¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_26.12.2015.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 28/01/2016 21:36:05 Updated 26/12/2015 | 12.15 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ [algasys (Administrator)] - [PC-HP] SID = S-1-5-21-1373608429-321133151-520906998-1001 System : Windows 8.1 (64 bits) Core PC : Hewlett-Packard - 2281 - J3S24EA#UUG Processor : X64 - 2594 Mhz - Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Bios : Insyde - 02/02/2015 - V.F.36 CoreTemp : 47° C - Max : -273.2° C Boot: Normal boot Quick Memory RAM = Total (MB) : 12511 | Free (MB) : 9832 Pagefile = Total (MB) : 14412 | Free (MB) : 11379 Virtual = Total (MB) : 4194 | Free (MB) : 4077 ¤¤¤¤¤¤¤¤¤¤ | Drives F:\ -> [Fixed] | [RECOVERY] | Total : 20.7 Go | Free : 2.06 Go -> NTFS [SATA] E:\ -> [Fixed] | [Imagerie] | Total : 292.97 Go | Free : 263.79 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data] | Total : 150.16 Go | Free : 105.97 Go -> NTFS [SATA] C:\ -> [Fixed] | [Windows] | Total : 466.67 Go | Free : 396.19 Go -> NTFS [SATA] ¤¤¤¤¤¤¤¤¤¤ | Windows updates Last detection : 2016-01-28 19:10:11 Downloaded last ones : 2015-12-17 12:00:40 Next search : 2016-01-29 15:17:11 Microsoft : + ¤¤¤¤¤¤¤¤¤¤ | Browsers IE : 11.0.9600.17840 (© Microsoft Corporation. Tous droits réservés.) GC : 47.0.2526.111 (Copyright 2015 Google Inc.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer FlashPlayer ActiveX : 18.0.0.209 ¤¤¤¤¤¤¤¤¤¤ | Security AV : avast! Antivirus Enabled AS : avast! Antivirus Enabled AM : Malwarebytes' Anti-Malware ( 2.3.125.0) [Update : 23/01/2016 17:12:44] FW : avast! Antivirus Disabled WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ | Running processes 368 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.3.9600.17031) = C:\Windows\System32\smss.exe 592 | [Owner : Système | Parent : 580() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe 688 | [Owner : Système | Parent : 580() | 3.86 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.3.9600.17415) = C:\Windows\System32\wininit.exe 696 | [Owner : Système | Parent : 680() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe 740 | [Owner : Système | Parent : 680() | 8.99 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.3.9600.17415) = C:\Windows\System32\winlogon.exe 796 | [Owner : Système | Parent : 688(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.3.9600.17793) = C:\Windows\System32\services.exe 804 | [Owner : Système | Parent : 688(wininit.exe) | 13.32 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.3.9600.17415) = C:\Windows\System32\lsass.exe 876 | [Owner : Système | Parent : 796(services.exe) | 11.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 916 | [Owner : SERVICE RÉSEAU | Parent : 796(services.exe) | 9.11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 1012 | [Owner : DWM-1 | Parent : 740(winlogon.exe) | 47.01 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.3.9600.17415) = C:\Windows\System32\dwm.exe 412 | [Owner : Système | Parent : 796(services.exe) | 7.08 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 332.85.) - (8.17.13.3285) = C:\Windows\System32\nvvsvc.exe 432 | [Owner : Système | Parent : 412(nvvsvc.exe) | 17.73 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.3285) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 572 | [Owner : Système | Parent : 412(nvvsvc.exe) | 13.35 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 332.85.) - (8.17.13.3285) = C:\Windows\System32\nvvsvc.exe 600 | [Owner : Système | Parent : 796(services.exe) | 10.58 Mo] - (.Softex Inc. - HP SimplePass Service.) - (8.0.1.39) = C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe 1096 | [Owner : SERVICE LOCAL | Parent : 796(services.exe) | 25.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 1140 | [Owner : Système | Parent : 796(services.exe) | 41.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 1180 | [Owner : SERVICE LOCAL | Parent : 796(services.exe) | 23.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 1228 | [Owner : Système | Parent : 796(services.exe) | 6.43 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.3574) = C:\Windows\System32\igfxCUIService.exe 1264 | [Owner : Système | Parent : 796(services.exe) | 114.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 1356 | [Owner : Système | Parent : 796(services.exe) | 3.91 Mo] - (.Hewlett-Packard Company - HpService.) - (6.0.5.1) = C:\Windows\System32\hpservice.exe 1380 | [Owner : Système | Parent : 796(services.exe) | 6.02 Mo] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.59) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 1440 | [Owner : Système | Parent : 1380(RtkAudioService64.exe) | 11.13 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.207) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 1448 | [Owner : Système | Parent : 1380(RtkAudioService64.exe) | 10.87 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.207) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 1488 | [Owner : SERVICE RÉSEAU | Parent : 796(services.exe) | 23.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 2044 | [Owner : Système | Parent : 796(services.exe) | 42.05 Mo] - (.AVAST Software - avast! Service.) - (11.1.2245.1540) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe 1928 | [Owner : Système | Parent : 796(services.exe) | 15.21 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.3.9600.17480) = C:\Windows\System32\spoolsv.exe 2000 | [Owner : SERVICE LOCAL | Parent : 796(services.exe) | 10.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 2068 | [Owner : SERVICE LOCAL | Parent : 796(services.exe) | 18.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 2264 | [Owner : Système | Parent : 796(services.exe) | 4.94 Mo] - (.Adobe Systems, Incorporated - AGS Service.) - (2.3.0.66) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 2300 | [Owner : Système | Parent : 796(services.exe) | 7.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 2320 | [Owner : Système | Parent : 796(services.exe) | 5.11 Mo] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (6.2.9200.16384) = C:\Program Files (x86)\Bluetooth Suite\AdminService.exe 2376 | [Owner : Système | Parent : 796(services.exe) | 4.83 Mo] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe 2392 | [Owner : Système | Parent : 796(services.exe) | 3.72 Mo] - (.-.) - (15.1.9.0) = C:\Program Files\Allway Sync\Bin\SyncService.exe 2424 | [Owner : Système | Parent : 796(services.exe) | 12.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 2444 | [Owner : SERVICE LOCAL | Parent : 1264(svchost.exe) | 13.65 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\dasHost.exe 2464 | [Owner : Système | Parent : 796(services.exe) | 5.32 Mo] - (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) - (1.3.4.0) = C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe 2536 | [Owner : Système | Parent : 796(services.exe) | 5.32 Mo] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe 2560 | [Owner : Système | Parent : 796(services.exe) | 3.8 Mo] - (.Intel Corporation - Intel(R) ME Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2596 | [Owner : Système | Parent : 796(services.exe) | 10.16 Mo] - (.- ISCT Agent Application.) - (4.2.41.2710) = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2612 | [Owner : Système | Parent : 796(services.exe) | 4.54 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 2716 | [Owner : Système | Parent : 796(services.exe) | 9.6 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 2996 | [Owner : Système | Parent : 796(services.exe) | 5.18 Mo] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.3.10) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 3060 | [Owner : Système | Parent : 796(services.exe) | 8.43 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (1.8.315.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 2164 | [Owner : SERVICE LOCAL | Parent : 796(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 1812 | [Owner : Système | Parent : 796(services.exe) | 3.24 Mo] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - (18.1.5.2) = C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 2408 | [Owner : Système | Parent : 796(services.exe) | 19.18 Mo] - (.Check Point Software Technologies, Ltd. - ZAPrivacyService.) - (1.0.0.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe 104 | [Owner : SERVICE RÉSEAU | Parent : 3060(nvstreamsvc.exe) | 11.27 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (1.8.315.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 3100 | [Owner : SERVICE RÉSEAU | Parent : 104(nvstreamsvc.exe) | 3.02 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.3.9600.17415) = C:\Windows\System32\conhost.exe 3212 | [Owner : SERVICE RÉSEAU | Parent : 876(svchost.exe) | 12.34 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\wbem\WmiPrvSE.exe 3236 | [Owner : Système | Parent : 796(services.exe) | 4.72 Mo] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.0.2.1) = C:\Windows\System32\escsvc64.exe 5020 | [Owner : Système | Parent : 796(services.exe) | 3.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 4948 | [Owner : SERVICE RÉSEAU | Parent : 796(services.exe) | 4.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe 4548 | [Owner : Système | Parent : 796(services.exe) | 18.59 Mo] - (.Sanford, L.P. - DymoPnpService.) - (8.5.1.1816) = C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe 5428 | [Owner : Système | Parent : 796(services.exe) | 54.35 Mo] - (.Hewlett-Packard Company - HP Support Solutions Framework Service.) - (8.1.40.219) = C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 4344 | [Owner : Système | Parent : 4516() | 0.21 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.29.1) = C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe 5868 | [Owner : Système | Parent : 4516() | 0.18 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.29.1) = C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe 5532 | [Owner : Système | Parent : 796(services.exe) | 41.62 Mo] - (.Intel Corporation - IAStorDataSvc.) - (12.8.9.1000) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 1940 | [Owner : Système | Parent : 796(services.exe) | 43 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.9600.17787) = C:\Windows\System32\SearchIndexer.exe 2188 | [Owner : SERVICE LOCAL | Parent : 796(services.exe) | 16.36 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.7903) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 5460 | [Owner : algasys | Parent : 3008() | 39.24 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.3.9600.17667) = C:\Windows\explorer.exe 1756 | [Owner : algasys | Parent : 1812(SynTPEnhService.exe) | 0.4 Mo] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) - (18.1.5.2) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2052 | [Owner : algasys | Parent : 876(svchost.exe) | 0.8 Mo] - (.Microsoft Corporation - OneDrive Sync Engine.) - (6.3.9600.17484) = C:\Windows\System32\SkyDrive.exe 4128 | [Owner : algasys | Parent : 876(svchost.exe) | 8.85 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.17415) = C:\Windows\System32\dllhost.exe 1744 | [Owner : algasys | Parent : 3260() | 0.47 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.3574) = C:\Windows\System32\igfxEM.exe 6784 | [Owner : Système | Parent : 1004() | 6.26 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 6184 | [Owner : algasys | Parent : 3260() | 0.35 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.3574) = C:\Windows\System32\igfxHK.exe 1128 | [Owner : algasys | Parent : 432(nvxdsync.exe) | 6.44 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.3285) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 6208 | [Owner : algasys | Parent : 3260() | 0.27 Mo] - (.Intel Corporation - igfxTray Module.) - (6.15.10.3574) = C:\Windows\System32\igfxTray.exe 6316 | [Owner : algasys | Parent : 6352() | 3.47 Mo] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (18.1.5.2) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1408 | [Owner : algasys | Parent : 1128(nvtray.exe) | 8.5 Mo] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (12.4.46.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 6856 | [Owner : Système | Parent : 3060(nvstreamsvc.exe) | 12.64 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (1.8.315.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 5104 | [Owner : algasys | Parent : 5460(explorer.exe) | 0.84 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.422.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 3228 | [Owner : algasys | Parent : 1264(svchost.exe) | 10.03 Mo] - (.Microsoft Corporation - Clavier tactile et volet d’écriture manuscrite.) - (6.3.9600.17484) = C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 948 | [Owner : algasys | Parent : 1140(svchost.exe) | 9.38 Mo] - (.Hewlett-Packard - HP SimplePass BHO Broker.) - (8.0.1.39) = C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe 4764 | [Owner : algasys | Parent : 1140(svchost.exe) | 2.91 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.3.9600.17415) = C:\Windows\System32\taskhostex.exe 976 | [Owner : algasys | Parent : 1140(svchost.exe) | 40.46 Mo] - (.Hewlett-Packard - HP SimplePass Application.) - (8.0.1.39) = C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe 7244 | [Owner : Système | Parent : 6856(nvstreamsvc.exe) | 3.82 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.3.9600.17415) = C:\Windows\System32\conhost.exe 7332 | [Owner : algasys | Parent : 3228(TabTip.exe) | 3.56 Mo] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) - (6.3.9600.17484) = C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe 8136 | [Owner : algasys | Parent : 976(ClientCore.exe) | 2 Mo] - (.Hewlett-Packard - HP SimplePass BHO Broker.) - (8.0.1.39) = C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe 8132 | [Owner : algasys | Parent : 5460(explorer.exe) | 10.7 Mo] - (.Binary Fortress Software - TrayStatus.) - (1.2.3.0) = C:\Program Files (x86)\TrayStatus\TrayStatus.exe 7192 | [Owner : algasys | Parent : 8024() | 4.42 Mo] - (.Gianpaolo Bottin - Wallpaper Slideshow Pro.) - (3.4.3.0) = C:\Program Files (x86)\WallpaperSSPro\WallpaperSS.exe 3896 | [Owner : algasys | Parent : 5460(explorer.exe) | 0.7 Mo] - (.Astonsoft - EssentialPIM Pro.) - (6.5.6.0) = C:\Program Files (x86)\EssentialPIM Pro\EssentialPIM.exe 3676 | [Owner : algasys | Parent : 3896(EssentialPIM.exe) | 16.67 Mo] - (.Astonsoft - EssentialPIM Pro.) - (6.5.6.0) = C:\Program Files (x86)\EssentialPIM Pro\EssentialPIM.exe 7204 | [Owner : algasys | Parent : 5460(explorer.exe) | 4.93 Mo] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (7.0.2.0) = C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE 7968 | [Owner : algasys | Parent : 876(svchost.exe) | 4.66 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (6.3.9600.17415) = C:\Windows\System32\SettingSyncHost.exe 7420 | [Owner : algasys | Parent : 5460(explorer.exe) | 13.44 Mo] - (.Siber Systems - RoboForm TaskBar Icon.) - (7.9.17.5) = C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe 3536 | [Owner : algasys | Parent : 5460(explorer.exe) | 9.18 Mo] - (.Ritlabs, SRL - The Bat! E-Mail Client by Ritlabs, SRL.) - (6.8.8.0) = C:\Program Files\The Bat!\thebat64.exe 5244 | [Owner : algasys | Parent : 5460(explorer.exe) | 0.62 Mo] - (.Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 - Evernote Clipper.) - (5.9.6.9494) = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe 1576 | [Owner : algasys | Parent : 5460(explorer.exe) | 0.64 Mo] - (.Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 - Evernote Tray Application.) - (5.9.6.9494) = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe 3908 | [Owner : algasys | Parent : 5460(explorer.exe) | 1.97 Mo] - (.John Williams / XRayz Software - LinkStash.) - (3.5.2.0) = C:\Program Files (x86)\LinkStash\lnkstash.exe 7644 | [Owner : algasys | Parent : 1576(EvernoteTray.exe) | 7.54 Mo] - (.Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 - Evernote.) - (5.9.6.9494) = C:\Program Files (x86)\Evernote\Evernote\Evernote.exe 8396 | [Owner : algasys | Parent : 6744() | 18.99 Mo] - (.AVAST Software - avast! Antivirus.) - (11.1.2245.1540) = C:\Program Files\AVAST Software\Avast\AvastUI.exe 6196 | [Owner : algasys | Parent : 6744() | 0.7 Mo] - (.Hewlett-Packard Company - Hp Accelerometer System Tray.) - (6.0.19.1) = C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe 8560 | [Owner : algasys | Parent : 1140(svchost.exe) | 0.65 Mo] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) - (2.2.0.31) = C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe 8652 | [Owner : algasys | Parent : 1140(svchost.exe) | 1.38 Mo] - (.CyberLink Corp. - CyberLink YouCam Service.) - (5.0.5011.0) = C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe 8708 | [Owner : algasys | Parent : 5460(explorer.exe) | 16.41 Mo] - (.www.xyplorer.com - XYplorer.) - (16.20.0.0) = C:\Program Files (x86)\XYplorer\XYplorer.exe 8732 | [Owner : algasys | Parent : 6744() | 0.48 Mo] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) - (1.3.4.0) = C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe 9128 | [Owner : algasys | Parent : 876(svchost.exe) | 6.34 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.3.9600.17415) = C:\Windows\System32\wbem\unsecapp.exe 9080 | [Owner : algasys | Parent : 6744() | 8.68 Mo] - (.Mister Group - System Explorer.) - (7.0.0.5356) = C:\Program Files (x86)\System Explorer\SystemExplorer.exe 8564 | [Owner : Système | Parent : 876(svchost.exe) | 16.47 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\wbem\WmiPrvSE.exe 8840 | [Owner : algasys | Parent : 6744() | 6.47 Mo] - (.Check Point Software Technologies Ltd. - ZoneAlarm.) - (14.0.522.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe 8812 | [Owner : Système | Parent : 796(services.exe) | 5.07 Mo] - (.Mister Group - System Explorer Service.) - (6.2.0.248) = C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe 8804 | [Owner : algasys | Parent : 6744() | 0.03 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.71.15) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 8888 | [Owner : Système | Parent : 796(services.exe) | 6.34 Mo] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) - (6.5.6.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 4452 | [Owner : Système | Parent : 796(services.exe) | 30.86 Mo] - (.Check Point Software Technologies Ltd. - ZoneAlarm.) - (14.0.522.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe 4216 | [Owner : algasys | Parent : 8708(XYplorer.exe) | 2.19 Mo] - (.- 64-bit Context Menu Helper.) - (1.2.3.0) = C:\Program Files (x86)\XYplorer\ContextMenu64.exe 1732 | [Owner : SERVICE LOCAL | Parent : 1096(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.3.9600.17415) = C:\Windows\System32\audiodg.exe 1672 | [Owner : Système | Parent : 1940(SearchIndexer.exe) | 7.25 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.9600.17787) = C:\Windows\System32\SearchProtocolHost.exe 7324 | [Owner : Système | Parent : 1940(SearchIndexer.exe) | 4.26 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.9600.17415) = C:\Windows\System32\SearchFilterHost.exe 4956 | [Owner : algasys | Parent : 7420(robotaskbaricon.exe) | 41.34 Mo] - (.Microsoft Corporation - Internet Explorer.) - (11.0.9600.17840) = C:\Program Files\Internet Explorer\iexplore.exe 2760 | [Owner : algasys | Parent : 4956(iexplore.exe) | 126.63 Mo] - (.Microsoft Corporation - Internet Explorer.) - (11.0.9600.17840) = C:\Program Files (x86)\Internet Explorer\iexplore.exe 7040 | [Owner : algasys | Parent : 4956(iexplore.exe) | 47.47 Mo] - (.Microsoft Corporation - Internet Explorer.) - (11.0.9600.17840) = C:\Program Files (x86)\Internet Explorer\iexplore.exe 8632 | [Owner : algasys | Parent : 4956(iexplore.exe) | 15.62 Mo] - (.SosVirus - QuickDiag.) - (26.12.2015.1) = D:\Mes telechargements\QuickDiag.exe 8232 | [Owner : Système | Parent : 876(svchost.exe) | 4.59 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.17415) = C:\Windows\SysWOW64\dllhost.exe ¤¤¤¤¤¤¤¤¤¤ | MD5 [MD5.C10A66189DC8C090E7C84873EDCEBC88] - [11/03/2015 15:09:34] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2442.74 Ko] - (6.3.9600.17667) : C:\WINDOWS\Explorer.exe [MD5.F5AE03DE0AD60F5B17B82F2CD68402FE] - [03/03/2015 10:15:34] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [349 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\cmd.exe [MD5.B2D3F07F5E8A13AF988A8B3C0A800880] - [22/08/2013 14:25:40] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [16.72 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\csrss.exe [MD5.9361355721F51E3A25DF53702D10E9DE] - [03/03/2015 10:14:21] - (.© Microsoft Corporation. - COM Surrogate.) - [18.81 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\dllhost.exe [MD5.4F455778B6CDA2FD61D4F8B0A3E0543C] - [03/03/2015 10:16:17] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1279.05 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\Kernel32.dll [MD5.382100E75B6F4668AEAEF228C6CEFFAD] - [03/03/2015 10:14:29] - (.© Microsoft Corporation. - Local Security Authority Process.) - [45.92 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\lsass.exe [MD5.A6F17C299A03BAFEFB9257C462A19E00] - [03/03/2015 10:16:56] - (.© Microsoft Corporation. - Distributed COM Services.) - [798.5 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\rpcss.dll [MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - [03/03/2015 10:14:26] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [53.5 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\rundll32.exe [MD5.E0C7813A97CA7947FF5C18A8F3B61A45] - [14/05/2015 15:21:33] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [400.52 Ko] - (6.3.9600.17793) : C:\WINDOWS\System32\services.exe [MD5.E3A2AD05E24105B35E986CF9CB38EC47] - [03/03/2015 10:14:30] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [37.88 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\svchost.exe [MD5.25026E350BC3BE37631634EC72B10BD5] - [03/03/2015 10:16:35] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1504.59 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\user32.dll [MD5.5C131534A3EA4A461A793FB507A8004F] - [03/03/2015 10:14:17] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [25.5 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\userinit.exe [MD5.A570A64292214C43E0BA50E6A72A6380] - [03/03/2015 10:14:46] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [142.5 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\Wininit.exe [MD5.EC498BAE1F0D3E0E401C963F8D76C437] - [03/03/2015 10:15:43] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [559 Ko] - (6.3.9600.17415) : C:\WINDOWS\System32\Winlogon.exe [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - [28/02/2015 13:26:00] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [550 Ko] - (6.3.9600.17194) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.74B14192CF79A72F7536B27CB8814FBD] - [22/08/2013 13:22:57] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [25.84 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.38E1F4E0148A24C65D215F14D57B0711] - [22/08/2013 13:22:57] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [194.84 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - [22/08/2013 12:40:20] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [86.5 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.C6796EA22B513E3457514D92DCDB1A3D] - [22/08/2013 09:46:35] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [160.5 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.A03F362C5557E238CBFA914689C77248] - [11/05/2014 05:30:40] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [131 Ko] - (6.3.9600.17041) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - [28/02/2015 15:35:26] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [75 Ko] - (6.3.9600.17238) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - [28/02/2015 14:55:18] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [106 Ko] - (6.3.9600.17480) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - [18/03/2014 10:54:55] - (.© Microsoft Corporation. - IP Network Address Translator.) - [139.5 Ko] - (6.3.9600.16477) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - [17/07/2015 16:27:01] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [392 Ko] - (6.3.9600.17918) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.97DC5967F65503213FD1F1B3E4A6F983] - [31/07/2015 09:28:58] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1087.84 Ko] - (6.3.9600.17931) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.0217532E19A748F0E5D569307363D5FD] - [22/08/2013 12:37:03] - (.© Microsoft Corporation. - MBT Transport driver.) - [276 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - [03/03/2015 10:17:05] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1978.31 Ko] - (6.3.9600.17399) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.764B1121867B2D9B31C491668AC72B2B] - [22/08/2013 12:40:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [92 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.1BD3022FD6E450B00DE560265638FD2A] - [28/02/2015 14:55:19] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [110 Ko] - (6.3.9600.17484) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - [18/03/2014 10:37:57] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [191 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.746DDF7D59AB8D721C88D48434597E8D] - [22/07/2015 16:02:02] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2418.34 Ko] - (6.3.9600.17903) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.FFF28F9F6823EB1756C60F1649560BBF] - [22/08/2013 14:25:35] - (.© Microsoft Corporation. - TDI Translation Driver.) - [105 Ko] - (6.3.9600.16384) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - [28/02/2015 15:35:29] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [302.81 Ko] - (6.3.9600.17215) : C:\WINDOWS\System32\Drivers\volsnap.sys ¤¤¤¤¤¤¤¤¤¤ | Locked Applications ¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted) (.Hewlett-Packard Company.-.Hewlett-Packard Company DeskBand.) - (8.0.0.2) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (10.18.10.3574) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll (.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (10.18.10.3574) -- C:\WINDOWS\SYSTEM32\igdusc64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.AVAST Software.-.avast! Shell Extension.) - (11.1.2245.1540) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll ¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.393) -- C:\WINDOWS\system32\RltkAPO64.dll ¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ¤¤¤¤¤¤¤¤¤¤ | Startings up [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-3520 Series" "ZoneAlarm Windows 10 Upgrader"="C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"=C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed [HKU\S-1-5-18\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\CurrentVersion\Run] "TrayStatus"="C:\Program Files (x86)\TrayStatus\TrayStatus.exe" "WallpaperSS"=C:\Program Files (x86)\WallpaperSSPro\WallpaperSSNoSplash.exe /A "EssentialPIM Pro"="C:\Program Files (x86)\EssentialPIM Pro\EssentialPIM.exe" /autorun "EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-3520 Series" "RoboForm"="C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" "thebat_startup"=C:\Program Files\The Bat!\thebat64.exe /minimize "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" /AUTO [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Breevy"=0x020000000000000000000000 "DymoQuickPrint"=0x03000000C1B75C77CA92D001 "EssentialPIM Pro"=0x020000000000000000000000 "MSCS"=0x03000000C0E178770540D101 "Power2GoExpress8"=0x03000000C5859F4331CCD001 "RoboForm"=0x020000000000000000000000 "Screenpresso"=0x020000000000000000000000 "thebat_startup"=0x020000000000000000000000 "TrayStatus"=0x020000000000000000000000 "WallpaperSS"=0x020000000000000000000000 "Zoner Photo Studio Autoupdate"=0x030000000076DD976B3AD101 "EPLTarget\P0000000000000000"=0x020000000000000000000000 "CCleaner Monitoring"=0x0300000030487A860540D101 "CCleaner"=0x020000000000000000000000 [HKU\S-1-5-20\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 [HKU\S-1-5-19\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"=C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart "SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "Logitech Download Assistant"=C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [HKLM\Software\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "!DiskInfo"=0x040000000000000000000000 "RUNFBI"=0x040000000000000000000000 "DisableStartScreen"=0x040000000000000000000000 "RTHDVCPL"=0x060000000000000000000000 "NvBackend"=0x060000000000000000000000 "ShadowPlay"=0x060000000000000000000000 "SimplePass"=0x040000000000000000000000 "OPBHOBroker"=0x040000000000000000000000 "OPBHOBrokerDesktop"=0x040000000000000000000000 "SynTPEnh"=0x07000000D145063A9556D101 "AdobeAAMUpdater-1.0"=0x020000000000000000000000 "Logitech Download Assistant"=0x020000000000000000000000 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [01/04/2014 14:37:38] "HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [17/02/2015 09:39:42] "SystemExplorerAutoStart"="C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY "ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [09/09/2015 07:20:28] "Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 ¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder ¤¤¤¤¤¤¤¤¤¤ | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "StartRCM"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "TSUserEnabled"=0 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "DelayConMgrTimeout"=0 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "AllowRemoteRPC"=0 "ProductVersion"=5.1 "fDenyTSConnections"=1 "InstanceID"=f184bbaa-5c68-4337-8aad-bee253f "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "GlobalFlag"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapDeCommitFreeBlockThreshold"=0 "ResourceTimeoutCount"=648000 "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "CriticalSectionTimeout"=2592000 "ProcessorControl"=2 "HeapSegmentReserve"=0 "ExcludeFromKnownDlls"= "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "NumberOfInitialSessions"=2 "RunLevelExecute"=WinInit ServiceControlManager "AutoChkTimeout"=1 "RunLevelValidate"=ServiceControlManager "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM "BootDriverFlags"=28 "CurrentUser"=USERNAME "WaitToKillServiceTimeout"=5000 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=14 [HKLM\System\CurrentControlSet\Control\lsa] "Bounds"=0x0030000000200000 "auditbasedirectories"=0 "fullprivilegeauditing"=0x00 "crashonauditfail"=0 "auditbaseobjects"=0 "Security Packages"="" [27/02/2015 13:19:55] "LimitBlankPasswordUse"=0 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "LsaPid"=804 "SamConnectedAccountsExist"=1 ¤¤¤¤¤¤¤¤¤¤ | .LNK C:\Users\Alain\AppData\Local\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem) C:\Users\Alain\AppData\Local\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem) C:\Users\Alain\AppData\Local\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem) C:\Users\Alain\AppData\Local\Microsoft\Windows\GameExplorer\{b0e43195-dbe0-4647-8e23-84fc3b08cee9}\PlayTasks\0\web.lnk (/src gameexploreroem) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (/e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Alain\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows 8 Menu.lnk (Metro) C:\Users\Alain\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Appli Manager.lnk (--appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch) C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClipCache Pro.lnk (/wait 12) 1\1}GJ\CLIPCA~1D �\Fw}GJ\.�d-< ClipCache\2�9nC%~ clipc.exeD  C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk () #�#Evernotet2X�FZ EVERNO~2.EXEX ゙FZ�FsP.�"EvernoteClip C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk () #�#Evernoten2"�FZ EVC5D8~1.EXER ゙FZ�FsP.�b?EvernoteTray C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RSSOwl.lnk () > �7Hj�7Hv�.Sw�ހRSSOwl`2�C�a RSSOwl.exeF ゙C�a7Hj�.�wl C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XYplorer.lnk () rB �5H�5H�.ys�� XYplorerf2�j2H` XYplorer.exeJ �2H`5H�.zs ¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs ¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ¤¤¤¤¤¤¤¤¤¤ | Policies | Registry ¤¤¤¤¤¤¤¤¤¤ | Winlogon [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;SkyDrive;Work Folders "BuildNumber"=9600 "FirstLogon"=0 "ParseAutoexec"=1 [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;SkyDrive;Work Folders [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;SkyDrive;Work Folders [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=C:\Windows\system32\userinit.exe, "Shell"=explorer.exe "DebugServerCommand"=no "ForceUnlockLogon"=0 "ReportBootOk"=1 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "Background"=0 0 0 "PasswordExpiryWarning"=5 "CachedLogonsCount"=10 "WinStationsDisabled"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "scremoveoption"=0 "DisableCAD"=1 "ShutdownFlags"=2147483687 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-32 "LastUsedUsername"= "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\alainb1710@gmail.com [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=userinit.exe, "Shell"=explorer.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile "DefaultDomainName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultUserName"= ¤¤¤¤¤¤¤¤¤¤ | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""= [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\WINDOWS\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\WINDOWS\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\swsetup\sp69618\Setup.exe"=1 "C:\swsetup\sp68120\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "C:\Users\Alain\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe"=1 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"=0x5341435001000000000000000700000028000000F0100300E14C030001000000000000000000030600210000B395E7CF049FCE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000063380C1400000000B4010000B4010000 "C:\Program Files\AVAST Software\Avast\aswChLic.exe"=0x5341435001000000000000000700000028000000683F01003727020001000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\SWSetup\sp70271\CaslApp.exe"=0x5341435001000000000000000700000028000000004A0100C403020001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000038010000000000000300000003000000 "C:\SWSetup\sp69559\x64\setup.exe"=0x5341435001000000000000000700000028000000F80A12006BE5120001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000012F10100000000000100000001000000 "C:\Program Files\ClipCache\clipc.exe"=0x5341435001000000000000000700000028000000E0B03900EEA33A0001000000000000000000020673000000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000004F261E10000000001300000013000000 "D:\Softwares\+++ licence\licence Ms Soft Compte Bancaire 9 3 6.exe"=0x53414350010000000000000007000000280000004FB668000000000001000000000000000000020600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000000DB40000000000000100000001000000 "D:\Softwares\+++ licence\licence Screenpresso pro 1 5 1 0.exe"=0x534143500100000000000000070000002800000010209D00DEC79D0001000000000000000000020680010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B2B71800000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000058E416007024170001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000280000000000000000000010000000000000000000000000000000007E0E0200000000001500000015000000 "C:\Program Files (x86)\XYplorer\Uninstall.exe"=0x53414350010000000000000007000000280000009D160100BE00370003000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E3230000000000000100000001000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x534143500100000000000000070000002800000018A72D0099022E0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002AFA0E00000000000200000002000000 "C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe"=0x534143500100000000000000070000002800000000D00700FA180800010000000000000000000106F5220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000276C0000000000000100000001000000 "C:\Program Files\Rapid Environment Editor\RapidEE.exe"=0x5341435001000000000000000700000028000000372D5D00E2FC590001000000000000000000030673220000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000083FA0200000000000800000008000000 "D:\Mes doc\Evernote\AutoUpdate\Evernote_5.8.4.6870.exe"=0x5341435001000000000000000700000028000000083EEA05EBEEEA0501000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\Program Files\Inpaint\Inpaint.exe"=0x534143500100000000000000070000002800000000EADC000000000001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000EF9F0200000000000400000004000000 "C:\Program Files (x86)\PlayerTuto.com\PlayerTuto.exe"=0x5341435001000000000000000700000028000000001016009B3A160001000000000000000000010671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A64A0D00000000000200000002000000 "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe"=0x534143500100000000000000070000002800000068390A00B2590A00010000000000000000000206F1020000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000026B80300000000000100000001000000 "C:\Program Files (x86)\AKVIS\Enhancer\Enhancer.exe"=0x534143500100000000000000070000002800000040592C01B8AF2C0101000000000000000000020671000000975FD891C99ECE010000000000000000020000002800000000000000000000100010000000000000000000000000000020220300000000000700000007000000 "C:\Program Files (x86)\AKVIS\Noise Buster\NoiseBuster.exe"=0x534143500100000000000000070000002800000040792F016F73300101000000000000000000020671000000975FD891C99ECE0100000000000000000200000028000000000000000000001000100000000000000000000000000000A1BE0900000000000400000004000000 "C:\Program Files (x86)\AKVIS\Refocus\Refocus_64.exe"=0x534143500100000000000000070000002800000040F30603C275070301000000000000000000030673200000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B1D05003000000000600000006000000 "C:\SWSetup\sp70625\CaslApp.exe"=0x5341435001000000000000000700000028000000004A0100C403020001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C5010000000000000600000006000000 "C:\Program Files (x86)\ShiftN\ShiftN.exe"=0x5341435001000000000000000700000028000000003C0D000000000001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000EE9A0200000000000500000005000000 "SIGN.MEDIA=71CA93 LaunchU3.exe"=0x534143500100000000000000070000002800000028F51400CD3A150001000000000000000000000671000000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000024CE3000000000000200000002000000 "D:\Mes doc\Evernote\AutoUpdate\Evernote_5.8.5.7193.exe"=0x534143500100000000000000070000002800000008CEF605C567F70501000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D4203F00000000000100000001000000 "C:\ProgramData\Zoner\NLMDB\product.0042\autoupdate.us\ZPS17_Update_Build09.exe"=0x53414350010000000000000007000000280000005069FA005234FB0001000000000000000000030600210000975FD891C99ECE010000008000000000020000002800000000000000000000000000000000000000000000000000000042C3AE00000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go8\OLRSubmission\OLRStateCheck.exe"=0x5341435001000000000000000700000028000000089F0100C7B8010001000000000000000000020671020000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000021050000000000000A0000000A000000 "C:\Program Files (x86)\CyberLink\Power2Go8\BigBang\CLUpdater.exe"=0x5341435001000000000000000700000028000000082F06004DAB060001000000000000000000020671020000975FD891C99ECE0100000080000000000200000028000000000000000000000000000000000000000000000000000000E6200000000000000900000009000000 "SIGN.IE=0F70150 EssentialPIMPro6.exe"=0x53414350010000000000000007000000280000005001F700E988F70001000000000000000000000671000000975FD891C99ECE01000000000000000002000000280000000000000000080040000000000000000000000000000000008DC75801000000000100000001000000 "SIGN.IE=02825958 QuickTimeInstaller.exe"=0x5341435001000000000000000700000028000000585982022D1F830201000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009DD20100000000000100000001000000 "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe"=0x5341435001000000000000000700000028000000A0FC0100A0D2020001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000008D1A0000000000000200000002000000 "C:\Program Files\Allway Sync\Bin\syncappw.exe"=0x5341435001000000000000000700000028000000487201003444020001000000000000000000030673220000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000066F30400000000000200000002000000 "C:\Program Files (x86)\filetypesman\FileTypesMan.exe"=0x534143500100000000000000070000002800000060EC0000219B010001000000000000000000030671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000311B0500000000000300000003000000 "C:\Program Files (x86)\DYMO\DYMO Label Software\DLS.exe"=0x534143500100000000000000070000002800000030170200C8440200010000000000000000000306F1220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000659B2E00000000001600000016000000 "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPrinterWizard.exe"=0x5341435001000000000000000700000028000000006E030000000000010000000000000000000306F1220000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000008C2F0000000000000100000001000000 "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe"=0x5341435001000000000000000700000028000000307D1C0043E71C0001000000000000000000030671200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000200000002000000 "D:\Mes doc\Evernote\AutoUpdate\Evernote_5.8.6.7472.exe"=0x534143500100000000000000070000002800000008AEEC05114CED0501000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000867B8E00000000000100000001000000 "C:\Program Files (x86)\Evernote\Evernote\EvernoteCleanup.exe"=0x5341435001000000000000000700000028000000086602000854030001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000A6010000000000000100000001000000 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe"=0x5341435001000000000000000700000028000000A8A6240097F4240001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BA7F0100000000000100000001000000 "C:\Program Files\Nikon\Capture NX 2\Capture NX 2.exe"=0x53414350010000000000000007000000280000000014070000000000010000000000000000000206F3000000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000084703300000000001300000013000000 "SIGN.IE=01126E8 readerdc_fr_oa_install.exe"=0x5341435001000000000000000700000028000000E82611008947110001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F3BC0100000000000100000001000000 "C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe"=0x5341435001000000000000000700000028000000083F05003D8D050001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000072C90500000000000100000001000000 "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe"=0x534143500100000000000000070000002800000008C70200FC49030001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000010000000000000000000000000D6070200000000000200000002000000 "C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe"=0x5341435001000000000000000700000028000000083B23007067230001000000000000000000020671020000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000046F10000000000000100000001000000 "C:\Program Files (x86)\Magic Audio Converter\SplashPro.exe"=0x534143500100000000000000070000002800000000E80D000000000001000000000000000000000661220000975FD891C99ECE0100000000000000000200000028000000000000000000004000100000000000000000000000000000F4400600000000000400000004000000 "C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe"=0x534143500100000000000000070000002800000008BF0200C91F030001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001E520200000000000100000001000000 "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe"=0x5341435001000000000000000700000028000000D89C740020C2740001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000100000001000000 "C:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector3.exe"=0x5341435001000000000000000700000028000000286B0300CCCF030001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000845C0400000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe"=0x534143500100000000000000070000002800000008552900347E290001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AD750000000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe"=0x534143500100000000000000070000002800000008850700DE4B080001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C24D0000000000000100000001000000 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Solutions\HPSAScript.exe"=0x5341435001000000000000000700000028000000085D000017F40000010000000000000000000106F5220000B395E7CF049FCE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000004FD80A00000000000100000001000000 "SIGN.IE=0FC9668 EssentialPIMPro6.exe"=0x53414350010000000000000007000000280000006896FC00DCD4FC0001000000000000000000000671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000C1EC1400000000000100000001000000 "SIGN.IE=02BBFDF8 eID-QuickInstaller-407-7466-signed_tcm226-258853.exe"=0x5341435001000000000000000700000028000000F8FDBB0225F9BC0201000000000000000000030671200000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000003AE0000000000000100000001000000 "C:\SWSetup\sp70794\x64\setup.exe"=0x5341435001000000000000000700000028000000F80A1200B660120001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000045690100000000000100000001000000 "C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"=0x5341435001000000000000000700000028000000F8B80700CDA9080001000000000000000000030673220000B395E7CF049FCE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000E26A0B14000000003701000037010000 "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe"=0x534143500100000000000000070000002800000050FC48008BDE490001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000FC400100000000000100000001000000 "D:\Mes doc\Evernote\AutoUpdate\Evernote_5.8.12.8127.exe"=0x534143500100000000000000070000002800000008BAB605C46FB70501000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A1A50100000000000100000001000000 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Solutions\PSGRedirector.exe"=0x53414350010000000000000007000000280000003887000086E00000010000000000000000000306F1220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000080D60C00000000000100000001000000 "C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe"=0x5341435001000000000000000700000028000000B0D63301382C340101000000000000000000030600210000B395E7CF049FCE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000FBF79405000000000400000004000000 "C:\Program Files (x86)\LinkStash\lnkstash.exe"=0x5341435001000000000000000700000028000000C0E21200AE48130001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000492A2110000000000600000006000000 "C:\Windows\SysWOW64\FlashPlayerApp.exe"=0x5341435001000000000000000700000028000000F8170C0029DF0C0001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000057FD3C00000000000200000002000000 "SIGN.IE=0A15E0 DropboxInstaller.exe"=0x5341435001000000000000000700000028000000E0150A00BD780A0001000000000000000000010600010000975FD891C99ECE0100000080000000000200000028000000000000000000000000000000000000000000000000000000DEC30300000000000100000001000000 "C:\Program Files (x86)\Event Log Explorer\elex.exe"=0x534143500100000000000000070000002800000020AF4F00FB2A500001000000000000000000030641220000975FD891C99ECE010000000000000000020000002800000000000000000000E000000000000000000000000000000000D9F91C00000000000300000003000000 "C:\Program Files (x86)\TrayStatus\TrayStatus.exe"=0x53414350010000000000000007000000280000009851040055AD0400010000000000000000000106F5220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A7277E00000000000200000002000000 "C:\Program Files (x86)\WallpaperSSPro\WallpaperSS.exe"=0x5341435001000000000000000700000028000000403829009939290001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000100000000000000000000000000000000059F31D10000000000300000003000000 "SIGN.IE=03996B8 HPSupportSolutionsFramework-12.0.30.81.exe"=0x5341435001000000000000000700000028000000B8963900A9483A0001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D8B41400000000000100000001000000 "SIGN.IE=07734C8 OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C8347700A491770001000000000000000000030600210000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000E95E0000000000000100000001000000 "SIGN.IE=030CE1F InstallDownloadManager.exe"=0x53414350010000000000000007000000280000001FCE3000535C040001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000137F0000000000000100000001000000 "C:\Program Files (x86)\monAlbumPhoto\monAlbumPhoto.exe"=0x534143500100000000000000070000002800000028FB0F00CB8C1000010000000000000000000306F1200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E3950100000000000100000001000000 "C:\Program Files (x86)\WinMerge\WinMergeU.exe"=0x5341435001000000000000000700000028000000008623006D21240001000000000000000000020671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AC200900000000001000000010000000 "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoAppBar.exe"=0x5341435001000000000000000700000028000000284A38008D24390001000000000000000000030673220000B395E7CF049FCE010000000000000000020000002800000000000000000000400000000000000000000000000000000078134500000000000500000005000000 "C:\Program Files (x86)\7-Zip\7zFM.exe"=0x534143500100000000000000070000002800000000EC05000000000001000000000000000000000671200000975FD891C99ECE0100000000000000000200000028000000000000000000001000000000000000000000000000000000AE9C0000000000000100000001000000 "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe"=0x534143500100000000000000070000002800000018B405009B00060001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000007BF50000000000000100000001000000 "C:\Program Files (x86)\System Explorer\SystemExplorer.exe"=0x5341435001000000000000000700000028000000E8B63300D398340001000000000000000000030600210000975FD891C99ECE0100000000000000000200000050000000000000000000000000000000000000000000000000000000DC2F140100000000110000000B0000000000000000000040000000000000000000000000000000001A0E0000000000000100000000000000 "SIGN.IE=0310F38 CLEAN.exe"=0x5341435001000000000000000700000028000000380F31003F76310001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000085C20000000000000100000001000000 "C:\Program Files (x86)\CSVed\CSVed.exe"=0x5341435001000000000000000700000028000000003614000000000001000000000000000000030661200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001CB30500000000000500000005000000 "C:\Users\Alain\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x534143500100000000000000070000002800000050BC770025AB780001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000096640000000000000100000001000000 "C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe"=0x534143500100000000000000070000002800000000180A000000000001000000000000000000030680210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000086010000000000000200000002000000 "SIGN.MEDIA=B950 Windows\StartFreeStyle.exe"=0x534143500100000000000000070000002800000050B90000B791010001000000000000000000010671220000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000558E0000000000000100000001000000 "C:\Program Files (x86)\Abbott Diabetes Care\FreeStyle Auto-Assist\FreeStyle Auto-Assist.exe"=0x534143500100000000000000070000002800000050FB14003080150001000000000000000000010671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000000DD00100000000000200000002000000 "C:\Program Files (x86)\MAXA Cookie Manager\Cookie.exe"=0x534143500100000000000000070000002800000000601100D501120001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009B431E10000000000200000002000000 "C:\Program Files (x86)\DirectoryListPrintPro\DirectoryListPrintPro.exe"=0x5341435001000000000000000700000028000000A85CD7000F1FD80001000000000000000000030671200000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000000000000000000000000000000000000037131100000000000600000002000000000000000000004000000000000000000000000000000000205B0000000000000100000000000000 "C:\Program Files (x86)\2BrightSparks\SyncBackSE\SyncBackSE.exe"=0x5341435001000000000000000700000028000000285F4A01FBB04A0101000000000000000000030600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000002C87401000000000100000001000000 "C:\Users\Alain\AppData\Local\Apps\2.0\3QN7CX6L.OV4\L7QN0V20.XMA\prog...app_86fd5b6b43e66935_0001.0003_5cb14937c086ca58\clickonce_bootstrap.exe"=0x5341435001000000000000000700000028000000482B00002B56000001000000000000000000030680210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000032A10000000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000048630C007C5A0D0001000000000000000000030600210000975FD891C99ECE010000000100000000 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe"=0x534143500100000000000000070000002800000010FC06007EE60700010000000000000000000306F5220000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000029B50600000000000100000001000000 "SIGN.MEDIA=EBCF2 InstallNavi.exe"=0x5341435001000000000000000700000028000000B0BC0E00BF8C0F0001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000C749A901000000000100000001000000 "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"=0x5341435001000000000000000700000028000000880E0200CACE020001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009073C705000000001100000011000000 "C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe"=0x5341435001000000000000000700000028000000A0E92400F972250001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000000770100000000000200000002000000 "C:\Program Files\PortraitPro Studio 15\PortraitProStudio.exe"=0x534143500100000000000000070000002800000028B41A0141FC1A0101000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000074A2800000000000E0000000E000000 "SIGN.IE=0280A8C sniper-mui-3.3.2.1_x64.exe"=0x53414350010000000000000007000000280000008C0A28000000000001000000000000000000000671020000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000003C8D0000000000000100000001000000 "C:\Program Files (x86)\MSoft informatique\MS Comptes Bancaires 9.3\Comptes.exe"=0x534143500100000000000000070000002800000000804F010000000001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A1124B00000000004300000043000000 "D:\Mes telechargements\winchk_2.0.exe"=0x534143500100000000000000070000002800000078CE04000000000001000000000000000000000671020000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DA150000000000000100000001000000 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheck.exe"=0x5341435001000000000000000700000028000000C82C0800666C0800010000000000000000000306F1220000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000005B4B0B00000000000F0000000F000000 "C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe"=0x534143500100000000000000070000002800000038CD0600DFD0060001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C4790000000000000200000002000000 "SIGN.MEDIA=12F0A75 NPhoto.exe"=0x53414350010000000000000007000000280000008BD197000000000001000000000000000000010671000000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000209F0300000000000100000001000000 "C:\Program Files\Nikon\Picture Control Utility 2\PictureControlUtil2.exe"=0x5341435001000000000000000700000028000000001422000000000001000000000000000000030673220000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000058BF0000000000000400000004000000 "C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe"=0x5341435001000000000000000700000028000000C0C8DF022EC3E00201000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000021870A00000000001C0000001C000000 "C:\Program Files\Bullzip\PDF Printer\gui.exe"=0x534143500100000000000000070000002800000018262200E9EA220001000000000000000000030671200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001D9E0500000000000100000001000000 "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe"=0x534143500100000000000000070000002800000030160E00AFD20E0001000000000000000000030671220000975FD891C99ECE0100000080000000000200000028000000000000000000000000000000000000000000000000000000041F0600000000000100000001000000 "C:\Users\Alain\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe"=0x5341435001000000000000000700000028000000C0264C00CD214D0001000000000000000000030671220000975FD891C99ECE0100000080000000000200000028000000000000000000000000000000000000000000000000000000D0210000000000000500000005000000 "SIGN.IE=019050D8 Belgium_eID-QuickInstaller_4.1.10.1698.exe"=0x5341435001000000000000000700000028000000D85090012602910101000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000007FF70000000000000100000001000000 "C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe"=0x5341435001000000000000000700000028000000CB4EAC00BED5030001000000000000000000030671200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000060FE0100000000000200000002000000 "C:\Program Files\AVAST Software\Avast\AvastUI.exe"=0x534143500100000000000000070000002800000038256B00B5D86B0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000D6BC9B00000000000300000003000000 "C:\Program Files (x86)\EssentialPIM Pro\EssentialPIM.exe"=0x534143500100000000000000070000002800000070418100A245810001000000000000000000020600010000975FD891C99ECE010000000000000000020000002800000000000000000000100010000000000000000000000000000074DF2D0A000000000C0000000C000000 "C:\Program Files\onOne Software\Perfect Effects 9\Perfect Effects 9.exe"=0x5341435001000000000000000700000028000000F8559000DB0F910001000000000000000000000600010000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000001A2B1D00000000000500000005000000 "SIGN.MEDIA=7D2210 drivers\adb_driver\HANDSET WINDRIVER.EXE"=0x534143500100000000000000070000002800000010227D006CA17D0001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000002F5B0000000000000100000001000000 "SIGN.IE=0787C00 setup.msi"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BE240000000000000100000001000000 "C:\Users\Alain\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe"=0x53414350010000000000000007000000280000001034BC00B89EBC0001000000000000000000030680210000B395E7CF049FCE01000000000000000002000000280000000000000000000010000000000000000000000000000000004BB84802000000000A0000000A000000 "C:\Windows\twain_32\escndv\escfg.exe"=0x5341435001000000000000000700000028000000B01C0400006D040001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D54C0400000000000100000001000000 "C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"=0x534143500100000000000000070000002800000088500500F913060001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000005480000000000000400000004000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000A815830095B5830001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000500000000000000000000000000000000000000000000000000000000FB80B00000000003300000007000000000000000000004000000000000000000000000000000000C08C0000000000000100000000000000 "C:\Program Files (x86)\CyberLink\YouCam\subsys\BigBang\Runtime\CLUpdater.exe"=0x5341435001000000000000000700000028000000082F0600B120070001000000000000000000020671020000975FD891C99ECE0100000080000000000200000028000000000000000000000000000000000000000000000000000000E2C20000000000000700000007000000 "D:\Mes telechargements\ZHPCleaner.exe"=0x534143500100000000000000070000002800000000301E00E2081F0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000021E30900000000000100000001000000 "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe"=0x53414350010000000000000007000000280000002064FA00C252FB0001000000000000000000030673220000B395E7CF049FCE010000000000000000020000002800000000000000000000400400000000000000000000000000000034111E00000000000B0000000B000000 "C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe"=0x534143500100000000000000070000002800000050DC0300CAC9040001000000000000000000030600210000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000002C45090000000000040000000400000000000000000000400000000000000000000000000000000087010000000000000200000000000000 "C:\Program Files\Recuva\recuva64.exe"=0x5341435001000000000000000700000028000000185B4B0084C34B0001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000E07A0600000000000700000007000000 "C:\Program Files\The Bat!\thebat64.exe"=0x5341435001000000000000000700000028000000A0ABF7010E88F80101000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000008F869601000000000500000005000000 "C:\Program Files\LibreOffice 5\program\soffice.exe"=0x534143500100000000000000070000002800000068EA0000E7ED000001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B04C0F00000000000300000003000000 "C:\Windows\twain_32\escndv\escndv.exe"=0x5341435001000000000000000700000028000000183E03007A2E040001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000200000000000000000000000000B3380A00000000000700000007000000 "C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe"=0x534143500100000000000000070000002800000038D10300F915040001000000000000000000010680010000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000ABDC0200000000000200000002000000 "C:\Program Files\LibreOffice 5\program\swriter.exe"=0x5341435001000000000000000700000028000000680001007FCA010001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C4790000000000000100000001000000 "C:\Program Files\LibreOffice 5\program\scalc.exe"=0x5341435001000000000000000700000028000000680401003D3A010001000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000008C720100000000000300000003000000 "C:\Program Files (x86)\XYplorer\XYplorer.exe"=0x5341435001000000000000000700000028000000B8146A000EE16A0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000980B5A02000000000900000009000000 "C:\Program Files (x86)\Adobe\Adobe DNG Converter.exe"=0x5341435001000000000000000700000028000000D8E21F035ED9200301000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000EE5F0100000000000100000001000000 "C:\Program Files (x86)\Evernote\Evernote\Evernote.exe"=0x5341435001000000000000000700000028000000D0D61601E34A170101000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000010000000000000000000000000000000005E000000000000000100000001000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x534143500100000000000000070000002800000038099600CD0E960001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000030612701000000000200000002000000 "C:\Program Files\Franzis\COLOR projects professional\COLOR projects professional.exe"=0x534143500100000000000000070000002800000028F17000AB8C710001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A6510E00000000000400000004000000 "C:\Program Files (x86)\RSSOwl\RSSOwl.exe"=0x534143500100000000000000070000002800000000E00000A9F6000001000000000000000000000671000000975FD891C99ECE01000000000000000002000000280000000000000000000000001000000000000000000000000000002630C900000000000900000009000000 "D:\Mes telechargements\CutOut 5 standard.exe"=0x53414350010000000000000007000000280000000826FD03E45BFD0301000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000008DE30600000000000100000001000000 "C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\osrbang.exe"=0x534143500100000000000000070000002800000000360100B71F020001000000000000000000000673020000B395E7CF049FCE010000000000000000020000002800000000000000000000400000000000000000000000000000000086160000000000000100000001000000 "C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\cpinfo.exe"=0x5341435001000000000000000700000028000000284505003607060001000000000000000000000671020000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000006F1F0000000000000100000001000000 "C:\Users\Alain\ZHPCleaner.exe"=0x534143500100000000000000070000002800000000E21E00F8F71E0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000024300E00000000000100000001000000 "C:\Users\Alain\AppData\Roaming\ZHP\ZHPCleaner.exe"=0x534143500100000000000000070000002800000000E21E00F8F71E0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000881B0300000000000800000008000000 "D:\Mes telechargements\adwcleaner_5.031.exe"=0x5341435001000000000000000700000028000000000217000000000001000000000000000000030600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000044C90500000000000200000002000000 "C:\Program Files\Zoner\Photo Studio 18\Program64\Zps.exe"=0x5341435001000000000000000700000028000000D8329C00F85D9C0001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000ECEA0A00000000000100000001000000 "D:\Mes telechargements\QuickDiag.exe"=0x534143500100000000000000070000002800000088A81700B758180001000000000000000000030600210000975FD891C99ECE010000000000000000 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\Opera\Launcher.exe"=32 "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ¤¤¤¤¤¤¤¤¤¤ | IFEO ¤¤¤¤¤¤¤¤¤¤ | Mountpoints2 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{92b5c8ed-dc51-11e4-8283-acb57d036a11}] : "H:\LaunchU3.exe" -a (AutoRun) [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{ba35d274-6040-11e5-82e1-3863bb93fcbd}] : "H:\Windows\StartFreeStyle.exe" (AutoRun) ¤¤¤¤¤¤¤¤¤¤ | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ¤¤¤¤¤¤¤¤¤¤ | Security center [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows Defender] "DssCounter "=0 "CachedProxyAccessType "=1 "CachedProxy"= "CachedProxyBypass"= "LastKnownGoodProxy"=1 [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=130216565553372332 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=1 "ProductType"=2 "ProductStatus"=0 "TrustedImageIdentifier"=758211-A42 "DisableAntiVirus"=1 "InstallTime"=0xB81B0B61A252D001 "OneTimeSqmDataSent"=1 ¤¤¤¤¤¤¤¤¤¤ | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist) ¤¤¤¤¤¤¤¤¤¤ | Hosts ¤¤¤¤¤¤¤¤¤¤ | @ [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0xF5511E7B469FCE01 "EnableNegotiate"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKU\S-1-5-21-1373608429-321133151-520906998-1001_Classes\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ProxyEnable"=0 "GlobalUserOffline"=0 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Internet Explorer\Main] "Start Page"=http://start.roboform.com/ "Default_Page_URL"=http://g.uk.msn.com/HPCON14/2 "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\WINDOWS\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "ImageStoreRandomFolder"=hfa2hgi "FormSuggest Passwords"=no "FormSuggest PW Ask"=no "Use FormSuggest"=no "OperationalData"=525 "CompatibilityFlags"=0 "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF4000000040000000240400002A040000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xFCC9209F6ACBD001 "IE10TourNoShow"=1 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD7010000C4000000F70400001C030000 "Isolation"=PMIL "NotifyDownloadComplete"=yes "Check_Associations"=no "SuppressScriptDebuggerDialog"=0 "AutoHide"=yes "Move System Caret"=no "PlaySounds"=0 "Expand Alt Text"=no "UseSWRender"=0 "Enable AutoImageResize"=yes "EnableAlternativeCodec"=yes "Show image placeholders"=0 "GotoIntranetSiteForSingleWordEntry"=0 "UseThemes"=1 "Friendly http errors"=yes "Error Dlg Displayed On Every Error"=no "NscSingleExpand"=0 "SmoothScroll"=1 "DOMStorage"=1 "Isolation64Bit"=0 "MixedContentBlockImages"=0 "DoNotTrack"=0 "NoProtectedModeBanner"=1 "HistoryViewType"=0x08006663030000000000 "AssociationActivationMode"=0 "FullScreen"=no [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0xD263DD7BFC8ED001 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=1 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "DisableIDNPrompt"=0 "EnablePunycode"=1 "ShowPunycode"=0 "ProxyHttp1.1"=1 "EnableSPDY3_0"=1 "EnforceP3PValidity"=0 "WarnOnPostRedirect"=1 "WarnonBadCertRecving"=1 "SyncMode5"=4 "GlobalUserOffline"=0 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/5.0 (compatible; MSIE 9.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/5.0 (compatible; MSIE 9.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Start Page"=http://g.uk.msn.com/HPCON14/2 "DoNotTrack"=1 "EnableAutoUpgrade"=0 "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Local Page"=C:\WINDOWS\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Start Page"=http://g.uk.msn.com/HPCON14/2 "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Local Page"=C:\WINDOWS\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "EnablePunycode"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files "ProxyEnable"=0 "GlobalUserOffline"=0 ¤¤¤¤¤¤¤¤¤¤ | reparsepoint ¤¤¤¤¤¤¤¤¤¤ | Detection of offsets ¤¤¤¤¤¤¤¤¤¤ | Notify ¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS ¤¤¤¤¤¤¤¤¤¤ | Toolbar [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100003003A00000001000000010700006F01000006000000400300000B06000007000000010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030F11C209CE25C4EA73FCD197DEFA6AEA0434D72850DD411990800400523E39A00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "{724D43A0-0D85-11D4-9908-00400523E39A}"=0xA0434D72850DD411990800400523E39A "ITBar7Layout64"=0x13000000000000000000000020000000100001003A00000001000000000700006D010000060000000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000A0434D72850DD411990800400523E39A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=0xB1C218236549D4119B18009027A5CD4F "ITBar7Height"=87 "ITBar7Height64"=59 [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} "KnownProvidersUpgradeTime"=0x80D510966ACBD001 "DownloadRetries"=2 "Version"=4 "UpgradeTime"=0x18FCE7986ACBD001 "DefaultPackCorrection"=1 "ShowSearchSuggestionsInAddressGlobal"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{724d43a0-0d85-11d4-9908-00400523e39a}"=0x00 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{724d43a0-0d85-11d4-9908-00400523e39a}"=0x00 "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4874F370-402D-4d09-A73E-FAB439934E56}] : (LinkStash) - [] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\Extensions\{957DCFA2-39F7-4443-9677-1B14E83A2F87}] : (Ajout d'URL à LinkStash) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46}] : (Fill Forms) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] : (Save Forms) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4D}] : (Sync RoboForm Data) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F50}] : (Password Generator) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F51}] : (RoboForm TaskBar Icon) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F52}] : (Set Fields) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F53}] : (Reset Fields) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F54}] : (Clear Fields) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{45DB34C3-955C-11D3-ABEF-444553540001}] : (RoboForm Editor) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{724d43aa-0d85-11d4-9908-00400523e39a}] : (Show RoboForm Toolbar) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F46}] : (Remplir les formulaires) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] : (Enregistrer les formulaires) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F4D}] : (Synchronisation des données RoboForm) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F50}] : (Générateur de mot de passe) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F51}] : (Icône de la BT) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F52}] : (Initialiser les champs) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F53}] : (Réinitialiser les champs) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{320AF880-6646-11D3-ABEE-C5DBF3571F54}] : (Vider les champs) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{45DB34C3-955C-11D3-ABEF-444553540001}] : (Éditeur RoboForm) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{724d43aa-0d85-11d4-9908-00400523e39a}] : (Barre RoboForm) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101) - [] ¤¤¤¤¤¤¤¤¤¤ | SearchScopes [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD7B1179-4CFB-4B92-A68A-16125FCB7A87}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD7B1179-4CFB-4B92-A68A-16125FCB7A87}] - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{AD7B1179-4CFB-4B92-A68A-16125FCB7A87}] - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} : ¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] -> (RoboForm Toolbar Helper) : C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [19/06/2015 09:08:43] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [24/01/2016 11:54:41] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [22/11/2015 15:20:27] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [24/01/2016 11:54:41] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [01/08/2015 13:23:29] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 11:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}] -> (RoboForm Toolbar Helper) : C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [19/06/2015 09:08:43] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [24/01/2016 11:54:41] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [22/11/2015 15:20:27] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] -> (Evernote extension) : C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [01/12/2015 15:37:12] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [24/01/2016 11:54:41] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [01/08/2015 13:23:29] ¤¤¤¤¤¤¤¤¤¤ | Chrome [HKLM\Software\Google\Chrome\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob] ¤¤¤¤¤¤¤¤¤¤ | Opera ¤¤¤¤¤¤¤¤¤¤ | Firefox [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\mozilla\Firefox\Extensions] "maxacookie@maxatools.com"=C:\Program Files (x86)\MAXA Cookie Manager\firefox.xpi [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be "firefox@bho.com"=C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.71.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@dymo.com/DymoLabelFramework] - (DYMO Label Framework Plugin) : C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] - () : C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] - () : C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp] - () : C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf] - () : C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll ¤¤¤¤¤¤¤¤¤¤ | Active Connections TCP 127.0.0.1:23401 pc-hp:53158 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53159 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53160 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53161 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53162 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53163 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53164 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53165 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53166 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53167 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53168 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53169 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53170 TIME_WAIT 0 TCP 127.0.0.1:23401 pc-hp:53171 TIME_WAIT 0 TCP 127.0.0.1:49173 pc-hp:65001 ESTABLISHED 104 TCP 127.0.0.1:49176 pc-hp:49177 ESTABLISHED 2044 TCP 127.0.0.1:49177 pc-hp:49176 ESTABLISHED 2044 TCP 127.0.0.1:49180 pc-hp:49181 ESTABLISHED 2044 TCP 127.0.0.1:49181 pc-hp:49180 ESTABLISHED 2044 TCP 127.0.0.1:49187 pc-hp:49188 ESTABLISHED 2044 TCP 127.0.0.1:49188 pc-hp:49187 ESTABLISHED 2044 TCP 127.0.0.1:49190 pc-hp:49191 ESTABLISHED 2044 TCP 127.0.0.1:49191 pc-hp:49190 ESTABLISHED 2044 TCP 127.0.0.1:49193 pc-hp:49194 ESTABLISHED 2044 TCP 127.0.0.1:49194 pc-hp:49193 ESTABLISHED 2044 TCP 127.0.0.1:49196 pc-hp:49197 ESTABLISHED 2044 TCP 127.0.0.1:49197 pc-hp:49196 ESTABLISHED 2044 TCP 127.0.0.1:49199 pc-hp:49200 ESTABLISHED 2044 TCP 127.0.0.1:49200 pc-hp:49199 ESTABLISHED 2044 TCP 127.0.0.1:49202 pc-hp:49203 ESTABLISHED 2044 TCP 127.0.0.1:49203 pc-hp:49202 ESTABLISHED 2044 TCP 127.0.0.1:49294 pc-hp:49295 ESTABLISHED 2044 TCP 127.0.0.1:49295 pc-hp:49294 ESTABLISHED 2044 TCP 127.0.0.1:49297 pc-hp:49298 ESTABLISHED 2044 TCP 127.0.0.1:49298 pc-hp:49297 ESTABLISHED 2044 TCP 127.0.0.1:49300 pc-hp:49301 ESTABLISHED 2044 TCP 127.0.0.1:49301 pc-hp:49300 ESTABLISHED 2044 TCP 127.0.0.1:49303 pc-hp:49304 ESTABLISHED 2044 TCP 127.0.0.1:49304 pc-hp:49303 ESTABLISHED 2044 TCP 127.0.0.1:49306 pc-hp:49307 ESTABLISHED 2044 TCP 127.0.0.1:49307 pc-hp:49306 ESTABLISHED 2044 TCP 127.0.0.1:49309 pc-hp:49310 ESTABLISHED 2044 TCP 127.0.0.1:49310 pc-hp:49309 ESTABLISHED 2044 TCP 127.0.0.1:49349 pc-hp:49350 ESTABLISHED 2044 TCP 127.0.0.1:49350 pc-hp:49349 ESTABLISHED 2044 TCP 127.0.0.1:49352 pc-hp:49353 ESTABLISHED 2044 TCP 127.0.0.1:49353 pc-hp:49352 ESTABLISHED 2044 TCP 127.0.0.1:49355 pc-hp:49356 ESTABLISHED 2044 TCP 127.0.0.1:49356 pc-hp:49355 ESTABLISHED 2044 TCP 127.0.0.1:49358 pc-hp:49359 ESTABLISHED 2044 TCP 127.0.0.1:49359 pc-hp:49358 ESTABLISHED 2044 TCP 127.0.0.1:49361 pc-hp:49362 ESTABLISHED 2044 TCP 127.0.0.1:49362 pc-hp:49361 ESTABLISHED 2044 TCP 127.0.0.1:49364 pc-hp:49365 ESTABLISHED 2044 TCP 127.0.0.1:49365 pc-hp:49364 ESTABLISHED 2044 TCP 127.0.0.1:49387 pc-hp:49388 ESTABLISHED 2044 TCP 127.0.0.1:49388 pc-hp:49387 ESTABLISHED 2044 TCP 127.0.0.1:49402 pc-hp:49403 ESTABLISHED 2044 TCP 127.0.0.1:49403 pc-hp:49402 ESTABLISHED 2044 TCP 127.0.0.1:49405 pc-hp:49406 ESTABLISHED 2044 TCP 127.0.0.1:49406 pc-hp:49405 ESTABLISHED 2044 TCP 127.0.0.1:49408 pc-hp:49409 ESTABLISHED 2044 TCP 127.0.0.1:49409 pc-hp:49408 ESTABLISHED 2044 TCP 127.0.0.1:49411 pc-hp:49412 ESTABLISHED 2044 TCP 127.0.0.1:49412 pc-hp:49411 ESTABLISHED 2044 TCP 127.0.0.1:49414 pc-hp:49415 ESTABLISHED 2044 TCP 127.0.0.1:49415 pc-hp:49414 ESTABLISHED 2044 TCP 127.0.0.1:49434 pc-hp:49435 ESTABLISHED 2044 TCP 127.0.0.1:49435 pc-hp:49434 ESTABLISHED 2044 TCP 127.0.0.1:49446 pc-hp:49447 ESTABLISHED 2044 TCP 127.0.0.1:49447 pc-hp:49446 ESTABLISHED 2044 TCP 127.0.0.1:49449 pc-hp:49450 ESTABLISHED 2044 TCP 127.0.0.1:49450 pc-hp:49449 ESTABLISHED 2044 TCP 127.0.0.1:49452 pc-hp:49453 ESTABLISHED 2044 TCP 127.0.0.1:49453 pc-hp:49452 ESTABLISHED 2044 TCP 127.0.0.1:49455 pc-hp:49456 ESTABLISHED 2044 TCP 127.0.0.1:49456 pc-hp:49455 ESTABLISHED 2044 TCP 127.0.0.1:49458 pc-hp:49459 ESTABLISHED 2044 TCP 127.0.0.1:49459 pc-hp:49458 ESTABLISHED 2044 TCP 127.0.0.1:49469 pc-hp:49470 ESTABLISHED 2044 TCP 127.0.0.1:49470 pc-hp:49469 ESTABLISHED 2044 TCP 127.0.0.1:49481 pc-hp:49482 ESTABLISHED 2044 TCP 127.0.0.1:49482 pc-hp:49481 ESTABLISHED 2044 TCP 127.0.0.1:49487 pc-hp:49488 ESTABLISHED 2044 TCP 127.0.0.1:49488 pc-hp:49487 ESTABLISHED 2044 TCP 127.0.0.1:49490 pc-hp:49491 ESTABLISHED 2044 TCP 127.0.0.1:49491 pc-hp:49490 ESTABLISHED 2044 TCP 127.0.0.1:49493 pc-hp:49494 ESTABLISHED 2044 TCP 127.0.0.1:49494 pc-hp:49493 ESTABLISHED 2044 TCP 127.0.0.1:49496 pc-hp:49497 ESTABLISHED 2044 TCP 127.0.0.1:49497 pc-hp:49496 ESTABLISHED 2044 TCP 127.0.0.1:49506 pc-hp:49507 ESTABLISHED 2044 TCP 127.0.0.1:49507 pc-hp:49506 ESTABLISHED 2044 TCP 127.0.0.1:49521 pc-hp:49522 ESTABLISHED 2044 TCP 127.0.0.1:49522 pc-hp:49521 ESTABLISHED 2044 TCP 127.0.0.1:49524 pc-hp:49525 ESTABLISHED 2044 TCP 127.0.0.1:49525 pc-hp:49524 ESTABLISHED 2044 TCP 127.0.0.1:49530 pc-hp:49531 ESTABLISHED 2044 TCP 127.0.0.1:49531 pc-hp:49530 ESTABLISHED 2044 TCP 127.0.0.1:49533 pc-hp:49534 ESTABLISHED 2044 TCP 127.0.0.1:49534 pc-hp:49533 ESTABLISHED 2044 TCP 127.0.0.1:49536 pc-hp:49537 ESTABLISHED 2044 TCP 127.0.0.1:49537 pc-hp:49536 ESTABLISHED 2044 TCP 127.0.0.1:49545 pc-hp:49546 ESTABLISHED 2044 TCP 127.0.0.1:49546 pc-hp:49545 ESTABLISHED 2044 TCP 127.0.0.1:49554 pc-hp:49555 ESTABLISHED 2044 TCP 127.0.0.1:49555 pc-hp:49554 ESTABLISHED 2044 TCP 127.0.0.1:49557 pc-hp:49558 ESTABLISHED 2044 TCP 127.0.0.1:49558 pc-hp:49557 ESTABLISHED 2044 TCP 127.0.0.1:49563 pc-hp:49564 ESTABLISHED 2044 TCP 127.0.0.1:49564 pc-hp:49563 ESTABLISHED 2044 TCP 127.0.0.1:49569 pc-hp:49570 ESTABLISHED 2044 TCP 127.0.0.1:49570 pc-hp:49569 ESTABLISHED 2044 TCP 127.0.0.1:49572 pc-hp:49573 ESTABLISHED 2044 TCP 127.0.0.1:49573 pc-hp:49572 ESTABLISHED 2044 TCP 127.0.0.1:49589 pc-hp:49590 ESTABLISHED 2044 TCP 127.0.0.1:49590 pc-hp:49589 ESTABLISHED 2044 TCP 127.0.0.1:49595 pc-hp:49596 ESTABLISHED 2044 TCP 127.0.0.1:49596 pc-hp:49595 ESTABLISHED 2044 TCP 127.0.0.1:49601 pc-hp:49602 ESTABLISHED 2044 TCP 127.0.0.1:49602 pc-hp:49601 ESTABLISHED 2044 TCP 127.0.0.1:49604 pc-hp:49605 ESTABLISHED 2044 TCP 127.0.0.1:49605 pc-hp:49604 ESTABLISHED 2044 TCP 127.0.0.1:49613 pc-hp:49614 ESTABLISHED 2044 TCP 127.0.0.1:49614 pc-hp:49613 ESTABLISHED 2044 TCP 127.0.0.1:49616 pc-hp:49617 ESTABLISHED 2044 TCP 127.0.0.1:49617 pc-hp:49616 ESTABLISHED 2044 TCP 127.0.0.1:49629 pc-hp:49630 ESTABLISHED 2044 TCP 127.0.0.1:49630 pc-hp:49629 ESTABLISHED 2044 TCP 127.0.0.1:49638 pc-hp:49639 ESTABLISHED 2044 TCP 127.0.0.1:49639 pc-hp:49638 ESTABLISHED 2044 TCP 127.0.0.1:49644 pc-hp:49645 ESTABLISHED 2044 TCP 127.0.0.1:49645 pc-hp:49644 ESTABLISHED 2044 TCP 127.0.0.1:49647 pc-hp:49648 ESTABLISHED 2044 TCP 127.0.0.1:49648 pc-hp:49647 ESTABLISHED 2044 TCP 127.0.0.1:49656 pc-hp:49657 ESTABLISHED 2044 TCP 127.0.0.1:49657 pc-hp:49656 ESTABLISHED 2044 TCP 127.0.0.1:49659 pc-hp:49660 ESTABLISHED 2044 TCP 127.0.0.1:49660 pc-hp:49659 ESTABLISHED 2044 TCP 127.0.0.1:49720 pc-hp:49721 ESTABLISHED 2044 TCP 127.0.0.1:49721 pc-hp:49720 ESTABLISHED 2044 TCP 127.0.0.1:49742 pc-hp:49743 ESTABLISHED 2044 TCP 127.0.0.1:49743 pc-hp:49742 ESTABLISHED 2044 TCP 127.0.0.1:49748 pc-hp:49749 ESTABLISHED 2044 TCP 127.0.0.1:49749 pc-hp:49748 ESTABLISHED 2044 TCP 127.0.0.1:49754 pc-hp:49755 ESTABLISHED 2044 TCP 127.0.0.1:49755 pc-hp:49754 ESTABLISHED 2044 TCP 127.0.0.1:49762 pc-hp:49763 ESTABLISHED 2044 TCP 127.0.0.1:49763 pc-hp:49762 ESTABLISHED 2044 TCP 127.0.0.1:49765 pc-hp:49766 ESTABLISHED 2044 TCP 127.0.0.1:49766 pc-hp:49765 ESTABLISHED 2044 TCP 127.0.0.1:49794 pc-hp:49795 ESTABLISHED 2044 TCP 127.0.0.1:49795 pc-hp:49794 ESTABLISHED 2044 TCP 127.0.0.1:50052 pc-hp:50053 ESTABLISHED 2044 TCP 127.0.0.1:50053 pc-hp:50052 ESTABLISHED 2044 TCP 127.0.0.1:50055 pc-hp:50056 ESTABLISHED 2044 TCP 127.0.0.1:50056 pc-hp:50055 ESTABLISHED 2044 TCP 127.0.0.1:50065 pc-hp:50066 ESTABLISHED 2044 TCP 127.0.0.1:50066 pc-hp:50065 ESTABLISHED 2044 TCP 127.0.0.1:50077 pc-hp:50078 ESTABLISHED 2044 TCP 127.0.0.1:50078 pc-hp:50077 ESTABLISHED 2044 TCP 127.0.0.1:50080 pc-hp:50081 ESTABLISHED 2044 TCP 127.0.0.1:50081 pc-hp:50080 ESTABLISHED 2044 TCP 127.0.0.1:50088 pc-hp:50089 ESTABLISHED 2044 TCP 127.0.0.1:50089 pc-hp:50088 ESTABLISHED 2044 TCP 127.0.0.1:50097 pc-hp:50098 ESTABLISHED 2044 TCP 127.0.0.1:50098 pc-hp:50097 ESTABLISHED 2044 TCP 127.0.0.1:50103 pc-hp:50104 ESTABLISHED 2044 TCP 127.0.0.1:50104 pc-hp:50103 ESTABLISHED 2044 TCP 127.0.0.1:50119 pc-hp:50120 ESTABLISHED 2044 TCP 127.0.0.1:50120 pc-hp:50119 ESTABLISHED 2044 TCP 127.0.0.1:50122 pc-hp:50123 ESTABLISHED 2044 TCP 127.0.0.1:50123 pc-hp:50122 ESTABLISHED 2044 TCP 127.0.0.1:50125 pc-hp:50126 ESTABLISHED 2044 TCP 127.0.0.1:50126 pc-hp:50125 ESTABLISHED 2044 TCP 127.0.0.1:50128 pc-hp:50129 ESTABLISHED 2044 TCP 127.0.0.1:50129 pc-hp:50128 ESTABLISHED 2044 TCP 127.0.0.1:50142 pc-hp:50143 ESTABLISHED 2044 TCP 127.0.0.1:50143 pc-hp:50142 ESTABLISHED 2044 TCP 127.0.0.1:50147 pc-hp:50148 ESTABLISHED 2044 TCP 127.0.0.1:50148 pc-hp:50147 ESTABLISHED 2044 TCP 127.0.0.1:50162 pc-hp:50163 ESTABLISHED 2044 TCP 127.0.0.1:50163 pc-hp:50162 ESTABLISHED 2044 TCP 127.0.0.1:50165 pc-hp:50166 ESTABLISHED 2044 TCP 127.0.0.1:50166 pc-hp:50165 ESTABLISHED 2044 TCP 127.0.0.1:50168 pc-hp:50169 ESTABLISHED 2044 TCP 127.0.0.1:50169 pc-hp:50168 ESTABLISHED 2044 TCP 127.0.0.1:50175 pc-hp:50176 ESTABLISHED 2044 TCP 127.0.0.1:50176 pc-hp:50175 ESTABLISHED 2044 TCP 127.0.0.1:50179 pc-hp:50180 ESTABLISHED 2044 TCP 127.0.0.1:50180 pc-hp:50179 ESTABLISHED 2044 TCP 127.0.0.1:50184 pc-hp:50185 ESTABLISHED 2044 TCP 127.0.0.1:50185 pc-hp:50184 ESTABLISHED 2044 TCP 127.0.0.1:50195 pc-hp:50196 ESTABLISHED 2044 TCP 127.0.0.1:50196 pc-hp:50195 ESTABLISHED 2044 TCP 127.0.0.1:50201 pc-hp:50202 ESTABLISHED 2044 TCP 127.0.0.1:50202 pc-hp:50201 ESTABLISHED 2044 TCP 127.0.0.1:50204 pc-hp:50205 ESTABLISHED 2044 TCP 127.0.0.1:50205 pc-hp:50204 ESTABLISHED 2044 TCP 127.0.0.1:50214 pc-hp:50215 ESTABLISHED 2044 TCP 127.0.0.1:50215 pc-hp:50214 ESTABLISHED 2044 TCP 127.0.0.1:50217 pc-hp:50218 ESTABLISHED 2044 TCP 127.0.0.1:50218 pc-hp:50217 ESTABLISHED 2044 TCP 127.0.0.1:50234 pc-hp:50235 ESTABLISHED 2044 TCP 127.0.0.1:50235 pc-hp:50234 ESTABLISHED 2044 TCP 127.0.0.1:50243 pc-hp:50244 ESTABLISHED 2044 TCP 127.0.0.1:50244 pc-hp:50243 ESTABLISHED 2044 TCP 127.0.0.1:50249 pc-hp:50250 ESTABLISHED 2044 TCP 127.0.0.1:50250 pc-hp:50249 ESTABLISHED 2044 TCP 127.0.0.1:50252 pc-hp:50253 ESTABLISHED 2044 TCP 127.0.0.1:50253 pc-hp:50252 ESTABLISHED 2044 TCP 127.0.0.1:50258 pc-hp:50259 ESTABLISHED 2044 TCP 127.0.0.1:50259 pc-hp:50258 ESTABLISHED 2044 TCP 127.0.0.1:50267 pc-hp:50268 ESTABLISHED 2044 TCP 127.0.0.1:50268 pc-hp:50267 ESTABLISHED 2044 TCP 127.0.0.1:50273 pc-hp:50274 ESTABLISHED 2044 TCP 127.0.0.1:50274 pc-hp:50273 ESTABLISHED 2044 TCP 127.0.0.1:50279 pc-hp:50280 ESTABLISHED 2044 TCP 127.0.0.1:50280 pc-hp:50279 ESTABLISHED 2044 TCP 127.0.0.1:50282 pc-hp:50283 ESTABLISHED 2044 TCP 127.0.0.1:50283 pc-hp:50282 ESTABLISHED 2044 TCP 127.0.0.1:50285 pc-hp:50286 ESTABLISHED 2044 TCP 127.0.0.1:50286 pc-hp:50285 ESTABLISHED 2044 TCP 127.0.0.1:50288 pc-hp:50289 ESTABLISHED 2044 TCP 127.0.0.1:50289 pc-hp:50288 ESTABLISHED 2044 TCP 127.0.0.1:50306 pc-hp:50307 ESTABLISHED 2044 TCP 127.0.0.1:50307 pc-hp:50306 ESTABLISHED 2044 TCP 127.0.0.1:50309 pc-hp:50310 ESTABLISHED 2044 TCP 127.0.0.1:50310 pc-hp:50309 ESTABLISHED 2044 TCP 127.0.0.1:50318 pc-hp:50319 ESTABLISHED 2044 TCP 127.0.0.1:50319 pc-hp:50318 ESTABLISHED 2044 TCP 127.0.0.1:50321 pc-hp:50322 ESTABLISHED 2044 TCP 127.0.0.1:50322 pc-hp:50321 ESTABLISHED 2044 TCP 127.0.0.1:50324 pc-hp:50325 ESTABLISHED 2044 TCP 127.0.0.1:50325 pc-hp:50324 ESTABLISHED 2044 TCP 127.0.0.1:50328 pc-hp:50329 ESTABLISHED 2044 TCP 127.0.0.1:50329 pc-hp:50328 ESTABLISHED 2044 TCP 127.0.0.1:50347 pc-hp:50348 ESTABLISHED 2044 TCP 127.0.0.1:50348 pc-hp:50347 ESTABLISHED 2044 TCP 127.0.0.1:50350 pc-hp:50351 ESTABLISHED 2044 TCP 127.0.0.1:50351 pc-hp:50350 ESTABLISHED 2044 TCP 127.0.0.1:50359 pc-hp:50360 ESTABLISHED 2044 TCP 127.0.0.1:50360 pc-hp:50359 ESTABLISHED 2044 TCP 127.0.0.1:50362 pc-hp:50363 ESTABLISHED 2044 TCP 127.0.0.1:50363 pc-hp:50362 ESTABLISHED 2044 TCP 127.0.0.1:50365 pc-hp:50366 ESTABLISHED 2044 TCP 127.0.0.1:50366 pc-hp:50365 ESTABLISHED 2044 TCP 127.0.0.1:50373 pc-hp:50374 ESTABLISHED 2044 TCP 127.0.0.1:50374 pc-hp:50373 ESTABLISHED 2044 TCP 127.0.0.1:50385 pc-hp:50386 ESTABLISHED 2044 TCP 127.0.0.1:50386 pc-hp:50385 ESTABLISHED 2044 TCP 127.0.0.1:50391 pc-hp:50392 ESTABLISHED 2044 TCP 127.0.0.1:50392 pc-hp:50391 ESTABLISHED 2044 TCP 127.0.0.1:50394 pc-hp:50395 ESTABLISHED 2044 TCP 127.0.0.1:50395 pc-hp:50394 ESTABLISHED 2044 TCP 127.0.0.1:50403 pc-hp:50404 ESTABLISHED 2044 TCP 127.0.0.1:50404 pc-hp:50403 ESTABLISHED 2044 TCP 127.0.0.1:50406 pc-hp:50407 ESTABLISHED 2044 TCP 127.0.0.1:50407 pc-hp:50406 ESTABLISHED 2044 TCP 127.0.0.1:50412 pc-hp:50413 ESTABLISHED 2044 TCP 127.0.0.1:50413 pc-hp:50412 ESTABLISHED 2044 TCP 127.0.0.1:50423 pc-hp:50424 ESTABLISHED 2044 TCP 127.0.0.1:50424 pc-hp:50423 ESTABLISHED 2044 TCP 127.0.0.1:50432 pc-hp:50433 ESTABLISHED 2044 TCP 127.0.0.1:50433 pc-hp:50432 ESTABLISHED 2044 TCP 127.0.0.1:50435 pc-hp:50436 ESTABLISHED 2044 TCP 127.0.0.1:50436 pc-hp:50435 ESTABLISHED 2044 TCP 127.0.0.1:50438 pc-hp:50439 ESTABLISHED 2044 TCP 127.0.0.1:50439 pc-hp:50438 ESTABLISHED 2044 TCP 127.0.0.1:50441 pc-hp:50442 ESTABLISHED 2044 TCP 127.0.0.1:50442 pc-hp:50441 ESTABLISHED 2044 TCP 127.0.0.1:50445 pc-hp:50446 ESTABLISHED 2044 TCP 127.0.0.1:50446 pc-hp:50445 ESTABLISHED 2044 TCP 127.0.0.1:50453 pc-hp:50454 ESTABLISHED 2044 TCP 127.0.0.1:50454 pc-hp:50453 ESTABLISHED 2044 TCP 127.0.0.1:50459 pc-hp:50460 ESTABLISHED 2044 TCP 127.0.0.1:50460 pc-hp:50459 ESTABLISHED 2044 TCP 127.0.0.1:50462 pc-hp:50463 ESTABLISHED 2044 TCP 127.0.0.1:50463 pc-hp:50462 ESTABLISHED 2044 TCP 127.0.0.1:50465 pc-hp:50466 ESTABLISHED 2044 TCP 127.0.0.1:50466 pc-hp:50465 ESTABLISHED 2044 TCP 127.0.0.1:50468 pc-hp:50469 ESTABLISHED 2044 TCP 127.0.0.1:50469 pc-hp:50468 ESTABLISHED 2044 TCP 127.0.0.1:50471 pc-hp:50472 ESTABLISHED 2044 TCP 127.0.0.1:50472 pc-hp:50471 ESTABLISHED 2044 TCP 127.0.0.1:50481 pc-hp:50482 ESTABLISHED 2044 TCP 127.0.0.1:50482 pc-hp:50481 ESTABLISHED 2044 TCP 127.0.0.1:50484 pc-hp:50485 ESTABLISHED 2044 TCP 127.0.0.1:50485 pc-hp:50484 ESTABLISHED 2044 TCP 127.0.0.1:50490 pc-hp:50491 ESTABLISHED 2044 TCP 127.0.0.1:50491 pc-hp:50490 ESTABLISHED 2044 TCP 127.0.0.1:50493 pc-hp:50494 ESTABLISHED 2044 TCP 127.0.0.1:50494 pc-hp:50493 ESTABLISHED 2044 TCP 127.0.0.1:50497 pc-hp:50498 ESTABLISHED 2044 TCP 127.0.0.1:50498 pc-hp:50497 ESTABLISHED 2044 TCP 127.0.0.1:50500 pc-hp:50501 ESTABLISHED 2044 TCP 127.0.0.1:50501 pc-hp:50500 ESTABLISHED 2044 TCP 127.0.0.1:50512 pc-hp:50513 ESTABLISHED 2044 TCP 127.0.0.1:50513 pc-hp:50512 ESTABLISHED 2044 TCP 127.0.0.1:50515 pc-hp:50516 ESTABLISHED 2044 TCP 127.0.0.1:50516 pc-hp:50515 ESTABLISHED 2044 TCP 127.0.0.1:50518 pc-hp:50519 ESTABLISHED 2044 TCP 127.0.0.1:50519 pc-hp:50518 ESTABLISHED 2044 TCP 127.0.0.1:50521 pc-hp:50522 ESTABLISHED 2044 TCP 127.0.0.1:50522 pc-hp:50521 ESTABLISHED 2044 TCP 127.0.0.1:50524 pc-hp:50525 ESTABLISHED 2044 TCP 127.0.0.1:50525 pc-hp:50524 ESTABLISHED 2044 TCP 127.0.0.1:50527 pc-hp:50528 ESTABLISHED 2044 TCP 127.0.0.1:50528 pc-hp:50527 ESTABLISHED 2044 TCP 127.0.0.1:50542 pc-hp:50543 ESTABLISHED 2044 TCP 127.0.0.1:50543 pc-hp:50542 ESTABLISHED 2044 TCP 127.0.0.1:50545 pc-hp:50546 ESTABLISHED 2044 TCP 127.0.0.1:50546 pc-hp:50545 ESTABLISHED 2044 TCP 127.0.0.1:50551 pc-hp:50552 ESTABLISHED 2044 TCP 127.0.0.1:50552 pc-hp:50551 ESTABLISHED 2044 TCP 127.0.0.1:50557 pc-hp:50558 ESTABLISHED 2044 TCP 127.0.0.1:50558 pc-hp:50557 ESTABLISHED 2044 TCP 127.0.0.1:50560 pc-hp:50561 ESTABLISHED 2044 TCP 127.0.0.1:50561 pc-hp:50560 ESTABLISHED 2044 TCP 127.0.0.1:50563 pc-hp:50564 ESTABLISHED 2044 TCP 127.0.0.1:50564 pc-hp:50563 ESTABLISHED 2044 TCP 127.0.0.1:50578 pc-hp:50579 ESTABLISHED 2044 TCP 127.0.0.1:50579 pc-hp:50578 ESTABLISHED 2044 TCP 127.0.0.1:50581 pc-hp:50582 ESTABLISHED 2044 TCP 127.0.0.1:50582 pc-hp:50581 ESTABLISHED 2044 TCP 127.0.0.1:50584 pc-hp:50585 ESTABLISHED 2044 TCP 127.0.0.1:50585 pc-hp:50584 ESTABLISHED 2044 TCP 127.0.0.1:50591 pc-hp:50592 ESTABLISHED 2044 TCP 127.0.0.1:50592 pc-hp:50591 ESTABLISHED 2044 TCP 127.0.0.1:50594 pc-hp:50595 ESTABLISHED 2044 TCP 127.0.0.1:50595 pc-hp:50594 ESTABLISHED 2044 TCP 127.0.0.1:50597 pc-hp:50598 ESTABLISHED 2044 TCP 127.0.0.1:50598 pc-hp:50597 ESTABLISHED 2044 TCP 127.0.0.1:50608 pc-hp:50609 ESTABLISHED 2044 TCP 127.0.0.1:50609 pc-hp:50608 ESTABLISHED 2044 TCP 127.0.0.1:50611 pc-hp:50612 ESTABLISHED 2044 TCP 127.0.0.1:50612 pc-hp:50611 ESTABLISHED 2044 TCP 127.0.0.1:50614 pc-hp:50615 ESTABLISHED 2044 TCP 127.0.0.1:50615 pc-hp:50614 ESTABLISHED 2044 TCP 127.0.0.1:50621 pc-hp:50622 ESTABLISHED 2044 TCP 127.0.0.1:50622 pc-hp:50621 ESTABLISHED 2044 TCP 127.0.0.1:50624 pc-hp:50625 ESTABLISHED 2044 TCP 127.0.0.1:50625 pc-hp:50624 ESTABLISHED 2044 TCP 127.0.0.1:50630 pc-hp:50631 ESTABLISHED 2044 TCP 127.0.0.1:50631 pc-hp:50630 ESTABLISHED 2044 TCP 127.0.0.1:50647 pc-hp:50648 ESTABLISHED 2044 TCP 127.0.0.1:50648 pc-hp:50647 ESTABLISHED 2044 TCP 127.0.0.1:50653 pc-hp:50654 ESTABLISHED 2044 TCP 127.0.0.1:50654 pc-hp:50653 ESTABLISHED 2044 TCP 127.0.0.1:50656 pc-hp:50657 ESTABLISHED 2044 TCP 127.0.0.1:50657 pc-hp:50656 ESTABLISHED 2044 TCP 127.0.0.1:50659 pc-hp:50660 ESTABLISHED 2044 TCP 127.0.0.1:50660 pc-hp:50659 ESTABLISHED 2044 TCP 127.0.0.1:50666 pc-hp:50667 ESTABLISHED 2044 TCP 127.0.0.1:50667 pc-hp:50666 ESTABLISHED 2044 TCP 127.0.0.1:50672 pc-hp:50673 ESTABLISHED 2044 TCP 127.0.0.1:50673 pc-hp:50672 ESTABLISHED 2044 TCP 127.0.0.1:50689 pc-hp:50690 ESTABLISHED 2044 TCP 127.0.0.1:50690 pc-hp:50689 ESTABLISHED 2044 TCP 127.0.0.1:50692 pc-hp:50693 ESTABLISHED 2044 TCP 127.0.0.1:50693 pc-hp:50692 ESTABLISHED 2044 TCP 127.0.0.1:50698 pc-hp:50699 ESTABLISHED 2044 TCP 127.0.0.1:50699 pc-hp:50698 ESTABLISHED 2044 TCP 127.0.0.1:50701 pc-hp:50702 ESTABLISHED 2044 TCP 127.0.0.1:50702 pc-hp:50701 ESTABLISHED 2044 TCP 127.0.0.1:50705 pc-hp:50706 ESTABLISHED 2044 TCP 127.0.0.1:50706 pc-hp:50705 ESTABLISHED 2044 TCP 127.0.0.1:50708 pc-hp:50709 ESTABLISHED 2044 TCP 127.0.0.1:50709 pc-hp:50708 ESTABLISHED 2044 TCP 127.0.0.1:50719 pc-hp:50720 ESTABLISHED 2044 TCP 127.0.0.1:50720 pc-hp:50719 ESTABLISHED 2044 TCP 127.0.0.1:50722 pc-hp:50723 ESTABLISHED 2044 TCP 127.0.0.1:50723 pc-hp:50722 ESTABLISHED 2044 TCP 127.0.0.1:50725 pc-hp:50726 ESTABLISHED 2044 TCP 127.0.0.1:50726 pc-hp:50725 ESTABLISHED 2044 TCP 127.0.0.1:50728 pc-hp:50729 ESTABLISHED 2044 TCP 127.0.0.1:50729 pc-hp:50728 ESTABLISHED 2044 TCP 127.0.0.1:50734 pc-hp:50735 ESTABLISHED 2044 TCP 127.0.0.1:50735 pc-hp:50734 ESTABLISHED 2044 TCP 127.0.0.1:50740 pc-hp:50741 ESTABLISHED 2044 TCP 127.0.0.1:50741 pc-hp:50740 ESTABLISHED 2044 TCP 127.0.0.1:50752 pc-hp:50753 ESTABLISHED 2044 TCP 127.0.0.1:50753 pc-hp:50752 ESTABLISHED 2044 TCP 127.0.0.1:50755 pc-hp:50756 ESTABLISHED 2044 TCP 127.0.0.1:50756 pc-hp:50755 ESTABLISHED 2044 TCP 127.0.0.1:50758 pc-hp:50759 ESTABLISHED 2044 TCP 127.0.0.1:50759 pc-hp:50758 ESTABLISHED 2044 TCP 127.0.0.1:50761 pc-hp:50762 ESTABLISHED 2044 TCP 127.0.0.1:50762 pc-hp:50761 ESTABLISHED 2044 TCP 127.0.0.1:50764 pc-hp:50765 ESTABLISHED 2044 TCP 127.0.0.1:50765 pc-hp:50764 ESTABLISHED 2044 TCP 127.0.0.1:50767 pc-hp:50768 ESTABLISHED 2044 TCP 127.0.0.1:50768 pc-hp:50767 ESTABLISHED 2044 TCP 127.0.0.1:50777 pc-hp:50778 ESTABLISHED 2044 TCP 127.0.0.1:50778 pc-hp:50777 ESTABLISHED 2044 TCP 127.0.0.1:50789 pc-hp:50790 ESTABLISHED 2044 TCP 127.0.0.1:50790 pc-hp:50789 ESTABLISHED 2044 TCP 127.0.0.1:50792 pc-hp:50793 ESTABLISHED 2044 TCP 127.0.0.1:50793 pc-hp:50792 ESTABLISHED 2044 TCP 127.0.0.1:50795 pc-hp:50796 ESTABLISHED 2044 TCP 127.0.0.1:50796 pc-hp:50795 ESTABLISHED 2044 TCP 127.0.0.1:50798 pc-hp:50799 ESTABLISHED 2044 TCP 127.0.0.1:50799 pc-hp:50798 ESTABLISHED 2044 TCP 127.0.0.1:50801 pc-hp:50802 ESTABLISHED 2044 TCP 127.0.0.1:50802 pc-hp:50801 ESTABLISHED 2044 TCP 127.0.0.1:50812 pc-hp:50813 ESTABLISHED 2044 TCP 127.0.0.1:50813 pc-hp:50812 ESTABLISHED 2044 TCP 127.0.0.1:50821 pc-hp:50822 ESTABLISHED 2044 TCP 127.0.0.1:50822 pc-hp:50821 ESTABLISHED 2044 TCP 127.0.0.1:50824 pc-hp:50825 ESTABLISHED 2044 TCP 127.0.0.1:50825 pc-hp:50824 ESTABLISHED 2044 TCP 127.0.0.1:50827 pc-hp:50828 ESTABLISHED 2044 TCP 127.0.0.1:50828 pc-hp:50827 ESTABLISHED 2044 TCP 127.0.0.1:50830 pc-hp:50831 ESTABLISHED 2044 TCP 127.0.0.1:50831 pc-hp:50830 ESTABLISHED 2044 TCP 127.0.0.1:50833 pc-hp:50834 ESTABLISHED 2044 TCP 127.0.0.1:50834 pc-hp:50833 ESTABLISHED 2044 TCP 127.0.0.1:50844 pc-hp:50845 ESTABLISHED 2044 TCP 127.0.0.1:50845 pc-hp:50844 ESTABLISHED 2044 TCP 127.0.0.1:50847 pc-hp:50848 ESTABLISHED 2044 TCP 127.0.0.1:50848 pc-hp:50847 ESTABLISHED 2044 TCP 127.0.0.1:50851 pc-hp:50852 ESTABLISHED 2044 TCP 127.0.0.1:50852 pc-hp:50851 ESTABLISHED 2044 TCP 127.0.0.1:50854 pc-hp:50855 ESTABLISHED 2044 TCP 127.0.0.1:50855 pc-hp:50854 ESTABLISHED 2044 TCP 127.0.0.1:50857 pc-hp:50858 ESTABLISHED 2044 TCP 127.0.0.1:50858 pc-hp:50857 ESTABLISHED 2044 TCP 127.0.0.1:50860 pc-hp:50861 ESTABLISHED 2044 TCP 127.0.0.1:50861 pc-hp:50860 ESTABLISHED 2044 TCP 127.0.0.1:50871 pc-hp:50872 ESTABLISHED 2044 TCP 127.0.0.1:50872 pc-hp:50871 ESTABLISHED 2044 TCP 127.0.0.1:50874 pc-hp:50875 ESTABLISHED 2044 TCP 127.0.0.1:50875 pc-hp:50874 ESTABLISHED 2044 TCP 127.0.0.1:50877 pc-hp:50878 ESTABLISHED 2044 TCP 127.0.0.1:50878 pc-hp:50877 ESTABLISHED 2044 TCP 127.0.0.1:50880 pc-hp:50881 ESTABLISHED 2044 TCP 127.0.0.1:50881 pc-hp:50880 ESTABLISHED 2044 TCP 127.0.0.1:50883 pc-hp:50884 ESTABLISHED 2044 TCP 127.0.0.1:50884 pc-hp:50883 ESTABLISHED 2044 TCP 127.0.0.1:50889 pc-hp:50890 ESTABLISHED 2044 TCP 127.0.0.1:50890 pc-hp:50889 ESTABLISHED 2044 TCP 127.0.0.1:50898 pc-hp:50899 ESTABLISHED 2044 TCP 127.0.0.1:50899 pc-hp:50898 ESTABLISHED 2044 TCP 127.0.0.1:50901 pc-hp:50902 ESTABLISHED 2044 TCP 127.0.0.1:50902 pc-hp:50901 ESTABLISHED 2044 TCP 127.0.0.1:50908 pc-hp:50909 ESTABLISHED 2044 TCP 127.0.0.1:50909 pc-hp:50908 ESTABLISHED 2044 TCP 127.0.0.1:50914 pc-hp:50915 ESTABLISHED 2044 TCP 127.0.0.1:50915 pc-hp:50914 ESTABLISHED 2044 TCP 127.0.0.1:50917 pc-hp:50918 ESTABLISHED 2044 TCP 127.0.0.1:50918 pc-hp:50917 ESTABLISHED 2044 TCP 127.0.0.1:50920 pc-hp:50921 ESTABLISHED 2044 TCP 127.0.0.1:50921 pc-hp:50920 ESTABLISHED 2044 TCP 127.0.0.1:50930 pc-hp:50931 ESTABLISHED 2044 TCP 127.0.0.1:50931 pc-hp:50930 ESTABLISHED 2044 TCP 127.0.0.1:50933 pc-hp:50934 ESTABLISHED 2044 TCP 127.0.0.1:50934 pc-hp:50933 ESTABLISHED 2044 TCP 127.0.0.1:50936 pc-hp:50937 ESTABLISHED 2044 TCP 127.0.0.1:50937 pc-hp:50936 ESTABLISHED 2044 TCP 127.0.0.1:50939 pc-hp:50940 ESTABLISHED 2044 TCP 127.0.0.1:50940 pc-hp:50939 ESTABLISHED 2044 TCP 127.0.0.1:50942 pc-hp:50943 ESTABLISHED 2044 TCP 127.0.0.1:50943 pc-hp:50942 ESTABLISHED 2044 TCP 127.0.0.1:50948 pc-hp:50949 ESTABLISHED 2044 TCP 127.0.0.1:50949 pc-hp:50948 ESTABLISHED 2044 TCP 127.0.0.1:50956 pc-hp:50957 ESTABLISHED 2044 TCP 127.0.0.1:50957 pc-hp:50956 ESTABLISHED 2044 TCP 127.0.0.1:50959 pc-hp:50960 ESTABLISHED 2044 TCP 127.0.0.1:50960 pc-hp:50959 ESTABLISHED 2044 TCP 127.0.0.1:50962 pc-hp:50963 ESTABLISHED 2044 TCP 127.0.0.1:50963 pc-hp:50962 ESTABLISHED 2044 TCP 127.0.0.1:50968 pc-hp:50969 ESTABLISHED 2044 TCP 127.0.0.1:50969 pc-hp:50968 ESTABLISHED 2044 TCP 127.0.0.1:50971 pc-hp:50972 ESTABLISHED 2044 TCP 127.0.0.1:50972 pc-hp:50971 ESTABLISHED 2044 TCP 127.0.0.1:50974 pc-hp:50975 ESTABLISHED 2044 TCP 127.0.0.1:50975 pc-hp:50974 ESTABLISHED 2044 TCP 127.0.0.1:50982 pc-hp:50983 ESTABLISHED 2044 TCP 127.0.0.1:50983 pc-hp:50982 ESTABLISHED 2044 TCP 127.0.0.1:50985 pc-hp:50986 ESTABLISHED 2044 TCP 127.0.0.1:50986 pc-hp:50985 ESTABLISHED 2044 TCP 127.0.0.1:50988 pc-hp:50989 ESTABLISHED 2044 TCP 127.0.0.1:50989 pc-hp:50988 ESTABLISHED 2044 TCP 127.0.0.1:50992 pc-hp:50993 ESTABLISHED 2044 TCP 127.0.0.1:50993 pc-hp:50992 ESTABLISHED 2044 TCP 127.0.0.1:50995 pc-hp:50996 ESTABLISHED 2044 TCP 127.0.0.1:50996 pc-hp:50995 ESTABLISHED 2044 TCP 127.0.0.1:50998 pc-hp:50999 ESTABLISHED 2044 TCP 127.0.0.1:50999 pc-hp:50998 ESTABLISHED 2044 TCP 127.0.0.1:51010 pc-hp:51011 ESTABLISHED 2044 TCP 127.0.0.1:51011 pc-hp:51010 ESTABLISHED 2044 TCP 127.0.0.1:51026 pc-hp:51027 ESTABLISHED 2044 TCP 127.0.0.1:51027 pc-hp:51026 ESTABLISHED 2044 TCP 127.0.0.1:51037 pc-hp:51040 ESTABLISHED 2044 TCP 127.0.0.1:51040 pc-hp:51037 ESTABLISHED 2044 TCP 127.0.0.1:51100 pc-hp:51101 ESTABLISHED 2044 TCP 127.0.0.1:51101 pc-hp:51100 ESTABLISHED 2044 TCP 127.0.0.1:51111 pc-hp:51112 ESTABLISHED 2044 TCP 127.0.0.1:51112 pc-hp:51111 ESTABLISHED 2044 TCP 127.0.0.1:51198 pc-hp:51200 ESTABLISHED 2044 TCP 127.0.0.1:51200 pc-hp:51198 ESTABLISHED 2044 TCP 127.0.0.1:51224 pc-hp:51225 ESTABLISHED 2044 TCP 127.0.0.1:51225 pc-hp:51224 ESTABLISHED 2044 TCP 127.0.0.1:51235 pc-hp:51236 ESTABLISHED 2044 TCP 127.0.0.1:51236 pc-hp:51235 ESTABLISHED 2044 TCP 127.0.0.1:51238 pc-hp:51239 ESTABLISHED 2044 TCP 127.0.0.1:51239 pc-hp:51238 ESTABLISHED 2044 TCP 127.0.0.1:51265 pc-hp:51266 ESTABLISHED 2044 TCP 127.0.0.1:51266 pc-hp:51265 ESTABLISHED 2044 TCP 127.0.0.1:51268 pc-hp:51269 ESTABLISHED 2044 TCP 127.0.0.1:51269 pc-hp:51268 ESTABLISHED 2044 TCP 127.0.0.1:51290 pc-hp:51291 ESTABLISHED 2044 TCP 127.0.0.1:51291 pc-hp:51290 ESTABLISHED 2044 TCP 127.0.0.1:51306 pc-hp:51307 ESTABLISHED 2044 TCP 127.0.0.1:51307 pc-hp:51306 ESTABLISHED 2044 TCP 127.0.0.1:51316 pc-hp:51317 ESTABLISHED 2044 TCP 127.0.0.1:51317 pc-hp:51316 ESTABLISHED 2044 TCP 127.0.0.1:51322 pc-hp:51323 ESTABLISHED 2044 TCP 127.0.0.1:51323 pc-hp:51322 ESTABLISHED 2044 TCP 127.0.0.1:51329 pc-hp:51330 ESTABLISHED 2044 TCP 127.0.0.1:51330 pc-hp:51329 ESTABLISHED 2044 TCP 127.0.0.1:51332 pc-hp:51333 ESTABLISHED 2044 TCP 127.0.0.1:51333 pc-hp:51332 ESTABLISHED 2044 TCP 127.0.0.1:51339 pc-hp:51340 ESTABLISHED 2044 TCP 127.0.0.1:51340 pc-hp:51339 ESTABLISHED 2044 TCP 127.0.0.1:51365 pc-hp:51366 ESTABLISHED 2044 TCP 127.0.0.1:51366 pc-hp:51365 ESTABLISHED 2044 TCP 127.0.0.1:51374 pc-hp:51375 ESTABLISHED 2044 TCP 127.0.0.1:51375 pc-hp:51374 ESTABLISHED 2044 TCP 127.0.0.1:51377 pc-hp:51378 ESTABLISHED 2044 TCP 127.0.0.1:51378 pc-hp:51377 ESTABLISHED 2044 TCP 127.0.0.1:51386 pc-hp:51387 ESTABLISHED 2044 TCP 127.0.0.1:51387 pc-hp:51386 ESTABLISHED 2044 TCP 127.0.0.1:51389 pc-hp:51390 ESTABLISHED 2044 TCP 127.0.0.1:51390 pc-hp:51389 ESTABLISHED 2044 TCP 127.0.0.1:51395 pc-hp:51396 ESTABLISHED 2044 TCP 127.0.0.1:51396 pc-hp:51395 ESTABLISHED 2044 TCP 127.0.0.1:51409 pc-hp:51410 ESTABLISHED 2044 TCP 127.0.0.1:51410 pc-hp:51409 ESTABLISHED 2044 TCP 127.0.0.1:51412 pc-hp:51413 ESTABLISHED 2044 TCP 127.0.0.1:51413 pc-hp:51412 ESTABLISHED 2044 TCP 127.0.0.1:51415 pc-hp:51416 ESTABLISHED 2044 TCP 127.0.0.1:51416 pc-hp:51415 ESTABLISHED 2044 TCP 127.0.0.1:51424 pc-hp:51425 ESTABLISHED 2044 TCP 127.0.0.1:51425 pc-hp:51424 ESTABLISHED 2044 TCP 127.0.0.1:51427 pc-hp:51428 ESTABLISHED 2044 TCP 127.0.0.1:51428 pc-hp:51427 ESTABLISHED 2044 TCP 127.0.0.1:51434 pc-hp:51435 ESTABLISHED 2044 TCP 127.0.0.1:51435 pc-hp:51434 ESTABLISHED 2044 TCP 127.0.0.1:51447 pc-hp:51448 ESTABLISHED 2044 TCP 127.0.0.1:51448 pc-hp:51447 ESTABLISHED 2044 TCP 127.0.0.1:51450 pc-hp:51451 ESTABLISHED 2044 TCP 127.0.0.1:51451 pc-hp:51450 ESTABLISHED 2044 TCP 127.0.0.1:51453 pc-hp:51454 ESTABLISHED 2044 TCP 127.0.0.1:51454 pc-hp:51453 ESTABLISHED 2044 TCP 127.0.0.1:51462 pc-hp:51463 ESTABLISHED 2044 TCP 127.0.0.1:51463 pc-hp:51462 ESTABLISHED 2044 TCP 127.0.0.1:51465 pc-hp:51466 ESTABLISHED 2044 TCP 127.0.0.1:51466 pc-hp:51465 ESTABLISHED 2044 TCP 127.0.0.1:51471 pc-hp:51472 ESTABLISHED 2044 TCP 127.0.0.1:51472 pc-hp:51471 ESTABLISHED 2044 TCP 127.0.0.1:51474 pc-hp:51475 ESTABLISHED 2044 TCP 127.0.0.1:51475 pc-hp:51474 ESTABLISHED 2044 TCP 127.0.0.1:65001 pc-hp:49173 ESTABLISHED 104 TCP 192.168.0.2:49183 ams10-013.ff.avast.com:http ESTABLISHED 2044 TCP 192.168.0.2:52981 r-149-58-45-5.ff.avast.com:http CLOSE_WAIT 2044 TCP 192.168.0.2:53071 60-206-32-178.dsl.ovh.net:https TIME_WAIT 0 TCP 192.168.0.2:53103 a88-221-144-18.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53104 a88-221-144-42.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53105 a88-221-144-24.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53106 a88-221-144-9.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53107 a95-100-97-25.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53108 a23-62-53-104.deploy.static.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53109 a88-221-144-74.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53111 a95-101-39-32.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53113 a95-101-39-32.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53114 a95-101-39-32.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53115 a95-101-39-32.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53116 a95-101-39-32.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53117 a95-101-39-32.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53136 195.248.250.100:https CLOSE_WAIT 2760 TCP 192.168.0.2:53137 195.248.250.100:https CLOSE_WAIT 2760 TCP 192.168.0.2:53138 195.248.250.100:https CLOSE_WAIT 2760 TCP 192.168.0.2:53139 195.248.250.100:https CLOSE_WAIT 2760 TCP 192.168.0.2:53141 a88-221-144-57.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53142 a88-221-144-57.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53157 a88-221-144-26.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53172 a88-221-144-26.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53173 a88-221-144-26.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53174 a88-221-144-74.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53177 a88-221-144-26.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53179 a88-221-144-26.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53180 a88-221-144-26.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53182 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53183 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53184 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53185 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53186 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53187 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.0.2:53188 a88-221-144-58.deploy.akamaitechnologies.com:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:51082 db3wns4011412.wns.windows.com:https ESTABLISHED 5460 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53066 wa-in-x61.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53072 wl-in-x5f.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53073 wa-in-x5f.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53088 wa-in-x5e.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53089 wa-in-x5e.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53090 wa-in-x84.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53091 wa-in-x84.1e100.net:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53110 wa-in-x65.1e100.net:http ESTABLISHED 2760 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53112 wa-in-x5f.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53120 wa-in-x5e.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53121 wa-in-x5e.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53122 wa-in-x5e.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53123 wa-in-x5e.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53124 wa-in-x84.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53125 wa-in-x84.1e100.net:http TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53134 [2606:2800:133:17a3:eb7:d48:22de:1431]:https TIME_WAIT 0 TCP [2a02:2788:8c4:1174:3812:a9cf:43fa:75d0]:53144 wa-in-x65.1e100.net:http TIME_WAIT 0 ¤¤¤¤¤¤¤¤¤¤ | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=109.88.203.3 62.197.111.140 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{5C2BDC24-2B83-4863-9137-0128FE491C42}] "DhcpNameServer"=40.23.1.201 40.23.1.202 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{C016EAFC-A7C0-4257-8ACC-D491177BD790}] "DhcpNameServer"=109.88.203.3 62.197.111.140 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5C2BDC24-2B83-4863-9137-0128FE491C42}] "DhcpNameServer"=40.23.1.201 40.23.1.202 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{C016EAFC-A7C0-4257-8ACC-D491177BD790}] "DhcpNameServer"=109.88.203.3 62.197.111.140 ¤¤¤¤¤¤¤¤¤¤ | Applications [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Classes\Applications\Evernote.exe] : "C:\Program Files (x86)\Evernote\Evernote\Evernote.exe" "%1" [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Classes\Applications\Refocus_64.exe] : "C:\Program Files (x86)\AKVIS\Refocus\Refocus_64.exe" "%1" [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Classes\Applications\Screenpresso.exe] : "C:\Users\Alain\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\AvastSZB.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\FoxitReader.EXE] : "C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\Perfect Effects 9.exe] : "C:\Program Files\onOne Software\Perfect Effects 9\Perfect Effects 9.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\PortraitPro.exe] : "C:\Program Files\PortraitPro Studio 15\PortraitProStudio.exe" /P "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\AvastSZB.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\FoxitReader.EXE] : "C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Perfect Effects 9.exe] : "C:\Program Files\onOne Software\Perfect Effects 9\Perfect Effects 9.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PortraitPro.exe] : "C:\Program Files\PortraitPro Studio 15\PortraitProStudio.exe" /P "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted) ¤¤¤¤¤¤¤¤¤¤ | Software [HKU\S-1-5-18\Software\54F3DE4E] [HKU\S-1-5-18\Software\Adobe Lightroom] [HKU\S-1-5-18\Software\AppDataLow] [HKU\S-1-5-18\Software\Avast Software] [HKU\S-1-5-18\Software\Dropbox] [HKU\S-1-5-18\Software\EPSON] [HKU\S-1-5-18\Software\Foxit Software] [HKU\S-1-5-18\Software\Google] [HKU\S-1-5-18\Software\McAfee] [HKU\S-1-5-18\Software\Microsoft] [HKU\S-1-5-18\Software\Netscape] [HKU\S-1-5-18\Software\Nikon] [HKU\S-1-5-18\Software\NVIDIA Corporation] [HKU\S-1-5-18\Software\Policies] [HKU\S-1-5-18\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-18\Software\Microsoft\Windows\DWM] [HKU\S-1-5-18\Software\Microsoft\Windows\Shell] [HKU\S-1-5-18\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-1373608429-321133151-520906998-1001_Classes\Software\Microsoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001_Classes\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\2BrightSparks] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\7-Zip] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Abbott Diabetes Care] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Adobe] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Adobe Lightroom] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\AKVIS] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Anthropics] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\AppDataLow] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Apple Inc.] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\ASProtect] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\AVAST Software] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\BEID] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Binary Fortress Software] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\BM-productions] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Bullzip] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\CheckPoint] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Chromium] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Class] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Clients] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\CyberLink] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\DropboxUpdate] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\DYMO] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\EPSON] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\EventLogXP] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Evernote] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Foxit Software] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Galactic Static ] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Google] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\GPGSoftware] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Infonautics] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Intel] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\JavaSoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Lake] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Licenses] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\LogiShrd] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\m.objects] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Macromedia] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\MainConcept] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\MAP-DN] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Marcus Hebel Freeware] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\MAXA] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Mirage] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Mozilla] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\MozillaPlugins] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\MSoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\MT66] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Netscape] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Nikon] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\NirSoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\NS-Point] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Opera Software] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Organs] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Percussion Kit] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Piriform] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Policies] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\QtProject] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Rapid Environment Editor] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Realtek] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\RIT] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Ritlabs] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\RSSOwl] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Siber Systems] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Softex] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Stardock] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Stepok] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\SubSystems] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Synaptics] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\SyncApp] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\SysInternals] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Teorex] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\The Document Foundation] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\The Silicon Realms Toolworks] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Thingamahoochie] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Transcend] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Transcend Elite] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Trolltech] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\VS Revo Group] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\WinRAR] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\WinRAR SFX] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Wow6432Node] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\XRayz] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Zone Labs] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\ZONER] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\AppDataLow\Software\Adobe] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\ShellNoRoam] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1373608429-321133151-520906998-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Mine] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\DWM] [HKU\S-1-5-20\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-20\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft] [HKU\S-1-5-19\Software\Mine] [HKU\S-1-5-19\Software\Policies] [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft\Windows\DWM] [HKU\S-1-5-19\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-19\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Adobe] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Anthropics] [HKLM\Software\Apple Inc.] [HKLM\Software\Atheros] [HKLM\Software\Bullzip] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DYMO] [HKLM\Software\EPSON] [HKLM\Software\Foxit Software] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Helper Scripts] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LibreOffice] [HKLM\Software\Logishrd] [HKLM\Software\Macromedia] [HKLM\Software\McAfee] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nikon] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Restore Point Creator] [HKLM\Software\RTLSetup] [HKLM\Software\Softex] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\Stepok] [HKLM\Software\Synaptics] [HKLM\Software\sysinternals] [HKLM\Software\The Document Foundation] [HKLM\Software\WebSupergoo] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\ZONER] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\2BrightSparks] [HKLM\Software\WOW6432Node\7-Zip] [HKLM\Software\WOW6432Node\Abbott Diabetes Care] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AdwCleaner] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\AKVIS] [HKLM\Software\WOW6432Node\AntispamSniper for TheBat!] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Astonsoft] [HKLM\Software\WOW6432Node\Atheros] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\BEID] [HKLM\Software\WOW6432Node\Belarc] [HKLM\Software\WOW6432Node\BM-productions] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\CheckPoint] [HKLM\Software\WOW6432Node\Chromium] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\DYMO] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Evernote] [HKLM\Software\WOW6432Node\Foxit Software] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GPGSoftware] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\Insyde] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\LogMeInRescueCallingCard] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAP-DN] [HKLM\Software\WOW6432Node\McAfee] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nikon] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\onOne Software] [HKLM\Software\WOW6432Node\Opera Software] [HKLM\Software\WOW6432Node\Pick Bass] [HKLM\Software\WOW6432Node\Plugins] [HKLM\Software\WOW6432Node\Qualcomm Atheros] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Search The Crack!] [HKLM\Software\WOW6432Node\SEIKO EPSON CORPORATION] [HKLM\Software\WOW6432Node\Siber Systems] [HKLM\Software\WOW6432Node\Stardock] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\SystemExplorer] [HKLM\Software\WOW6432Node\Thingamahoochie] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WebSupergoo] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Zone Labs] [HKLM\Software\WOW6432Node\ZONER] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ¤¤¤¤¤¤¤¤¤¤ | Drives ¤¤¤¤¤¤¤¤¤¤ | F: [06/08/2014 06:52:00] - |RASH| - (.-.) - [55] - (0.0.0.0) - F:\RP.ini ¤¤¤¤¤¤¤¤¤¤ | E: [23/03/2015 15:15:45] - |ASH| - (.-.) - [504] - (0.0.0.0) - E:\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | D: ¤¤¤¤¤¤¤¤¤¤ | C: [22/08/2013 16:36:31] - |SHD| - [138129907] - C:\$Recycle.Bin [30/11/2015 18:42:50] - |D| - [356927] - C:\AdwCleaner [MD5.55272FE96AD87017755FD82F7928FDA0] - [22/08/2013 16:44:03] - (.-.) - [398356] - (0.0.0.0) - C:\bootmgr [24/01/2016 11:58:34] - |SHD| - [0] - C:\Config.Msi [22/08/2013 15:45:52] - |SHD| - [0] - C:\Documents and Settings [27/03/2015 16:09:31] - |D| - [509235] - C:\drivers [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/01/2015 15:44:32] - (.-.) - [10249322496] - (0.0.0.0) - C:\hiberfil.sys [11/05/2014 04:41:00] - |HD| - [10546828] - C:\HP [02/04/2014 10:52:02] - |D| - [30813] - C:\inetpub [05/08/2014 18:46:08] - |D| - [1145900] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/01/2015 15:39:45] - (.-.) - [1946157056] - (0.0.0.0) - C:\pagefile.sys [22/08/2013 16:36:30] - |D| - [0] - C:\PerfLogs [22/08/2013 14:36:15] - |RD| - [7510407660] - C:\Program Files [22/08/2013 14:36:15] - |D| - [5690282808] - C:\Program Files (x86) [22/08/2013 14:36:15] - |HD| - [7193389707] - C:\ProgramData [28/01/2016 21:35:52] - |D| - [180129] - C:\QuickDiag [MD5.437399994DFBB8D1F0C9F3384F56CBEA] - [28/01/2016 21:36:06] - (.-.) - [208465] - (0.0.0.0) - C:\QuickDiag.txt [02/04/2014 10:27:53] - |SHD| - [971] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/01/2015 15:39:45] - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [01/04/2014 02:07:44] - |D| - [6074453909] - C:\SWSetup [19/01/2015 15:39:43] - |SHD| - [15406360196] - C:\System Volume Information [01/04/2014 02:07:46] - |HD| - [594269125] - C:\SYSTEM.SAV [22/01/2015 17:59:47] - |D| - [0] - C:\temp [22/08/2013 14:36:15] - |RD| - [5645684488] - C:\Users [22/08/2013 14:36:15] - |D| - [19587004484] - C:\Windows ¤¤¤¤¤¤¤¤¤¤ | C:\WINDOWS [17/03/2015 10:02:53] - |D| - [0] - C:\WINDOWS\%LOCALAPPDATA% [22/08/2013 16:36:30] - |D| - [802] - C:\WINDOWS\addins [22/08/2013 16:36:31] - |D| - [1160704] - C:\WINDOWS\ADFS [22/08/2013 16:36:30] - |D| - [52534276] - C:\WINDOWS\AppCompat [22/08/2013 16:36:31] - |D| - [11919488] - C:\WINDOWS\apppatch [22/08/2013 16:36:30] - |RSD| - [1050772239] - C:\WINDOWS\assembly [MD5.748D1F5A0495A1AA9D44FB51B4C13271] - [08/12/2015 21:52:35] - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [43112] - (11.1.2245.1540) - C:\WINDOWS\avastSS.scr [MD5.FA78F9739F8F0239A539A06B10D354C7] - [22/08/2013 12:21:53] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [56832] - (6.3.9600.16384) - C:\WINDOWS\bfsvc.exe [22/08/2013 16:36:31] - |D| - [36824449] - C:\WINDOWS\Boot [MD5.CB835276503546FA6111AC30431B3F2F] - [22/08/2013 15:46:23] - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [22/08/2013 16:36:31] - |D| - [2296376] - C:\WINDOWS\Branding [22/08/2013 16:36:30] - |D| - [7216504] - C:\WINDOWS\Camera [22/08/2013 16:20:01] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.315BC3A000AE8C15A29F280D2F01EE1F] - [06/08/2014 04:39:46] - (.-.) - [35397] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.0505315076F50DE128B8256927B94722] - [18/03/2014 10:38:12] - (.-.) - [35851] - (0.0.0.0) - C:\WINDOWS\CoreConnectedSingleLanguage.xml [MD5.3C7CF33D66642B5CF0314C71A0B213EF] - [11/05/2014 04:51:15] - (.-.) - [12] - (0.0.0.0) - C:\WINDOWS\CSUP.txt [22/08/2013 16:36:30] - |D| - [4503720] - C:\WINDOWS\Cursors [22/08/2013 16:36:31] - |D| - [508267] - C:\WINDOWS\debug [22/08/2013 16:36:30] - |RD| - [22590] - C:\WINDOWS\DesktopTileResources [MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - [27/02/2015 13:19:29] - (.-.) - [26673] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [22/08/2013 16:36:30] - |D| - [3539068] - C:\WINDOWS\diagnostics [MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - [27/02/2015 13:19:29] - (.-.) - [26673] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [22/08/2013 16:43:29] - |D| - [0] - C:\WINDOWS\DigitalLocker [03/05/2015 17:21:40] - |D| - [95673224] - C:\WINDOWS\Downloaded Installations [22/08/2013 16:36:31] - |SD| - [0] - C:\WINDOWS\Downloaded Program Files [22/08/2013 16:43:29] - |D| - [0] - C:\WINDOWS\en-US [MD5.C10A66189DC8C090E7C84873EDCEBC88] - [11/03/2015 15:09:34] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2501368] - (6.3.9600.17667) - C:\WINDOWS\explorer.exe [22/08/2013 16:36:30] - |D| - [14526285] - C:\WINDOWS\FileManager [22/08/2013 14:36:15] - |RSD| - [539447311] - C:\WINDOWS\Fonts [11/05/2014 04:58:11] - |D| - [111616] - C:\WINDOWS\fr-FR [22/08/2013 16:36:30] - |D| - [93333783] - C:\WINDOWS\Globalization [22/08/2013 16:36:31] - |D| - [46898819] - C:\WINDOWS\Help [MD5.80E856B1AFAEB6195EADAAD65945147C] - [03/03/2015 10:16:14] - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1001472] - (6.3.9600.17415) - C:\WINDOWS\HelpPane.exe [05/08/2014 19:13:04] - |D| - [30573772] - C:\WINDOWS\Hewlett-Packard [MD5.B934411DFE7DEACFA95A1255A48133C9] - [03/03/2015 10:14:13] - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17408] - (6.3.9600.17415) - C:\WINDOWS\hh.exe [22/08/2013 16:36:30] - |D| - [152844180] - C:\WINDOWS\IME [22/08/2013 16:36:31] - |RD| - [7294100] - C:\WINDOWS\ImmersiveControlPanel [22/08/2013 14:36:15] - |D| - [130321143] - C:\WINDOWS\Inf [22/08/2013 16:36:31] - |D| - [119175822] - C:\WINDOWS\InputMethod [22/08/2013 16:36:31] - |SHD| - [1410435211] - C:\WINDOWS\Installer [22/08/2013 16:36:31] - |D| - [61417] - C:\WINDOWS\L2Schemas [02/01/2016 19:41:35] - |D| - [1865080] - C:\WINDOWS\LastGood.Tmp [22/08/2013 16:36:31] - |D| - [1663008] - C:\WINDOWS\LiveKernelReports [22/08/2013 14:36:15] - |D| - [70914147] - C:\WINDOWS\Logs [22/08/2013 16:36:30] - |RSD| - [19944453] - C:\WINDOWS\Media [22/08/2013 16:36:31] - |D| - [18917376] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [22/08/2013 08:01:23] - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [22/08/2013 16:36:30] - |D| - [776200827] - C:\WINDOWS\Microsoft.NET [20/05/2015 08:25:40] - |D| - [1263] - C:\WINDOWS\Migration [21/03/2015 12:17:36] - |D| - [0] - C:\WINDOWS\Minidump [22/08/2013 16:36:31] - |D| - [0] - C:\WINDOWS\ModemLogs [23/07/2015 10:50:24] - |HD| - [0] - C:\WINDOWS\msdownld.tmp [MD5.959A31D0CD013CEA0C66DB7C03BCBDDF] - [03/03/2015 10:14:57] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [221184] - (6.3.9600.17415) - C:\WINDOWS\notepad.exe [22/08/2013 16:36:30] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [05/08/2014 19:09:16] - |D| - [0] - C:\WINDOWS\Options [22/08/2013 16:36:30] - |D| - [45147707] - C:\WINDOWS\Performance [22/08/2013 16:36:30] - |D| - [1136441] - C:\WINDOWS\PLA [22/08/2013 16:36:30] - |D| - [2470928] - C:\WINDOWS\PolicyDefinitions [05/08/2014 18:43:29] - |D| - [35943718] - C:\WINDOWS\Prefetch [MD5.B67DB709F5FDAA89CA6C2CB6C1E39B3B] - [03/03/2015 10:14:35] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [154624] - (6.3.9600.17415) - C:\WINDOWS\regedit.exe [22/08/2013 16:36:30] - |D| - [1071164] - C:\WINDOWS\registration [22/08/2013 16:36:30] - |D| - [8125741] - C:\WINDOWS\rescache [22/08/2013 16:36:31] - |D| - [2866575] - C:\WINDOWS\Resources [MD5.B16B85710061C506C7861235A2C2EDAA] - [05/08/2014 19:01:41] - (.Copyright (C) 2014 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2080472] - (1.0.5.5) - C:\WINDOWS\RtlExUpd.dll [22/08/2013 16:36:31] - |D| - [0] - C:\WINDOWS\SchCache [22/08/2013 16:36:30] - |D| - [118561] - C:\WINDOWS\schemas [22/08/2013 16:36:31] - |D| - [5259264] - C:\WINDOWS\security [22/08/2013 15:45:15] - |D| - [40903356] - C:\WINDOWS\ServiceProfiles [22/08/2013 14:36:15] - |D| - [136326785] - C:\WINDOWS\servicing [22/08/2013 15:45:23] - |D| - [42] - C:\WINDOWS\Setup [18/03/2014 10:38:02] - |D| - [4544] - C:\WINDOWS\ShellNew [18/03/2014 10:38:02] - |D| - [31373168] - C:\WINDOWS\SKB [08/10/2015 15:35:37] - |D| - [122389368] - C:\WINDOWS\SoftwareDistribution [22/08/2013 16:36:30] - |D| - [103541707] - C:\WINDOWS\Speech [MD5.7826082B93262AB6460E77B91C61EA30] - [28/02/2015 14:55:19] - (.© Microsoft Corporation. - Print driver host for applications.) - [128512] - (6.3.9600.17480) - C:\WINDOWS\splwow64.exe [MD5.A77E65831A152C8FCA5B822749E2624D] - [22/08/2013 16:19:59] - (.-.) - [35891] - (0.0.0.0) - C:\WINDOWS\Starter.xml [22/08/2013 16:36:30] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 14:25:43] - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [22/08/2013 14:36:16] - |RD| - [5392863633] - C:\WINDOWS\System32 [22/08/2013 16:36:30] - |D| - [8238720] - C:\WINDOWS\SystemResources [22/08/2013 14:36:16] - |D| - [1452805755] - C:\WINDOWS\SysWOW64 [22/08/2013 16:36:31] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 16:36:30] - |D| - [2530] - C:\WINDOWS\Tasks [22/08/2013 14:36:16] - |D| - [4162179] - C:\WINDOWS\Temp [22/08/2013 16:36:30] - |RD| - [22151] - C:\WINDOWS\ToastData [22/08/2013 16:36:31] - |D| - [0] - C:\WINDOWS\tracing [22/08/2013 16:36:31] - |D| - [42870913] - C:\WINDOWS\twain_32 [MD5.727B4519FE9919447108CBEC4768F34A] - [03/03/2015 10:14:32] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [54272] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [22/08/2013 16:36:30] - |D| - [15636186] - C:\WINDOWS\vpnplugins [22/08/2013 16:36:30] - |D| - [12420] - C:\WINDOWS\Vss [22/08/2013 16:36:31] - |D| - [12113121] - C:\WINDOWS\Web [MD5.60CDAF0811BF825164C0E246F4F5620D] - [22/08/2013 14:25:43] - (.-.) - [124] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [22/08/2013 07:53:50] - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.5B786B75652C63139AB8A73FC5C7CF0F] - [27/01/2016 19:20:10] - (.-.) - [430837] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.335C38783B3F1B383ECAC17DB3705895] - [03/03/2015 10:14:13] - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.3.9600.17415) - C:\WINDOWS\winhlp32.exe [22/08/2013 16:36:31] - |D| - [1799358] - C:\WINDOWS\WinStore [22/08/2013 14:36:16] - |D| - [7410926651] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [22/08/2013 07:52:18] - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.73E19BE0E0ECD88616B5762F621B0226] - [03/03/2015 10:14:13] - (.© Microsoft Corporation. - Windows Write.) - [11264] - (6.3.9600.17415) - C:\WINDOWS\write.exe [MD5.D565F389A170FF28D02281BAFD4A80C7] - [14/01/2016 18:53:21] - (.Copyright © 2003 - 2004 Nir Sofer - ZipInstaller.) - [39424] - (1.2.1.112) - C:\WINDOWS\zipinst.exe ¤¤¤¤¤¤¤¤¤¤ | Systemroot\System ¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer [27/03/2015 20:57:41] - C:\WINDOWS\Installer\106fda2.msi : (AKVIS Enhancer - AKVIS) [27/03/2015 21:09:15] - C:\WINDOWS\Installer\1116c59.msi : (AKVIS Noise Buster - AKVIS) [27/08/2015 17:22:51] - C:\WINDOWS\Installer\138d869e.msi : (LibreOffice 5.0 - The Document Foundation) [04/12/2013 19:58:30] - C:\WINDOWS\Installer\13bee1.msi : (Blank Project Template - CyberLink Corp.) [26/12/2013 20:48:08] - C:\WINDOWS\Installer\13bee7.msi : (Blank Project Template - Macrovision Corporation) [31/03/2014 18:55:38] - C:\WINDOWS\Installer\13beeb.msi : ( - Hewlett-Packard) [12/02/2014 13:17:04] - C:\WINDOWS\Installer\13beef.msi : (Blank Project Template - Hewlett-Packard) [28/03/2014 18:53:20] - C:\WINDOWS\Installer\156c14.msi : (Install/UnInstall PhysX Driver + Engines: 2.7.1/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation) [08/11/2013 10:25:08] - C:\WINDOWS\Installer\156c18.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [05/08/2014 19:09:56] - C:\WINDOWS\Installer\156c1d.msi : (Blank Project Template - InstallShield) [05/08/2014 19:10:37] - C:\WINDOWS\Installer\156c22.msi : (HP Wireless Button Driver - Hewlett-Packard Company) [10/08/2013 07:11:56] - C:\WINDOWS\Installer\156c36.msi : ([ProductName] Installer - Apple Inc.) [10/08/2013 08:52:22] - C:\WINDOWS\Installer\156c3a.msi : (HP Postscript Converter - Hewlett-Packard) [09/09/2015 11:30:06] - C:\WINDOWS\Installer\15eebf.msi : (ZoneAlarm Security - Check Point Software Technologies Ltd.) [09/09/2015 11:30:06] - C:\WINDOWS\Installer\15eec6.msi : (ZoneAlarm Firewall - Check Point Software Technologies Ltd.) [28/03/2015 18:33:39] - C:\WINDOWS\Installer\16f49c4.msi : (AKVIS Refocus - AKVIS) [16/05/2015 09:00:12] - C:\WINDOWS\Installer\174909.msi : (Blank Project Template - Macrovision Corporation) [07/05/2015 09:33:23] - C:\WINDOWS\Installer\18e1c1ec.msi : (Google Update Helper - Google Inc.) [06/06/2015 19:21:23] - C:\WINDOWS\Installer\1937e01.msi : (HP SimplePass - Hewlett-Packard) [06/06/2015 19:21:23] - C:\WINDOWS\Installer\1937e1b.msi : (Softex OmniPass Graphical Password Authentication Installer - Softex Inc.) [06/06/2015 19:21:23] - C:\WINDOWS\Installer\1937e23.msi : (Softex OmniPass wbf Plugin Installer - Softex Inc.) [01/02/2013 21:53:16] - C:\WINDOWS\Installer\32d91a.msi : ( - Hewlett-Packard Company) [20/03/2014 11:15:16] - C:\WINDOWS\Installer\3795a.msi : (HP Documentation - Hewlett-Packard) [02/10/2012 02:27:56] - C:\WINDOWS\Installer\3795e.msi : ( - Hewlett-Packard Company) [02/12/2015 14:00:06] - C:\WINDOWS\Installer\3bfa55.msi : (Java SE Runtime Environment 8 Update 66 - Oracle Corporation) [02/12/2015 13:59:59] - C:\WINDOWS\Installer\3bfa5c.msi : (Java SE Runtime Environment 8 Update 66 - Oracle Corporation) [02/12/2015 13:59:59] - C:\WINDOWS\Installer\3bfa6b.msi : (Java Auto Updater - Oracle Corporation) [01/08/2015 09:17:30] - C:\WINDOWS\Installer\3faa6a4.msi : ( - © 2008-2015 Hewlett-Packard Development Compay, L.P.) [03/05/2015 08:12:58] - C:\WINDOWS\Installer\3ff9ed5.msi : (Blank Project Template - Macrovision Corporation) [03/05/2015 08:16:50] - C:\WINDOWS\Installer\3ffa095.msi : (Blank Project Template - Macrovision Corporation) [09/12/2015 18:47:50] - C:\WINDOWS\Installer\479c72e.msi : (Evernote v. 5.9.6 - Evernote Corp.) [24/01/2016 11:53:13] - C:\WINDOWS\Installer\4ac1ccb.msi : (Java SE Runtime Environment 8 Update 71 - Oracle Corporation) [24/01/2016 11:52:59] - C:\WINDOWS\Installer\4ac1cd2.msi : (Java SE Runtime Environment 8 Update 71 - Oracle Corporation) [24/01/2016 11:53:04] - C:\WINDOWS\Installer\4ac1ce1.msi : (Java Auto Updater - Oracle Corporation) [19/11/2015 09:44:18] - C:\WINDOWS\Installer\4f29b9a.msi : (Belgium e-ID middleware 4.1.10 (build 1698) - Belgian Government) [11/01/2016 13:39:53] - C:\WINDOWS\Installer\505528b.msi : (LibreOffice 5.0 - The Document Foundation) [25/11/2015 16:07:28] - C:\WINDOWS\Installer\56e39aa.msi : (Epson Connect Printer Setup - SEIKO EPSON CORPORATION) [25/11/2015 16:07:31] - C:\WINDOWS\Installer\56e39b1.msi : (EPSON Printer Finder - SEIKO EPSON CORPORATION) [27/05/2015 08:45:36] - C:\WINDOWS\Installer\56e39bd.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [03/05/2015 18:32:56] - C:\WINDOWS\Installer\633cfea.msi : (Blank Project Template - Nikon) [01/08/2015 11:32:49] - C:\WINDOWS\Installer\781f2a.msi : (HP Support Solutions Framework - Hewlett-Packard Company) [01/08/2015 11:38:04] - C:\WINDOWS\Installer\782557.msi : (HP Support Assistant - Hewlett-Packard Company) [01/08/2015 11:38:47] - C:\WINDOWS\Installer\78255e.msi : (Blank Project Template - Hewlett-Packard) [04/12/2015 01:00:45] - C:\WINDOWS\Installer\7c30c1d.msi : (Google Update Helper - Google Inc.) [05/08/2015 12:57:06] - C:\WINDOWS\Installer\96884.msi : (The Bat! v6.8.8 (64-bit) - Ritlabs, SRL) [10/12/2013 16:27:38] - C:\WINDOWS\Installer\a344b.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [05/12/2013 10:18:36] - C:\WINDOWS\Installer\a344f.msi : (Intel Smart Connect Technology enables your computer to periodically wake from sleep to keep your content fresh - Intel Corporation) [11/04/2015 11:33:09] - C:\WINDOWS\Installer\a42c3f.msi : (Blank Project Template - Macrovision Corporation) [21/04/2015 12:32:33] - C:\WINDOWS\Installer\a6e241b.msi : (NIKON IMAGE SPACE UPLOADER - NIKON CORPORATION) [21/04/2015 12:33:35] - C:\WINDOWS\Installer\a6e243a.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [26/11/2015 17:53:15] - C:\WINDOWS\Installer\af48e41.msi : (Blank Project Template - Nikon Corporation) [26/11/2015 17:53:53] - C:\WINDOWS\Installer\af48e5d.msi : (Blank Project Template - Nikon Corporation) [13/03/2015 04:37:00] - C:\WINDOWS\Installer\d73e9f.msi : ( -) [05/09/2013 10:45:54] - C:\WINDOWS\Installer\f0606.msi : (swMSM - Adobe Systems, Inc) [01/11/2013 23:14:48] - C:\WINDOWS\Installer\f0610.msi : ( - Hewlett-Packard) [29/03/2014 01:05:54] - C:\WINDOWS\Installer\f0615.msi : ( - Hewlett-Packard) [08/08/2013 11:03:14] - C:\WINDOWS\Installer\f0620.msi : (Blank Project Template - Hewlett-Packard Company) [10/05/2014 20:19:35] - C:\WINDOWS\Installer\f0625.msi : (Blank Project Template - Hewlett-Packard) [27/02/2015 22:20:03] - C:\WINDOWS\Installer\f06ec1.msi : (HP 3D DriveGuard - Hewlett-Packard Company) ¤¤¤¤¤¤¤¤¤¤ | %System%\*.in* [22/08/2013 16:36:48] - [75] - C:\WINDOWS\System32\desktop.ini [15/04/2015 12:26:19] - [16303] - C:\WINDOWS\System32\ieuinit.inf [18/03/2014 10:53:28] - [2429462] - C:\WINDOWS\System32\PerfStringBackup.INI [22/08/2013 07:56:03] - [60124] - C:\WINDOWS\System32\tcpmon.ini [18/03/2014 10:54:48] - [2255] - C:\WINDOWS\System32\WimBootCompress.ini [15/04/2015 12:26:19] - [16303] - C:\WINDOWS\Syswow64\ieuinit.inf [02/04/2014 10:52:15] - [3986790] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [18/03/2014 10:55:05] - [2255] - C:\WINDOWS\Syswow64\WimBootCompress.ini ¤¤¤¤¤¤¤¤¤¤ | [.oracle_jre_usage] [29/08/2015 12:55:22] - |A| - [56] - C:\Users\Alain\.oracle_jre_usage\48ac84126bcac2aa.timestamp [21/10/2015 09:15:24] - |A| - [56] - C:\Users\Alain\.oracle_jre_usage\48ac84126bcac2af.timestamp [02/12/2015 14:00:37] - |A| - [56] - C:\Users\Alain\.oracle_jre_usage\48ac84126bcac2b0.timestamp [24/01/2016 11:55:34] - |A| - [56] - C:\Users\Alain\.oracle_jre_usage\48ac84126bcac2ca.timestamp [29/08/2015 12:56:58] - |A| - [50] - C:\Users\Alain\.oracle_jre_usage\90737d32e3aba45.timestamp [21/10/2015 09:16:08] - |A| - [50] - C:\Users\Alain\.oracle_jre_usage\90737d32e3aba4a.timestamp [02/12/2015 14:01:49] - |A| - [50] - C:\Users\Alain\.oracle_jre_usage\90737d32e3aba4b.timestamp [24/01/2016 11:57:03] - |A| - [50] - C:\Users\Alain\.oracle_jre_usage\90737d32e3aba65.timestamp ¤¤¤¤¤¤¤¤¤¤ | [.rednotebook] [16/12/2015 16:44:44] - |A| - [45660] - C:\Users\Alain\.rednotebook\HELP_YOUR_FILES.PNG [18/04/2015 09:53:27] - |D| - [93563] - C:\Users\Alain\.rednotebook\tmp ¤¤¤¤¤¤¤¤¤¤ | [.rssowl2] [23/01/2015 13:53:04] - |D| - [639372679] - C:\Users\Alain\.rssowl2\.metadata [29/08/2015 12:56:15] - |A| - [21502] - C:\Users\Alain\.rssowl2\backup.opml [23/01/2015 13:53:10] - |A| - [21502] - C:\Users\Alain\.rssowl2\backup_weekly.opml [23/01/2015 13:52:57] - |D| - [1192717] - C:\Users\Alain\.rssowl2\config221 [16/12/2015 16:45:42] - |A| - [45660] - C:\Users\Alain\.rssowl2\HELP_YOUR_FILES.PNG ¤¤¤¤¤¤¤¤¤¤ | [AppData] [16/12/2015 16:50:36] - |A| - [45660] - C:\Users\Alain\AppData\HELP_YOUR_FILES.PNG [27/02/2015 13:19:55] - |D| - [4210403999] - C:\Users\Alain\AppData\Local [19/01/2015 16:56:04] - |D| - [251624978] - C:\Users\Alain\AppData\LocalLow [27/02/2015 13:19:55] - |D| - [248991360] - C:\Users\Alain\AppData\Roaming ¤¤¤¤¤¤¤¤¤¤ | [Application Data] ¤¤¤¤¤¤¤¤¤¤ | [Color Projects Pro] [23/01/2016 18:09:40] - |A| - [40] - C:\Users\Alain\Color Projects Pro\collapsibles.ini [23/01/2016 18:08:24] - |A| - [13802] - C:\Users\Alain\Color Projects Pro\colorpp_vu_000000.ini [23/01/2016 17:52:28] - |A| - [25] - C:\Users\Alain\Color Projects Pro\language.ini [23/01/2016 17:58:42] - |A| - [77] - C:\Users\Alain\Color Projects Pro\lastsaveformat.ini [23/01/2016 17:55:50] - |A| - [656] - C:\Users\Alain\Color Projects Pro\options.ini [25/01/2016 13:05:03] - |A| - [66] - C:\Users\Alain\Color Projects Pro\panorama.ini [23/01/2016 17:52:28] - |A| - [81] - C:\Users\Alain\Color Projects Pro\plugin.ini [23/01/2016 17:55:50] - |A| - [34] - C:\Users\Alain\Color Projects Pro\rawdevshowagain.ini [23/01/2016 17:54:15] - |A| - [7672] - C:\Users\Alain\Color Projects Pro\startup.log [23/01/2016 17:55:46] - |A| - [1669] - C:\Users\Alain\Color Projects Pro\statistic.ini [23/01/2016 18:04:51] - |A| - [64] - C:\Users\Alain\Color Projects Pro\stylecode.ini [23/01/2016 18:09:43] - |A| - [2110] - C:\Users\Alain\Color Projects Pro\window.ini ¤¤¤¤¤¤¤¤¤¤ | [Contacts] [19/01/2015 16:57:03] - |ASH| - [412] - C:\Users\Alain\Contacts\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Cookies] ¤¤¤¤¤¤¤¤¤¤ | [Creative Cloud Files] [02/05/2015 13:24:31] - |SH| - [165] - C:\Users\Alain\Creative Cloud Files\Desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Desktop] [25/12/2015 21:03:11] - |A| - [201] - C:\Users\Alain\Desktop\A visiter soft interessant.url [28/11/2015 17:29:34] - |A| - [121] - C:\Users\Alain\Desktop\ANACAP.url [22/01/2015 16:59:02] - |A| - [233] - C:\Users\Alain\Desktop\CineTelerevue.url [25/12/2015 16:01:40] - |A| - [183] - C:\Users\Alain\Desktop\Conversion unité.url [20/02/2015 15:40:55] - |A| - [218] - C:\Users\Alain\Desktop\Energie Région Wallonne.url [03/05/2015 12:43:28] - |A| - [1032] - C:\Users\Alain\Desktop\Event Log Explorer.lnk [26/07/2015 12:44:51] - |A| - [129] - C:\Users\Alain\Desktop\Extincteur anaf 01.url [30/12/2015 10:48:00] - |A| - [226] - C:\Users\Alain\Desktop\GHDC Rdv.url [11/03/2015 11:21:30] - |A| - [238] - C:\Users\Alain\Desktop\GMAIL.url [28/11/2015 17:24:53] - |A| - [136] - C:\Users\Alain\Desktop\Homme et prostate.url [17/06/2015 16:25:04] - |A| - [190] - C:\Users\Alain\Desktop\Photo Ephemeris.url [12/11/2015 10:22:27] - |A| - [300] - C:\Users\Alain\Desktop\Photos en 2X.url [09/01/2016 17:17:02] - |A| - [1677] - C:\Users\Alain\Desktop\Recuva.lnk [30/08/2015 12:07:43] - |A| - [185] - C:\Users\Alain\Desktop\Sol.url [17/11/2015 17:46:41] - |A| - [196] - C:\Users\Alain\Desktop\sos.incontinence.url [05/01/2016 14:34:43] - |A| - [175] - C:\Users\Alain\Desktop\sos.url [12/12/2015 17:18:35] - |A| - [201] - C:\Users\Alain\Desktop\soufflet.url [13/07/2015 17:52:58] - |A| - [183] - C:\Users\Alain\Desktop\Translate.url [28/11/2015 17:09:45] - |A| - [146] - C:\Users\Alain\Desktop\xxx test clamp .url [28/08/2015 16:42:09] - |A| - [233] - C:\Users\Alain\Desktop\Y550.url [31/12/2015 12:58:49] - |A| - [845] - C:\Users\Alain\Desktop\ZHPCleaner.lnk ¤¤¤¤¤¤¤¤¤¤ | [Downloads] [16/12/2015 16:50:37] - |A| - [6402460] - C:\Users\Alain\Downloads\3413we4wsv.3b [16/12/2015 16:50:45] - |A| - [45660] - C:\Users\Alain\Downloads\HELP_YOUR_FILES.PNG [15/12/2015 11:56:21] - |D| - [6988363] - C:\Users\Alain\Downloads\Huawei_c8813q ¤¤¤¤¤¤¤¤¤¤ | [Favorites] [18/05/2015 11:27:17] - |D| - [3868] - C:\Users\Alain\Favorites\AA ranger [18/05/2015 11:27:17] - |D| - [1121] - C:\Users\Alain\Favorites\Administrations et officiels [18/05/2015 11:27:17] - |D| - [230] - C:\Users\Alain\Favorites\Bricolage déco [18/05/2015 11:27:17] - |D| - [1289] - C:\Users\Alain\Favorites\Culturel et documentation [25/06/2015 10:31:50] - |ASH| - [402] - C:\Users\Alain\Favorites\desktop.ini [18/05/2015 11:27:17] - |D| - [610] - C:\Users\Alain\Favorites\Infor softwares [25/12/2015 12:51:46] - |D| - [0] - C:\Users\Alain\Favorites\Liens [27/03/2015 16:00:59] - |RD| - [80] - C:\Users\Alain\Favorites\Links [18/05/2015 11:27:17] - |D| - [1468] - C:\Users\Alain\Favorites\Maison [18/05/2015 11:27:17] - |D| - [4814] - C:\Users\Alain\Favorites\Medical [18/05/2015 11:27:17] - |D| - [2194] - C:\Users\Alain\Favorites\Musique [18/05/2015 11:27:17] - |D| - [52] - C:\Users\Alain\Favorites\Organismes [24/12/2014 14:27:42] - |A| - [66] - C:\Users\Alain\Favorites\Ouest americain _ tourisme aux USA , indiens , histoire , geographie , carte, photos.url [18/05/2015 11:27:17] - |D| - [4371] - C:\Users\Alain\Favorites\Photos [18/05/2015 11:27:17] - |D| - [408] - C:\Users\Alain\Favorites\Psy et philo [18/05/2015 11:27:17] - |D| - [2217] - C:\Users\Alain\Favorites\Sites marchands [18/05/2015 11:27:17] - |D| - [4119] - C:\Users\Alain\Favorites\Tourisme activités [18/05/2015 11:27:17] - |D| - [43] - C:\Users\Alain\Favorites\Voiture ¤¤¤¤¤¤¤¤¤¤ | [IntelGraphicsProfiles] [19/01/2015 16:57:57] - |ASH| - [8148] - C:\Users\Alain\IntelGraphicsProfiles\Brighten Video.man.igpi [19/01/2015 19:19:51] - |ASH| - [8148] - C:\Users\Alain\IntelGraphicsProfiles\Can't load resource.man.igpi [19/01/2015 16:57:57] - |ASH| - [8148] - C:\Users\Alain\IntelGraphicsProfiles\Darken Video.man.igpi [19/01/2015 16:57:57] - |ASH| - [8148] - C:\Users\Alain\IntelGraphicsProfiles\Enhance Video Colors.man.igpi ¤¤¤¤¤¤¤¤¤¤ | [Links] [19/01/2015 16:57:04] - |SH| - [580] - C:\Users\Alain\Links\desktop.ini [19/01/2015 16:57:04] - |A| - [444] - C:\Users\Alain\Links\Desktop.lnk [19/01/2015 16:57:04] - |A| - [830] - C:\Users\Alain\Links\Downloads.lnk [31/07/2015 13:07:44] - |A| - [1608] - C:\Users\Alain\Links\Dropbox.lnk [09/02/2015 14:51:47] - |A| - [1748] - C:\Users\Alain\Links\Google Drive.lnk [19/01/2015 16:57:04] - |A| - [383] - C:\Users\Alain\Links\RecentPlaces.lnk ¤¤¤¤¤¤¤¤¤¤ | [Local Settings] ¤¤¤¤¤¤¤¤¤¤ | [Menu Démarrer] ¤¤¤¤¤¤¤¤¤¤ | [Mes documents] ¤¤¤¤¤¤¤¤¤¤ | [Modèles] ¤¤¤¤¤¤¤¤¤¤ | [Music] [10/05/2015 15:23:30] - |ASH| - [504] - C:\Users\Alain\Music\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [OneDrive] [24/11/2015 14:51:25] - |ASH| - [298] - C:\Users\Alain\OneDrive\desktop.ini [23/05/2015 11:03:13] - |AD| - [0] - C:\Users\Alain\OneDrive\Documents [23/05/2015 11:03:17] - |AD| - [0] - C:\Users\Alain\OneDrive\Pictures ¤¤¤¤¤¤¤¤¤¤ | [Projects Series] [23/01/2016 17:52:28] - |A| - [302] - C:\Users\Alain\Projects Series\Color Projects Pro.ini ¤¤¤¤¤¤¤¤¤¤ | [Recent] ¤¤¤¤¤¤¤¤¤¤ | [Searches] [27/02/2015 13:59:20] - |ASH| - [524] - C:\Users\Alain\Searches\desktop.ini [27/02/2015 13:59:21] - |RAH| - [248] - C:\Users\Alain\Searches\Everywhere.search-ms [27/02/2015 13:59:21] - |RAH| - [248] - C:\Users\Alain\Searches\Indexed Locations.search-ms [11/03/2015 10:49:21] - |A| - [937] - C:\Users\Alain\Searches\Pense-bête (Pense-bête Windows).searchconnector-ms [27/02/2015 14:00:33] - |A| - [852] - C:\Users\Alain\Searches\winrt--{S-1-5-21-1373608429-321133151-520906998-1001}-.searchconnector-ms ¤¤¤¤¤¤¤¤¤¤ | [SendTo] ¤¤¤¤¤¤¤¤¤¤ | [Tracing] [29/12/2015 17:21:49] - |D| - [466944] - C:\Users\Alain\Tracing\WPPMedia ¤¤¤¤¤¤¤¤¤¤ | [Videos] [19/01/2015 16:57:03] - |ASH| - [504] - C:\Users\Alain\Videos\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Voisinage d'impression] ¤¤¤¤¤¤¤¤¤¤ | [Voisinage réseau] ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu [22/08/2013 16:36:33] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [27/02/2015 13:23:32] - |SHD| - [6855562] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [22/08/2013 16:36:30] - |RD| - [6855562] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [21/03/2015 12:04:13] - |A| - [1673] - C:\ProgramData\Microsoft\Windows\Start Menu\Restore Point Creator.lnk [28/02/2015 21:47:59] - |A| - [1165] - C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk [09/01/2016 22:18:14] - |A| - [2009] - C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 18.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [21/08/2015 14:25:33] - |D| - [1204] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks [22/08/2015 12:23:27] - |D| - [1915] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [22/08/2013 16:36:30] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [22/08/2013 16:36:30] - |RD| - [18212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [22/08/2013 16:36:30] - |RD| - [25660] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [21/01/2016 23:09:41] - |D| - [1034] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [02/05/2015 13:22:39] - |A| - [1296] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk [02/05/2015 12:53:16] - |A| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk [27/03/2015 20:58:34] - |D| - [5080] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS [01/03/2015 16:39:32] - |D| - [1827] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allway Sync [02/04/2015 20:53:16] - |D| - [4551] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntispamSniper for TheBat! [22/11/2015 16:14:57] - |A| - [1156] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [27/02/2015 17:36:03] - |D| - [1963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [27/03/2015 16:09:39] - |D| - [3846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID [27/11/2015 17:10:56] - |D| - [6318] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip [22/08/2013 07:57:22] - |RAS| - [2131] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk [03/05/2015 17:21:21] - |D| - [2974] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture NX 2 [26/10/2015 13:06:07] - |D| - [3054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [28/02/2015 15:56:34] - |D| - [3512] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipCache [05/08/2014 19:22:50] - |RD| - [1681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat [15/09/2015 16:16:32] - |D| - [2749] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSVed [25/01/2016 16:10:42] - |D| - [4076] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutOut 5 [22/08/2013 16:36:33] - |ASH| - [1252] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [22/08/2013 07:57:05] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [04/10/2015 13:28:52] - |D| - [5457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Directory List & Print (Pro) [27/04/2015 12:23:53] - |D| - [3596] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO [24/11/2015 15:42:56] - |D| - [11005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [25/10/2015 15:33:04] - |D| - [1119] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software [27/02/2015 18:09:14] - |D| - [3279] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EssentialPIM Pro [18/03/2014 10:55:08] - |RAS| - [2440] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk [27/11/2015 16:57:24] - |D| - [2728] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [23/01/2016 17:52:19] - |D| - [2528] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis [22/09/2015 11:11:03] - |D| - [1184] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeStyle [05/08/2014 19:23:06] - |RD| - [2503] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [15/10/2015 13:41:31] - |D| - [2203] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [10/05/2014 20:18:21] - |RD| - [5986] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [22/08/2013 07:54:10] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [02/03/2015 15:26:52] - |D| - [1850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint [05/08/2014 19:00:21] - |RD| - [3814] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [28/02/2015 18:49:58] - |D| - [6332] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [28/08/2015 11:35:54] - |SD| - [9470] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 [26/11/2015 17:44:59] - |D| - [812] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon [21/07/2015 11:24:38] - |D| - [2022] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinkStash [10/05/2015 12:28:59] - |D| - [2996] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Audio Converter [22/08/2013 16:36:30] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [23/01/2016 17:12:45] - |D| - [4866] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [28/09/2015 13:44:58] - |D| - [1069] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXA [28/02/2015 15:01:07] - |D| - [2248] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [08/04/2015 14:41:18] - |D| - [4204] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\monAlbumPhoto [28/02/2015 18:39:07] - |D| - [2750] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MS Comptes Bancaires [05/08/2014 19:02:09] - |RD| - [9032] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos [21/04/2015 12:32:34] - |A| - [1042] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NIKON IMAGE SPACE UPLOADER.lnk [03/05/2015 17:23:00] - |D| - [4409] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2 [05/08/2014 19:08:05] - |D| - [1388] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [09/12/2015 19:26:00] - |D| - [2072] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software [22/08/2013 07:57:08] - |RAS| - [2365] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk [26/11/2015 17:53:40] - |D| - [6146] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Control Utility 2 [17/03/2015 11:26:28] - |D| - [2156] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayerTuto.com [01/11/2015 15:33:45] - |D| - [5406] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortraitPro Studio 15 [10/05/2014 20:00:18] - |RD| - [9727] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [02/03/2015 19:17:51] - |D| - [4870] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Environment Editor [02/04/2015 08:56:51] - |D| - [3238] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReNamer [07/04/2015 16:27:30] - |D| - [4438] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator [21/03/2015 21:38:49] - |A| - [636928] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator.exe [02/03/2015 19:21:32] - |D| - [3469] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [10/01/2016 15:53:01] - |D| - [1914] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ritlabs The Bat! [01/03/2015 16:58:46] - |D| - [4139] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm [28/02/2015 18:46:41] - |D| - [2884] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSSOwl [22/08/2013 07:45:50] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [10/05/2014 20:01:17] - |RD| - [1956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection [01/04/2015 15:01:52] - |D| - [976] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShiftN [22/08/2013 16:36:30] - |RD| - [2251] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [30/08/2015 16:20:07] - |D| - [2136] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer [22/08/2013 16:36:30] - |RD| - [6359] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [21/03/2015 21:36:18] - |D| - [5928384] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SystemExplorerPortable_640 [18/03/2014 10:38:02] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [02/03/2015 14:25:35] - |D| - [2158] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrayStatus [21/01/2016 22:55:26] - |A| - [2573] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft PowerPoint .lnk [02/03/2015 19:26:51] - |D| - [3189] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wallpaper Slideshow Pro [22/08/2013 07:48:43] - |RAS| - [2191] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk [21/08/2015 20:17:20] - |D| - [4128] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge [28/02/2015 21:47:59] - |D| - [4105] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [22/08/2013 16:36:33] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [05/08/2014 19:00:21] - |A| - [2077] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86) [21/08/2015 14:25:31] - |D| - [45410862] - C:\Program Files (x86)\2BrightSparks [22/08/2015 12:23:27] - |D| - [3094515] - C:\Program Files (x86)\7-Zip [22/09/2015 11:11:03] - |D| - [7341244] - C:\Program Files (x86)\Abbott Diabetes Care [29/03/2015 16:50:09] - |D| - [52421336] - C:\Program Files (x86)\Adobe [27/03/2015 20:58:30] - |D| - [188160455] - C:\Program Files (x86)\AKVIS [02/04/2015 20:53:15] - |D| - [6331294] - C:\Program Files (x86)\AntispamSniper for TheBat! [06/03/2015 11:37:00] - |D| - [0] - C:\Program Files (x86)\Avant Browser [27/03/2015 16:09:37] - |D| - [12027119] - C:\Program Files (x86)\Belgium Identity Card [05/08/2014 19:09:56] - |D| - [1082229] - C:\Program Files (x86)\Bluetooth Suite [05/08/2014 19:13:27] - |D| - [631140] - C:\Program Files (x86)\Bonjour [13/09/2015 16:34:14] - |D| - [44888462] - C:\Program Files (x86)\CheckPoint [22/08/2013 14:36:15] - |D| - [607715032] - C:\Program Files (x86)\Common Files [15/09/2015 16:16:32] - |D| - [2548893] - C:\Program Files (x86)\CSVed [05/08/2014 19:20:57] - |D| - [1892218133] - C:\Program Files (x86)\CyberLink [04/10/2015 13:28:51] - |D| - [15758362] - C:\Program Files (x86)\DirectoryListPrintPro [31/07/2015 12:17:32] - |D| - [0] - C:\Program Files (x86)\Dropbox [27/04/2015 12:22:55] - |D| - [83813463] - C:\Program Files (x86)\DYMO [28/10/2015 16:43:39] - |D| - [8847232] - C:\Program Files (x86)\epson [28/10/2015 20:40:19] - |D| - [30251025] - C:\Program Files (x86)\EPSON Software [27/02/2015 18:09:08] - |D| - [19692680] - C:\Program Files (x86)\EssentialPIM Pro [03/05/2015 12:43:27] - |D| - [6649408] - C:\Program Files (x86)\Event Log Explorer [09/12/2015 18:49:00] - |D| - [244325555] - C:\Program Files (x86)\Evernote [07/04/2015 12:16:10] - |D| - [93674] - C:\Program Files (x86)\filetypesman [05/08/2015 13:44:58] - |D| - [189720660] - C:\Program Files (x86)\Foxit Software [07/05/2015 09:33:25] - |D| - [500044381] - C:\Program Files (x86)\Google [10/05/2014 19:57:48] - |D| - [354416107] - C:\Program Files (x86)\Hewlett-Packard [10/05/2014 20:01:14] - |HD| - [230674364] - C:\Program Files (x86)\InstallShield Installation Information [05/08/2014 18:46:13] - |D| - [23562038] - C:\Program Files (x86)\Intel [22/08/2013 16:36:30] - |D| - [6875318] - C:\Program Files (x86)\Internet Explorer [28/02/2015 18:49:36] - |D| - [246104485] - C:\Program Files (x86)\Java [28/08/2015 11:34:45] - |D| - [28323195] - C:\Program Files (x86)\LibreOffice 5 [15/03/2015 16:36:10] - |D| - [3370402] - C:\Program Files (x86)\LinkStash [10/05/2015 12:28:58] - |D| - [17269862] - C:\Program Files (x86)\Magic Audio Converter [23/01/2016 17:12:43] - |D| - [58591183] - C:\Program Files (x86)\Malwarebytes Anti-Malware [28/09/2015 13:44:58] - |D| - [10064112] - C:\Program Files (x86)\MAXA Cookie Manager [21/01/2016 22:55:25] - |D| - [34205731] - C:\Program Files (x86)\Microsoft Office [28/02/2015 14:59:30] - |D| - [42878350] - C:\Program Files (x86)\Microsoft Silverlight [22/08/2013 16:36:30] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [08/04/2015 14:41:13] - |D| - [73213088] - C:\Program Files (x86)\monAlbumPhoto [27/03/2015 16:09:37] - |D| - [32809] - C:\Program Files (x86)\Mozilla Firefox [02/04/2014 10:50:36] - |D| - [25757] - C:\Program Files (x86)\MSBuild [21/01/2016 22:54:44] - |D| - [66546585] - C:\Program Files (x86)\MSECache [28/02/2015 18:39:06] - |D| - [31828823] - C:\Program Files (x86)\MSoft informatique [03/05/2015 17:22:55] - |D| - [37682623] - C:\Program Files (x86)\Nikon [21/04/2015 12:32:33] - |D| - [2016871] - C:\Program Files (x86)\NIKON IMAGE SPACE UPLOADER [05/08/2014 19:07:48] - |D| - [139884557] - C:\Program Files (x86)\NVIDIA Corporation [10/05/2014 20:17:32] - |RD| - [1312457] - C:\Program Files (x86)\Online Services [09/12/2015 19:25:08] - |D| - [5790809] - C:\Program Files (x86)\onOne Software [17/03/2015 11:26:25] - |D| - [58927332] - C:\Program Files (x86)\PlayerTuto.com [05/08/2014 19:09:16] - |D| - [4398311] - C:\Program Files (x86)\Qualcomm Atheros [16/04/2015 08:43:12] - |D| - [0] - C:\Program Files (x86)\QuickTime [21/07/2015 13:00:49] - |D| - [0] - C:\Program Files (x86)\RealNetworks [05/08/2014 19:00:39] - |D| - [23509367] - C:\Program Files (x86)\Realtek [02/04/2014 10:50:36] - |D| - [38446337] - C:\Program Files (x86)\Reference Assemblies [02/04/2015 08:56:49] - |D| - [9485780] - C:\Program Files (x86)\ReNamer [07/04/2015 16:27:30] - |D| - [1589844] - C:\Program Files (x86)\Restore Point Creator [23/01/2016 18:11:18] - |D| - [14607734] - C:\Program Files (x86)\RSSOwl [01/04/2015 15:01:51] - |D| - [11975125] - C:\Program Files (x86)\ShiftN [01/03/2015 16:57:52] - |D| - [70481108] - C:\Program Files (x86)\Siber Systems [30/08/2015 16:20:07] - |D| - [6641219] - C:\Program Files (x86)\System Explorer [02/03/2015 14:25:35] - |D| - [1475408] - C:\Program Files (x86)\TrayStatus [02/03/2015 19:26:50] - |D| - [5645779] - C:\Program Files (x86)\WallpaperSSPro [05/08/2014 19:23:04] - |D| - [24404910] - C:\Program Files (x86)\WildTangent Games [22/08/2013 16:36:30] - |D| - [1322664] - C:\Program Files (x86)\Windows Defender [22/08/2013 16:36:30] - |D| - [6017536] - C:\Program Files (x86)\Windows Mail [22/08/2013 16:36:30] - |D| - [3437082] - C:\Program Files (x86)\Windows Media Player [23/03/2015 15:13:33] - |D| - [2555841] - C:\Program Files (x86)\Windows Media Player Plus! [22/08/2013 16:36:30] - |D| - [230912] - C:\Program Files (x86)\Windows Multimedia Platform [22/08/2013 16:36:30] - |D| - [7590970] - C:\Program Files (x86)\Windows NT [22/08/2013 16:36:30] - |D| - [5502096] - C:\Program Files (x86)\Windows Photo Viewer [22/08/2013 16:36:30] - |D| - [230912] - C:\Program Files (x86)\Windows Portable Devices [22/08/2013 16:36:30] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [22/08/2013 16:36:30] - |D| - [0] - C:\Program Files (x86)\WindowsPowerShell [21/08/2015 20:16:54] - |D| - [4989472] - C:\Program Files (x86)\WinMerge [21/01/2016 17:56:13] - |D| - [9056454] - C:\Program Files (x86)\XYplorer ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files [02/05/2015 12:52:08] - |D| - [1673053006] - C:\Program Files\Adobe [01/03/2015 16:39:30] - |D| - [33673322] - C:\Program Files\Allway Sync [27/02/2015 17:33:45] - |D| - [1182776724] - C:\Program Files\AVAST Software [05/08/2014 19:13:27] - |D| - [613987] - C:\Program Files\Bonjour [27/11/2015 17:10:48] - |D| - [44310371] - C:\Program Files\Bullzip [13/12/2015 15:32:54] - |D| - [23951062] - C:\Program Files\CCleaner [28/02/2015 15:56:34] - |D| - [5094688] - C:\Program Files\ClipCache [22/08/2013 14:36:15] - |D| - [172641756] - C:\Program Files\Common Files [22/08/2013 16:36:45] - |ASH| - [174] - C:\Program Files\desktop.ini [27/03/2015 16:09:39] - |D| - [707464] - C:\Program Files\DIFX [27/02/2015 13:23:32] - |SHD| - [172641756] - C:\Program Files\Fichiers communs [23/01/2016 17:52:06] - |D| - [165530524] - C:\Program Files\Franzis [10/05/2014 19:57:46] - |D| - [49082713] - C:\Program Files\Hewlett-Packard [02/03/2015 15:26:52] - |D| - [15199318] - C:\Program Files\Inpaint [05/08/2014 18:55:50] - |D| - [108298088] - C:\Program Files\Intel [22/08/2013 16:36:31] - |D| - [27144930] - C:\Program Files\Internet Explorer [15/07/2015 09:30:10] - |D| - [202159203] - C:\Program Files\Java [11/01/2016 15:06:52] - |D| - [530879783] - C:\Program Files\LibreOffice 5 [27/03/2015 16:09:37] - |D| - [0] - C:\Program Files\log [28/02/2015 14:59:30] - |D| - [55708558] - C:\Program Files\Microsoft Silverlight [02/04/2014 10:50:32] - |D| - [25757] - C:\Program Files\MSBuild [03/05/2015 17:21:19] - |D| - [69665470] - C:\Program Files\Nikon [05/08/2014 19:06:55] - |D| - [748734091] - C:\Program Files\NVIDIA Corporation [09/12/2015 19:25:09] - |D| - [83471031] - C:\Program Files\onOne Software [01/11/2015 15:33:32] - |D| - [172494724] - C:\Program Files\PortraitPro Studio 15 [02/03/2015 19:17:51] - |D| - [6930003] - C:\Program Files\Rapid Environment Editor [05/08/2014 19:02:02] - |D| - [33800879] - C:\Program Files\Realtek [09/01/2016 17:17:00] - |D| - [10892600] - C:\Program Files\Recuva [02/04/2014 10:50:32] - |D| - [36845737] - C:\Program Files\Reference Assemblies [05/08/2014 18:55:06] - |D| - [141828003] - C:\Program Files\Synaptics [10/01/2016 15:52:59] - |D| - [115968505] - C:\Program Files\The Bat! [22/08/2013 15:47:10] - |HD| - [0] - C:\Program Files\Uninstall Information [02/03/2015 19:21:31] - |D| - [39882922] - C:\Program Files\VS Revo Group [22/08/2013 16:36:31] - |D| - [10069169] - C:\Program Files\Windows Defender [18/03/2014 10:38:02] - |D| - [8978552] - C:\Program Files\Windows Journal [22/08/2013 16:36:31] - |D| - [6376448] - C:\Program Files\Windows Mail [22/08/2013 16:36:31] - |D| - [5386302] - C:\Program Files\Windows Media Player [22/08/2013 16:36:31] - |D| - [286208] - C:\Program Files\Windows Multimedia Platform [22/08/2013 16:36:31] - |D| - [12894778] - C:\Program Files\Windows NT [22/08/2013 16:36:31] - |D| - [6433424] - C:\Program Files\Windows Photo Viewer [22/08/2013 16:36:31] - |D| - [286208] - C:\Program Files\Windows Portable Devices [22/08/2013 16:36:31] - |SHD| - [0] - C:\Program Files\Windows Sidebar [22/08/2013 16:36:31] - |HD| - [1376283431] - C:\Program Files\WindowsApps [22/08/2013 16:36:31] - |D| - [0] - C:\Program Files\WindowsPowerShell [28/02/2015 21:47:46] - |D| - [5471416] - C:\Program Files\WinRAR [09/01/2016 22:17:52] - |D| - [331528327] - C:\Program Files\Zoner ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files [02/05/2015 12:43:59] - |D| - [280523648] - C:\Program Files (x86)\Common Files\Adobe [08/04/2015 11:13:41] - |D| - [47263301] - C:\Program Files (x86)\Common Files\Adobe AIR [05/08/2014 19:09:56] - |D| - [50643] - C:\Program Files (x86)\Common Files\Atheros [03/12/2015 15:21:24] - |D| - [1485208] - C:\Program Files (x86)\Common Files\AV [05/08/2014 19:30:24] - |D| - [192432] - C:\Program Files (x86)\Common Files\CyberLink [05/08/2014 19:01:39] - |D| - [3257529] - C:\Program Files (x86)\Common Files\InstallShield [05/08/2014 19:06:37] - |D| - [106606061] - C:\Program Files (x86)\Common Files\Intel [05/08/2014 19:09:56] - |D| - [234298] - C:\Program Files (x86)\Common Files\Intel Corporation [24/01/2016 11:57:51] - |D| - [1958544] - C:\Program Files (x86)\Common Files\Java [05/08/2014 19:30:43] - |D| - [834664] - C:\Program Files (x86)\Common Files\mcafee [22/08/2013 16:36:30] - |D| - [153787106] - C:\Program Files (x86)\Common Files\Microsoft Shared [05/08/2014 19:39:46] - |D| - [1572025] - C:\Program Files (x86)\Common Files\Nikon [05/08/2014 18:55:24] - |D| - [196972] - C:\Program Files (x86)\Common Files\postureAgent [22/08/2013 16:36:30] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [22/08/2013 16:36:30] - |D| - [9749899] - C:\Program Files (x86)\Common Files\System ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common files [01/05/2015 16:05:54] - |D| - [0] - C:\Program Files\Common files\Adobe [06/08/2015 12:16:39] - |D| - [5767903] - C:\Program Files\Common files\AV [27/11/2015 17:10:52] - |D| - [5186156] - C:\Program Files\Common files\Bullzip [27/02/2015 13:28:25] - |D| - [151648] - C:\Program Files\Common files\EPSON [22/08/2013 16:36:31] - |D| - [83080502] - C:\Program Files\Common files\microsoft shared [03/05/2015 17:21:26] - |D| - [66862892] - C:\Program Files\Common files\Nikon [05/08/2014 19:09:56] - |D| - [858550] - C:\Program Files\Common files\QCA_Bluetooth [22/08/2013 16:36:31] - |D| - [2702] - C:\Program Files\Common files\Services [22/08/2013 16:36:31] - |D| - [10731403] - C:\Program Files\Common files\System ¤¤¤¤¤¤¤¤¤¤ | Tasks [MD5.C5D062DB3A51353472594EC8BA50D933] - [15/10/2015 13:41:01] - |A| - [1084] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.D3C4A48675B7710F573BD4F3ADAB4EE1] - [15/10/2015 13:41:02] - |A| - [1088] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.30BF7393A72FDBE93CA92E6E30FA20C3] - [10/01/2016 15:56:40] - |A| - [352] - C:\WINDOWS\Tasks\HPCeeScheduleForalgasys.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [22/08/2013 15:45:54] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.00000000000000000000000000000000] - [03/05/2015 08:53:33] - |D| - [3826] - C:\WINDOWS\System32\Tasks\2BrightSparks [MD5.00000000000000000000000000000000] - [03/12/2015 15:21:27] - |D| - [3860] - C:\WINDOWS\System32\Tasks\AVAST Software [MD5.4F1CB172DFAFA32626033D6B8F5DEB79] - [27/02/2015 17:35:44] - |A| - [4182] - C:\WINDOWS\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.CA415F116EBC63DECBE8A8DAFB493F34] - [27/01/2016 17:21:17] - |A| - [2788] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.FDCF573445BEF068C48250533D84F791] - [10/05/2015 15:41:18] - |A| - [3176] - C:\WINDOWS\System32\Tasks\CLVDLauncher : C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [MD5.BF8E845AD765CFDA50B471A30E17592C] - [15/10/2015 13:41:01] - |A| - [3824] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.61F9B8F38108D8110D8FD033A907DA52] - [15/10/2015 13:41:02] - |A| - [4060] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [10/05/2014 20:18:08] - |D| - [31926] - C:\WINDOWS\System32\Tasks\Hewlett-Packard [MD5.CECDB28300A774DB1EED8045DE570286] - [10/01/2016 15:56:41] - |A| - [3170] - C:\WINDOWS\System32\Tasks\HPCeeScheduleForalgasys : C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.00000000000000000000000000000000] - [22/08/2013 16:36:30] - |D| - [388980] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.1BD0EBEF2C48CCE0A27A5BC5D719DED0] - [01/03/2015 16:59:47] - |A| - [4226] - C:\WINDOWS\System32\Tasks\Open URL by RoboForm : C:\WINDOWS\system32\rundll32.exe [MD5.B537F3F1861852DB73F9D98962C3A9EB] - [05/08/2014 18:43:27] - |A| - [3594] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1093750580-119878044-3554408547-500 : C:\WINDOWS\system32\rundll32.exe [MD5.FBFA6E248663AAAAAE8AC04B7ADF936A] - [11/01/2016 15:13:16] - |A| - [3596] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1373608429-321133151-520906998-1001 : C:\WINDOWS\system32\rundll32.exe [MD5.5A1CD90C6D8B652B074EE7D283BCE7BE] - [27/02/2015 13:16:29] - |A| - [2306] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1373608429-321133151-520906998-500 : C:\WINDOWS\system32\rundll32.exe [MD5.71E845317605583052F811E1DF69586B] - [02/04/2014 10:35:50] - |A| - [3596] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1725350855-1927001909-1276192757-500 : C:\WINDOWS\system32\rundll32.exe [MD5.2698531D78C8FB9B8036458E422C1510] - [10/05/2014 19:44:21] - |A| - [3592] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-187765206-631763256-1451618476-500 : C:\WINDOWS\system32\rundll32.exe [MD5.00000000000000000000000000000000] - [21/03/2015 11:30:34] - |D| - [23526] - C:\WINDOWS\System32\Tasks\Restore Point Creator [MD5.4C9A78D91EF4F4E9F74D6860593526CA] - [01/03/2015 16:59:47] - |A| - [3490] - C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon : C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [MD5.6927C60CBED5183E6A74C639C9FA70E1] - [22/11/2015 16:14:59] - |A| - [3052] - C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1448205294 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.DD726D2F2D05E527ECEC9BFEEE80D5C7] - [06/06/2015 19:23:17] - |A| - [2912] - C:\WINDOWS\System32\Tasks\Start OPBHOBroker : "C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe" [MD5.5CC8E5AE478E4D21973A4EA40D6470DA] - [06/06/2015 19:23:17] - |A| - [2924] - C:\WINDOWS\System32\Tasks\Start OPBHOBrokerDesktop : "C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe" [MD5.8190596547F2E3F92700F88CB121B384] - [06/06/2015 19:23:15] - |A| - [2986] - C:\WINDOWS\System32\Tasks\Start SimplePass : "C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" [MD5.FF28F1E476E864305406937F19AE9385] - [13/06/2015 11:40:36] - |A| - [3818] - C:\WINDOWS\System32\Tasks\System Restore Checkpoint by System Restore Point Creator : "C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe" [MD5.5E3DFEDE8F413F8513E0CF9A5F087023] - [06/08/2015 12:36:10] - |A| - [3932] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F67EF9EA-633E-455A-84B8-9995C2B65CFF} : C:\WINDOWS\system32\msfeedssync.exe [MD5.B541F8185FF69494C7DFA1B33D33D64B] - [03/05/2015 08:20:28] - |A| - [3168] - C:\WINDOWS\System32\Tasks\YCMServiceAgent : C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [MD5.00000000000000000000000000000000] - [22/08/2013 16:36:31] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ¤¤¤¤¤¤¤¤¤¤ | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@vmicres.dll,-703|Desc=@vmicres.dll,-704|EmbedCtxt=@vmicres.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@vmicres.dll,-707|Desc=@vmicres.dll,-708|EmbedCtxt=@vmicres.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@vmicres.dll,-701|Desc=@vmicres.dll,-702|EmbedCtxt=@vmicres.dll,-700| "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@vmicres.dll,-709|Desc=@vmicres.dll,-710|EmbedCtxt=@vmicres.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@vmicres.dll,-705|Desc=@vmicres.dll,-706|EmbedCtxt=@vmicres.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "Netlogon-NamedPipe-In"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{EB6B0250-C013-4093-B434-CEED7AB9C864}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTP)|Desc=TCP exceptions for NVIDIA Network Service| "{4F9C04A0-040C-4F24-9F6A-D8463FED0C51}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTPS)|Desc=TCP exceptions for NVIDIA Network Service| "{399F96B2-57AA-4C85-9E7B-6551C0BC4965}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47987|LPort=47988|LPort=47989|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe|Name=SHIELD Streaming Service TCP Exception|Desc=TCP exceptions for SHIELD Streaming service| "{84C00628-F247-4696-9895-580D6056B834}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe|Name=SHIELD Streaming Service UDP Exception|Desc=UDP exceptions for SHIELD Streaming service| "{9F319249-8368-40D3-B7F0-BF02F722793E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47991|LPort=47995|LPort=47996|LPort=47998|LPort=35043|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming Application TCP Exception|Desc=TCP exceptions for SHIELD Streaming| "{081914C8-3866-4AB8-AC0D-551B612A0F5D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=48000|LPort=47999|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming Application UDP Exception|Desc=UDP exceptions for SHIELD Streaming| "{9C1CFD6A-7F28-4321-914E-E098468FA9E7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Bonjour-service| "{FD3C2455-C807-45AD-86A7-076D275D5252}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Bonjour-service| "{A5D9ED89-CB11-4B26-892B-EFFA0BCB99D9}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Bonjour-service| "{CDD8EBE4-72BA-45A9-B661-F0149ED11379}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Bonjour-service| "{B97EA459-D0CA-4CC9-9D19-EA58CBE9105C}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE|Name=CyberLink PowerDirector|Desc=CyberLink PowerDirector| "{BF814DAE-3C75-40EF-97E6-1B4C963D5013}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-1373608429-321133151-520906998-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{8B6DE59B-BF61-4C5F-9223-D86294B188D1}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=YouCam for HP|Desc=YouCam|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-2858075274-135750454-1334919231-2600657582-2659737398-1936949094-2005953543|EmbedCtxt=YouCam for HP|Platform=2:6:2|Platform2=GTEQ| "{45412E81-5960-4244-8947-6BBFCB8EC03D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe|Name=HP Socket Service| "{68874705-8D1B-428B-A7CA-6EB1EFCB92EB}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Bookviser Reader|Desc=Bookviser Reader|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-3005255916-2655970148-468706068-2712612191-2059893917-1307567360-1553872222|EmbedCtxt=Bookviser Reader|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{1EA9064D-C6C4-48C7-BA19-D5F1BD10293D}C:\program files (x86)\essentialpim pro\essentialpim.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\essentialpim pro\essentialpim.exe|Name=EssentialPIM Pro|Desc=EssentialPIM Pro|Defer=User| "UDP Query User{403D6350-D2BC-41DD-ACFA-0C19521A8FAE}C:\program files (x86)\essentialpim pro\essentialpim.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\essentialpim pro\essentialpim.exe|Name=EssentialPIM Pro|Desc=EssentialPIM Pro|Defer=User| "TCP Query User{883C6EA3-4D41-4024-86DB-79552BD70418}C:\program files (x86)\essentialpim pro\essentialpim.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\essentialpim pro\essentialpim.exe|Name=EssentialPIM Pro|Desc=EssentialPIM Pro|Defer=User| "UDP Query User{6479E0C8-0AF2-4042-8506-F8900EE11258}C:\program files (x86)\essentialpim pro\essentialpim.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\essentialpim pro\essentialpim.exe|Name=EssentialPIM Pro|Desc=EssentialPIM Pro|Defer=User| "{B067A783-30E7-418F-AC16-762408392A4E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Alain\AppData\Local\Microsoft\OneDrive\OneDrive.exe|Name=Microsoft OneDrive| "{910DBA92-31BA-406C-A643-8A31F227C066}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Desc=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-1220793744-3666789380-189579892-1973497788-2854962754-2836109804-3864561331|EmbedCtxt=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DF64B72A-B70E-49E3-949D-FEB827F465EB}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Desc=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-1220793744-3666789380-189579892-1973497788-2854962754-2836109804-3864561331|EmbedCtxt=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C4DBBDF7-66D6-4915-A4A4-22F5A6DE3F56}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe|Name=CyberLink PowerDVD12|Desc=CyberLink PowerDVD12| "{48E173C0-D3CD-4BFD-B1E6-CDA5214AD17B}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe|Name=CyberLink PowerDVD 12 Media Server Service|Desc=CyberLink Media Server| "{176BA607-2145-45E2-AE3D-40751D3B5723}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe|Name=CyberLink PowerDVD12 Moovie Live|Desc=CyberLink PowerDVD12 Moovie Live| "{B764082D-8040-4CD6-9156-8F939351F77A}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe|Name=CyberLink PowerDVD12 Movie Module|Desc=CyberLink PowerDVD12 Movie Module| "{65A8595D-C535-49AA-9B03-67D79E919FE2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{26720RandomSaladGamesLLC.SimpleSolitaire_4.8.0.24_neutral__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.SimpleSolitaire/resources/gameName}|Desc=@{26720RandomSaladGamesLLC.SimpleSolitaire_4.8.0.24_neutral__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.SimpleSolitaire/resources/gameName}|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-919809942-2132619914-2252889538-1417933825-3888566155-4108240615-1551254447|EmbedCtxt=@{26720RandomSaladGamesLLC.SimpleSolitaire_4.8.0.24_neutral__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.SimpleSolitaire/resources/gameName}|Platform=2:6:2|Platform2=GTEQ| "{99C89916-FC17-4A25-A3BA-D5777C38AAC2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_3.0.4.322_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/BrandedAppTitle}|Desc=@{Microsoft.BingWeather_3.0.4.322_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/AppDescription}|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_3.0.4.322_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{1B936C54-CB1F-426F-A107-55E722FF5B55}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{7820D9A5-FC59-4C1F-BA41-1A561EBF9757}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingTranslator_1.12.0.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTranslator/Resources/AppName}|Desc=@{Microsoft.BingTranslator_1.12.0.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTranslator/Resources/AppName}|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-2100162858-2794422760-548763430-3891709467-1461200424-1601279087-530429218|EmbedCtxt=@{Microsoft.BingTranslator_1.12.0.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTranslator/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{434A5D85-C4B5-4A7C-98E5-AC2AB1418123}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=XE Currency|Desc=XECurrency|LUOwn=S-1-5-21-1373608429-321133151-520906998-1001|AppPkgId=S-1-15-2-2915143093-1467414518-664357207-170265686-3601737758-639736170-1005236675|EmbedCtxt=XE Currency|Platform=2:6:2|Platform2=GTEQ| ¤¤¤¤¤¤¤¤¤¤ | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @PrintQueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%SECURITYACCELERATORCLASSNAME%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @idtsec.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem95.inf,%ClassName%;Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @%SystemRoot%\System32\Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{502EB68B-57B4-4FEE-9890-18F2D8AD1E3E}] : (mfencbdc) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8c78b96c-9120-4da4-a144-ff427f2cf132}] : (BarcodeScanner) [] -> @hidscanner.inf,%ClassName%;POS HID Barcode scanners [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{B95B836B-234E-4857-A1F8-D0D9A9BEC1C5}] : (vmbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @AudioEndpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @WSDPrint.Inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C777C165-D422-426D-8EBF-6EAF3FB83ADF}] : (aswNdisFlt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted) [08/11/2013 10:22:00] - (12.8.9.1000) - (Intel Corporation - Intel Rapid Storage Technology driver - x64) - C:\WINDOWS\System32\drivers\iaStorA.sys [27/02/2015 17:34:47] - (11.1.2245.1540) - (AVAST Software - avast! VM Monitor) - C:\WINDOWS\System32\Drivers\aswVmm.sys [27/02/2015 17:34:47] - (11.1.2245.1540) - (AVAST Software - avast! Revert) - C:\WINDOWS\System32\Drivers\aswRvrt.sys [23/07/2013 09:28:56] - (6.0.5.1) - (Hewlett-Packard - HP Disk Filter - SATA/RAID) - C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [27/02/2015 17:34:47] - (11.1.2245.1552) - (AVAST Software - avast! self protection module) - C:\WINDOWS\system32\drivers\aswSP.sys [27/02/2015 17:34:47] - (11.1.2245.1552) - (AVAST Software - avast! Virtualization Driver) - C:\WINDOWS\system32\drivers\aswSnx.sys [27/02/2015 17:34:47] - (11.1.2245.1540) - (AVAST Software - avast! Keyboard Filter Driver) - C:\WINDOWS\system32\drivers\aswKbd.sys [09/09/2015 05:57:40] - (14.1.7.0) - (Check Point Software Technologies Ltd. - ZoneAlarm) - C:\WINDOWS\System32\drivers\vsdatant.sys [27/02/2015 17:34:47] - (11.1.2245.1540) - (AVAST Software - avast! WFP Redirect Driver) - C:\WINDOWS\system32\drivers\aswRdr2.sys [11/04/2015 11:36:03] - (1.0.0.3512) - (CyberLink - It is a virtual device driver which could create multiple virtual devices and mount image files.) - C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [27/02/2015 22:30:08] - (10.18.10.3574) - (Intel Corporation - Intel Graphics Kernel Mode Driver) - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [10/12/2013 16:27:36] - (9.5.24.1790) - (Intel Corporation - Intel(R) Management Engine Interface) - C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [22/12/2014 02:40:42] - (10.0.0.308) - (Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver) - C:\WINDOWS\system32\DRIVERS\athwbx.sys [27/02/2015 22:41:11] - (8.32.508.2014) - (Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver ) - C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [05/08/2014 19:07:01] - (9.18.13.3285) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 332.85) - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [13/08/2013 15:02:08] - (1.0.11.0) - ( - Intel Keyboard Class Upper Filter Driver) - C:\WINDOWS\system32\DRIVERS\ikbevent.sys [13/03/2014 17:50:16] - (18.1.5.2) - (Synaptics Incorporated - Synaptics Touchpad Win64 Driver) - C:\WINDOWS\system32\DRIVERS\SynTP.sys [13/08/2013 15:02:12] - (1.0.11.0) - ( - Intel Mouse Class Upper Filter Driver) - C:\WINDOWS\system32\DRIVERS\imsevent.sys [13/03/2014 17:50:16] - (18.1.5.2) - (Synaptics Incorporated - Synaptics SMBus Driver) - C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [23/07/2013 09:28:56] - (6.0.5.1) - (Hewlett-Packard - HP Accelerometer) - C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [22/07/2013 15:45:58] - (1.0.6.1) - (Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver) - C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [13/08/2013 15:02:12] - (1.0.8.0) - ( - Intel(R) Smart Connect Technology Device Driver) - C:\WINDOWS\System32\drivers\ISCTD64.sys [05/08/2014 19:07:03] - (1.2.22.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [01/03/2014 21:42:30] - (4.5.52.0) - (Intel Corporation - Intel® WiDi Solution) - C:\WINDOWS\System32\drivers\iwdbus.sys [03/05/2015 08:20:27] - (1.0.27893.6128) - (CyberLink Corporation - CyberLink WebCam Virtual Driver) - C:\WINDOWS\system32\DRIVERS\clwvd.sys [27/02/2015 22:37:58] - (6.0.1.7358) - (Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver) - C:\WINDOWS\system32\drivers\RTKVHD64.sys [10/07/2015 11:35:08] - (4.0.0.7) - (Advanced Card Systems Ltd. - PCSC/CCID IFD Handler) - C:\WINDOWS\system32\DRIVERS\a38usb.sys [24/12/2013 17:59:14] - (8.0.1.314) - (Qualcomm Atheros - Qualcomm Atheros BtFilter Driver) - C:\WINDOWS\system32\DRIVERS\btfilter.sys [27/02/2015 17:34:47] - (11.1.2245.1545) - (AVAST Software - avast! File System Minifilter for Windows 2003/Vista) - C:\WINDOWS\system32\drivers\aswMonFlt.sys [27/02/2015 17:34:47] - (11.1.2245.1540) - (AVAST Software - avast! HWID) - C:\WINDOWS\system32\drivers\aswHwid.sys [22/08/2013 16:36:40] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\WINDOWS\System32\Drivers\secdrv.SYS [05/08/2014 19:15:14] - (0.0.0.0) - ( -) - C:\Windows\System32\Drivers\INETMON.sys ¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys S0 - ADP80XX () -> System32\drivers\ADP80XX.SYS S0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S0 - amdsata () -> System32\drivers\amdsata.sys S0 - amdsbs () -> System32\drivers\amdsbs.sys S0 - amdxata () -> System32\drivers\amdxata.sys S0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys R0 - aswRvrt (avast! Revert) -> (?) R0 - aswVmm (avast! VM Monitor) -> (?) S0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys S0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys S0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD) -> System32\drivers\evbda.sys R0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys S0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys S0 - gagp30kx (@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys R0 - hpdskflt (@oem26.inf,%service_desc%;HP Filter) -> system32\DRIVERS\hpdskflt.sys S0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorA () -> System32\drivers\iaStorA.sys S0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys S0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys S0 - intelide () -> System32\drivers\intelide.sys R0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys S0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys S0 - LSI_SAS () -> System32\drivers\lsi_sas.sys S0 - LSI_SAS2 () -> System32\drivers\lsi_sas2.sys S0 - LSI_SAS3 () -> System32\drivers\lsi_sas3.sys S0 - LSI_SSS () -> System32\drivers\lsi_sss.sys S0 - megasas () -> System32\drivers\megasas.sys S0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys S0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys S0 - nvraid () -> System32\drivers\nvraid.sys S0 - nvstor () -> System32\drivers\nvstor.sys S0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@machine.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys S0 - pciide () -> System32\drivers\pciide.sys S0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys S0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys S0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys S0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys S0 - stexstor () -> System32\drivers\stexstor.sys S0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standaard SATA AHCI-stuurprogramma) -> System32\drivers\storahci.sys S0 - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> System32\drivers\vmstorfl.sys S0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys S0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys S0 - uagp35 (@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys S0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys S0 - viaide () -> System32\drivers\viaide.sys S0 - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys S0 - vsmraid () -> System32\drivers\vsmraid.sys S0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> system32\DRIVERS\wfplwfs.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys R1 - CLVirtualDrive (CLVirtualDrive) -> \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> \SystemRoot\system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - Vsdatant (@oem32.inf,%Vsdatant_Desc%;Zone Alarm Firewall Driver) -> System32\drivers\vsdatant.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> \SystemRoot\system32\DRIVERS\vwififlt.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> \SystemRoot\system32\DRIVERS\wanarp.sys R2 - AGSService (Adobe Genuine Software Integrity Service) -> "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" R2 - AppHostSvc (@%windir%\system32\inetsrv\iisres.dll,-30011) -> %windir%\system32\svchost.exe -k apphost R2 - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys S2 - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys R2 - AtherosSvc (AtherosSvc) -> "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" R2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - Bonjour Service (Bonjour-service) -> "C:\Program Files\Bonjour\mDNSResponder.exe" R2 - BotkindSyncService (Botkind Service) -> C:\Program Files\Allway Sync\Bin\SyncService.exe service R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork S2 - DymoPnpService (DYMO PnP Service) -> "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe" R2 - EpsonScanSvc (Epson Scanner Service) -> C:\WINDOWS\system32\EscSvc64.exe R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - hpsrv (@oem26.inf,%hpservice_desc%;HP Service) -> %SystemRoot%\system32\Hpservice.exe R2 - HPSupportSolutionsFrameworkService (HP Support Solutions Framework Service) -> "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" R2 - HPWMISVC (HPWMISVC) -> c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe R2 - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" R2 - igfxCUIService1.0.0.0 (Intel(R) HD Graphics Control Panel Service) -> %SystemRoot%\system32\igfxCUIService.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe" R2 - Intel(R) ME Service (Intel(R) ME Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - ISCTAgent (Intel(R) Smart Connect Technology Agent) -> "C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe" R2 - jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> \SystemRoot\system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - LMS (Intel(R) Management and Security Application Local Management Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MBAMScheduler () -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" S2 - MBAMService () -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" S2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R2 - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> \SystemRoot\system32\DRIVERS\nwifi.sys R2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - NvNetworkService (NVIDIA Network Service) -> "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" R2 - NvStreamSvc (NVIDIA Streamer Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" R2 - nvsvc (NVIDIA Display Driver Service) -> "C:\Windows\system32\nvvsvc.exe" R2 - omniserv ( HP SimplePass Service) -> "C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe" R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> \SystemRoot\system32\DRIVERS\rspndr.sys R2 - RtkAudioService (Realtek Audio Service) -> C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - secdrv (Security Driver) -> (?) R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - SynTPEnhService (SynTPEnh Caller Service) -> C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - TabletInputService (@%SystemRoot%\system32\TabSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S2 - vsmon (TrueVector Internet Monitor) -> "C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WlanSvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding S2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - ZAPrivacyService (ZoneAlarm Privacy Service) -> "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe" ¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted) [MD5.AD508A1A46EC21B740AB31C28EFDFDB1] - [22/08/2013 07:57:45] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [106.34 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.6C0349AF3670FC86F0866136F6B9F0F2] - [10/07/2015 11:35:08] - (.Copyright (C) ACS Ltd. 2015 - PCSC/CCID IFD Handler.) - [70.52 Ko] - (4.0.0.7) - C:\WINDOWS\System32\Drivers\a38usb.sys [MD5.F39180029723D7779C80360F9E255709] - [23/07/2013 09:28:56] - (.© Copyright 2001-2013 Hewlett-Packard Development Company, L.P. - HP Accelerometer.) - [42.3 Ko] - (6.0.5.1) - C:\WINDOWS\System32\Drivers\Accelerometer.sys [MD5.7C1FDF1B48298CBA7CE4BDD4978951AD] - [22/08/2013 08:01:07] - (.Copyright (C) PMC-Sierra 2001-2013 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [763.84 Ko] - (1.0.0.254) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.D2BF2F94A47D332814910FD47C6BBCD2] - [22/08/2013 08:01:07] - (.Copyright © 2008-2013 AMD, Inc. - AHCI 1.3 Device Driver.) - [77.34 Ko] - (1.1.4.14) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.A8E04943C7BBA7219AA50400272C3C6E] - [22/08/2013 07:57:45] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.CEA5F4F27CFC08E3A44D576811B35F50] - [22/08/2013 08:01:07] - (.Copyright © 2008-2013 AMD, Inc. - Storage Filter Driver.) - [25.34 Ko] - (1.1.4.14) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.65045784366F7EC5FB4E71BCF923187B] - [22/08/2013 08:01:07] - (.Copyright 2013 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [111.34 Ko] - (7.2.0.30261) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [27.98 Ko] - (11.1.2245.1540) - C:\WINDOWS\System32\Drivers\aswHwid.sys [MD5.42AE0F2BF37CE46EB01A753F96FCC9B8] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [27.48 Ko] - (11.1.2245.1540) - C:\WINDOWS\System32\Drivers\aswKbd.sys [MD5.68E76C1675AC171A84F5B7230652E19D] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [95.36 Ko] - (11.1.2245.1545) - C:\WINDOWS\System32\Drivers\aswmonflt.sys [MD5.2D6B49A071216796106E7804AB2BA7DC] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [91.34 Ko] - (11.1.2245.1540) - C:\WINDOWS\System32\Drivers\aswRdr2.sys [MD5.E46B51C99BB750A81AC6A68362475A5C] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [63.7 Ko] - (11.1.2245.1540) - C:\WINDOWS\System32\Drivers\aswRvrt.sys [MD5.0BCDF7DF06B4407A7EB0443AADB3DD27] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1040.24 Ko] - (11.1.2245.1552) - C:\WINDOWS\System32\Drivers\aswsnx.sys [MD5.619CA9F210F0F36F8162E5B7BFDDA5CD] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [453.38 Ko] - (11.1.2245.1552) - C:\WINDOWS\System32\Drivers\aswsp.sys [MD5.D9079E1A1C2A1F8ED5F37AF8E6CD3161] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [151.66 Ko] - (11.1.2245.1540) - C:\WINDOWS\System32\Drivers\aswStm.sys [MD5.E4ABC023E251D2BB6B98C9FCAF5CF16D] - [27/02/2015 17:34:28] - (.OpenVPN Technologies, Inc. - TAP-Windows Virtual Network Driver.) - [43.59 Ko] - (9.0.0.10) - C:\WINDOWS\System32\Drivers\aswTap.sys [MD5.3BEC32A0B646D914921FD56AA39998C1] - [27/02/2015 17:34:47] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [267.37 Ko] - (11.1.2245.1540) - C:\WINDOWS\System32\Drivers\aswVmm.sys [MD5.93A6671EC2DC01378F2CF481A0026DEB] - [22/12/2014 02:40:42] - (.Copyright (C) 2001-2010 Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) - [4166 Ko] - (10.0.0.308) - C:\WINDOWS\System32\Drivers\athwbx.sys [MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - [22/08/2013 07:57:48] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [17.21 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.A4A73F631FE2AA2826FBE4A399B04DEF] - [22/08/2013 07:57:55] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.5C646CAC91E086F7FF53C7F2E857F263] - [11/04/2015 11:36:03] - (.Copyright (C) 2011 CyberLink - It is a virtual device driver which could create multiple virtual devices and mount image files..) - [89.76 Ko] - (1.0.0.3512) - C:\WINDOWS\System32\Drivers\CLVirtualDrive.sys [MD5.9731DAFDC7B690B2C7752FDFF045BFD8] - [03/05/2015 08:20:27] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [40.73 Ko] - (1.0.27893.6128) - C:\WINDOWS\System32\Drivers\clwvd.sys [MD5.114BCFDF367FF37C3F1B0A96AF542E4D] - [22/08/2013 07:57:55] - (.(c) COPYRIGHT 2001-2013 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3278.34 Ko] - (7.4.33.1) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.8B8E6BD988EAF18C1B86704BF05E5C03] - [23/07/2013 09:28:56] - (.© Copyright 2001-2013 Hewlett-Packard Development Company, L.P. - HP Disk Filter - SATA/RAID.) - [29.8 Ko] - (6.0.5.1) - C:\WINDOWS\System32\Drivers\hpdskflt.sys [MD5.A6AACEA4C785789BDA5912AD1FEDA80D] - [22/08/2013 07:57:45] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.5D90E32E36CE5D4C535D17CE08AEAF05] - [22/08/2013 07:57:49] - (.Copyright © 2013, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [23.99 Ko] - (1.1.163.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.DD05E7E80F52ADE9AEB292819920F32C] - [22/08/2013 07:57:49] - (.Copyright © 2013, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [96.99 Ko] - (1.1.163.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.4558F084BCB7EFA3E8321C95B4EE736F] - [08/11/2013 10:22:00] - (.Copyright(C) Intel Corporation 1994-2013 - Intel Rapid Storage Technology driver - x64.) - [617.35 Ko] - (12.8.9.1000) - C:\WINDOWS\System32\Drivers\iaStorA.sys [MD5.08BFE413B0B4AA8DFA4B5684CE06D3DC] - [22/08/2013 08:01:07] - (.Copyright(C) Intel Corporation 1994-2012 - Intel Rapid Storage Technology driver (inbox) - x64.) - [635.98 Ko] - (12.0.1.1018) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.A2200C3033FA4EF249FC096A7A7D02A2] - [22/08/2013 08:01:07] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.623DB9620F552B480690AD882AFACED1] - [27/02/2015 22:30:08] - (.Copyright (c) 1998-2012 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [3701 Ko] - (10.18.10.3574) - C:\WINDOWS\System32\Drivers\igdkmd64.sys [MD5.E71AC94964ED675B3ED0727059B7F97B] - [13/08/2013 15:02:08] - (.Copyright (C) 2011 - 2013 Intel Corporation - Intel Keyboard Class Upper Filter Driver.) - [20.91 Ko] - (1.0.11.0) - C:\WINDOWS\System32\Drivers\ikbevent.sys [MD5.2FDB67F5B9F4E96B40FDC9D1AA0B686F] - [13/08/2013 15:02:12] - (.Copyright (C) 2011 - 2013 Intel Corporation - Intel Mouse Class Upper Filter Driver.) - [21.41 Ko] - (1.0.11.0) - C:\WINDOWS\System32\Drivers\imsevent.sys [MD5.3F2BB021CB280880F8C1B7A6FEF9B447] - [05/08/2014 19:15:14] - (.-.) - [28.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\INETMON.sys [MD5.890144FA6AB42F2B54EE633BF96A019A] - [27/02/2015 22:30:06] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [439.96 Ko] - (6.16.0.3137) - C:\WINDOWS\System32\Drivers\IntcDAud.sys [MD5.FC7C456AF9B9811499EDBD10616832EE] - [01/03/2014 21:42:29] - (.Copyright © 2013-2013, Intel Corporation. - Intel® WiDi Solution.) - [37.4 Ko] - (4.5.52.0) - C:\WINDOWS\System32\Drivers\intelaud.sys [MD5.4EE2423C38F43D37F8497A672FD10BDC] - [13/08/2013 15:02:12] - (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Driver.) - [45.48 Ko] - (1.0.8.0) - C:\WINDOWS\System32\Drivers\ISCTD64.sys [MD5.A90C843F4FDD7A07129BA73C6BE13976] - [01/03/2014 21:42:30] - (.Copyright © 2013-2013, Intel Corporation. - Intel® WiDi Solution.) - [26.4 Ko] - (4.5.52.0) - C:\WINDOWS\System32\Drivers\iwdbus.sys [MD5.C755AE4635457AA2A11F79C0DF857ABC] - [22/08/2013 07:57:45] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.84 Ko] - (1.34.3.82) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.ADAC09CBE7A2040B7F68B5E5C9A75141] - [22/08/2013 07:57:45] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [91.34 Ko] - (2.0.60.82) - C:\WINDOWS\System32\Drivers\lsi_sas2.sys [MD5.04D1274BB9BBCCF12BD12374002AA191] - [22/08/2013 07:57:45] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen3 Driver (StorPort).) - [79.84 Ko] - (2.50.65.1) - C:\WINDOWS\System32\Drivers\lsi_sas3.sys [MD5.327469EEF3833D0C584B7E88A76AEC0C] - [22/08/2013 07:57:45] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.CFBC6C6D8A492697CABD1D353EE64933] - [23/01/2016 17:12:43] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [25.21 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys [MD5.42B3F5C9FBC9B3F0E0BA6B5D7FC8E849] - [23/01/2016 17:12:43] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [106.71 Ko] - (1.1.21.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [23/01/2016 17:12:56] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [MD5.EB5C03A070F30D64A6DF80E53B22F53F] - [22/08/2013 07:57:45] - (.Copyright © LSI Corporation 2013 - MEGASAS RAID Controller Driver for Windows.) - [55.34 Ko] - (6.3.9466.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.F6F13533196DE7A582D422B0241E4363] - [22/08/2013 07:57:45] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.B8C35C94DCB2DFEAF03BB42131F2F77F] - [22/08/2013 07:57:45] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1015) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.08DECFCB9BA97786165A69AB1015BC30] - [23/01/2016 17:12:43] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [62.71 Ko] - (1.0.6.0) - C:\WINDOWS\System32\Drivers\mwac.sys [MD5.E99BEDC8B13294736A5BAEE23530C3F3] - [05/08/2014 19:07:01] - (.(C) 2014 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 332.85.) - [12384.78 Ko] - (9.18.13.3285) - C:\WINDOWS\System32\Drivers\nvlddmkm.sys [MD5.BC6B5942AFF25EBAF62DE43C3807EDF8] - [22/08/2013 08:01:09] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.22) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.1F43ABFFAC3D6CA356851D517392966E] - [22/08/2013 08:01:09] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [164.34 Ko] - (10.6.0.22) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.50A7C3FEA78D11B546EA9B0C25FBC6AB] - [05/08/2014 19:07:03] - (.(C) NVIDIA Corporation. - NVIDIA Virtual Audio Driver.) - [39.45 Ko] - (1.2.22.0) - C:\WINDOWS\System32\Drivers\nvvad64v.sys [MD5.9C3AC71A9934B884FAC567A8807E9C4D] - [02/03/2015 19:21:32] - (.© VS Revo Group, Ltd. - Revo Uninstaller Minifilter.) - [31.05 Ko] - (1.0.0.4) - C:\WINDOWS\System32\Drivers\revoflt.sys [MD5.48E042D6AAB285409AF06200966EA655] - [27/02/2015 22:41:11] - (.Copyright (C) 2014 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver .) - [851.21 Ko] - (8.32.508.2014) - C:\WINDOWS\System32\Drivers\Rt630x64.sys [MD5.0ED561B13EFE36080760981616107D15] - [27/02/2015 22:37:58] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4138.09 Ko] - (6.0.1.7358) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.A5A0BBC875A1E50E29ED02E21A8FA13E] - [05/08/2014 19:00:39] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [305.71 Ko] - (6.3.9600.27047) - C:\WINDOWS\System32\Drivers\RtsBaStor.sys [MD5.6A940599A059C6C9D6E54D7A3EF356B8] - [05/08/2014 19:00:39] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [284.71 Ko] - (6.3.9600.29075) - C:\WINDOWS\System32\Drivers\RtsP2Stor.sys [MD5.8E255394255FB64DB7D31DD3D08F68A6] - [05/08/2014 19:00:39] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS PCIE READER Driver.) - [455.21 Ko] - (6.3.9600.21247) - C:\WINDOWS\System32\Drivers\RtsPer.sys [MD5.D23399622ED6692BF6AA1D30322345FC] - [05/08/2014 19:00:39] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [350.71 Ko] - (6.3.9600.28150) - C:\WINDOWS\System32\Drivers\RtsPStor.sys [MD5.14182642967B8751F3717E94FC90DF48] - [05/08/2014 19:00:39] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) - [264.71 Ko] - (6.3.9600.30174) - C:\WINDOWS\System32\Drivers\RtsUStor.sys [MD5.B0B2C5F4D0A41FAAE7F2DD51C889CC13] - [05/08/2014 19:00:39] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) - [324.21 Ko] - (6.3.9600.39057) - C:\WINDOWS\System32\Drivers\RtsUVStor.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [22/08/2013 16:36:40] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\WINDOWS\System32\Drivers\secdrv.sys [MD5.2F518D13DD6F3053837FE606F1A2EA1F] - [22/08/2013 08:01:09] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.1AC9A200A9C49C4508F04AAFFCA34A3F] - [22/08/2013 08:01:09] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.13DFE743C3AF65458F5C7777A9B16CCC] - [13/03/2014 17:50:14] - (.Copyright (C) Synaptics Incorporated 1996-2014 - Synaptics SMBus Driver.) - [29.73 Ko] - (18.1.5.2) - C:\WINDOWS\System32\Drivers\Smb_driver_AMDASF.sys [MD5.3D3A01F8499FD703513A33ED0C8921C2] - [13/03/2014 17:50:16] - (.Copyright (C) Synaptics Incorporated 1996-2014 - Synaptics SMBus Driver.) - [30.73 Ko] - (18.1.5.2) - C:\WINDOWS\System32\Drivers\Smb_driver_Intel.sys [MD5.73BDD44A6088916964945886F9025409] - [22/01/2014 07:52:10] - (.Copyright (c) DEVGURU 2002-2008.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) - [106.25 Ko] - (2.11.7.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.5252D7BC56E5E0ED715AEA8FE173A455] - [22/01/2014 07:52:10] - (.Copyright (c) DEVGURU 2002-2008. (www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) - [201.25 Ko] - (2.11.7.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.76F7D7217FBDAB77798A2A244ACD641F] - [22/01/2014 07:52:12] - (.Copyright (c) DEVGURU 2002-2008. (www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) - [201.25 Ko] - (2.11.7.0) - C:\WINDOWS\System32\Drivers\ssudserd.sys [MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - [22/08/2013 07:57:45] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.12711DAB3FCCC1649FE149B61C26C80A] - [13/03/2014 17:50:16] - (.Copyright (C) Synaptics Incorporated 1996-2014 - Synaptics Touchpad Win64 Driver.) - [528.73 Ko] - (18.1.5.2) - C:\WINDOWS\System32\Drivers\SynTP.sys [MD5.EB1D78140D6634C32A46AB1006105EDC] - [10/12/2013 16:27:36] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [97.96 Ko] - (9.5.24.1790) - C:\WINDOWS\System32\Drivers\TeeDriverx64.sys [MD5.06D38968028E9AB19DE9B618C7B6D199] - [22/08/2013 13:22:58] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [19.34 Ko] - (6.0.6000.170) - C:\WINDOWS\System32\Drivers\viaide.sys [MD5.9B62F092C04C6E49230F0E65183DEAC6] - [09/09/2015 05:57:40] - (.Copyright © 1998-2015, Check Point, LTD - ZoneAlarm.) - [451.47 Ko] - (14.1.7.0) - C:\WINDOWS\System32\Drivers\vsdatant.sys [MD5.4539F45F9F4C9757A86A56C949421E07] - [22/08/2013 08:01:09] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [164.84 Ko] - (7.0.9200.6320) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.0849B7260F26FE05EA56DED0672E2F4B] - [22/08/2013 08:01:10] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.4F2A80D65AE6F845776E2F06AE6782ED] - [22/07/2013 15:45:58] - (.Copyright (C) 2000-2012 Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) - [20.31 Ko] - (1.0.6.1) - C:\WINDOWS\System32\Drivers\WirelessButtonDriver64.sys ¤¤¤¤¤¤¤¤¤¤ | Uninstall [HKU\S-1-5-21-1373608429-321133151-520906998-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Screenpresso] : (Screenpresso.-.Learnpulse) -> "C:\Users\Alain\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958] : (Package de pilotes Windows - Fedict SmartCard (08/08/2015 4.1.5).-.Fedict) -> rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_434c3be66d9de384\beidmdrv.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Allway Sync_is1] : (Allway Sync version 15.1.9.-.Botkind Inc) -> "C:\Program Files\Allway Sync\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Branding] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bullzip PDF Printer_is1] : (Bullzip PDF Printer 10.23.0.2529.-.Bullzip) -> "C:\Program Files\Bullzip\PDF Printer\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Capture NX 2] : (Capture NX 2.-.NIKON CORPORATION) -> C:\Program Files\Nikon\Capture NX 2\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ClipCache_is1] : (ClipCache Pro 3.5.3.-.XRayz Software) -> "C:\Program Files\ClipCache\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\COLOR_PROJECTS_1_3_C935FDA1_is1] : (COLOR projects professional (64-Bit).-.Franzis Verlag GmbH) -> "C:\Program Files\Franzis\COLOR projects professional\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CutOut 5_is1] : (CutOut 5.0.-.Franzis.de) -> "C:\Program Files\Franzis\CutOut 5\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON WF-3520 Series] : (EPSON WF-3520 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YINSJJE.EXE /R /APD /P:"EPSON WF-3520 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PortraitProStudio15_is1] : (PortraitPro Studio 15.4.-.Anthropics Technology Ltd.) -> "C:\Program Files\PortraitPro Studio 15\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Recuva] : (Recuva.-.Piriform) -> "C:\Program Files\Recuva\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SynTPDeinstKey] : (Synaptics Pointing Device Driver.-.Synaptics Incorporated) -> rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.20 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ZonerPhotoStudio18_EN_is1] : (Zoner Photo Studio 18.-.ZONER software) -> "C:\Program Files\Zoner\Photo Studio 18\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb] : (Windows Media Player 64-bit Plug-in Fix.-.) -> %windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}] : (Picture Control Utility x64.-.Nikon) -> MsiExec.exe /X{11953C65-BB4E-4CA4-B0F0-2600A4B20040} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418071F0}] : (Java 8 Update 71 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86418071F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1] : (Inpaint 6.2.-.Teorex) -> "C:\Program Files\Inpaint\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}] : (Inst5675.-.Softex Inc.) -> MsiExec.exe /I{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2F168384-DDA0-4184-8276-6E5666D0FDB0}] : (Intel(R) Smart Connect Technology.-.Intel Corporation) -> MsiExec.exe /I{2F168384-DDA0-4184-8276-6E5666D0FDB0} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{314FAD12-F785-4471-BCE8-AB506642B9A1}] : (HP SimplePass.-.Hewlett-Packard) -> MsiExec.exe /X{314FAD12-F785-4471-BCE8-AB506642B9A1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{34AD4E52-723F-4377-9CDD-BCBD892264FA}_is1] : (Rapid Environment Editor version 8.0.0.929.-.Oleg Danilov) -> "C:\Program Files\Rapid Environment Editor\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}] : (HP Utility Center.-.Hewlett-Packard Company) -> MsiExec.exe /I{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3E31400D-274E-4647-916C-2CACC3741799}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}] : (Energy Star.-.Hewlett-Packard Company) -> MsiExec.exe /I{465CA2B6-98AF-4E77-BE22-A908C34BB9EC} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{46EDE454-82AD-454C-B019-749D5CEF1C97}] : (The Bat! v6.8.8 (64-bit).-.Ritlabs, SRL) -> MsiExec.exe /I{46EDE454-82AD-454C-B019-749D5CEF1C97} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1] : (Revo Uninstaller Pro 3.1.5.-.VS Revo Group, Ltd.) -> "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}] : (HP Postscript Converter.-.Hewlett-Packard) -> MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{704F77A4-BA54-4DAF-96EA-C604BD32DCC2}] : (AKVIS Enhancer.-.AKVIS) -> MsiExec.exe /I{704F77A4-BA54-4DAF-96EA-C604BD32DCC2} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}] : (DisableMSDefender.-.Hewlett-Packard Company) -> MsiExec.exe /I{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{878F6913-7421-4713-97F7-0A736EE2A188}] : (Inst5676.-.Softex Inc.) -> MsiExec.exe /I{878F6913-7421-4713-97F7-0A736EE2A188} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8C3F291E-AA0A-4188-A83F-1D97103AE27C}] : (LibreOffice 5.0.4.2.-.The Document Foundation) -> MsiExec.exe /I{8C3F291E-AA0A-4188-A83F-1D97103AE27C} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9E9C290F-18E8-412D-B4F2-6CD6B45E47C0}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{9E9C290F-18E8-412D-B4F2-6CD6B45E47C0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A84A4FB1-D703-48DB-89E0-68B6499D2801}] : (Qualcomm Atheros Bluetooth Suite (64).-.Qualcomm Atheros) -> MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (NVIDIA-configuratiescherm 332.85.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Grafisch stuurprogramma 332.85.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{27D20FFD-D8E7-4952-9261-A57A2971FA76}\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 2.0.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{27D20FFD-D8E7-4952-9261-A57A2971FA76}\NVI2.DLL",UninstallPackage Display.GFExperience [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 12.4.46.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA PhysX systeemsoftware 9.13.0927.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{27D20FFD-D8E7-4952-9261-A57A2971FA76}\NVI2.DLL",UninstallPackage Display.PhysX [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (NVIDIA Update 12.4.46.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 12.4.46.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.22.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{27D20FFD-D8E7-4952-9261-A57A2971FA76}\NVI2.DLL",UninstallPackage VirtualAudio.Driver [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C6059B1A-E091-4B1D-8040-64DB2F932FFB}] : (AKVIS Refocus.-.AKVIS) -> MsiExec.exe /I{C6059B1A-E091-4B1D-8040-64DB2F932FFB} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9EC7502-3B5F-4A27-BF88-6002F556CDAF}] : (AKVIS Noise Buster.-.AKVIS) -> MsiExec.exe /I{C9EC7502-3B5F-4A27-BF88-6002F556CDAF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1] : (Restore Point Creator version 3.5 Build 4.-.Tom Parkison) -> "C:\Program Files (x86)\Restore Point Creator\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}] : (HP Registration Service.-.Hewlett-Packard) -> MsiExec.exe /X{D1E8F2D7-7794-4245-B286-87ED86C1893C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4893C47-704F-4B84-8486-9DE4974ACA6F}] : (Picture Control Utility 2.-.Nikon Corporation) -> MsiExec.exe /X{D4893C47-704F-4B84-8486-9DE4974ACA6F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DB942AEA-93D6-4FE4-8862-180D35A71698}] : (Belgium e-ID middleware 4.1.10 (build 1698).-.Belgian Government) -> MsiExec.exe /I{DB942AEA-93D6-4FE4-8862-180D35A71698} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\7-Zip] : (7-Zip 4.65.-.) -> "C:\Program Files (x86)\7-Zip\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Shockwave Player] : (Adobe Shockwave Player 12.1.-.Adobe Systems, Inc.) -> "C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AI RoboForm] : (RoboForm 7-9-17-5 (All Users).-.Siber Systems) -> "C:\Program Files (x86)\Siber Systems\AI RoboForm\rfwipeout.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AntispamSniper for TheBat!] : (AntispamSniper for TheBat!.-.) -> C:\Program Files (x86)\AntispamSniper for TheBat!\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Pro Antivirus.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\com.nikonimagespace.uploader] : (NIKON IMAGE SPACE UPLOADER.-.NIKON CORPORATION) -> msiexec /qb /x {FF16363A-46D4-914E-010A-27DF55793BCA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CSVed_is1] : (CSVed 2.3.4.-.Sam Francke) -> "C:\Program Files (x86)\CSVed\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1] : (TrayStatus 1.2.3.-.Binary Fortress Software) -> "C:\Program Files (x86)\TrayStatus\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DYMO Label v.8] : (DYMO Label v.8.-.Sanford, L.P.) -> C:\Program Files (x86)\DYMO\DYMO Label Software\Uninstall DYMO Label.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EssentialPIM Pro] : (EssentialPIM Pro.-.Astonsoft Ltd) -> C:\Program Files (x86)\EssentialPIM Pro\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Event Log Explorer_is1] : (Event Log Explorer 4.5.-.FSPro Labs) -> "C:\Program Files (x86)\Event Log Explorer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Foxit Reader_is1] : (Foxit Reader.-.Foxit Software Inc.) -> "C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}] : (CyberLink YouCam.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] : (CyberLink Power2Go 8.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}] : (HP SimplePass.-.Hewlett-Packard) -> "C:\Program Files (x86)\InstallShield Installation Information\{314FAD12-F785-4471-BCE8-AB506642B9A1}\setup.exe" -runfromtemp -l0x0413 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}] : (Cyberlink PhotoDirector.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}] : (CyberLink PowerDirector 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}] : (CyberLink Power Media Player 12.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LinkStash_is1] : (LinkStash 3.5.2.-.John Williams / XRayz Software) -> "C:\Program Files (x86)\LinkStash\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Magic Audio Converter_is1] : (Magic Audio Converter v7.5.0.12.-.) -> "C:\Program Files (x86)\Magic Audio Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.0.1024.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAXA Cookie Manager_is1] : (MAXA Cookie Manager Pro 5.4.-.MAXA) -> "C:\Program Files (x86)\MAXA Cookie Manager\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\monAlbumPhoto_is1] : (monAlbumPhoto.-.monAlbumPhoto) -> "C:\Program Files (x86)\monAlbumPhoto\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MS Comptes Bancaires_is1] : (MS Comptes Bancaires 9.3.6.-.MSoft informatique) -> "C:\Program Files (x86)\MSoft informatique\MS Comptes Bancaires 9.3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ReNamer_is1] : (ReNamer.-.Denis Kozlov) -> "C:\Program Files (x86)\ReNamer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RSSOwl] : (RSSOwl.-.) -> C:\Program Files (x86)\RSSOwl\Uninstall.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.46.1990.139] : (SafeZone Stable 1.46.1990.139.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ShiftN_is1] : (ShiftN 4.0.-.Marcus Hebel) -> "C:\Program Files (x86)\ShiftN\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SyncBackSE_is1] : (SyncBackSE.-.2BrightSparks) -> "C:\Program Files (x86)\2BrightSparks\SyncBackSE\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Dark Orbit\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dragonsofatlantis] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Dragons Of Atlantis\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-mahjonggdarkdimensions] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Mahjongg Dark Dimensions\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Seafight\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinMerge_is1] : (WinMerge 2.14.0.-.Thingamahoochie Software) -> "C:\Program Files (x86)\WinMerge\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\XYplorer] : (XYplorer 16.20.-.Donald Lessau) -> C:\Program Files (x86)\XYplorer\Uninstall.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}] : (CyberLink YouCam.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}] : (HP Documentation.-.Hewlett-Packard) -> MsiExec.exe /X{082B1425-0F24-43FA-9B64-E8F617B0AD3B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{13133E99-B0D5-4143-B832-AAD55C62A41C}] : (HP 3D DriveGuard.-.Hewlett-Packard Company) -> MsiExec.exe /X{13133E99-B0D5-4143-B832-AAD55C62A41C} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218071F0}] : (Java 8 Update 71.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218071F0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] : (CyberLink Power2Go 8.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2B7FD473-DF96-40D4-9EE3-A427B450B1BC}_is1] : (PlayerTuto.com 2.0.9.1.-.Weecast SAS) -> "C:\Program Files (x86)\PlayerTuto.com\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}] : (HP Wireless Button Driver.-.Hewlett-Packard Company) -> MsiExec.exe /X{30B2D1D8-0A07-4B71-9553-0710C5D31E35} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{314FAD12-F785-4471-BCE8-AB506642B9A1}] : (.-.Softex Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34927EBC-98D4-4D53-98BE-510DF5999F50}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{34927EBC-98D4-4D53-98BE-510DF5999F50} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{39337565-330E-4ab6-A9AE-AC81E0720B10}] : (Cyberlink PhotoDirector.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1] : (System Explorer 7.0.0.-.Mister Group) -> "C:\Program Files (x86)\System Explorer\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{F0AE9B24-416F-4CAA-8519-75CABCDAC61A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}] : (HP Support Assistant.-.Hewlett-Packard Company) -> "C:\Program Files (x86)\InstallShield Installation Information\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6336F23D-1D20-4E02-9FBD-20B3A8210E4D}_is1] : (Directory List & Print (Pro).-.Infonautics GmbH, Switzerland) -> "C:\Program Files (x86)\DirectoryListPrintPro\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{67E4EF06-E0D6-42E0-A2BA-67199B0143FB}_is1] : (Windows Media Player Plus! 2.8.-.BM-productions) -> "C:\Program Files (x86)\Windows Media Player Plus!\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.2.2.3.-.Hewlett-Packard Company) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}] : (Adobe Lightroom.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C30D970-78A5-4220-9DE2-087FD48739A3}_is1] : (Wallpaper SlideShow Pro version 3.4.3.-.Gianpaolo Bottin) -> "C:\Program Files (x86)\WallpaperSSPro\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A542D366-9877-11E5-B101-005056951CAD}] : (Evernote v. 5.9.6.-.Evernote Corp.) -> MsiExec.exe /X{A542D366-9877-11E5-B101-005056951CAD} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B014EE44-9197-4513-9613-71E6EB1B514E}] : (Nikon Message Center 2.-.Nikon Corporation) -> MsiExec.exe /X{B014EE44-9197-4513-9613-71E6EB1B514E} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}] : (CyberLink PowerDirector 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}] : (CyberLink Power Media Player 12.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B5EE3273-41E3-4FA5-B3A8-415417645D10}] : (ZoneAlarm Security.-.Check Point Software Technologies Ltd.) -> MsiExec.exe /I{B5EE3273-41E3-4FA5-B3A8-415417645D10} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}] : (EPSON Printer Finder.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BA8734AA-7898-436E-BAD2-C9E42E39FF63}] : (LibreOffice 5.0 Help Pack (French).-.The Document Foundation) -> MsiExec.exe /I{BA8734AA-7898-436E-BAD2-C9E42E39FF63} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}] : (Qualcomm Atheros Driver Installation Program.-.Qualcomm Atheros) -> "C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CC8260CE-50B0-4009-A57F-39D068FF4375}] : (ZoneAlarm Firewall.-.Check Point Software Technologies Ltd.) -> MsiExec.exe /I{CC8260CE-50B0-4009-A57F-39D068FF4375} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}] : (HP System Event Utility.-.Hewlett-Packard Company) -> MsiExec.exe /I{D17A3B70-B75E-4C49-83D6-C17DDF65B35F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D8F984D3-79C1-4AD0-8E27-1F4528BC1712}] : (HP Recovery Manager.-.Hewlett-Packard) -> MsiExec.exe /I{D8F984D3-79C1-4AD0-8E27-1F4528BC1712} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}] : (Epson Connect Printer Setup.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}] : (HP CoolSense.-.Hewlett-Packard Company) -> MsiExec.exe /I{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4B931AF-C59A-4D92-8767-8E2D5F53144E}] : (HP Support Solutions Framework.-.Hewlett-Packard Company) -> MsiExec.exe /X{E4B931AF-C59A-4D92-8767-8E2D5F53144E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E882771E-1C12-4E8C-99B6-E1B58DFCCFB2}] : (FreeStyle Auto-Assist.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E882771E-1C12-4E8C-99B6-E1B58DFCCFB2}\Setup.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0AE9B24-416F-4CAA-8519-75CABCDAC61A}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /I{F0AE9B24-416F-4CAA-8519-75CABCDAC61A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{f761359c-9ced-45ae-9a51-9d6605cd55c4}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}] : (Intel(R) Control Center.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF16363A-46D4-914E-010A-27DF55793BCA}] : (NIKON IMAGE SPACE UPLOADER.-.NIKON CORPORATION) -> MsiExec.exe /I{FF16363A-46D4-914E-010A-27DF55793BCA} ¤¤¤¤¤¤¤¤¤¤ | Installer [HKCR\Installer\Products\0694AF70830BBE9498B1F95939A05A44] : HP Customer Experience Enhancements -> C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\07B3A71DE57B94C4386D1CD7FD563BF5] : HP System Event Utility -> c:\WINDOWS\Installer\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\0A93EF4767BFDC7448AB192EBB1BE72F] : DisableMSDefender [HKCR\Installer\Products\1BF4A48A307DBD84980E866B94D98210] : Qualcomm Atheros Bluetooth Suite (64) -> C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2057CE9CF5B372A4FB8806205F65DCFA] : AKVIS Noise Buster -> C:\WINDOWS\Installer\{C9EC7502-3B5F-4A27-BF88-6002F556CDAF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\21DAF413587F1744CB8EBA0566249B1A] : HP SimplePass -> C:\windows\Installer\{314FAD12-F785-4471-BCE8-AB506642B9A1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico [HKCR\Installer\Products\2C0D8C2E79C150C439A9B5310AEF56C5] : HP CoolSense -> C:\windows\Installer\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\2D6F4B0BEA2FA1544969F6F2A698B723] : PowerDirector -> C:\Windows\Installer\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3196F87812473174797FA037E62E1A88] : Inst5676 -> C:\WINDOWS\Installer\{878F6913-7421-4713-97F7-0A736EE2A188}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3723EE5B3E145AF43B8A14457146D501] : ZoneAlarm Security [HKCR\Installer\Products\3B2F133DC2866A847A88F99C219D16CC] : Internet Explorer 11 [HKCR\Installer\Products\3D0DCE8B80EA19846B7C239FB657BEC6] : EPSON Printer Finder -> C:\WINDOWS\Installer\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3D489F8D1C970DA4E872F15482CB7121] : HP Recovery Manager -> C:\windows\Installer\{D8F984D3-79C1-4AD0-8E27-1F4528BC1712}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\42B9EA0FF614AAC4589157ACCBAD6CA1] : NVIDIA PhysX -> C:\Windows\Installer\{F0AE9B24-416F-4CAA-8519-75CABCDAC61A}\icon.ico [HKCR\Installer\Products\42C6FBF1Df1C10144AB2C065F4E9E897] : Media Suite -> C:\WINDOWS\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\44EE410B791931546931176EBEB115E4] : Nikon Message Center 2 -> C:\WINDOWS\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\454EDE64DA28C4540B9147D9C5FEC179] : The Bat! v6.8.8 (64-bit) -> C:\WINDOWS\Installer\{46EDE454-82AD-454C-B019-749D5CEF1C97}\TheBatIcon [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\483861F20ADD48142867E665660DDF0B] : Intel(R) Smart Connect Technology -> C:\Windows\Installer\{2F168384-DDA0-4184-8276-6E5666D0FDB0}\ISCT.ico [HKCR\Installer\Products\4A77F40745ABFAD469AE6C40DB23CD2C] : AKVIS Enhancer -> C:\WINDOWS\Installer\{704F77A4-BA54-4DAF-96EA-C604BD32DCC2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208170F] : Java 8 Update 71 -> C:\Program Files (x86)\Java\jre1.8.0_71\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2681408170F] : Java 8 Update 71 (64-bit) -> C:\Program Files\Java\jre1.8.0_71\\bin\javaws.exe [HKCR\Installer\Products\5241B28042F0AF34B9468E6F710BDAB3] : HP Documentation -> C:\Windows\Installer\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}\NotebookDocs.exe [HKCR\Installer\Products\56573393E0336ba49AEACA180E27B001] : PhotoDirector -> C:\Windows\Installer\{39337565-330E-4ab6-A9AE-AC81E0720B10}\ARPPRODUCTICON.exe [HKCR\Installer\Products\63AEB64B17B0E4A4EA1478426134AFA0] : Power Media Player -> C:\WINDOWS\Installer\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\663D245A77895E111B1000056559C1DA] : Evernote v. 5.9.6 -> C:\WINDOWS\Installer\{A542D366-9877-11E5-B101-005056951CAD}\Evernote.ico [HKCR\Installer\Products\6B2AC564FA8977E4EB229A803CB49BCE] : Energy Star -> C:\Windows\Installer\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\6D6E41E65713A1E49B43AC5B8A3676DC] : HP Postscript Converter [HKCR\Installer\Products\701043F6AA9F6C745BC43C1AF91155F3] : Hewlett-Packard ACLM.NET v1.2.2.3 -> C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\71460E5BCA4A52243BE6E7439C61617E] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\74C3984DF40748B44868D94E79A4ACF6] : Picture Control Utility 2 -> C:\WINDOWS\Installer\{D4893C47-704F-4B84-8486-9DE4974ACA6F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7D2F8E1D497754242B6878DE681C98C3] : HP Registration Service -> C:\Windows\Installer\{D1E8F2D7-7794-4245-B286-87ED86C1893C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8994BF104C33134458DE70E9E3FE7ED5] : YouCam -> C:\WINDOWS\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8D1D2B0370A017B4593570015C3DE153] : HP Wireless Button Driver -> C:\Windows\Installer\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\99E331315D0B34148B23AA5DC5264AC1] : HP 3D DriveGuard -> C:\WINDOWS\Installer\{13133E99-B0D5-4143-B832-AAD55C62A41C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A0A5CBD84C137C642B25B695E31AA178] : Software Updater -> C:\WINDOWS\Installer\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}\icon.ico [HKCR\Installer\Products\A1B9506C190ED1B4080446BDF239F2BF] : AKVIS Refocus -> C:\WINDOWS\Installer\{C6059B1A-E091-4B1D-8040-64DB2F932FFB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A36361FF4D64E41910A072FD5597B3AC] : NIKON IMAGE SPACE UPLOADER [HKCR\Installer\Products\AA4378AB8987E634AB2D9C4EE293FF36] : LibreOffice 5.0 Help Pack (French) -> C:\WINDOWS\Installer\{BA8734AA-7898-436E-BAD2-C9E42E39FF63}\soffice.ico [HKCR\Installer\Products\AEA249BD6D394EF4882681D0537A6189] : Belgium e-ID middleware 4.1.10 (build 1698) -> C:\WINDOWS\Installer\{DB942AEA-93D6-4FE4-8862-180D35A71698}\eid.ico [HKCR\Installer\Products\B15D1B9D65BED014EA5BC1FCCAB4C6C8] : Epson Connect Printer Setup -> C:\WINDOWS\Installer\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B474BE166A764F741B7B838615AB3B0D] : HP Support Assistant -> C:\WINDOWS\Installer\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C7426ED27707B154B87AFF1D2ABABB74] : Inst5675 -> C:\WINDOWS\Installer\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CBE729434D8935D489EB15D05F99F905] : Adobe AIR [HKCR\Installer\Products\D84D78A2FDF3df1479DC1A3E07FEFF2E] : Power2Go -> C:\WINDOWS\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E192F3C8A0AA88148AF3D17901A32EC7] : LibreOffice 5.0.4.2 -> C:\WINDOWS\Installer\{8C3F291E-AA0A-4188-A83F-1D97103AE27C}\soffice.ico [HKCR\Installer\Products\EC0628CC0B0590045AF7930D86FF3457] : ZoneAlarm Firewall [HKCR\Installer\Products\F092C9E98E81D2144B2FC66D4BE5740C] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\F5C08F63D0CD4FD4FA90CD81760FBEA0] : HP Utility Center -> C:\Windows\Installer\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FA139B4EA95C29D47876E8D2F53541E4] : HP Support Solutions Framework -> C:\WINDOWS\Installer\{E4B931AF-C59A-4D92-8767-8E2D5F53144E}\icon.ico [HKCR\Installer\Products\FAA1FE9C245B8C145A731124ADD5A4CE] : HP Customer Experience Enhancements -> C:\WINDOWS\Installer\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}\ARPPRODUCTICON.exe ¤¤¤¤¤¤¤¤¤¤ | ADS @C:\ProgramData\Temp:04853F41 @C:\ProgramData\Temp:8DAF83BD @C:\ProgramData\Temp:A104F770 ¤¤¤¤¤¤¤¤¤¤ | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: Insyde System Manufacturer: Hewlett-Packard System Product Name: HP Pavilion 15 Notebook PC Logical Drives Mask: 0x0000007c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 3981 | 22:56:03