Setup_French.exe [E:\DELL\LECTEURS\QQPlayer_Setup_French.exe] =>.SUP.Tencent
C:\Windows\System32\Tasks\{551F92D1-DDB8-46CF-83DD-7D59A06D1F25} - (..) -- C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe [C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe]
C:\Windows\System32\Tasks\{C29574DC-2821-4627-8E68-7A97675EAFBC} - (...) -- E:\Nouveau dossier (2)\Adobe Photoshop 8 FR\Adobe Photoshop 8 FR\setup.exe [E:\Nouveau dossier (2)\Adobe Photoshop 8 FR\Adobe Photoshop 8 FR\setup.exe]
C:\Windows\System32\Tasks\{F46C756C-7915-41EB-8E86-EECE28587023} - (...) -- E:\DELL\Downloads\Shareit\Document\Adobe Photoshop 8 FR\Adobe Photoshop 8 FR\setup.exe [E:\DELL\Downloads\Shareit\Document\Adobe Photoshop 8 FR\Adobe Photoshop 8 FR\setup.exe]
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1532023275 - (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [--scheduledautoupdate .--scheduledautoupdate] =>.Opera Software
C:\Windows\System32\Tasks\SmartDefrag_Update - (.IObit.) -- C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [/autorun] =>.IObit
C:\Windows\System32\Tasks\{E64E1C3B-DE1E-4994-A54B-C6A1EA83F71B} - (...) -- E:\DELL\encarta\INSTALL.EXE [E:\DELL\encarta\INSTALL.EXE]
C:\Windows\System32\Tasks\ASC11_SkipUac_BAMOGO - (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [/SkipUac]
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate - (...) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [-task]
C:\Windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - (.Lenovo.) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [] =>.Lenovo
C:\Windows\System32\Tasks\{B7BAC747-5011-4A68-8766-5D92CCD3D69D} - (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe [C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe] =>.Mozilla Corporation
---\\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (18) - 4s
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe =>.Alps Electric Co., LTD.®
O4 - HKLM\..\Run: [CyCpIo] . (.Cypress Semiconductor Corporation - Trackpad Bus Monitor.) -- C:\Program Files\Cypress\TrackPad\CyCpIo.exe =>.Cypress Semiconductor Corporation
O4 - HKLM\..\Run: [CyHidWin] . (.Cypress Semiconductor, Inc. - Trackpad Gesture Engine Monitor.) -- C:\Program Files\Cypress\TrackPad\CyHidWin.exe =>.Cypress Semiconductor, Inc.
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe =>.ELAN Microelectronics Corporation®
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe =>.Intel Corporation
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe =>.Intel Corporation
O4 - HKCU\..\Run: [Advanced SystemCare 11] . (.IObit - Advanced SystemCare Tray.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe =>.IObit Information Technology®
O4 - HKCU\..\Run: [Web Companion] . (...) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe =>PUP.Optional.LavasoftWebCompanion
O4 - HKCU\..\Run: [BitTorrent] . (...) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (...) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [BDRegion] . (...) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (...) -- C:\Program Files (x86)\QuickTime\QTTask.exe =>Riskware.QuickTime
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (...) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3739661032-3841058382-164409625-1000\..\Run: [Advanced SystemCare 11] . (.IObit - Advanced SystemCare Tray.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe =>.IObit Information Technology®
O4 - HKUS\S-1-5-21-3739661032-3841058382-164409625-1000\..\Run: [Web Companion] . (...) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe =>PUP.Optional.LavasoftWebCompanion
O4 - HKUS\S-1-5-21-3739661032-3841058382-164409625-1000\..\Run: [BitTorrent] . (...) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe
---\\ PROCESSUS LANCÉS (25) - 6s
[MD5.E2D59CF202C476A2A30201CDFC7920B1] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1057552] [PID.852] =>.IObit Information Technology®
[MD5.F48BF0A7E4B4F5F176CC5CDF9382F2E7] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2130192] [PID.912] =>.IObit Information Technology®
[MD5.D3B143E07D282D3FB88BCAB0C91D0BDB] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.2028] =>.Apple Inc.®
[MD5.3F53FCE46C0A587B348AC49ED3D08F50] - (.Cypress Semiconductor Corporation - Trackpad Bus Monitor.) -- C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2461696] [PID.2424] =>.Cypress Semiconductor Corporation
[MD5.83FF3601879A66659BDCF2F9FA543D0F] - (.Cypress Semiconductor, Inc. - Trackpad Gesture Engine Monitor.) -- C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2385920] [PID.2256] =>.Cypress Semiconductor, Inc.
[MD5.DA2B04FB83F722B70C5B8D0923906754] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985712] [PID.2304] =>.Synaptics Incorporated®
[MD5.C04C69A605866DFD884084291FF3CA10] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [2877192] [PID.2488] =>.ELAN Microelectronics Corporation®
[MD5.BACDCDBA42A3BB7F408AEB80DA47568A] - (.IObit - Advanced SystemCare Tray.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3580688] [PID.2712] =>.IObit Information Technology®
[MD5.8D0C48C2A5D38DCA97013A25D92478A4] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [181488] [PID.2984] =>.Synaptics Incorporated®
[MD5.7D9FA7A436606FFC1957A0ABB0E03C73] - (...) -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe [1136895] [PID.2744]
[MD5.05B334A967C235C56A59BDB1DC9C73D0] - (. - SPWindowsService.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704] [PID.3948] =>.Lavasoft Software Canada®
[MD5.02F136A4E6B9C0CCD64420716A35CC8B] - (.IObit - UninstallerMonitor.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe [2087696] [PID.4592] =>.IObit Information Technology®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.5476] =>.Opera Software AS®
[MD5.84DB6BF314D49343A26C6C46C092F34F] - (.Opera Software - Opera crash-reporter.) -- C:\Program Files\Opera\54.0.2952.60\opera_crashreporter.exe [1179736] [PID.3684] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.1976] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.4072] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.344] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.1376] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.2408] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.1552] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.1068] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.1872] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.1040] =>.Opera Software AS®
[MD5.FBB070867D3D3153978439B820ED756D] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe [933464] [PID.3184] =>.Opera Software AS®
[MD5.9E1780B7FCA391AA66A118661036817E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\BAMOGO\AppData\Roaming\ZHP\ZHPDiag3.exe [3233607] [PID.5816] =>.Nicolas Coolman
---\\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (32) - 21s
M0 - MFSP: prefs.js [BAMOGO - 0eckoslo.default] http://search.yahoo.com/ =>.Yahoo! Inc.
P2 - EXT FILE: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Adaware Web Protection - .) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\@adaware_webprotection.xpi
P2 - EXT FILE: (.Adaware Secure - .) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\@new-tab.xpi
P2 - EXT FILE: (.Adaware Ad Block - .) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi =>PUP.Optional.Adblocker
P2 - EXT FILE: (.Tabliss - A beautiful New Tab page with many cus.) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\extension@tabliss.io.xpi =>Adware.QuickShare
P2 - EXT FILE: (...) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\ffext_basicvideoext@startpage24.xpi
P2 - EXT FILE: (.Dashlane - Password Manager and Secure Digital Wa.) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\jetpack-extension@dashlane.com.xpi =>.Dashlane
P2 - EXT FILE: (...) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\jid1-93WyvpgvxzGATw@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\torrent@matt.tf.xpi
P2 - EXT FILE: (.Newtab-Media - The must have extension for media fans.) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\{276ea011-69eb-4a56-b687-c86478772a96}.xpi
P2 - EXT FILE: (.TVPlusNewtab - The must have extension for media fans.) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\{277c5cb0-631b-4cd2-a06c-634bb76aaa4b}.xpi
P2 - EXT FILE: (.Download via IDM (Internet Download Ma - Help you quickly open and download lin.) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\{39196a20-59c9-4b25-b09c-86b25a0043d3}.xpi
P2 - EXT FILE: (.Yahoo! Search Engine - yahoo-search-engine.) -- C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\searchplugins\yahoo-lavasoft-ff59.xml =>.Yahoo! Search Engine
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT FILE: (.Bing.com.) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml =>.Bing.com
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT FILE: (.Google Inc..) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml =>.Google Inc.
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT FILE: (.Wikipedia.) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml =>.Wikipedia
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.webcompat.com.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi =>.webcompat.com
P2 - EXT FILE: (.webcompat.com.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.webcompat.com
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
---\\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.19081 (winblue_ltsb.180616-0600)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ INTERNET EXPLORER, Site de confiance et site sensible (4) - 0s
~ IE Restricted Site Good: localhost
~ IE Restricted Site Good: webcompanion.com
~ Microsoft Internet Explorer Restricted Site(s) Domains: 2(Good) / 0(Bad)
~ Microsoft Internet Explorer Restricted Site(s) EscDomains: 0(Good) / 0(Bad)
---\\ INTERNET EXPLORER,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ ÉTUDE DU FICHIER HOSTS (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (4) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} (.Orphan.)
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ RACCOURCIS GLOBAL STARTUP (142) - 32s
O4 - GS\Desktop [Administrateur]: Baidu WiFi Hotspot.lnk . (...) C:\Program Files (x86)\Baidu WiFiHotspot\WifiHotspot.exe -shortcut
O4 - GS\Desktop [Administrateur]: Club des petits - Raccourci.lnk . (...) E:\Club des petits
O4 - GS\Desktop [Administrateur]: DROIT - Raccourci.lnk . (...) E:\DROIT
O4 - GS\Desktop [Administrateur]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: FILMS - Raccourci.lnk . (...) E:\FILMS
O4 - GS\Desktop [Administrateur]: IMAGES - Raccourci.lnk . (...) E:\IMAGES
O4 - GS\Desktop [Administrateur]: ISLAM - Raccourci.lnk . (...) E:\ISLAM
O4 - GS\Desktop [Administrateur]: jamais vu - Raccourci.lnk . (...) E:\jamais vu
O4 - GS\Desktop [Administrateur]: Josué doc prépa concours - Raccourci.lnk . (...) E:\Josué doc prépa concours
O4 - GS\Desktop [Administrateur]: LECTURE CORANIQUE TRADUCTION - Raccourci.lnk . (...) E:\LECTURE CORANIQUE TRADUCTION
O4 - GS\Desktop [Administrateur]: MAGISTRATURE - Raccourci.lnk . (...) E:\MAGISTRATURE
O4 - GS\Desktop [Administrateur]: Nouveau dossier (2) - Raccourci.lnk . (...) E:\Nouveau dossier (2)
O4 - GS\Desktop [Administrateur]: PhotoshopCS6Portable - Raccourci.lnk . (...) E:\DELL\Downloads\Shareit\Document\PhotoshopPortable\PhotoshopCS6Portable.exe
O4 - GS\Desktop [Administrateur]: PowerPoint 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: Publisher 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\pubs.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: QQPlayer.lnk . (.Technologie de Tencent - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.SUP.Tencent
O4 - GS\Desktop [Administrateur]: QURAN COMPLET - Raccourci.lnk . (...) E:\QURAN COMPLET
O4 - GS\Desktop [Administrateur]: Telegram.lnk . (.Telegram Messenger LLP - Telegram Desktop.) C:\Users\BAMOGO\AppData\Roaming\Telegram Desktop\Telegram.exe =>.Telegram Messenger LLP
O4 - GS\Desktop [Administrateur]: virtualdj_pro - Raccourci.lnk . (...) E:\DELL\LECTEURS\Virtual DJ Pro Full And Crack\Virtual DJ Pro Full And Crack\Crack\virtualdj_pro.exe
O4 - GS\Desktop [Administrateur]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\BAMOGO\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: BitTorrent.lnk . (...) C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe
O4 - GS\Quicklaunch [Administrateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrateur]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\Quicklaunch [Administrateur]: QQPlayer.lnk . (.Technologie de Tencent - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.SUP.Tencent
O4 - GS\Quicklaunch [Administrateur]: QuickTime Player.lnk . (...) C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\QTPlayer.ico
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Advanced SystemCare 11.lnk . (...) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /manual
O4 - GS\TaskBar [Administrateur]: facebook.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe www.facebook.com =>.Opera Software
O4 - GS\TaskBar [Administrateur]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrateur]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\TaskBar [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Startup [Administrateur]: PdaNet Desktop.lnk . (...) C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - GS\Programs [Administrateur]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BAMOGO]: Baidu WiFi Hotspot.lnk . (...) C:\Program Files (x86)\Baidu WiFiHotspot\WifiHotspot.exe -shortcut
O4 - GS\Desktop [BAMOGO]: Club des petits - Raccourci.lnk . (...) E:\Club des petits
O4 - GS\Desktop [BAMOGO]: DROIT - Raccourci.lnk . (...) E:\DROIT
O4 - GS\Desktop [BAMOGO]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BAMOGO]: FILMS - Raccourci.lnk . (...) E:\FILMS
O4 - GS\Desktop [BAMOGO]: IMAGES - Raccourci.lnk . (...) E:\IMAGES
O4 - GS\Desktop [BAMOGO]: ISLAM - Raccourci.lnk . (...) E:\ISLAM
O4 - GS\Desktop [BAMOGO]: jamais vu - Raccourci.lnk . (...) E:\jamais vu
O4 - GS\Desktop [BAMOGO]: Josué doc prépa concours - Raccourci.lnk . (...) E:\Josué doc prépa concours
O4 - GS\Desktop [BAMOGO]: LECTURE CORANIQUE TRADUCTION - Raccourci.lnk . (...) E:\LECTURE CORANIQUE TRADUCTION
O4 - GS\Desktop [BAMOGO]: MAGISTRATURE - Raccourci.lnk . (...) E:\MAGISTRATURE
O4 - GS\Desktop [BAMOGO]: Nouveau dossier (2) - Raccourci.lnk . (...) E:\Nouveau dossier (2)
O4 - GS\Desktop [BAMOGO]: PhotoshopCS6Portable - Raccourci.lnk . (...) E:\DELL\Downloads\Shareit\Document\PhotoshopPortable\PhotoshopCS6Portable.exe
O4 - GS\Desktop [BAMOGO]: PowerPoint 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BAMOGO]: Publisher 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\pubs.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BAMOGO]: QQPlayer.lnk . (.Technologie de Tencent - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.SUP.Tencent
O4 - GS\Desktop [BAMOGO]: QURAN COMPLET - Raccourci.lnk . (...) E:\QURAN COMPLET
O4 - GS\Desktop [BAMOGO]: Telegram.lnk . (.Telegram Messenger LLP - Telegram Desktop.) C:\Users\BAMOGO\AppData\Roaming\Telegram Desktop\Telegram.exe =>.Telegram Messenger LLP
O4 - GS\Desktop [BAMOGO]: virtualdj_pro - Raccourci.lnk . (...) E:\DELL\LECTEURS\Virtual DJ Pro Full And Crack\Virtual DJ Pro Full And Crack\Crack\virtualdj_pro.exe
O4 - GS\Desktop [BAMOGO]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Desktop [BAMOGO]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\BAMOGO\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [BAMOGO]: BitTorrent.lnk . (...) C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe
O4 - GS\Quicklaunch [BAMOGO]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [BAMOGO]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\Quicklaunch [BAMOGO]: QQPlayer.lnk . (.Technologie de Tencent - QQ Player.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>.SUP.Tencent
O4 - GS\Quicklaunch [BAMOGO]: QuickTime Player.lnk . (...) C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\QTPlayer.ico
O4 - GS\sendTo [BAMOGO]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [BAMOGO]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [BAMOGO]: Advanced SystemCare 11.lnk . (...) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /manual
O4 - GS\TaskBar [BAMOGO]: facebook.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe www.facebook.com =>.Opera Software
O4 - GS\TaskBar [BAMOGO]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [BAMOGO]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [BAMOGO]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\TaskBar [BAMOGO]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [BAMOGO]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Startup [BAMOGO]: PdaNet Desktop.lnk . (...) C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O4 - GS\Programs [BAMOGO]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [BAMOGO]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Adobe Reader 9.lnk . (...) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
O4 - GS\CommonDesktop [Public]: Advanced SystemCare 11.lnk . (...) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /manual
O4 - GS\CommonDesktop [Public]: AOMEI Backupper Standard.lnk . (.AOMEI Tech Co., Ltd. - AOMEI Backupper.) C:\Program Files (x86)\AOMEI Backupper\Backupper.exe =>.AOMEI Tech Co., Ltd.
O4 - GS\CommonDesktop [Public]: CyberLink PowerDVD 10.lnk . (...) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe =>.CyberLink Corporation
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: IObit Uninstaller.lnk . (...) C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
O4 - GS\CommonDesktop [Public]: IOTransfer 3.lnk . (...) C:\Program Files (x86)\IOTransfer\IOT\IOTransfer.exe
O4 - GS\CommonDesktop [Public]: Le Visuel.lnk . (...) C:\Program Files (x86)\QA International\Le Visuel\Le Visuel.exe
O4 - GS\CommonDesktop [Public]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\CommonDesktop [Public]: QuickTime Player.lnk . (...) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
O4 - GS\CommonDesktop [Public]: SHAREit.lnk . (...) C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe
O4 - GS\CommonDesktop [Public]: Smart Defrag 6.lnk . (...) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
O4 - GS\CommonDesktop [Public]: UltraISO.lnk . (...) C:\Program Files (x86)\UltraISO\UltraISO.exe
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (...) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLan Team
O4 - GS\CommonDesktop [Public]: YT Player.lnk . (...) C:\Program Files (x86)\Youtomato\YT Downloader\YTPlayer.exe
O4 - GS\Programs [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut =>..Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\accicons.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Adobe Reader 9.lnk . (...) C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A90000000001}\SC_Reader.exe
O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (...) C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe =>.Apple Inc.
O4 - GS\ProgramsCommon [Public]: Excel 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: IObit Uninstaller.lnk . (...) C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - .) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation
O4 - GS\ProgramsCommon [Public]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\ProgramsCommon [Public]: OneDrive Entreprise.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\joticon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Outlook 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\outicon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: PowerPoint 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Publisher 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\pubs.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Skype Entreprise 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word 2016.lnk . (...) C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
---\\ MODIFICATION DOMAINE/ADRESSES (DNS) (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AC4369B-A279-48FA-B783-000C95D3B5E5}: NameServer = 206.82.130.195,199.202.55.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{320802A9-5279-44EA-B8EF-43C58A5F3E63}: DhcpNameServer = 192.168.1.1 0.0.0.0 =>.Local IP Adress
---\\ PROTOCOLE ADDITIONNEL (24) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 [64Bits] - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ REGISTRE AppInit_DLLs et Winlogon Notify (2) - 0s
O20 - AppInit_DLLs: . (.Microsoft Corporation - LanguagePack.) - C:\Program Files\Common Files\System\symsrv.dll =>.Microsoft Corporation
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\\ ÉNUMÈRE LES DONNÉES DE BOOTEXECUTE (1) - 0s
O34 - HKLM BootExecute: (SmartDefragBootTime.exe) (. - SmartDefrag.) -- SmartDefragBootTime.exe
---\\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (9) - 3s
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\Windows\System32\regsvr32.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Enable TLS1.1 and 1.2 [64Bits] - {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
---\\ LOGICIELS INSTALLÉS (162) - 69s
O42 - Logiciel: Adobe Flash Player 30 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A90000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Advanced SystemCare 11 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare_is1 =>.IObit
O42 - Logiciel: AOMEI Backupper Standard - (.AOMEI Technology Co., Ltd..) [HKLM][64Bits] -- {A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1 =>.AOMEI Technology Co., Ltd.
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {C56BA005-F02C-461B-ACA5-A0CE3E32578F} =>.Apple Inc.
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {C8087B7C-8496-45BE-92FB-91D31EB73969} =>.Apple Inc.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {64695C4A-C68F-46B5-A734-50EBF124A68E} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} =>.Apple Inc.
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {CCF98260-1FE9-4CEC-ACE7-88EE3158F23C} =>.AVG Technologies
O42 - Logiciel: Baidu WiFi Hotspot - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu WiFi Hotspot =>.Baidu, Inc.
O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- BitTorrent =>BitTorrent (P2P)
O42 - Logiciel: Canon SELPHY CP1000 - (..) [HKLM][64Bits] -- Canon SELPHY CP1000
O42 - Logiciel: Conexant SmartAudio HD - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA =>.Conexant Systems, Inc.®
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B} =>.CyberLink Corp.
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} =>.CyberLink Corp.
O42 - Logiciel: Cypress TrackPad - (.Cypress Semiconductor, Inc..) [HKLM][64Bits] -- {7F2F6CC5-434B-4311-9DE2-60C7CAF50B73}_is1 =>.Cypress Semiconductor, Inc.
O42 - Logiciel: Dashlane - (.Dashlane SAS.) [HKCU][64Bits] -- Dashlane =>.Dashlane SAS
O42 - Logiciel: Definition Update for Microsoft Office 2016 (KB3114371) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{7273872F-3DC1-4061-B721-0E48B639AEEA} =>.Microsoft Corporation®
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} =>.Alps Electric Co., LTD.®
O42 - Logiciel: Dell Touchpad - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech =>.ELAN Microelectronics Corporation®
O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: Driver Booster 5 - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1 =>.IObit
O42 - Logiciel: Herramientas de corrección de Microsoft Office 2016: español - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001F-0C0A-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.
O42 - Logiciel: IObit Malware Fighter 6 - (.IObit.) [HKLM][64Bits] -- IObit Malware Fighter_is1 =>.IObit
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall =>.IObit
O42 - Logiciel: IOTransfer 3 - (.IOTransfer.) [HKLM][64Bits] -- IOTransfer_is1
O42 - Logiciel: Le Visuel - (..) [HKLM][64Bits] -- Le Visuel
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited
O42 - Logiciel: Microsoft .NET Framework 4.7.2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {09CCBE8E-B964-30EF-AE84-6537AB4197F9} =>.Microsoft Corporation
O42 - Logiciel: Microsoft .NET Framework 4.7.2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft .NET Framework 4.7.2 (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5E61A89C-903E-3EA0-9785-E3C60AFBEEBE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft .NET Framework 4.7.2 (Français) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Access MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0015-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0090-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0016-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00BA-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0044-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office 32-bit Components 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Korrekturhilfen 2016 – Deutsch - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001F-0407-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OSM MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00E1-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OSM UX MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00E2-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professional Plus 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professionnel Plus 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office16.PROPLUS =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Proofing (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-002C-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2016 - English - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001F-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2016 - اللغة العربية - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001F-0401-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared 32-bit MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00C1-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-006E-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00A1-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001A-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0018-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0019-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Skype for Business MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-012B-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8220EEFE-38CD-377E-8595-13398D740ACE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {37B8F9C7-03FB-3253-8781-2517C99D7C00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B175520C-86A2-35A7-8619-86DC379688B9} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] -- {050d4fc8-5d48-4b8f-8972-47c82c46020f} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] -- {f65db027-aff3-4070-886a-0d87064aabb1} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {929FBD26-9020-399B-9A7A-751D61F0B942} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 - (.Microsoft Corporation.) [HKLM][64Bits] -- {dab68466-3a7d-41a8-a5cf-415e3ff8ef71} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2e085fd2-a3e4-4b39-8e10-6b8d35f55244} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918 - (.Microsoft Corporation.) [HKLM][64Bits] -- {DFFEB619-5455-3697-B145-243D936DB95B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918 - (.Microsoft Corporation.) [HKLM][64Bits] -- {7B50D081-E670-3B43-A460-0E2CDB5CE984} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD9CFD69-EB91-354E-9C98-D439E6091932} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B5FC62F5-A367-37A5-9FD2-A6E137C0096F} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (French) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001B-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Mortal Kombat 4 - www.classic-gaming.net - (.Classic Gaming Network.) [HKLM][64Bits] -- Mortal Kombat 4_is1
O42 - Logiciel: Mozilla Firefox 61.0.1 (x64 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 61.0.1 (x64 fr) =>.Mozilla
O42 - Logiciel: Opera Stable 54.0.2952.60 - (.Opera Software.) [HKLM][64Bits] -- Opera 54.0.2952.60 =>.Opera Software AS®
O42 - Logiciel: Outils de vérification linguistique 2016 de Microsoft Office - Français - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001F-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: PdaNet+ for Android 4.19 - (.June Fabrics Technology Inc.) [HKLM][64Bits] -- PdaNet_is1 =>.June Fabrics Technology Inc
O42 - Logiciel: QQ??3.6 - (.????(??)????.) [HKCU][64Bits] -- QQPlayer
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {8DC42D05-680B-41B0-8878-6C14D24602DB} =>Riskware.QuickTime
O42 - Logiciel: Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5A84393A-E440-48A1-BB99-AD1244AC0C35} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5A84393A-E440-48A1-BB99-AD1244AC0C35} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2016 (KB3085635) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-006E-040C-1000-0000000FF1CE}_Office16.PROPLUS_{0C1232DC-F66D-4C54-B5FB-FADF7C671AF0} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Publisher 2016 (KB2920680) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1409AE9B-C1F4-497A-81D9-AFF2C1A7B106} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Publisher 2016 (KB2920680) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0019-040C-1000-0000000FF1CE}_Office16.PROPLUS_{1409AE9B-C1F4-497A-81D9-AFF2C1A7B106} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Publisher 2016 (KB2920680) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1409AE9B-C1F4-497A-81D9-AFF2C1A7B106} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2016 (KB3114382) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{A0DBACBF-48A9-43E4-A415-401842455FF6} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2016 (KB3114382) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-001A-040C-1000-0000000FF1CE}_Office16.PROPLUS_{A0DBACBF-48A9-43E4-A415-401842455FF6} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2016 (KB3114382) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-001B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{A0DBACBF-48A9-43E4-A415-401842455FF6} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2016 (KB3114382) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{A0DBACBF-48A9-43E4-A415-401842455FF6} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2016 (KB3114382) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{A0DBACBF-48A9-43E4-A415-401842455FF6} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Skype for Business 2016 (KB3114372) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9496B6C0-7DA9-4EF1-AC41-6C93A048D071} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Skype for Business 2016 (KB3114372) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9496B6C0-7DA9-4EF1-AC41-6C93A048D071} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Skype for Business 2016 (KB3114372) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-012B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{9496B6C0-7DA9-4EF1-AC41-6C93A048D071} =>.Microsoft Corporation®
O42 - Logiciel: SHAREit - (.Lenovo Group Limited.) [HKLM][64Bits] -- SHAREit_is1 =>.Lenovo Group Limited
O42 - Logiciel: Smart Defrag 6 - (.IObit.) [HKLM][64Bits] -- Smart Defrag_is1 =>.IObit
O42 - Logiciel: Taalprogramma's voor Microsoft Office 2016 - Nederlands - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001F-0413-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Telegram Desktop version 1.0.26 - (.Telegram Messenger LLP.) [HKCU][64Bits] -- {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 =>.Telegram Messenger LLP
O42 - Logiciel: UltraISO Premium V9.62 - (.ZBShareware Labs.) [HKLM][64Bits] -- UltraISO_is1 =>.ZBShareware Labs
O42 - Logiciel: Update for Microsoft .NET Framework 4.7.2 (KB4087364) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB4087364 =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Access 2016 (KB3114379) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4D96C1F0-5048-4F5E-BCA0-DA377C21FAE3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Access 2016 (KB3114379) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4D96C1F0-5048-4F5E-BCA0-DA377C21FAE3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Excel 2016 (KB3114374) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2E443F79-4BD8-421C-BF46-267D9E6E7DA3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Excel 2016 (KB3114374) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0016-040C-1000-0000000FF1CE}_Office16.PROPLUS_{2E443F79-4BD8-421C-BF46-267D9E6E7DA3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Excel 2016 (KB3114374) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0018-040C-1000-0000000FF1CE}_Office16.PROPLUS_{2E443F79-4BD8-421C-BF46-267D9E6E7DA3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Excel 2016 (KB3114374) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-001B-040C-1000-0000000FF1CE}_Office16.PROPLUS_{2E443F79-4BD8-421C-BF46-267D9E6E7DA3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Excel 2016 (KB3114374) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2E443F79-4BD8-421C-BF46-267D9E6E7DA3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2910960) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{68754B19-EE11-46D2-9A6C-726D61B90017} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2910979) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{F556D361-9A36-47BC-94D8-9BC2C36EE333} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2920684) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4D4432EE-ECE1-42CA-8B93-0916170C8252} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2920699) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1056C697-4BA2-4478-8DB1-FD5BB641051C} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2920699) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0016-040C-1000-0000000FF1CE}_Office16.PROPLUS_{1056C697-4BA2-4478-8DB1-FD5BB641051C} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2920710) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{ED812FEA-BF4A-4125-9005-15B8B0E5A327} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2920712) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{A73D1FF5-0819-44C7-9294-FBDD4BA2F43B} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB2920724) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{AA7A282E-E962-4C45-9A74-16C49FD88FF1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3101352) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{01F7F81B-3246-4835-8472-E7A12E02CCC8} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3101550) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{E61AABDA-0DA1-4810-9C0F-CF4B5CA68B81} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114370) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{3F342BA6-FBB6-40D3-8D47-A6F954FF0D8A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114377) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2DDF09BC-8F71-4476-AC79-A9D09BDEE4C0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114377) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-006E-040C-1000-0000000FF1CE}_Office16.PROPLUS_{2DDF09BC-8F71-4476-AC79-A9D09BDEE4C0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114377) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{2DDF09BC-8F71-4476-AC79-A9D09BDEE4C0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114380) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9881A338-3003-4741-9779-344D84C774EE} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114380) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9881A338-3003-4741-9779-344D84C774EE} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114381) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9B92543C-144B-4476-B7CE-AA854C67E86F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114381) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9B92543C-144B-4476-B7CE-AA854C67E86F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114383) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{B1676999-6ACD-47A2-BBC9-14003E6BB517} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114383) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-006E-040C-1000-0000000FF1CE}_Office16.PROPLUS_{B1676999-6ACD-47A2-BBC9-14003E6BB517} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114383) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{B1676999-6ACD-47A2-BBC9-14003E6BB517} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114383) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-040C-1000-0000000FF1CE}_Office16.PROPLUS_{B1676999-6ACD-47A2-BBC9-14003E6BB517} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114384) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C1201444-D9C7-40DE-A613-69C296A4891A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114384) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C1201444-D9C7-40DE-A613-69C296A4891A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114385) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9CD0CD38-CEBC-49E8-98EA-8453C9302A6A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114390) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{60629B18-02FA-4E90-8827-E5CCB27EB4FA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114390) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{60629B18-02FA-4E90-8827-E5CCB27EB4FA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114391) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{BF223960-5B44-42B3-B75C-EDCE1E950F9C} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2016 (KB3114391) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{BF223960-5B44-42B3-B75C-EDCE1E950F9C} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB3114392) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{85E0437F-A682-4D08-A06C-0170414C76FD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB3114392) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00BA-040C-1000-0000000FF1CE}_Office16.PROPLUS_{85E0437F-A682-4D08-A06C-0170414C76FD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB3114392) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{85E0437F-A682-4D08-A06C-0170414C76FD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB3114392) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-040C-1000-0000000FF1CE}_Office16.PROPLUS_{85E0437F-A682-4D08-A06C-0170414C76FD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2016 (KB3114388) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{24C7398C-AC0D-462D-B54D-21A6BC0B3D8F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2016 (KB3114388) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00A1-040C-1000-0000000FF1CE}_Office16.PROPLUS_{24C7398C-AC0D-462D-B54D-21A6BC0B3D8F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2016 (KB3114388) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{24C7398C-AC0D-462D-B54D-21A6BC0B3D8F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Outlook 2016 (KB3114387) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{DE7C77DD-14A6-4575-902B-66C37ACFADC2} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Outlook 2016 (KB3114387) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-001A-040C-1000-0000000FF1CE}_Office16.PROPLUS_{DE7C77DD-14A6-4575-902B-66C37ACFADC2} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2016 (KB3114373) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4CBDCF06-43D8-4026-8D99-07A51B0DB13E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2016 (KB3114373) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0018-040C-1000-0000000FF1CE}_Office16.PROPLUS_{4CBDCF06-43D8-4026-8D99-07A51B0DB13E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2016 (KB3114373) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4CBDCF06-43D8-4026-8D99-07A51B0DB13E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Project 2016 (KB3114393) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{8774E0CE-CF1F-4AE8-AF33-A31A1D26F9E5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Visio 2016 (KB3114367) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1F65D50A-8673-4E55-B577-C141FCD966BB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Visio 2016 (KB3114367) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{1F65D50A-8673-4E55-B577-C141FCD966BB} =>.Microsoft Corporation®
O42 - Logiciel: VirtualDJ PRO Full - (.Atomix Productions.) [HKLM][64Bits] -- {74F28F11-404B-4CEA-92FF-37BF476F239E} =>.Atomix Productions
O42 - Logiciel: Visuel intégré - (.Druide informatique inc..) [HKLM][64Bits] -- {D6A48C7F-A0F8-46A5-A1ED-F45A62FE93BF} =>.Druide informatique inc.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {b0008cd2-6725-494a-b3a9-fd1299b5e5ad} =>.Lavasoft Software Canada®
O42 - Logiciel: WinRAR 5.60 beta 3 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: YT Downloader 4 - (.Youtomato.) [HKLM][64Bits] -- YT Downloader_is1 =>.Youtomato
---\\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (184) - 70s
HKCU\Software\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion
HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\IObit\RealTimeProtector =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\IObit\Advanced SystemCare =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\Iobit\ASC =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} =>.SUP.AdvancedSystemCare
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Avg =>.AVG Software
HKLM\SOFTWARE\Baidu_Drp_pos =>.Baidu Technology
HKLM\SOFTWARE\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\drpsu =>.SUP.DriverPack
HKLM\SOFTWARE\Druide informatique inc. =>.Druide informatique inc.
HKLM\SOFTWARE\EasyBoot Systems =>.EasyBoot Systems
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\GT Interactive
HKLM\SOFTWARE\GuidGuid13
HKLM\SOFTWARE\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\IOTransfer
HKLM\SOFTWARE\Lake =>.Lake Sofware
HKLM\SOFTWARE\Lavasoft =>.Lavasoft
HKLM\SOFTWARE\Lenovo =>.Lenovo
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\PowerPivot =>.PowerPivot
HKLM\SOFTWARE\QA International
HKLM\SOFTWARE\Tencent =>.SUP.Tencent
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\WOW6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\WOW6432Node\Avg =>.AVG Software
HKLM\SOFTWARE\WOW6432Node\Baidu_Drp_pos =>.Baidu Technology
HKLM\SOFTWARE\WOW6432Node\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\WOW6432Node\drpsu =>.SUP.DriverPack
HKLM\SOFTWARE\WOW6432Node\Druide informatique inc. =>.Druide informatique inc.
HKLM\SOFTWARE\WOW6432Node\EasyBoot Systems =>.EasyBoot Systems
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\GT Interactive
HKLM\SOFTWARE\WOW6432Node\GuidGuid13
HKLM\SOFTWARE\WOW6432Node\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\WOW6432Node\IObit =>.IObit
HKLM\SOFTWARE\WOW6432Node\IOTransfer
HKLM\SOFTWARE\WOW6432Node\Lake =>.Lake Sofware
HKLM\SOFTWARE\WOW6432Node\Lavasoft =>.Lavasoft
HKLM\SOFTWARE\WOW6432Node\Lenovo =>.Lenovo
HKLM\SOFTWARE\WOW6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\PowerPivot =>.PowerPivot
HKLM\SOFTWARE\WOW6432Node\QA International
HKLM\SOFTWARE\WOW6432Node\Tencent =>.SUP.Tencent
HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\WOW6432Node\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AOMEI =>.AOMEI Tech Co
HKCU\SOFTWARE\Apemju
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\Baidu Security =>.Baidu Technology
HKCU\SOFTWARE\Baidu WiFiHotspot
HKCU\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\Code Sector =>.Code Sector
HKCU\SOFTWARE\CoreAAC =>.Core Codec
HKCU\SOFTWARE\CyberLink =>.CyberLink Corporation
HKCU\SOFTWARE\Cypress TrackPad Driver =>.Cypress Semiconductor Corporation
HKCU\SOFTWARE\Dashlane =>.Dashlane
HKCU\SOFTWARE\Dashlane_profiles =>.Dashlane, Inc
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\drpsu =>.SUP.DriverPack
HKCU\SOFTWARE\Druide informatique inc. =>.Druide informatique inc.
HKCU\SOFTWARE\DSP-worx =>.Microsoft Corporation
HKCU\SOFTWARE\EasyBoot Systems =>.EasyBoot Systems
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\Haali =>.Haali Media
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\IObit =>.IObit
HKCU\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKCU\SOFTWARE\KasperskyLabSetup =>.Kaspersky Labs
HKCU\SOFTWARE\Lake =>.Lake Sofware
HKCU\SOFTWARE\Lavasoft =>.Lavasoft
HKCU\SOFTWARE\Lenovo =>.Lenovo
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\Opera Stable Offer
HKCU\SOFTWARE\PdaNetAndroid =>.June Fabrics Technology Inc.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SFX TEAM =>.SFX TEAM
HKCU\SOFTWARE\SMADΔV
HKCU\SOFTWARE\Sony Ericsson =>.Sony Ericsson
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\TelegramDesktop
HKCU\SOFTWARE\Tencent =>.SUP.Tencent
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\VirtualDJ =>.Atomix Production
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\Youtomato =>.Youtomato
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\Apple Inc. =>.Apple Inc.
HKU\.DEFAULT\SOFTWARE\Avfxaug
HKU\.DEFAULT\SOFTWARE\IObit =>.IObit
HKU\.DEFAULT\SOFTWARE\Opera Software =>.Opera Software
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\AOMEI =>.AOMEI Tech Co
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Apemju
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Apple Inc. =>.Apple Inc.
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Baidu Security =>.Baidu Technology
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Baidu WiFiHotspot
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Canon =>.Canon
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Code Sector =>.Code Sector
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\CoreAAC =>.Core Codec
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\CyberLink =>.CyberLink Corporation
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Cypress TrackPad Driver =>.Cypress Semiconductor Corporation
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Dashlane =>.Dashlane
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Dashlane_profiles =>.Dashlane, Inc
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\DownloadManager =>.DownloadManager
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\drpsu =>.SUP.DriverPack
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Druide informatique inc. =>.Druide informatique inc.
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\DSP-worx =>.Microsoft Corporation
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\EasyBoot Systems =>.EasyBoot Systems
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Gabest =>.Gabest
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Haali =>.Haali Media
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\IM Providers =>.IM Providers
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Intel =>.Intel
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\IObit =>.IObit
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\KasperskyLab =>.Kaspersky Labs
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\KasperskyLabSetup =>.Kaspersky Labs
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Lake =>.Lake Sofware
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Lavasoft =>.Lavasoft
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Lenovo =>.Lenovo
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Macromedia =>.Macromedia
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Opera Software =>.Opera Software
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Opera Stable Offer
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\PdaNetAndroid =>.June Fabrics Technology Inc.
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\SFX TEAM =>.SFX TEAM
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\SMADΔV
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Sony Ericsson =>.Sony Ericsson
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Synaptics =>.Synaptics
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\TelegramDesktop
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Tencent =>.SUP.Tencent
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Trolltech =>.Trolltech
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\VirtualDJ =>.Atomix Production
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\Youtomato =>.Youtomato
HKU\S-1-5-21-3739661032-3841058382-164409625-1000\SOFTWARE\ZHP =>.Nicolas Coolman
---\\ CONTENU DES DOSSIERS PROGRAMMES (236) - 29s
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\CONEXANT =>.Conexant Systems, Inc.
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Cypress =>.Cypress
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\DellTPad =>.Alps Electric Co., LTD.®
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Elantech =>.ELAN Microelectronics Corporation®
O43 - CFD: 11/07/2018 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 17/07/2018 - [0] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 16/07/2018 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Program Files\Opera =>.Opera Software
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/07/2018 - [] D -- C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 17/07/2018 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe
O43 - CFD: 20/07/2018 - [] D -- C:\Program Files (x86)\AOMEI Backupper =>.AOMEI Tech Co
O43 - CFD: 17/07/2018 - [] D -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.
O43 - CFD: 20/07/2018 - [] D -- C:\Program Files (x86)\Baidu WiFiHotspot
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\CGN
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\CyberLink =>.CyberLink Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Dashlane =>.Dashlane
O43 - CFD: 16/07/2018 - [] D -- C:\Program Files (x86)\Druide =>.Druide
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Google =>.Google
O43 - CFD: 19/07/2018 - [0] D -- C:\Program Files (x86)\GUM2405.tmp
O43 - CFD: 16/07/2018 - [0] D -- C:\Program Files (x86)\GUM42CA.tmp
O43 - CFD: 14/07/2018 - [0] D -- C:\Program Files (x86)\GUMD668.tmp
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\IObit =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\IOTransfer =>.iFunSoft
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Lavasoft =>.Lavasoft
O43 - CFD: 12/07/2018 - [] D -- C:\Program Files (x86)\Lenovo =>.Lenovo
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Program Files (x86)\PdaNet for Android =>.June Fabrics Technology Inc.
O43 - CFD: 12/07/2018 - [] D -- C:\Program Files (x86)\QA International
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files (x86)\QuickTime =>Riskware.QuickTime
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 14/07/2018 - [] D -- C:\Program Files (x86)\SMADAV =>.SmadAV
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Tencent =>.SUP.Tencent
O43 - CFD: 19/07/2018 - [0] D -- C:\Program Files (x86)\Tenorshare iCareFone
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\UltraISO =>.EZB Systems
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 12/07/2018 - [] D -- C:\Program Files (x86)\VirtualDJ =>.Atomix Production
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Youtomato =>.Youtomato
O43 - CFD: 16/07/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper =>.AOMEI Tech Co
O43 - CFD: 15/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu WiFi Hotspot
O43 - CFD: 12/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon SELPHY CP1000 =>.Canon Inc.
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Gaming Network
O43 - CFD: 11/07/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10 =>.CyberLink Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 =>.IObit
O43 - CFD: 12/04/2011 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IOTransfer 3
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft =>.Lavasoft
O43 - CFD: 12/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo =>.Lenovo
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android =>.June Fabrics Technology Inc.
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
O43 - CFD: 12/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Québec Amérique
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag =>.IObit
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 17/07/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy =>.Code Sector Inc.
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO =>.EZB Systems
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 17/07/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YT Downloader
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Aomei =>.AOMEI Tech Co
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\AomeiBR =>.AOMEI Technology
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 17/07/2018 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 11/07/2018 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation
O43 - CFD: 12/07/2018 - [] HD -- C:\ProgramData\CanonCP =>.Canon Inc.
O43 - CFD: 12/07/2018 - [] HD -- C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Conexant =>.Conexant Systems, Inc.
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] SHD -- C:\ProgramData\Favoris =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 12/07/2018 - [0] D -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\IOTransfer =>.iFunSoft
O43 - CFD: 17/07/2018 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files =>.Kaspersky Lab
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\Lavasoft =>.Lavasoft
O43 - CFD: 11/07/2018 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation
O43 - CFD: 12/07/2018 - [] D -- C:\ProgramData\MFAData =>.AVG Software
O43 - CFD: 17/07/2018 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation
O43 - CFD: 12/07/2018 - [] D -- C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 14/07/2018 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 15/07/2018 - [] D -- C:\ProgramData\PC Faster
O43 - CFD: 20/07/2018 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [0] D -- C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
O43 - CFD: 17/07/2018 - [0] D -- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
O43 - CFD: 19/07/2018 - [] D -- C:\ProgramData\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952}
O43 - CFD: 14/07/2018 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Common Files\Adobe-BackupByPhotoshopCS6Portable
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
O43 - CFD: 12/07/2018 - [] D -- C:\Program Files (x86)\Common Files\Canon =>.Canon
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Common Files\CyberLink =>.CyberLink Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Program Files (x86)\Common Files\EZB Systems =>.EZB Systems
O43 - CFD: 17/07/2018 - [] D -- C:\Program Files (x86)\Common Files\IObit =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\Program Files (x86)\Common Files\IOTransfer =>.iFunSoft
O43 - CFD: 12/07/2018 - [] D -- C:\Program Files (x86)\Common Files\LENOVO =>.Lenovo
O43 - CFD: 17/07/2018 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 15/07/2018 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 14/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 19/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 15/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Baidu =>.Baidu
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Dashlane =>.Dashlane
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\DataWorks
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 14/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\DRPSu =>.SUP.DriverPack
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\IDM =>.IDM
O43 - CFD: 17/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\IObit =>.IObit
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\IOTransfer =>.iFunSoft
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Lavasoft =>.Lavasoft
O43 - CFD: 15/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\BAMOGO\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] SD -- C:\Users\BAMOGO\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 12/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\QA International
O43 - CFD: 12/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\reaper =>.Cockos Incorporated
O43 - CFD: 11/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Roaming\Smadav =>.SmadAV
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Tencent =>.SUP.Tencent
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\uTorrent
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 17/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Youtomato =>.Youtomato
O43 - CFD: 20/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Adobe =>.Adobe
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 13/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 11/07/2018 - [0] SHD -- C:\Users\BAMOGO\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 16/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 12/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Cyberlink =>.CyberLink Corporation
O43 - CFD: 16/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 16/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] SHD -- C:\Users\BAMOGO\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Lavasoft =>.Lavasoft
O43 - CFD: 14/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Lenovo =>.Lenovo
O43 - CFD: 16/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 12/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 17/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] SHD -- C:\Users\BAMOGO\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 11/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\LocalLow\Apple Computer =>.Apple Inc.
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\LocalLow\Dashlane =>.Dashlane
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 14/07/2018 - [] D -- C:\Users\BAMOGO\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] D -- C:\Users\BAMOGO\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 15/07/2018 - [0] D -- C:\Users\BAMOGO\Desktop\BaiduWifi
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\Desktop\preche houdefa
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] RD -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 19/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane =>.Dashlane
O43 - CFD: 19/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 20/07/2018 - [] RD -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 11/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>.SUP.Tencent
O43 - CFD: 12/07/2018 - [] D -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ =>.Atomix Production
O43 - CFD: 17/07/2018 - [0] D -- C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 11/07/2018 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/07/2018 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\IObit =>.IObit
O43 - CFD: 14/07/2018 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 14/07/2009 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 1s
O106 - SIOI: [ IMFSafeBox] - {0BB81440-5F42-4480-A5F7-770A6F439FC8}. (.IObit - IMFShellExt Module.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll =>.IObit Information Technology®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (44) - 4s
O108 - CMH1: Advanced SystemCare [64Bits] - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll =>.IObit Information Technology®
O108 - CMH1: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Porte-documents Windows.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH1: IObit Malware Fighter [64Bits] - {0BB81440-5F42-4480-A5F7-770A6F439FC8} . (.IObit - IMFShellExt Module.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll =>.IObit Information Technology®
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: SHAREit.FileContextMenuExt [64Bits] - {430BD134-576D-4E75-87CD-0F5C6221A82B} . (.Lenovo - Shell Extension.) -- C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll =>.Lenovo
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: SmartDefragExtension [64Bits] - {189F1E63-33A7-404B-B2F6-8C76A452CC54} . (.IObit - IObit Smart Defrag Extension.) -- C:\Windows\System32\IObitSmartDefragExtension.dll =>.IObit
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: Youtomato.YTConverter [64Bits] - {3A0058EA-C412-4426-8EF7-50C39B4DD51D} . (.Youtomato - Windows Shell Extension.) -- C:\Program Files (x86)\Youtomato\YT Downloader\YTC_WS.dll =>.Youtomato
O108 - CMH1: Youtomato.YTPlayer [64Bits] - {0C671AE6-FB74-4582-AF90-3ABF895450B7} . (.Youtomato - Windows Shell Extension.) -- C:\Program Files (x86)\Youtomato\YT Downloader\YTP_WS.dll =>.Youtomato
O108 - CMH2: Advanced SystemCare [64Bits] - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll =>.IObit Information Technology®
O108 - CMH2: Compatibility [64Bits] - {1d27f844-3a1f-4410-85ac-14651078412d} . (.Microsoft Corporation - Bibliothèque d’extension de l’onglet Compat.) -- C:\Windows\System32\acppage.dll =>.Microsoft Corporation
O108 - CMH2: IObit Malware Fighter [64Bits] - {0BB81440-5F42-4480-A5F7-770A6F439FC8} . (.IObit - IMFShellExt Module.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll =>.IObit Information Technology®
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH4: Advanced SystemCare [64Bits] - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll =>.IObit Information Technology®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH4: IObit Malware Fighter [64Bits] - {0BB81440-5F42-4480-A5F7-770A6F439FC8} . (.IObit - IMFShellExt Module.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll =>.IObit Information Technology®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: SHAREit.FileContextMenuExt [64Bits] - {430BD134-576D-4E75-87CD-0F5C6221A82B} . (.Lenovo - Shell Extension.) -- C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll =>.Lenovo
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: UltraISO [64Bits] - {AD392E40-428C-459F-961E-9B147782D099} . (.EZB Systems, Inc. - ISOShell.) -- C:\Program Files (x86)\UltraISO\isoshl64.dll =>.SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.®
O108 - CMH4: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH4: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH5: Gadgets [64Bits] - {6B9228DA-9C15-419e-856C-19E768A13BDC} . (.Microsoft Corporation - Zone de déposé du Volet Windows.) -- C:\Program Files\Windows Sidebar\sbdrop.dll =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH6: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Porte-documents Windows.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH6: IObit Malware Fighter [64Bits] - {0BB81440-5F42-4480-A5F7-770A6F439FC8} . (.IObit - IMFShellExt Module.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll =>.IObit Information Technology®
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: SmartDefragExtension [64Bits] - {189F1E63-33A7-404B-B2F6-8C76A452CC54} . (.IObit - IObit Smart Defrag Extension.) -- C:\Windows\System32\IObitSmartDefragExtension.dll =>.IObit
O108 - CMH6: UltraISO [64Bits] - {AD392E40-428C-459F-961E-9B147782D099} . (.EZB Systems, Inc. - ISOShell.) -- C:\Program Files (x86)\UltraISO\isoshl64.dll =>.SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.®
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH6: Youtomato.YTConverter [64Bits] - {3A0058EA-C412-4426-8EF7-50C39B4DD51D} . (.Youtomato - Windows Shell Extension.) -- C:\Program Files (x86)\Youtomato\YT Downloader\YTC_WS.dll =>.Youtomato
O108 - CMH6: Youtomato.YTPlayer [64Bits] - {0C671AE6-FB74-4582-AF90-3ABF895450B7} . (.Youtomato - Windows Shell Extension.) -- C:\Program Files (x86)\Youtomato\YT Downloader\YTP_WS.dll =>.Youtomato
O108 - CMH7: Advanced SystemCare [64Bits] - {2803063F-4B8D-4dc6-8874-D1802487FE2D} . (.IObit - ASCExtMenu Module.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll =>.IObit Information Technology®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH7: UltraISO [64Bits] - {AD392E40-428C-459F-961E-9B147782D099} . (.EZB Systems, Inc. - ISOShell.) -- C:\Program Files (x86)\UltraISO\isoshl64.dll =>.SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.®
---\\ IMAGE FILE EXECUTION OPTIONS (IFEO) (4) - 1s
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\\256] =>.Microsoft Corporation
---\\ LISTE DES PILOTES DU SYSTÈME (311) - 22s
O58 - SDL:2009/07/14 00:06:38 A . (.Microsoft Corporation - 1394 Bus Device Driver.) -- C:\Windows\System32\drivers\1394bus.sys [68096] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - 1394 OpenHCI Port Driver.) -- C:\Windows\System32\drivers\1394ohci.sys [229888] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:38 A . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\Windows\System32\drivers\acpi.sys [334528] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\Windows\System32\drivers\acpipmi.sys [12800] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2017/04/04 14:53:18 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\afd.sys [496128] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:10:24 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) -- C:\Windows\System32\drivers\agilevpn.sys [60416] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:38 A . (.Microsoft Corporation - Filtre AGP 440 NT.) -- C:\Windows\System32\drivers\AGP440.sys [60608] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Microsoft Corporation - Pilote IDE AMD.) -- C:\Windows\System32\drivers\amdide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:19:25 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\amdk8.sys [64512] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:19:25 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\amdppm.sys [60928] =>.Microsoft Corporation
O58 - SDL:2011/03/11 06:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2012/02/06 06:05:32 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\drivers\Apfiltr.sys [416592] =>.Alps Electric Co., LTD.®
O58 - SDL:2018/06/08 15:44:10 A . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\drivers\appid.sys [62464] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:10:13 A . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\Windows\System32\drivers\asyncmac.sys [23040] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:52:21 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
O58 - SDL:2013/08/05 02:25:45 A . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\drivers\ataport.sys [155584] =>.Microsoft Windows®
O58 - SDL:2009/06/10 20:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/07/14 01:52:21 A . (.Microsoft Corporation - Battery Class Driver.) -- C:\Windows\System32\drivers\battc.sys [28240] =>.Microsoft Windows®
O58 - SDL:2014/01/28 08:28:45 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys [172760] =>.Broadcom Corporation®
O58 - SDL:2013/02/08 07:02:10 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL664.SYS [5443648] =>.Broadcom Corporation®
O58 - SDL:2009/07/14 00:00:13 A . (.Microsoft Corporation - BEEP Driver.) -- C:\Windows\System32\drivers\beep.sys [6656] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:35:59 A . (.Microsoft Corporation - BLB Drive Driver.) -- C:\Windows\System32\drivers\blbdrive.sys [45056] =>.Microsoft Corporation
O58 - SDL:2016/10/05 14:54:43 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Windows\System32\drivers\bowser.sys [90112] =>.Microsoft Corporation
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:01:48 A . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\drivers\bridge.sys [95232] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 00:06:53 A . (.Microsoft Corporation - Extension de bus Bluetooth.) -- C:\Windows\System32\drivers\bthenum.sys [41984] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:06:52 A . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\Windows\System32\drivers\bthmodem.sys [72192] =>.Microsoft Corporation
O58 - SDL:2017/07/06 04:56:32 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) -- C:\Windows\System32\drivers\bthpan.sys [119296] =>.Microsoft Corporation
O58 - SDL:2012/07/06 20:07:42 A . (.Microsoft Corporation - Pilote de bus Bluetooth.) -- C:\Windows\System32\drivers\bthport.sys [552960] =>.Microsoft Corporation
O58 - SDL:2011/04/28 03:54:56 A . (.Microsoft Corporation - Pilote de Miniport Bluetooth.) -- C:\Windows\System32\drivers\BTHUSB.SYS [80384] =>.Microsoft Corporation
O58 - SDL:2009/06/10 20:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2009/07/13 23:19:47 A . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\cdfs.sys [92160] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\cdrom.sys [147456] =>.Microsoft Corporation
O58 - SDL:2012/06/05 06:54:18 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) -- C:\Windows\System32\drivers\CHDRT64.sys [1607328] =>.Conexant Systems, Inc.®
O58 - SDL:2009/07/14 00:06:34 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\Windows\System32\drivers\circlass.sys [45568] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:24 A . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\drivers\Classpnp.sys [179072] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:31:03 A . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\Windows\System32\drivers\CmBatt.sys [17664] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2018/05/15 01:20:06 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\drivers\cng.sys [467856] {33000000513E11802D8BB221CA000100000051} =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:52:31 A . (.Microsoft Corporation - Composite Battery Driver.) -- C:\Windows\System32\drivers\compbatt.sys [21584] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Multi-Transport Composite Bus Enumerator.) -- C:\Windows\System32\drivers\CompositeBus.sys [38912] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:47:48 A . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\drivers\crashdmp.sys [39504] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:47:48 A . (.Microsoft Corporation - Disk Block Verification Filter Driver.) -- C:\Windows\System32\drivers\crcdisk.sys [24144] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:24:41 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) -- C:\Windows\System32\drivers\csc.sys [514560] =>.Microsoft Corporation
O58 - SDL:2013/09/13 06:28:22 A . (.Cypress Semiconductor, Inc. - Trackpad Driver.) -- C:\Windows\System32\drivers\cykbfltr.sys [19968] =>.Cypress Semiconductor, Inc.
O58 - SDL:2013/09/13 06:27:50 A . (.Cypress Semiconductor, Inc. - Trackpad Driver.) -- C:\Windows\System32\drivers\cymfltr.sys [99328] =>.Cypress Semiconductor, Inc.
O58 - SDL:2018/04/25 15:18:53 A . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\dfsc.sys [115200] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:37:18 A . (.Microsoft Corporation - System Indexer/Cache Driver.) -- C:\Windows\System32\drivers\discache.sys [40448] =>.Microsoft Corporation
O58 - SDL:2016/01/21 00:51:45 A . (.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\drivers\disk.sys [73664] =>.Microsoft Windows®
O58 - SDL:2014/02/04 02:35:35 A . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\drivers\Diskdump.sys [27584] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Dynamic Memory.) -- C:\Windows\System32\drivers\dmvsc.sys [71168] =>.Microsoft Corporation
O58 - SDL:2015/12/08 18:54:36 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\drivers\drmk.sys [116736] =>.Microsoft Corporation
O58 - SDL:2015/12/08 18:11:53 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\drivers\drmkaud.sys [5632] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:47:48 A . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\Windows\System32\drivers\Dumpata.sys [28736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:43:14 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\Windows\System32\drivers\dumpfve.sys [55128] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:38:28 A . (.Microsoft Corporation - DirectX API Driver.) -- C:\Windows\System32\drivers\dxapi.sys [16896] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:38:28 A . (.Microsoft Corporation - DirectX Graphics Driver.) -- C:\Windows\System32\drivers\dxg.sys [98816] =>.Microsoft Corporation
O58 - SDL:2017/05/16 15:35:16 A . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\drivers\dxgkrnl.sys [986856] =>.Microsoft Windows®
O58 - SDL:2017/05/16 15:35:16 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\drivers\dxgmms1.sys [265448] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2018/02/10 17:25:26 A . (.Microsoft Corporation - Error Device Driver.) -- C:\Windows\System32\drivers\errdev.sys [9728] =>.Microsoft Corporation
O58 - SDL:2013/12/01 12:24:58 A . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\drivers\ETD.sys [359688] =>.ELAN Microelectronics Corporation®
O58 - SDL:2009/06/10 20:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2017/03/10 15:55:25 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\Windows\System32\drivers\exfat.sys [195584] =>.Microsoft Corporation
O58 - SDL:2017/03/10 15:55:26 A . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\drivers\fastfat.sys [205312] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:00:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\Windows\System32\drivers\fdc.sys [29696] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:47:48 A . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\Windows\System32\drivers\fileinfo.sys [70224] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:25:40 A . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\Windows\System32\drivers\filetrace.sys [34304] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:00:54 A . (.Microsoft Corporation - Floppy Driver.) -- C:\Windows\System32\drivers\flpydisk.sys [24576] =>.Microsoft Corporation
O58 - SDL:2018/01/01 02:21:11 A . (.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) -- C:\Windows\System32\drivers\fltMgr.sys [288488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:47:49 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) -- C:\Windows\System32\drivers\fsdepends.sys [55376] =>.Microsoft Windows®
O58 - SDL:2012/03/01 06:46:16 A . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System32\drivers\fs_rec.sys [23408] =>.Microsoft Windows®
O58 - SDL:2013/01/24 06:01:01 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\drivers\fvevol.sys [223752] {330000001E6577CFA83F0BCC0800000000001E} =>.Microsoft Corporation
O58 - SDL:2018/07/13 19:19:21 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [287936] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:47:48 A . (.Microsoft Corporation - Filtre AGPv3.0 générique Microsoft pour pla.) -- C:\Windows\System32\drivers\GAGP30KX.SYS [65088] =>.Microsoft Windows®
O58 - SDL:2009/06/10 20:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\hdaudbus.sys [122368] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\HdAudio.sys [350208] =>.Microsoft Corporation
O58 - SDL:2013/01/23 14:57:32 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [64624] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2009/07/13 23:31:06 A . (.Microsoft Corporation - Hid Battery Driver.) -- C:\Windows\System32\drivers\hidbatt.sys [26624] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:06:52 A . (.Microsoft Corporation - Pilote de miniport Bluetooth pour les périp.) -- C:\Windows\System32\drivers\hidbth.sys [100864] =>.Microsoft Corporation
O58 - SDL:2018/05/12 02:07:47 A . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\drivers\hidclass.sys [76800] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:06:23 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\Windows\System32\drivers\hidir.sys [46592] =>.Microsoft Corporation
O58 - SDL:2018/05/12 02:07:46 A . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\drivers\hidparse.sys [33152] =>.Microsoft Corporation
O58 - SDL:2018/05/12 02:07:46 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\Windows\System32\drivers\hidusb.sys [30208] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2018/01/01 01:41:41 A . (.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\drivers\http.sys [754176] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:24 A . (.Microsoft Corporation - Hardware Policy Driver.) -- C:\Windows\System32\drivers\hwpolicy.sys [14720] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:19:57 A . (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
O58 - SDL:2013/11/16 03:59:44 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [632168] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2013/11/16 03:59:40 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2011/03/11 06:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2018/03/01 14:36:14 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [226032] =>.Tonec Inc.®
O58 - SDL:2015/06/01 21:00:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5384176] =>.Intel Corporation - pGFX®
O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2018/03/20 18:32:44 A . (.IObit.com - IMFCameraProtect.) -- C:\Windows\System32\drivers\IMFCameraProtect.sys [26272] =>.IObit Information Technology®
O58 - SDL:2013/12/30 21:06:30 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [450520] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2009/07/14 01:48:04 A . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\Windows\System32\drivers\intelide.sys [16960] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:19:25 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\intelppm.sys [62464] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:27 A . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\Windows\System32\drivers\ipfltdrv.sys [82944] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\drivers\IPMIDrv.sys [78848] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:10:03 A . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\ipnat.sys [116224] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:09:02 A . (.Microsoft Corporation - IRDA Protocol Driver.) -- C:\Windows\System32\drivers\irda.sys [120320] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:08:59 A . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\Windows\System32\drivers\irenum.sys [17920] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:40 A . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\Windows\System32\drivers\isapnp.sys [20160] =>.Microsoft Windows®
O58 - SDL:2013/12/10 12:15:46 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [795632] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2009/07/14 01:48:04 A . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\Windows\System32\drivers\kbdclass.sys [50768] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Pilote de filtre clavier HID.) -- C:\Windows\System32\drivers\kbdhid.sys [33280] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:16 A . (.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\drivers\ks.sys [243712] =>.Microsoft Corporation
O58 - SDL:2018/06/08 16:27:27 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\drivers\ksecdd.sys [95424] =>.Microsoft Windows®
O58 - SDL:2018/06/08 16:27:27 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\drivers\ksecpkg.sys [154816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:00:19 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) -- C:\Windows\System32\drivers\ksthunk.sys [20992] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:08:51 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\System32\drivers\lltdio.sys [60928] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2017/10/12 00:20:09 A . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) -- C:\Windows\System32\drivers\luafv.sys [113152] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:01:06 A . (.Microsoft Corporation - Medium changer class driver.) -- C:\Windows\System32\drivers\mcd.sys [22016] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:10:48 A . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\Windows\System32\drivers\modem.sys [40448] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:38:52 A . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\drivers\monitor.sys [30208] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:48:27 A . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\Windows\System32\drivers\mouclass.sys [49216] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:00:20 A . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\drivers\mouhid.sys [31232] =>.Microsoft Corporation
O58 - SDL:2017/05/07 15:33:06 A . (.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\System32\drivers\mountmgr.sys [94440] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Pilote du bus de prise en charge des chemin.) -- C:\Windows\System32\drivers\mpio.sys [155008] =>.Microsoft Windows®
O58 - SDL:2018/06/07 15:49:13 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\System32\drivers\mpsdrv.sys [77312] =>.Microsoft Corporation
O58 - SDL:2016/09/08 14:55:15 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\drivers\mrxdav.sys [142336] =>.Microsoft Corporation
O58 - SDL:2018/06/08 15:34:44 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\mrxsmb.sys [159744] =>.Microsoft Corporation
O58 - SDL:2018/06/08 15:34:22 A . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\drivers\mrxsmb10.sys [291328] =>.Microsoft Corporation
O58 - SDL:2018/06/08 15:34:19 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\drivers\mrxsmb20.sys [129536] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) -- C:\Windows\System32\drivers\msahci.sys [31104] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Module spécifique de périphériques Microsof.) -- C:\Windows\System32\drivers\msdsm.sys [140672] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:19:47 A . (.Microsoft Corporation - Mailslot driver.) -- C:\Windows\System32\drivers\msfs.sys [26112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:06:24 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\Windows\System32\drivers\mshidkmdf.sys [8192] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:40 A . (.Microsoft Corporation - ISA Driver.) -- C:\Windows\System32\drivers\msisadrv.sys [15040] =>.Microsoft Windows®
O58 - SDL:2014/02/04 02:35:49 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\drivers\msiscsi.sys [274880] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:00:18 A . (.Microsoft Corporation - MS KS Server.) -- C:\Windows\System32\drivers\mskssrv.sys [11136] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:00:17 A . (.Microsoft Corporation - MS Proxy Clock.) -- C:\Windows\System32\drivers\mspclock.sys [7168] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:00:17 A . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\Windows\System32\drivers\mspqm.sys [6784] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:41 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\Windows\System32\drivers\msrpc.sys [367296] =>.Microsoft Windows®
O58 - SDL:2018/02/10 18:35:41 A . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\System32\drivers\mssmbios.sys [31936] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:00:17 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\Windows\System32\drivers\mstee.sys [8064] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:02:08 A . (.Microsoft Corporation - Pilote HID multipoint Microsoft.) -- C:\Windows\System32\drivers\MTConfig.sys [15360] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:48:27 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) -- C:\Windows\System32\drivers\mup.sys [60496] =>.Microsoft Windows®
O58 - SDL:2018/01/01 02:21:11 A . (.Microsoft Corporation - Pilote NDIS 6.20.) -- C:\Windows\System32\drivers\ndis.sys [948968] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:08:13 A . (.Microsoft Corporation - NDIS Packet Capture Filter Driver.) -- C:\Windows\System32\drivers\ndiscap.sys [35328] =>.Microsoft Corporation
O58 - SDL:2014/08/14 09:18:29 A . (.NT Kernel Resources - NDISRD helper driver.) -- C:\Windows\System32\drivers\ndisrd.sys [43088] =>.Mainline Net Holdings Limited®
O58 - SDL:2018/01/01 01:55:07 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\Windows\System32\drivers\ndistapi.sys [24064] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:32 A . (.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) -- C:\Windows\System32\drivers\ndisuio.sys [56832] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:08 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\Windows\System32\drivers\ndiswan.sys [164352] =>.Microsoft Corporation
O58 - SDL:2018/01/01 01:55:09 A . (.Microsoft Corporation - NDIS Proxy.) -- C:\Windows\System32\drivers\ndproxy.sys [58368] =>.Microsoft Corporation
O58 - SDL:2018/01/01 01:55:00 A . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\System32\drivers\netbios.sys [45056] =>.Microsoft Corporation
O58 - SDL:2017/08/11 06:00:01 A . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netbt.sys [262656] =>.Microsoft Corporation
O58 - SDL:2018/07/13 19:19:21 A . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\drivers\netio.sys [377024] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:19:48 A . (.Microsoft Corporation - NPFS Driver.) -- C:\Windows\System32\drivers\npfs.sys [44032] =>.Microsoft Corporation
O58 - SDL:2017/08/11 05:58:55 A . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\drivers\nsiproxy.sys [26112] =>.Microsoft Corporation
O58 - SDL:2018/05/15 04:16:10 A . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1681088] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:19:38 A . (.Microsoft Corporation - NULL Driver.) -- C:\Windows\System32\drivers\null.sys [6144] =>.Microsoft Corporation
O58 - SDL:2011/03/11 06:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2011/03/11 06:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2018/02/10 18:35:41 A . (.Microsoft Corporation - Filtre AGP NForce NT.) -- C:\Windows\System32\drivers\NV_AGP.SYS [122560] =>.Microsoft Windows®
O58 - SDL:2017/09/13 15:05:20 A . (.Microsoft Corporation - Pilote de miniport WiFi natif.) -- C:\Windows\System32\drivers\nwifi.sys [324608] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:06:45 A . (.Microsoft Corporation - 1394 OpenHCI Port Driver.) -- C:\Windows\System32\drivers\ohci1394.sys [72832] =>.Microsoft Corporation
O58 - SDL:2018/01/01 01:55:05 A . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\System32\drivers\pacer.sys [131584] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:00:41 A . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\parport.sys [97280] =>.Microsoft Corporation
O58 - SDL:2012/03/17 07:58:57 A . (.Microsoft Corporation - Partition Management Driver.) -- C:\Windows\System32\drivers\partmgr.sys [75120] =>.Microsoft Windows®
O58 - SDL:2018/02/10 18:35:41 A . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\Windows\System32\drivers\pci.sys [185024] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:45 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\pciide.sys [12352] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:46 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\Windows\System32\drivers\pciidex.sys [48720] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:45 A . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\Windows\System32\drivers\pcmcia.sys [220752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:45 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\Windows\System32\drivers\pcw.sys [50768] =>.Microsoft Windows®
O58 - SDL:2016/06/14 17:11:06 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\Windows\System32\drivers\PEAuth.sys [663552] =>.Microsoft Corporation
O58 - SDL:2011/11/25 01:25:52 A . (.June Fabrics Technology Inc. - PdaNet Broadband Adapter Driver.) -- C:\Windows\System32\drivers\pneteth.sys [15360] =>.June Fabrics Technology Inc.
O58 - SDL:2015/12/08 18:12:08 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\Windows\System32\drivers\portcls.sys [230400] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:19:25 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\processr.sys [60416] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:09:48 A . (.Microsoft Corporation - Pilote du support de Microsoft Quality Wind.) -- C:\Windows\System32\drivers\qwavedrv.sys [46592] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:10:09 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\Windows\System32\drivers\rasacd.sys [14848] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:33 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\rasl2tp.sys [129536] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:10:17 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\Windows\System32\drivers\raspppoe.sys [92672] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:33 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\Windows\System32\drivers\raspptp.sys [111104] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:10:25 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\Windows\System32\drivers\rassstp.sys [83968] =>.Microsoft Corporation
O58 - SDL:2017/10/12 00:20:30 A . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) -- C:\Windows\System32\drivers\rdbss.sys [317440] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:17:46 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\Windows\System32\drivers\rdpbus.sys [24064] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:16:34 A . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\drivers\RDPCDD.sys [7680] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:25:07 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:16:34 A . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\drivers\RDPENCDD.sys [7680] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:16:35 A . (.Microsoft Corporation - RDP Reflector Driver Miniport.) -- C:\Windows\System32\drivers\RDPREFMP.sys [8192] =>.Microsoft Corporation
O58 - SDL:2012/08/23 14:10:20 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\Windows\System32\drivers\rdpvideominiport.sys [19456] =>.Microsoft Corporation
O58 - SDL:2014/07/17 01:21:54 A . (.Microsoft Corporation - Pilote de pile RDP Terminal.) -- C:\Windows\System32\drivers\rdpwd.sys [212480] =>.Microsoft Corporation
O58 - SDL:2018/01/01 02:21:11 A . (.Microsoft Corporation - ReadyBoost Driver.) -- C:\Windows\System32\drivers\rdyboost.sys [213736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:06:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\System32\drivers\rfcomm.sys [158720] =>.Microsoft Corporation
O58 - SDL:2015/11/05 09:53:59 A . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\Windows\System32\drivers\rmcast.sys [146944] =>.Microsoft Corporation
O58 - SDL:2012/07/04 20:26:03 A . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\Windows\System32\drivers\RNDISMP.sys [41472] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:10:47 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\Windows\System32\drivers\rootmdm.sys [11264] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:08:51 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\Windows\System32\drivers\rspndr.sys [76800] =>.Microsoft Corporation
O58 - SDL:2013/12/18 07:34:38 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [888536] =>.Realtek Semiconductor Corp®
O58 - SDL:2014/01/03 07:14:10 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUVStor.sys [331992] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\Windows\System32\drivers\sbp2port.sys [103808] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:24:09 A . (.Microsoft Corporation - Pilote de filtre de lecteur de carte à puce.) -- C:\Windows\System32\drivers\scfilter.sys [29696] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:00 A . (.Microsoft Corporation - SCSI Port Driver.) -- C:\Windows\System32\drivers\scsiport.sys [171392] =>.Microsoft Windows®
O58 - SDL:2009/06/10 20:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Rovi Corporation
O58 - SDL:2009/07/14 00:00:33 A . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\Windows\System32\drivers\serenum.sys [23552] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 00:00:20 A . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\drivers\sermouse.sys [26624] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:01:01 A . (.Microsoft Corporation - Small Form Factor Disk Driver.) -- C:\Windows\System32\drivers\sffdisk.sys [14336] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:01:03 A . (.Microsoft Corporation - Small Form Factor MMC Protocol Driver.) -- C:\Windows\System32\drivers\sffp_mmc.sys [13824] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Small Form Factor SD Protocol Driver.) -- C:\Windows\System32\drivers\sffp_sd.sys [14336] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:01:02 A . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\Windows\System32\drivers\sfloppy.sys [16896] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2017/03/09 13:53:28 A . (.IObit - SmartDefrag Driver.) -- C:\Windows\System32\drivers\SmartDefragDriver.sys [30744] =>.IObit Information Technology®
O58 - SDL:2009/07/14 00:09:09 A . (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
O58 - SDL:2013/12/03 13:43:50 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544] =>.Synaptics Incorporated®
O58 - SDL:2009/07/14 00:00:35 A . (.Microsoft Corporation - Smart Card Driver Library.) -- C:\Windows\System32\drivers\smclib.sys [20992] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:55 A . (.Microsoft Corporation - loader for security processor.) -- C:\Windows\System32\drivers\spldr.sys [19008] =>.Microsoft Windows®
O58 - SDL:2009/06/10 20:48:43 A . (.Microsoft Corporation - security processor.) -- C:\Windows\System32\drivers\spsys.sys [426496] =>.Microsoft Corporation
O58 - SDL:2018/04/10 15:48:01 A . (.Microsoft Corporation - Pilote de serveur.) -- C:\Windows\System32\drivers\srv.sys [464384] =>.Microsoft Corporation
O58 - SDL:2018/04/10 15:47:34 A . (.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\Windows\System32\drivers\srv2.sys [406016] =>.Microsoft Corporation
O58 - SDL:2018/04/10 15:47:17 A . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\drivers\srvnet.sys [169984] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2014/02/04 02:35:56 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\drivers\storport.sys [190912] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Storage VSC Driver.) -- C:\Windows\System32\drivers\storvsc.sys [34688] =>.Microsoft Windows®
O58 - SDL:2015/04/11 03:19:59 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\drivers\stream.sys [69888] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:42 A . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\Windows\System32\drivers\swenum.sys [12096] =>.Microsoft Windows®
O58 - SDL:2013/06/04 05:44:18 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [532720] =>.Synaptics Incorporated®
O58 - SDL:2009/07/14 00:01:04 A . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\Windows\System32\drivers\tape.sys [29184] =>.Microsoft Corporation
O58 - SDL:2018/07/13 19:19:22 A . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\drivers\tcpip.sys [1894080] =>.Microsoft Windows®
O58 - SDL:2016/07/07 15:08:06 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\System32\drivers\tcpipreg.sys [46080] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:01 A . (.Microsoft Corporation - TDI Wrapper.) -- C:\Windows\System32\drivers\tdi.sys [26624] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:16:32 A . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\Windows\System32\drivers\tdpipe.sys [15872] =>.Microsoft Corporation
O58 - SDL:2012/02/17 04:57:32 A . (.Microsoft Corporation - TCP Transport Driver.) -- C:\Windows\System32\drivers\tdtcp.sys [23552] =>.Microsoft Corporation
O58 - SDL:2017/07/29 14:56:30 A . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [117248] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:42 A . (.Microsoft Corporation - Remote Desktop Server Driver.) -- C:\Windows\System32\drivers\termdd.sys [63168] =>.Microsoft Windows®
O58 - SDL:2017/08/13 21:45:28 A . (.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\drivers\tssecsrv.sys [40448] =>.Microsoft Corporation
O58 - SDL:2013/10/02 02:22:20 A . (.Microsoft Corporation - Pilote de filtre pour concentrateur USB du.) -- C:\Windows\System32\drivers\TsUsbFlt.sys [56832] =>.Microsoft Corporation
O58 - SDL:2012/08/23 14:08:26 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) -- C:\Windows\System32\drivers\TsUsbGD.sys [30208] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:15 A . (.Microsoft Corporation - Pilote d’interface de tunnel Microsoft.) -- C:\Windows\System32\drivers\tunnel.sys [125440] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:55 A . (.Microsoft Corporation - Filtre MS AGPv3.5.) -- C:\Windows\System32\drivers\UAGP35.SYS [64080] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:55 A . (.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\drivers\udfs.sys [328192] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:42 A . (.Microsoft Corporation - Filtre ULi AGPv3.0 pour plateformes à proce.) -- C:\Windows\System32\drivers\ULIAGPKX.SYS [64192] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - User-Mode Bus Enumerator.) -- C:\Windows\System32\drivers\umbus.sys [48640] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:06:52 A . (.Microsoft Corporation - Generic pass-through driver.) -- C:\Windows\System32\drivers\umpass.sys [9728] =>.Microsoft Corporation
O58 - SDL:2013/02/12 04:12:05 A . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\drivers\usb8023.sys [19968] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:11 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\drivers\USBCAMD2.sys [32896] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:35 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\drivers\usbccgp.sys [99840] =>.Microsoft Corporation
O58 - SDL:2013/07/12 10:41:12 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\drivers\usbcir.sys [100864] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:25 A . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\drivers\usbd.sys [7808] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:31 A . (.Microsoft Corporation - Pilote de miniport eUSB EHCI.) -- C:\Windows\System32\drivers\usbehci.sys [56320] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:58 A . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\drivers\usbhub.sys [344064] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:29 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\drivers\usbohci.sys [25600] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:31 A . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\drivers\usbport.sys [325632] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:38:18 A . (.Microsoft Corporation - USB Printer driver.) -- C:\Windows\System32\drivers\usbprint.sys [25088] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:24:39 A . (.Microsoft Corporation - Gestionnaire de stratégie de redirection US.) -- C:\Windows\System32\drivers\usbrpm.sys [31744] =>.Microsoft Corporation
O58 - SDL:2016/02/03 18:07:06 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\Windows\System32\drivers\USBSTOR.SYS [91648] =>.Microsoft Corporation
O58 - SDL:2018/05/02 15:32:28 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\drivers\usbuhci.sys [30720] =>.Microsoft Corporation
O58 - SDL:2013/07/12 10:41:35 A . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\drivers\usbvideo.sys [185344] =>.Microsoft Corporation
O58 - SDL:2018/02/10 18:35:42 A . (.Microsoft Corporation - Énumérateur racine de lecteur virtuel.) -- C:\Windows\System32\drivers\vdrvroot.sys [36032] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:38:47 A . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys [29184] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:38:47 A . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vgapnp.sys [29184] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\drivers\vhdmp.sys [215936] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2018/06/08 15:38:59 A . (.Microsoft Corporation - Video Port Driver.) -- C:\Windows\System32\drivers\videoprt.sys [129024] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Virtual Machine Bus.) -- C:\Windows\System32\drivers\vmbus.sys [199552] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) -- C:\Windows\System32\drivers\VMBusHID.sys [21760] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) -- C:\Windows\System32\drivers\vms3cap.sys [6656] =>.Microsoft Corporation
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) -- C:\Windows\System32\drivers\vmstorfl.sys [46464] =>.Microsoft Windows®
O58 - SDL:2018/02/10 18:35:42 A . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\drivers\volmgr.sys [68288] =>.Microsoft Windows®
O58 - SDL:2017/07/07 15:33:36 A . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\Windows\System32\drivers\volmgrx.sys [363752] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:07:21 A . (.Microsoft Corporation - Pilote de bus WiFi virtuel.) -- C:\Windows\System32\drivers\vwifibus.sys [24576] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:07:22 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\System32\drivers\vwififlt.sys [59904] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:07:28 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\Windows\System32\drivers\vwifimp.sys [17920] =>.Microsoft Corporation
O58 - SDL:2009/07/14 00:02:07 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) -- C:\Windows\System32\drivers\wacompen.sys [27776] =>.Microsoft Corporation
O58 - SDL:2018/01/01 01:55:16 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\System32\drivers\wanarp.sys [88576] =>.Microsoft Corporation
O58 - SDL:2009/07/13 23:37:35 A . (.Microsoft Corporation - Watchdog Driver.) -- C:\Windows\System32\drivers\watchdog.sys [42496] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:55 A . (.Microsoft Corporation - Microsoft Watchdog Timer Driver.) -- C:\Windows\System32\drivers\wd.sys [21056] =>.Microsoft Windows®
O58 - SDL:2013/06/25 22:55:52 A . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) -- C:\Windows\System32\drivers\Wdf01000.sys [785624] =>.Microsoft Windows®
O58 - SDL:2012/07/26 04:55:47 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\System32\drivers\WdfLdr.sys [54376] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:09:26 A . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) -- C:\Windows\System32\drivers\wfplwf.sys [12800] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:56 A . (.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\System32\drivers\wimmount.sys [22096] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:48 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) -- C:\Windows\System32\drivers\winhv.sys [52096] =>.Microsoft Windows®
O58 - SDL:2010/11/21 03:23:47 A . (.Microsoft Corporation - Windows USB Class Driver BETA.) -- C:\Windows\System32\drivers\winusb.sys [41984] =>.Microsoft Corporation
O58 - SDL:2018/02/10 17:25:26 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\Windows\System32\drivers\wmiacpi.sys [14336] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:45:55 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\Windows\System32\drivers\wmilib.sys [16464] =>.Microsoft Windows®
O58 - SDL:2009/07/14 00:10:33 A . (.Microsoft Corporation - Couche IFS Winsock2.) -- C:\Windows\System32\drivers\ws2ifsl.sys [21504] =>.Microsoft Corporation
O58 - SDL:2012/07/26 02:26:45 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\drivers\WUDFPf.sys [87040] =>.Microsoft Corporation
O58 - SDL:2012/07/26 02:26:06 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\drivers\WUDFRd.sys [198656] =>.Microsoft Corporation
O58 - SDL:2016/12/21 22:54:56 A . (...) -- C:\Windows\System32\ambakdrv.sys [51120] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2016/12/21 22:52:42 A . (...) -- C:\Windows\System32\ammntdrv.sys [171952] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2017/09/01 18:12:38 A . (...) -- C:\Windows\System32\amwrtdrv.sys [38320] =>.CHENGDU AOMEI Tech Co., Ltd.®
O58 - SDL:2018/04/07 16:41:15 A . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\clfs.sys [371392] =>.Microsoft Windows®
O58 - SDL:2018/06/13 15:40:41 A . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3226112] =>.Microsoft Corporation
---\\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (24) - 61s
O61 - LFC: 2018/07/14 12:43:38 A . (..) -- C:\ProgramData\CanonCP\CNYSELPHYCP\CNYWindows\CNYCanon SELPHY CP1000\CNYCPUIN.EXE [379520]
O61 - LFC: 2018/07/17 10:23:12 A . (..) -- C:\ProgramData\Kaspersky Lab Setup Files\KFA18.0.0.405.0.3475.0\au_setup_7777A773-899B-11E8-A38A-C01885B92210\startup.exe [2592599]
O61 - LFC: 2018/07/17 10:23:12 A . (..) -- C:\ProgramData\Kaspersky Lab Setup Files\KIS18.0.0.405.0.3439.0\au_setup_0013F92D-893F-11E8-B154-C01885B92210\startup.exe [2563495]
O61 - LFC: 2018/07/20 15:47:33 A . (..) -- C:\ProgramData\Kaspersky Lab Setup Files\KIS18.0.0.405.0.3439.0\au_setup_56629AF2-893C-11E8-B154-C01885B92210\startup.exe [3677607]
O61 - LFC: 2018/07/17 10:23:12 A . (..) -- C:\ProgramData\Kaspersky Lab Setup Files\PURE18.0.0.405.0.3439.0\au_setup_E34611E5-8946-11E8-B154-C01885B92210\startup.exe [2630551]
O61 - LFC: 2018/07/20 15:57:07 A . (..) -- C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe [1732184]
O61 - LFC: 2018/07/20 15:57:16 A . (..) -- C:\ProgramData\Package Cache\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\VC_redist.x86.exe [1855904]
O61 - LFC: 2018/07/14 12:43:39 A . (..) -- C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe [695336]
O61 - LFC: 2018/07/14 12:43:39 A . (..) -- C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe [657816]
O61 - LFC: 2018/07/20 15:58:21 A . (..) -- C:\ProgramData\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe [1777080]
O61 - LFC: 2018/07/14 12:43:39 A . (..) -- C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe [572472]
O61 - LFC: 2018/07/14 12:43:39 A . (..) -- C:\ProgramData\Temp\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe [168519]
O61 - LFC: 2018/07/17 10:23:15 ASH . (..) -- C:\Users\BAMOGO\AppData\Local\Apps\2.0\10Y20EQV.KW3\VRZLLH8E.TMV\clic...exe_baa8013a79450f71_0001.0003_none_57b736bf7c104dd6\GoogleUpdateSetup.exe [1246040]
O61 - LFC: 2018/07/17 10:23:15 A . (..) -- C:\Users\BAMOGO\AppData\Local\Apps\2.0\10Y20EQV.KW3\VRZLLH8E.TMV\prog...app_baa8013a79450f71_0001.0003_49967f9fd0ebca4b\GoogleUpdateSetup.exe [1324319]
O61 - LFC: 2018/07/14 12:43:30 A . (..) -- C:\Users\BAMOGO\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe [474167]
O61 - LFC: 2018/07/20 16:35:24 A . (..) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe [3773575]
O61 - LFC: 2018/07/19 17:56:47 A . (.BitTorrent Inc..) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44429.exe [2310535] =>BitTorrent (P2P)
O61 - LFC: 2018/07/19 20:02:18 A . (.BitTorrent Inc..) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44429\bittorrentie.exe [558215] =>BitTorrent (P2P)
O61 - LFC: 2018/07/19 20:05:21 A . (..) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44495.exe [2265280]
O61 - LFC: 2018/07/19 21:03:49 A . (.BitTorrent Inc..) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44495\bittorrentie.exe [545927] =>BitTorrent (P2P)
O61 - LFC: 2018/07/20 16:35:24 A . (..) -- C:\Users\BAMOGO\AppData\Roaming\Dashlane\Dashlane.exe [856903]
O61 - LFC: 2018/07/14 12:43:44 A . (..) -- C:\Users\BAMOGO\AppData\Roaming\Telegram Desktop\unins000.exe [1201829]
O61 - LFC: 2018/07/14 12:43:44 A . (..) -- C:\Users\BAMOGO\AppData\Roaming\Telegram Desktop\Updater.exe [313192]
O61 - LFC: 2018/07/20 15:38:32 A . (..) -- C:\Users\BAMOGO\Desktop\PdaNetA4190.exe [3404463]
---\\ ASSOCIATION Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- Bad: (C:\Windows\svchost.com "%1" %*) Good: ("%1" %*) =>Broken.OpenCommand =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software AS®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- %SystemRoot%\SysWow64\WScript.exe "%1" %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S =>.Default.Value
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software AS®
---\\ MENU DE DÉMARRAGE INTERNET (16) - 1s
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - .) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software AS®
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - .) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - .) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - .) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
---\\ RECHERCHE D'INFECTION SUR LES NAVIGATEURS (13) - 38s
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("app.normandy.startupExperimentPrefs.network.http.throttle.version", 1); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailL[...] =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.cookie.prefsMigrated", true); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.http.max-connections", 48); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.http.max-connections-per-server", 16); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.http.max-persistent-connections-per-proxy", 16); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.http.max-persistent-connections-per-server", 8); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.http.request.max-start-delay", 0); =>PUP.Optional.FakeFirefox
O69 - SBI: prefs.js [BAMOGO - 0eckoslo.default] user_pref("network.predictor.cleaned-up", true); =>PUP.Optional.FakeFirefox
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} - (Ad-Aware SecureSearch) - http://securedsearch.lavasoft.com/
O69 - SBI: SearchScopes [HKCU] [64Bits]{C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Yahoo!) - http://search.yahoo.com/ =>.Yahoo! Inc.
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
---\\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [794624] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [863232] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [680448] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2651648] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110528] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation
---\\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (27) - 9s
O87 - FAEL: "{7B001549-569B-411F-B6E4-B4996044A36A}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe =>.CyberLink Corporation
O87 - FAEL: "{1420C42D-BA90-44CD-B069-7EB72D585BEF}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
O87 - FAEL: "{285838B5-D6DF-45FB-93E0-9F53E081B64C}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
O87 - FAEL: "{DA66FF68-E040-461F-A3F9-52702CABA074}" [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: "{84148255-74DE-4636-865D-6DB8E12D60B5}" [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: "{7F099605-255C-4A24-A66C-F91EE961F1E4}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Baidu WiFiHotspot\WifiHotspot.exe
O87 - FAEL: "{24EDF785-8BB7-4E47-9477-A09DC33E1E24}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Baidu WiFiHotspot\WifiHotspot.exe
O87 - FAEL: "{A530CD6A-5688-4F38-8A97-73FE19B3F2C0}" [In-None-P17-TRUE] .(...) -- C:\PROGRA~2\BAIDUW~1\WIFIHO~1.EXE (.not file.) =>.SUP.Orphan
O87 - FAEL: "{1D67B729-7B57-4CF8-A2D5-BD2053883AA7}" [In-None-P6-TRUE] .(...) -- C:\PROGRA~2\BAIDUW~1\WIFIHO~1.EXE (.not file.) =>.SUP.Orphan
O87 - FAEL: "TCP Query User{324D7F4B-11F9-473F-917D-4AD98FAC7C40}C:\users\bamogo\appdata\local\temp\is-bdifj.tmp\setup.exe" [In-None-P6-TRUE] .(...) -- C:\users\bamogo\appdata\local\temp\is-bdifj.tmp\setup.exe (.not file.) =>.Temporary file not necessary
O87 - FAEL: "UDP Query User{253A5C5F-6316-4A5B-8B17-88B131567B24}C:\users\bamogo\appdata\local\temp\is-bdifj.tmp\setup.exe" [In-None-P17-TRUE] .(...) -- C:\users\bamogo\appdata\local\temp\is-bdifj.tmp\setup.exe (.not file.) =>.Temporary file not necessary
O87 - FAEL: "{169D7791-AD77-408E-A277-AC36CD034E2A}" [In-None-P6-TRUE] .(...) -- C:\Users\BAMOGO\Downloads\tenorshare-iphone-care-pro-trial.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{E6346169-1DB3-4FC4-817B-689AAEE38C10}" [In-None-P17-TRUE] .(...) -- C:\Users\BAMOGO\Downloads\tenorshare-iphone-care-pro-trial.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: "{C9F514E6-7787-464D-B8F9-A058A49DA0F6}" [In-None-P17-TRUE] .(.Node.js - Node.js: Server-side JavaScript.) -- C:\PROGRA~2\IOTRAN~1\IOT\AirTrans\AirServ.exe =>.Node.js
O87 - FAEL: "{6F043C79-CF8D-42C3-AE63-79F9CB790901}" [Out-None-P17-TRUE] .(.Node.js - Node.js: Server-side JavaScript.) -- C:\PROGRA~2\IOTRAN~1\IOT\AirTrans\AirServ.exe =>.Node.js
O87 - FAEL: "{6126CC50-F4B1-44B0-88A3-7B16BADECE64}" [In-None-P17-TRUE] .(.Node.js - Node.js: Server-side JavaScript.) -- C:\PROGRA~2\IOTRAN~1\IOT\Airtrans\AirServ.exe =>.Node.js
O87 - FAEL: "{8AD39C02-CC08-4458-88D5-3FFE06A3F32B}" [Out-None-P17-TRUE] .(.Node.js - Node.js: Server-side JavaScript.) -- C:\PROGRA~2\IOTRAN~1\IOT\Airtrans\AirServ.exe =>.Node.js
O87 - FAEL: "{A61D9A40-CCD6-48C0-860B-557AB2E52DFC}" [In-None-P17-TRUE] .(.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe =>.Apple Inc.®
O87 - FAEL: "{06396FF5-1222-4C6B-A572-4958B8EB95EA}" [In-None-P6-TRUE] .(...) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe
O87 - FAEL: "{A6759C35-6BB5-468E-96F7-26AAA75DAA8F}" [In-None-P17-TRUE] .(...) -- C:\Users\BAMOGO\AppData\Roaming\BitTorrent\BitTorrent.exe
O87 - FAEL: "{11EA6073-36EF-4899-ABA4-F86CC81B855E}" [In-None-P17-TRUE] .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\54.0.2952.60\opera.exe =>.Opera Software AS®
O87 - FAEL: "{15BB7F6B-23DE-48A9-B734-494D1BC0E528}" [In-None-P17-TRUE] .(.Node.js - Node.js: Server-side JavaScript.) -- C:\PROGRA~2\IOTRAN~1\IOT\Airtrans\AirServ.exe =>.Node.js
O87 - FAEL: "{087A45A9-55D0-4868-935C-F742D7741835}" [Out-None-P17-TRUE] .(.Node.js - Node.js: Server-side JavaScript.) -- C:\PROGRA~2\IOTRAN~1\IOT\Airtrans\AirServ.exe =>.Node.js
O87 - FAEL: "TCP Query User{B411FC94-4D11-4A24-8A84-3AB3C61C610E}C:\program files (x86)\tencent\qqplayer\qqplayer.exe" [In-None-P6-TRUE] .(.Technologie de Tencent - QQ Player.) -- C:\program files (x86)\tencent\qqplayer\qqplayer.exe =>.SUP.Tencent
O87 - FAEL: "UDP Query User{63329162-4846-4E5E-9A73-D892965B8960}C:\program files (x86)\tencent\qqplayer\qqplayer.exe" [In-None-P17-TRUE] .(.Technologie de Tencent - QQ Player.) -- C:\program files (x86)\tencent\qqplayer\qqplayer.exe =>.SUP.Tencent
O87 - FAEL: "TCP Query User{2666A4DE-01F0-4D4A-84B8-618D684DFA8C}C:\program files (x86)\iobit\advanced systemcare\asctray.exe" [In-None-P6-TRUE] .(.IObit - Advanced SystemCare Tray.) -- C:\program files (x86)\iobit\advanced systemcare\asctray.exe =>.IObit Information Technology®
O87 - FAEL: "UDP Query User{C5B0A89E-67CD-4213-BCD9-2D7A579AD24B}C:\program files (x86)\iobit\advanced systemcare\asctray.exe" [In-None-P17-TRUE] .(.IObit - Advanced SystemCare Tray.) -- C:\program files (x86)\iobit\advanced systemcare\asctray.exe =>.IObit Information Technology®
---\\ CODES PRODUITS LOGICIELS (54) - 12s
O90 - PUC: "000061090900C0400100000000F01FEC" [HKLM] . (.Microsoft DCF MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "00006109110000000100000000F01FEC" [HKLM] . (.Microsoft Office Professional Plus 2016.) =>.Microsoft Corporation
O90 - PUC: "000061091A00C0400100000000F01FEC" [HKLM] . (.Microsoft OneNote MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061091C0000000100000000F01FEC" [HKLM] . (.Microsoft Office 32-bit Components 2016.) =>.Microsoft Corporation
O90 - PUC: "000061091C00C0400100000000F01FEC" [HKLM] . (.Microsoft Office Shared 32-bit MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061091E00C0400100000000F01FEC" [HKLM] . (.Microsoft Office OSM MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061092E00C0400100000000F01FEC" [HKLM] . (.Microsoft Office OSM UX MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061094400C0400100000000F01FEC" [HKLM] . (.Microsoft InfoPath MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061095100C0400100000000F01FEC" [HKLM] . (.Microsoft Access MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061096100C0400100000000F01FEC" [HKLM] . (.Microsoft Excel MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061098100C0400100000000F01FEC" [HKLM] . (.Microsoft PowerPoint MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "000061099100C0400100000000F01FEC" [HKLM] . (.Microsoft Publisher MUI (French) 2016.) =>.bl.org
O90 - PUC: "00006109A100C0400100000000F01FEC" [HKLM] . (.Microsoft Outlook MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "00006109AB00C0400100000000F01FEC" [HKLM] . (.Microsoft Groove MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "00006109B100C0400100000000F01FEC" [HKLM] . (.Microsoft Word MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "00006109B210C0400100000000F01FEC" [HKLM] . (.Microsoft Skype for Business MUI (French) 2016.) =>.Skype Technologies
O90 - PUC: "00006109C200C0400100000000F01FEC" [HKLM] . (.Microsoft Office Proofing (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "00006109E600C0400100000000F01FEC" [HKLM] . (.Microsoft Office Shared MUI (French) 2016.) =>.Microsoft Corporation
O90 - PUC: "00006109F10010400100000000F01FEC" [HKLM] . (.Microsoft Office Proofing Tools 2016 - اللغة العربية.) -- C:\Windows\Installer\{90160000-001F-0401-1000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: "00006109F10031400100000000F01FEC" [HKLM] . (.Taalprogramma's voor Microsoft Office 2016 - Nederlands.) -- C:\Windows\Installer\{90160000-001F-0413-1000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: "00006109F10070400100000000F01FEC" [HKLM] . (.Microsoft Office Korrekturhilfen 2016 – Deutsch.) -- C:\Windows\Installer\{90160000-001F-0407-1000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: "00006109F10090400100000000F01FEC" [HKLM] . (.Microsoft Office Proofing Tools 2016 - English.) -- C:\Windows\Installer\{90160000-001F-0409-1000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: "00006109F100A0C00100000000F01FEC" [HKLM] . (.Herramientas de corrección de Microsoft Office 2016: español.) -- C:\Windows\Installer\{90160000-001F-0C0A-1000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: "00006109F100C0400100000000F01FEC" [HKLM] . (.Outils de vérification linguistique 2016 de Microsoft Office - Français.) -- C:\Windows\Installer\{90160000-001F-040C-1000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: "06289FCC9EF1CEC4CA7E88EE13852FC3" [HKLM] . (.AVG 2012.) =>.AVG Software
O90 - PUC: "0B5B5B2C545249E44BAB45D8B40F1B69" [HKLM] . (.Metric Collection SDK 35.) =>.Lenovo Group Limited
O90 - PUC: "180D05B7076E34B34A06E0C2BDC59E48" [HKLM] . (.Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918.) =>.Microsoft Corporation
O90 - PUC: "1926E8D15D0BCE53481466615F760A7F" [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: "1D5E3C0FEDA1E123187686FED06E995A" [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: "21EE4A31AE32173319EEFE3BD6FDFFE3" [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: "22BEFC8F7E2A1793E9ADB411DEFE1C58" [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: "500AB65CC20FB164CA5A0AECE32375F8" [HKLM] . (.Apple Application Support (32 bits).) -- C:\Windows\Installer\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}\WinInstall.ico =>.Apple Inc.
O90 - PUC: "50D24CD8B0860B148887C6412D6420BD" [HKLM] . (.QuickTime.) -- C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\Installer.ico =>.Riskware.QuickTime
O90 - PUC: "5F26CF5B763A5A73F92D6A1E730C90F6" [HKLM] . (.Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918.) =>.Microsoft Corporation
O90 - PUC: "62DBF9290209B993A9A757D1160F9B24" [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: "68AB67CA7DA76301B7449A0000000010" [HKLM] . (.Adobe Reader 9 - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A90000000001}\SC_Reader.exe =>.Adobe Inc.
O90 - PUC: "6E8D947A316B3EB3F8F540C548BE2AB9" [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: "7C9F8B73BF303523781852719CD9C700" [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: "916BEFFD554579631B5442D339D69BB5" [HKLM] . (.Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918.) =>.Microsoft Corporation
O90 - PUC: "96DFC9DB19BEE453C9894D936E909123" [HKLM] . (.Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918.) =>.Microsoft Corporation
O90 - PUC: "A4C59646F86C5B647A4305BE1F426AE8" [HKLM] . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{64695C4A-C68F-46B5-A734-50EBF124A68E}\Installer.ico =>.Apple Inc.
O90 - PUC: "C025571B2A687A53689168CD7369889B" [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: "C3AEB2FCAE628F23AAB933F1E743AB79" [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: "C7B7808C6948EB5429BF193DE17B9396" [HKLM] . (.Apple Application Support (64 bits).) -- C:\Windows\Installer\{C8087B7C-8496-45BE-92FB-91D31EB73969}\WinInstall.ico =>.Apple Inc.
O90 - PUC: "C98A16E5E3090AE379583E6CA0BFEEEB" [HKLM] . (.Microsoft .NET Framework 4.7.2 (FRA).) =>.Microsoft Corporation
O90 - PUC: "D20352A90C039D93DBF6126ECE614057" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
O90 - PUC: "DC8A59DBF9D1DA5389A1E3975220E6BB" [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: "DE532CED4A8571542A874CE1D8EABAB3" [HKLM] . (.PowerDVD.) -- C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe =>.CyberLink Corporation
O90 - PUC: "E8EBCC90469BFE03EA485673BA14799F" [HKLM] . (.Microsoft .NET Framework 4.7.2.) =>.Microsoft Corporation
O90 - PUC: "EFEE0228DC83E77358593193D847A0EC" [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17.) =>.bl.org
O90 - PUC: "F65865963B6B0EB4ABB0F894B53E0233" [HKLM] . (.Apple Software Update.) -- C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\Installer.ico =>.Apple Inc.
O90 - PUC: "F7C84A6D8F0A5A641ADE4FA526EF39FB" [HKLM] . (.Visuel intégré.) =>.Druide Informatique Inc.
O90 - PUC: "11F82F47B404AEC429FF73FB74F632E9" [HKCU] . (.VirtualDJ PRO Full.) -- %APPDATA%\Microsoft\Installer\{74F28F11-404B-4CEA-92FF-37BF476F239E}\VirtualdjIcon =>.Atomix Production
O90 - PUC: "11F82F47B404AEC429FF73FB74F632E9" [HKU] . (.VirtualDJ PRO Full.) -- %APPDATA%\Microsoft\Installer\{74F28F11-404B-4CEA-92FF-37BF476F239E}\VirtualdjIcon =>.Atomix Production
---\\ PACKAGES WINDOWS INSTALLER (11) - 19s
[MD5.C0879E5D39C206D03DD93B763D1FD382] [WIS][2010/05/14 15:45:57] (.CyberLink Corp. - InstallShield® 12 - Premier Edition 12.0.) -- C:\Windows\Installer\142439.msi [6947328] =>.CyberLink Corp.
[MD5.B9B31AB990A18528C187FD9002945CBB] [WIS][2008/09/06 15:10:14] (.Apple Inc. - Apple Software Update Installer.) -- C:\Windows\Installer\142440.msi [2083840] =>.Apple Inc.
[MD5.64246C70A90342033F516F36D16BAAA0] [WIS][2008/09/06 15:16:42] (.Apple Inc. - QuickTime Installer.) -- C:\Windows\Installer\142444.msi [33387520] =>.Apple Inc.
[MD5.2F0E92AA05718F9916AF2D429CE52973] [WIS][2016/04/03 15:21:42] (.Druide informatique inc..) -- C:\Windows\Installer\1606b0f.msi [392488960] =>.Druide informatique inc.
[MD5.60083C22A22EBF583EB279AE4B965E30] [WIS][2008/06/12 10:27:50] (.Adobe Systems Incorporated - ADOBER~1.0Adobe Reader 9.) -- C:\Windows\Installer\18800b.msi [1840128] =>.Adobe Systems Incorporated
[MD5.8D646E7B4ED489D0DF25977C4BAD4E0E] [WIS][2018/05/22 22:05:58] (.Apple Inc. - Apple Application Support Installer.) -- C:\Windows\Installer\1af694.msi [48046080] =>.Apple Inc.
[MD5.BDE75C092B72360F0B5B272231F6EFBA] [WIS][2018/05/22 22:06:04] (.Apple Inc. - Apple Application Support Installer.) -- C:\Windows\Installer\1af69b.msi [53190656] =>.Apple Inc.
[MD5.FBA46D1E97B5F8F0E0D5C5B8F762D94B] [WIS][2018/05/08 16:53:58] (.Apple Inc. - Apple Mobile Device Support Installer.) -- C:\Windows\Installer\1af6a2.msi [14045184] =>.Apple Inc.
[MD5.14A0FA8E149D3B9149C25F58E2164DF9] [WIS][2012/03/17 17:32:08] (.Atomix Productions - VirtualDJ PRO Full Installer.) -- C:\Windows\Installer\ae20de.msi [32766520] =>.Atomix Productions
[MD5.C4117E76E30CFA451CA4DE48F6317501] [WIS][2011/08/18 15:44:21] (.AVG Technologies - AVG.) -- C:\Windows\Installer\ae20e2.msi [2188288] =>.AVG Technologies
[MD5.C1386C3376C779CECF87054E53BE6AE5] [WIS][2018/07/12 21:44:26] (.Lenovo Group Limited - Metric Collection SDK Redistributable.) -- C:\Windows\Installer\c79102.msi [2145792] =>.Lenovo Group Limited
---\\ FEATURE CONTROLE. (883) - 10s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL]:WindowsAnytimeUpgradeUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:IEContentService.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:UcMapi.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:lync99.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:lynchtmlconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:ONENOTE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:EQNEDT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSPPSVC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Microsoft.Mashup.Container.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Microsoft.Mashup.Container.NetFX40.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Microsoft.Mashup.Container.NetFX45.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:GROOVE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:AppSharingHookController64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:lync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OcPubMgr.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:UcMapi.exe =>.Legitimate
---\\ SCAN ADDITIONNEL (28) - 13s
E:\DELL\LECTEURS\QQPlayer_Setup_French.exe =>.SUP.Tencent
C:\Windows\System32\Tasks\{E64031CD-F365-443E-A23B-293CB3C2EC0C} =>.SUP.Tencent
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe =>PUP.Optional.LavasoftWebCompanion
C:\Program Files (x86)\QuickTime\QTTask.exe =>Riskware.QuickTime
C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi =>PUP.Optional.Adblocker
C:\Users\BAMOGO\AppData\Roaming\Mozilla\Firefox\Profiles\0eckoslo.default\extensions\extension@tabliss.io.xpi =>Adware.QuickShare
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} =>.SUP.Orphan
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DC42D05-680B-41B0-8878-6C14D24602DB} =>Riskware.QuickTime
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DC42D05-680B-41B0-8878-6C14D24602DB} =>Riskware.QuickTime
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent =>BitTorrent (P2P)
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files (x86)\QuickTime =>Riskware.QuickTime
C:\Program Files (x86)\Tencent =>.SUP.Tencent
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
C:\Users\BAMOGO\AppData\Roaming\DRPSu =>.SUP.DriverPack
C:\Users\BAMOGO\AppData\Roaming\Tencent =>.SUP.Tencent
C:\Users\BAMOGO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent =>.SUP.Tencent
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44429.exe =>BitTorrent (P2P)
C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44429\bittorrentie.exe =>BitTorrent (P2P)
C:\Users\BAMOGO\AppData\Roaming\BitTorrent\updates\7.10.3_44495\bittorrentie.exe =>BitTorrent (P2P)
C:\program files (x86)\tencent\qqplayer\qqplayer.exe =>.SUP.Tencent
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:TCP Query User{B411FC94-4D11-4A24-8A84-3AB3C61C610E}C:\program files (x86)\tencent\qqplayer\qqplayer.exe =>.SUP.Tencent
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:UDP Query User{63329162-4846-4E5E-9A73-D892965B8960}C:\program files (x86)\tencent\qqplayer\qqplayer.exe =>.SUP.Tencent
---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (12) - 0s
https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/28/adware-adblocker/ =>PUP.Optional.Adblocker
https://nicolascoolman.eu/2017/09/21/adware-quickshare/ =>Adware.QuickShare
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BDYahoo
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/12/26/sup-advancedsystemcare/ =>.SUP.AdvancedSystemCare
https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2018/07/14/pup-optional-fakefirefox/ =>PUP.Optional.FakeFirefox
~ Unselected Options: O82,
~ End of the scan, 10449 items in 07mn32s (2615)(0)