¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_04.04.2016.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ¤¤¤¤¤ - Start 08/04/2016 22:31:12 Updated 04/04/2016 | 18.05 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ [Administrateur (Administrator)] - [MICHEL-PC] SID = S-1-5-21-1770880902-1296739278-1374194367-500 System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 PC : ASUSTeK Computer INC. - P8P67 PRO - To be filled by O.E.M. Processor : X64 - 3411 Mhz - Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Bios : American Megatrends Inc. - 02/11/2011 - V.1305 CoreTemp : -1° C - Max : ° C Boot: Normal boot ----------> Quick Memory RAM = Total (MB) : 8368 | Free (MB) : 5109 Pagefile = Total (MB) : 16735 | Free (MB) : 13164 Virtual = Total (MB) : 4194 | Free (MB) : 4034 ¤¤¤¤¤¤¤¤¤¤ | Drives J:\ -> [Fixed] | [HDD WD CG 4 TO] | Total : 3725.9 Go | Free : 1977.96 Go -> NTFS [ATA] I:\ -> [Fixed] | [HDD WD CB 2 TO] | Total : 1863.01 Go | Free : 239.65 Go -> NTFS [ATA] C:\ -> [Fixed] | [SSD Sandisk 124 GO] | Total : 117.28 Go | Free : 11.03 Go -> NTFS (SSD) [ATA] ¤¤¤¤¤¤¤¤¤¤ | Windows updates Last detection : 2016-04-08 05:53:08 Downloaded last ones : 2016-04-08 05:53:32 Installed last ones : 2016-03-24 21:43:05 Next search : 2016-04-09 00:30:09 Microsoft : + ¤¤¤¤¤¤¤¤¤¤ | Browsers IE : 11.0.9600.18231 (© Microsoft Corporation. Tous droits réservés.) FF : 45.0.1.5918 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 49.0.2623.110 (Copyright 2015 Google Inc.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer FlashPlayer Plugin : 18.0.0.160 ¤¤¤¤¤¤¤¤¤¤ | Security AV : Kaspersky Internet Security Disabled AS : Windows Defender Enabled FW : Kaspersky Internet Security Disabled WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ | Running processes 476 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.19160) = C:\Windows\System32\smss.exe 840 | [Owner : | Parent : 572() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe 912 | [Owner : | Parent : 840(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe 936 | [Owner : | Parent : 840(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.19160) = C:\Windows\System32\lsass.exe 948 | [Owner : | Parent : 840(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe 144 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 576 | [Owner : | Parent : 912(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.82.) - (8.17.13.5382) = C:\Windows\System32\nvvsvc.exe 540 | [Owner : | Parent : 912(services.exe) | ?????] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.5382) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 1036 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1100 | [Owner : | Parent : 912(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1085) = C:\Windows\System32\atiesrxx.exe 1124 | [Owner : | Parent : 848() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe 1176 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1216 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1256 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1292 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1392 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1492 | [Owner : | Parent : 912(services.exe) | ?????] - (.Logitech, Inc. - Logitech Solar Service (UNICODE).) - (1.10.3.0) = C:\Program Files\Logitech\SolarApp\L4301_Solar.exe 1536 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1732 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe 1812 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 1872 | [Owner : | Parent : 1100(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1085) = C:\Windows\System32\atieclxx.exe 1896 | [Owner : | Parent : 576(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.5382) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1912 | [Owner : | Parent : 576(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.82.) - (8.17.13.5382) = C:\Windows\System32\nvvsvc.exe 1992 | [Owner : | Parent : 912(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.16.6751) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2024 | [Owner : | Parent : 912(services.exe) | ?????] - (.Apple Inc. - MobileDeviceService.) - (17.344.1.10) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1664 | [Owner : | Parent : 912(services.exe) | ?????] - (.Atheros Commnucations - AdminService Application.) - (7.2.0.40) = C:\Program Files (x86)\Bluetooth Suite\AdminService.exe 2072 | [Owner : | Parent : 912(services.exe) | ?????] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (16.0.0.625) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe 2096 | [Owner : | Parent : 912(services.exe) | ?????] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe 2120 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 2160 | [Owner : | Parent : 912(services.exe) | ?????] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben für die Medienbibliothek.) - (2.1.27.0) = C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe 2208 | [Owner : | Parent : 912(services.exe) | ?????] - (.Freemake - FreemakeUtilsService.) - (1.0.0.0) = C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 2444 | [Owner : | Parent : 912(services.exe) | ?????] - (.GEAR Software - gearsec.) - (1.0.0.6) = C:\Windows\SysWOW64\gearsec.exe 2468 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\SysWOW64\svchost.exe 2488 | [Owner : | Parent : 912(services.exe) | ?????] - (.Hewlett-Packard Company - SolutionsFrameworkService.) - (1.0.11.0) = C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe 2676 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 2704 | [Owner : | Parent : 912(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Service.) - (1.0.2.5) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2748 | [Owner : | Parent : 912(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (1.7.321.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 2784 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 2804 | [Owner : | Parent : 912(services.exe) | ?????] - (.Rsupport Co., Ltd. - Remote View 5.0 Agent.) - (5.2.19.1) = C:\Program Files (x86)\Samsung\Remote PC\rvagent.exe 2880 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 2916 | [Owner : | Parent : 912(services.exe) | ?????] - (.Clarus, Inc. - SZDrvSvc.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe 2972 | [Owner : | Parent : 912(services.exe) | ?????] - (.Company - Updater.) - (5.1.0.1) = C:\Program Files (x86)\Popcorn Time\Updater.exe 3372 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 3676 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 3868 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 4884 | [Owner : | Parent : 2072(avp.exe) | 6.41 Mo] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (16.0.0.625) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe 4928 | [Owner : | Parent : 2748(nvstreamsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (1.7.321.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 4960 | [Owner : | Parent : 872(csrss.exe) | ?????] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.19160) = C:\Windows\System32\conhost.exe 4976 | [Owner : Administrateur | Parent : 1216(svchost.exe) | 61.76 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe 5024 | [Owner : Administrateur | Parent : 4900() | 88.38 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.19135) = C:\Windows\explorer.exe 2428 | [Owner : Administrateur | Parent : 5064() | 19.35 Mo] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (11.10.13.1) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 2668 | [Owner : Administrateur | Parent : 912(services.exe) | 19.82 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 1744 | [Owner : | Parent : 4376() | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.29.5) = C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe 1676 | [Owner : | Parent : 4376() | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.29.5) = C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe 4616 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 12.16 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.603) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 4656 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 19.73 Mo] - (.Atheros Communications - Serveur Stack Bluetooth.) - (7.2.0.40) = C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe 4620 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 12.34 Mo] - (.Atheros Commnucations - Bluetooth Suite Common Rescource.) - (7.2.0.40) = C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe 464 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 74.74 Mo] - (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) = C:\Program Files\Windows Sidebar\sidebar.exe 4984 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 19.06 Mo] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) - (130.0.422.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe 5080 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 6.41 Mo] - (.Clarus, Inc. - ABRTMon.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe 4336 | [Owner : Administrateur | Parent : 4536() | 6.06 Mo] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.0.0.0) = C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 5272 | [Owner : Administrateur | Parent : 4536() | 26.86 Mo] - (.Intel Corporation - IAStorIcon.) - (10.1.0.1008) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 5312 | [Owner : Administrateur | Parent : 4536() | 8.56 Mo] - (.CyberLink - CyberLink MediaLibray Service.) - (2.1.1803.0) = C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 5360 | [Owner : Administrateur | Parent : 4536() | 7.58 Mo] - (.Rsupport Co., Ltd. - RemoteView Agent Tray Application.) - (5.2.16.1) = C:\Program Files (x86)\Samsung\Remote PC\rvagtray.exe 5368 | [Owner : Administrateur | Parent : 4536() | 12.45 Mo] - (.Apple Inc. - iTunesHelper.) - (12.0.1.26) = C:\Program Files (x86)\iTunes\iTunesHelper.exe 5744 | [Owner : | Parent : 912(services.exe) | ?????] - (.Apple Inc. - iPodService Module (64-bit).) - (12.0.1.26) = C:\Program Files\iPod\bin\iPodService.exe 5764 | [Owner : Administrateur | Parent : 4536() | 4.18 Mo] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.0.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe 5772 | [Owner : Administrateur | Parent : 1896(nvxdsync.exe) | 14.38 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.5382) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 5916 | [Owner : Administrateur | Parent : 4536() | 18.97 Mo] - (.- DivX Update.) - (1.0.6.114) = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 5960 | [Owner : Administrateur | Parent : 4536() | 15.31 Mo] - (.AimerSoft - AimerSoft Studio.) - (1.2.5.30) = C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe 5972 | [Owner : Administrateur | Parent : 4536() | 48.71 Mo] - (.Clarus, Inc. - Samsung Drive Manager.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe 2032 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe 6380 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 6440 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 6664 | [Owner : Administrateur | Parent : 4984(hpqtra08.exe) | 11.98 Mo] - (.Hewlett-Packard Co. - HP CUE Status Root.) - (130.0.469.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe 6792 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 6892 | [Owner : Administrateur | Parent : 144(svchost.exe) | 6.36 Mo] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) - (130.0.80.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe 7060 | [Owner : Administrateur | Parent : 144(svchost.exe) | 11.29 Mo] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe 7120 | [Owner : Administrateur | Parent : 7108() | 0.53 Mo] - (.Microsoft Corporation - GWX.) - (6.3.9600.18270) = C:\Windows\System32\GWX\GWX.exe 6924 | [Owner : Administrateur | Parent : 5972(Drive Manager.exe) | 7.77 Mo] - (.Clarus, Inc. - SZDrvMon.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe 3648 | [Owner : | Parent : 912(services.exe) | ?????] - (.Intel Corporation - IAStorDataSvc.) - (10.1.0.1008) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 3924 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe 3056 | [Owner : | Parent : 912(services.exe) | ?????] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe 6260 | [Owner : Administrateur | Parent : 144(svchost.exe) | 16 Mo] - (.Apple Inc. - iCloud Photos.) - (7.15.7.3) = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe 1704 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 112.46 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6500 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 7.86 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 4584 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 61.85 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 8044 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 36.27 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 3884 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 80.16 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 2108 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 45.25 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6800 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 74.51 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6908 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 52.64 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 3476 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 75.86 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 2876 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 76.34 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1684 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 53.04 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 22644 | [Owner : Administrateur | Parent : 1704(chrome.exe) | 82.78 Mo] - (.Google Inc. - Google Chrome.) - (49.0.2623.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 11540 | [Owner : | Parent : 1176(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.18741) = C:\Windows\System32\audiodg.exe 9696 | [Owner : Administrateur | Parent : 5024(explorer.exe) | 17.37 Mo] - (.SosVirus - QuickDiag.) - (4.4.2016.1) = C:\Users\Administrateur\Desktop\QuickDiag.exe ¤¤¤¤¤¤¤¤¤¤ | MD5 [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [10/02/2016 07:39:52] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.19135) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [10/03/2011 19:07:58] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.4E3E2F8EA0920FC793634479866C5198] - [09/03/2016 07:50:51] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.19160) : C:\Windows\System32\Kernel32.dll [MD5.7FB33A9A2E6B6D5CA9318668B95CA69C] - [09/03/2016 07:50:50] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.19160) : C:\Windows\System32\lsass.exe [MD5.622C96AFB07BB82C8650B47172137AC4] - [20/03/2016 03:37:14] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [13/05/2015 05:25:37] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.06BF84D26A05D400F6B3FB3D3DE0B03A] - [09/12/2015 03:50:30] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985 Ko] - (6.1.7601.19061) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [10/03/2011 19:07:49] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [15/10/2014 06:14:43] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 03:37:03] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [13/09/2013 04:46:36] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [10/03/2011 19:07:45] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [10/03/2011 19:07:46] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [10/03/2011 19:07:45] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.D7921D5A870B11CC1ADAB198A519D50A] - [10/03/2011 18:25:11] - (.Copyright(C) Intel Corporation 1994-2010 - Intel Rapid Storage Technology driver - x64.) - [428.52 Ko] - (10.1.0.1008) : C:\Windows\System32\Drivers\iastor.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.07F8F6B0CAEC7ADD30EBD94940A315D7] - [09/03/2016 07:50:50] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [155.5 Ko] - (6.1.7601.19160) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 03:36:50] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.09594D1089C523423B32A4229263F068] - [10/03/2011 19:07:59] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [09/03/2016 07:53:09] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [10/03/2011 19:07:54] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [11/06/2014 11:20:06] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 03:37:03] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [10/03/2011 19:07:56] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ¤¤¤¤¤¤¤¤¤¤ | Locked Applications ¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted) (.Atheros Commnucations.-.AthCopyHook Dynamic Link Library.) - (7.2.0.40) -- C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll (.Apple Inc..-.Stub For Interprocess Communication.) - (7.15.7.1) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsPS64.dll (.Kaspersky Lab ZAO.-.Shell Extension.) - (16.0.0.694) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll (.Kaspersky Lab ZAO.-.Helper Library.) - (1.5.0.239) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\remote_eka_prague_loader.dll (.Kaspersky Lab ZAO.-.PR_REMOTE.) - (1.5.0.239) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\prremote.dll (.AO Kaspersky Lab.-.Prague Core.) - (1.5.100.6) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\prcore.dll (.Kaspersky Lab ZAO.-.Component service provider.) - (1.9.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\kl_service.dll (.AO Kaspersky Lab.-.Proxy Stubs.) - (16.0.0.614) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\pxstub.ppl (.Kaspersky Lab ZAO.-.Structure Serializer.) - (16.0.0.649) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\params.ppl (.Kaspersky Lab ZAO.-.Product Metainformation.) - (16.0.0.694) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\product_metainfo.dll (..-..) - (1.0.0.1) -- C:\Windows\SysWOW64\AiCM64.dll (..-..) - (4.0.0.0) -- C:\Program Files (x86)\WinRAR\rarext64.dll (..-..) - (0.0.0.0) -- :\Dossier système - pgm files 2\Unlocker\UnlockerCOM.dll (.Atheros Commnucations.-.ShellContextExt Module.) - (7.2.0.40) -- C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll (.Movavi.-.Context Menu.) - (1.1.0.0) -- C:\Program Files (x86)\Movavi Video Converter 15\vcContext\vcContext.dll (.Lenovo.-.Shell Extension.) - (1.0.0.1) -- C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll (.Apple Inc..-.Apple Photostreams UI Shell Extension.) - (7.15.7.1) -- C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll (.Atheros Commnucations.-.Extension de l'application Bluetooth.) - (7.2.0.40) -- C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll (.Atheros Commnucations.-.Outlook Dynamic Link Library.) - (7.2.0.40) -- C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll ¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.178) -- C:\Windows\system32\RtkAPO64.dll (.Hewlett-Packard Co..-.HP CUE DeviceDiscovery Service.) - (130.0.465.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll (.Hewlett-Packard Co..-.HP CUE DeviceDiscovery Common Library.) - (130.0.465.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll (.Hewlett-Packard Co..-.HP CUE Context Manager Objects.) - (130.0.80.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll (.Hewlett-Packard Co..-.HP CUE/AiO Context Information Objects.) - (130.0.80.0) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll (.Hewlett-Packard Co..-.HP OfficeJet COM Common Objects.) - (130.0.80.0) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll (.Hewlett-Packard.-.Dot4Net Module.) - (12.2.6.51) -- C:\windows\system32\hpzinw12.dll (.Hewlett-Packard.-.PmlDrv Module.) - (12.2.6.51) -- C:\windows\system32\hpzipm12.dll (.Hewlett-Packard Co..-.HP Network Devices Support.) - (130.0.80.0) -- C:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll ¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ¤¤¤¤¤¤¤¤¤¤ | Startings up [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [HKU\S-1-5-18\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 01:54:49] [HKU\S-1-5-20\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"=C:\Windows\System32\mctadmin.exe [14/07/2009 01:54:49] [HKU\S-1-5-19\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s "AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"=C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [10/03/2011 18:15:03] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [10/03/2011 18:25:16] "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" "UpdatePSTShortCut"="C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "RemoteView5 Tray"="C:\Program Files (x86)\Samsung\Remote PC\rvagtray.exe" /background "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "BrowserPlugInHelper"=C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe [15/11/2014 15:36:36] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [08/05/2007 17:24:20] "DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [08/04/2015 15:04:36] "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [22/07/2008 18:33:36] "Aimersoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [23/08/2015 22:05:28] "Clarus Drive Manager"=C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder ¤¤¤¤¤¤¤¤¤¤ | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=5bfaef30-60a2-45aa-9cdc-abd373b "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=2000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN NUMPROC=8 "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=936 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ¤¤¤¤¤¤¤¤¤¤ | .LNK C:\Users\Administrateur\AppData\Local\Temp\MUI\CyberLink Blu-ray Disc Suite\Enregistrement en ligne.lnk (/LANG:FRA) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( -extoff) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\Enregistrement en ligne.lnk (/LANG:FRA) C:\Users\Administrateur\Desktop\Protection bancaire.lnk (-safebanking) C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Lanceur d'applications Google Chrome.lnk (--show-app-list) C:\Users\Michel\AppData\Local\Popcorn Time\Popcorn Time.lnk (.) C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lanceur d'applications Google Chrome.lnk (--show-app-list) C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Plex.lnk ( --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm) C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk (--profile-directory=Default) C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Plex.lnk ( --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adsl TV\Désinstaller adsl TV.lnk (-u) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Plex (1).lnk ( --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Plex.lnk ( --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center\Désinstaller.lnk (/uninstall) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite\Enregistrement en ligne.lnk (/LANG:FRA) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk (/home) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Lanceur d'applications Google Chrome.lnk (--show-app-list) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk (.) C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk (/systemstartup) F1sH��(bin4�^CsH��*R�Nbin^2�I�lHd (Dropbox.exeD�sH��sH��*�� C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk () dB�rprogram<�dB�rdB�r*V�Bprogramf2L A'N (QUICKS~1.EXEJ� A'NdB�r*�� C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Uninstall VirtualDJ Home FREE.lnk (/x {77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) C:\Users\Michel\Desktop\Dropbox.lnk (/home) C:\Users\Michel\Desktop\Lanceur d'applications Google Chrome.lnk (--show-app-list) C:\Users\Michel\Desktop\Plex.lnk ( --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm) C:\Users\Michel\Desktop\Popcorn Time.lnk (.) C:\Users\Michel\Desktop\Protection bancaire.lnk (-safebanking) C:\Users\Michel\Start Menu\Programs\RegHunter\Uninstall.lnk (-r rh) C:\Users\Michel\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk ("C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.com") 0Gy�(Windows<��:�3Hw*�Windowsb2�+Y>p2 explorer.exeFレ>$�3H|*�� C:\Users\Michel\Start Menu\Programs\SpyHunter\Uninstall.lnk (-r sh) C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\ProgramData\Bureau\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\ProgramData\Desktop\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Menu Démarrer\Windows Update.lnk (startmenu) C:\ProgramData\Menu Démarrer\Programmes\Sidebar.lnk (/showgadgets) C:\ProgramData\Menu Démarrer\Programmes\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Menu Démarrer\Programmes\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Menu Démarrer\Programmes\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Menu Démarrer\Programmes\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Menu Démarrer\Programmes\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Menu Démarrer\Programmes\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Menu Démarrer\Programmes\ATI Stream SDK v2\Uninstall Stream SDK v2 Developer.lnk (/X {D3538F68-5BD7-44C4-BDA6-409F18EBBF3E}) C:\ProgramData\Menu Démarrer\Programmes\BT Program\Désinstaller Bluetooth Suit.lnk (/x {230D1595-57DA-4933-8C4E-375797EBB7E1}) C:\ProgramData\Menu Démarrer\Programmes\DivX\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Menu Démarrer\Programmes\DivX\Enregistrez.lnk (/start=registration) C:\ProgramData\Menu Démarrer\Programmes\DivX\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Menu Démarrer\Programmes\Google Earth Pro\Démarrer Google Earth Pro en mode DirectX.lnk (-setDX) C:\ProgramData\Menu Démarrer\Programmes\Google Earth Pro\Démarrer Google Earth Pro en mode OpenGL.lnk (-setOGL) C:\ProgramData\Menu Démarrer\Programmes\Google Earth Pro\Désinstaller Google Earth Pro.lnk (/x {44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) C:\ProgramData\Menu Démarrer\Programmes\HP\HP Photosmart Essential 3.5\Désinstaller HP Photosmart Essential 3.5.lnk (-datfile hpqbud13.dat) C:\ProgramData\Menu Démarrer\Programmes\HP\Photosmart C7200 series\Ajouter un périphérique.lnk (-addadevice -connectiontypes usb,wired,wireless) C:\ProgramData\Menu Démarrer\Programmes\HP\Photosmart C7200 series\Désinstaller.lnk (-datfile hposcr21.dat -onestop) C:\ProgramData\Menu Démarrer\Programmes\HP\Photosmart C7200 series\Enregistrement du produit.lnk ("HP Photosmart C7200 series") C:\ProgramData\Menu Démarrer\Programmes\iCloud\Calendrier.lnk (calendar) C:\ProgramData\Menu Démarrer\Programmes\iCloud\Contacts.lnk (contacts) C:\ProgramData\Menu Démarrer\Programmes\iCloud\Localiser mon iPhone.lnk (find) C:\ProgramData\Menu Démarrer\Programmes\iCloud\Mail.lnk (mail) C:\ProgramData\Menu Démarrer\Programmes\iCloud\Notes.lnk (notes) C:\ProgramData\Menu Démarrer\Programmes\iCloud\Rappels.lnk (reminders) C:\ProgramData\Menu Démarrer\Programmes\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Menu Démarrer\Programmes\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Menu Démarrer\Programmes\Kaspersky Internet Security\Supprimer Kaspersky Internet Security.lnk (/i{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} REMOVE=ALL) C:\ProgramData\Menu Démarrer\Programmes\Logitech\Solar\Solar App.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Mise à niveau de Nero en ligne.lnk (-ScParameter=8 ShowOffer) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Nero ProductSetup.lnk (-ScParameter=8 MODE="update") C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\audio\Nero Express Essentials SE.lnk (-ScParameter=8 /w) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\données\Nero Express Essentials SE.lnk (-ScParameter=8 /w) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Outils\Nero CD-DVD Speed.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Outils\Nero DriveSpeed.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Outils\Nero InfoTool.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programmes\Nero 7 Essentials\Outils\Nero Scout.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programmes\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk (/show) C:\ProgramData\Menu Démarrer\Programmes\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk (/disable) C:\ProgramData\Menu Démarrer\Programmes\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk (/enable) C:\ProgramData\Menu Démarrer\Programmes\Popcorn 4 Time\Popcorn Time.lnk (--no-proxy-server) C:\ProgramData\Menu Démarrer\Programmes\QuickTime\Désinstaller QuickTime.lnk (/i {0E64B098-8018-4256-BA23-C316A43AD9B0} /qf) C:\ProgramData\Menu Démarrer\Programmes\Samsung\Remote PC\Uninstall.lnk (-runfromtemp) C:\ProgramData\Menu Démarrer\Programmes\Samsung\Samsung Drive Manager\Remover Samsung Drive Manager.lnk (-runfromtemp -l0x0012 -removeonly) C:\ProgramData\Menu Démarrer\Programmes\Samsung\Samsung Drive Manager\Samsung Drive Manager Update.lnk (-I -Manual) C:\ProgramData\Menu Démarrer\Programmes\Startup\HP Digital Imaging Monitor.lnk () $4;�T (hpqtra08.exeF�4;�TG{\*FGhpqtra08.exe{?z# C:\ProgramData\Menu Démarrer\Programmes\Startup\Samsung Drive Manager Real-Time.lnk () Samsung Drive Manager$^2�C�T(ABRTMon.exeD�tHrtHr*��; C:\ProgramData\Menu Démarrer\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Menu Démarrer\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Menu Démarrer\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Menu Démarrer\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Menu Démarrer\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Menu Démarrer\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Menu Démarrer\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Menu Démarrer\Programs\ATI Stream SDK v2\Uninstall Stream SDK v2 Developer.lnk (/X {D3538F68-5BD7-44C4-BDA6-409F18EBBF3E}) C:\ProgramData\Menu Démarrer\Programs\BT Program\Désinstaller Bluetooth Suit.lnk (/x {230D1595-57DA-4933-8C4E-375797EBB7E1}) C:\ProgramData\Menu Démarrer\Programs\DivX\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Menu Démarrer\Programs\DivX\Enregistrez.lnk (/start=registration) C:\ProgramData\Menu Démarrer\Programs\DivX\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Menu Démarrer\Programs\Google Earth Pro\Démarrer Google Earth Pro en mode DirectX.lnk (-setDX) C:\ProgramData\Menu Démarrer\Programs\Google Earth Pro\Démarrer Google Earth Pro en mode OpenGL.lnk (-setOGL) C:\ProgramData\Menu Démarrer\Programs\Google Earth Pro\Désinstaller Google Earth Pro.lnk (/x {44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) C:\ProgramData\Menu Démarrer\Programs\HP\HP Photosmart Essential 3.5\Désinstaller HP Photosmart Essential 3.5.lnk (-datfile hpqbud13.dat) C:\ProgramData\Menu Démarrer\Programs\HP\Photosmart C7200 series\Ajouter un périphérique.lnk (-addadevice -connectiontypes usb,wired,wireless) C:\ProgramData\Menu Démarrer\Programs\HP\Photosmart C7200 series\Désinstaller.lnk (-datfile hposcr21.dat -onestop) C:\ProgramData\Menu Démarrer\Programs\HP\Photosmart C7200 series\Enregistrement du produit.lnk ("HP Photosmart C7200 series") C:\ProgramData\Menu Démarrer\Programs\iCloud\Calendrier.lnk (calendar) C:\ProgramData\Menu Démarrer\Programs\iCloud\Contacts.lnk (contacts) C:\ProgramData\Menu Démarrer\Programs\iCloud\Localiser mon iPhone.lnk (find) C:\ProgramData\Menu Démarrer\Programs\iCloud\Mail.lnk (mail) C:\ProgramData\Menu Démarrer\Programs\iCloud\Notes.lnk (notes) C:\ProgramData\Menu Démarrer\Programs\iCloud\Rappels.lnk (reminders) C:\ProgramData\Menu Démarrer\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Menu Démarrer\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Menu Démarrer\Programs\Kaspersky Internet Security\Supprimer Kaspersky Internet Security.lnk (/i{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} REMOVE=ALL) C:\ProgramData\Menu Démarrer\Programs\Logitech\Solar\Solar App.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Mise à niveau de Nero en ligne.lnk (-ScParameter=8 ShowOffer) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Nero ProductSetup.lnk (-ScParameter=8 MODE="update") C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\audio\Nero Express Essentials SE.lnk (-ScParameter=8 /w) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\données\Nero Express Essentials SE.lnk (-ScParameter=8 /w) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Outils\Nero CD-DVD Speed.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Outils\Nero DriveSpeed.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Outils\Nero InfoTool.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programs\Nero 7 Essentials\Outils\Nero Scout.lnk (-ScParameter=8 ) C:\ProgramData\Menu Démarrer\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk (/show) C:\ProgramData\Menu Démarrer\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk (/disable) C:\ProgramData\Menu Démarrer\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk (/enable) C:\ProgramData\Menu Démarrer\Programs\Popcorn 4 Time\Popcorn Time.lnk (--no-proxy-server) C:\ProgramData\Menu Démarrer\Programs\QuickTime\Désinstaller QuickTime.lnk (/i {0E64B098-8018-4256-BA23-C316A43AD9B0} /qf) C:\ProgramData\Menu Démarrer\Programs\Samsung\Remote PC\Uninstall.lnk (-runfromtemp) C:\ProgramData\Menu Démarrer\Programs\Samsung\Samsung Drive Manager\Remover Samsung Drive Manager.lnk (-runfromtemp -l0x0012 -removeonly) C:\ProgramData\Menu Démarrer\Programs\Samsung\Samsung Drive Manager\Samsung Drive Manager Update.lnk (-I -Manual) C:\ProgramData\Menu Démarrer\Programs\Startup\HP Digital Imaging Monitor.lnk () $4;�T (hpqtra08.exeF�4;�TG{\*FGhpqtra08.exe{?z# C:\ProgramData\Menu Démarrer\Programs\Startup\Samsung Drive Manager Real-Time.lnk () Samsung Drive Manager$^2�C�T(ABRTMon.exeD�tHrtHr*��; C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2\Uninstall Stream SDK v2 Developer.lnk (/X {D3538F68-5BD7-44C4-BDA6-409F18EBBF3E}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program\Désinstaller Bluetooth Suit.lnk (/x {230D1595-57DA-4933-8C4E-375797EBB7E1}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\Enregistrez.lnk (/start=registration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Démarrer Google Earth Pro en mode DirectX.lnk (-setDX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Démarrer Google Earth Pro en mode OpenGL.lnk (-setOGL) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Désinstaller Google Earth Pro.lnk (/x {44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential 3.5\Désinstaller HP Photosmart Essential 3.5.lnk (-datfile hpqbud13.dat) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C7200 series\Ajouter un périphérique.lnk (-addadevice -connectiontypes usb,wired,wireless) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C7200 series\Désinstaller.lnk (-datfile hposcr21.dat -onestop) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart C7200 series\Enregistrement du produit.lnk ("HP Photosmart C7200 series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendrier.lnk (calendar) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk (contacts) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Localiser mon iPhone.lnk (find) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk (mail) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk (notes) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Rappels.lnk (reminders) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Supprimer Kaspersky Internet Security.lnk (/i{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} REMOVE=ALL) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Solar\Solar App.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Mise à niveau de Nero en ligne.lnk (-ScParameter=8 ShowOffer) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Nero ProductSetup.lnk (-ScParameter=8 MODE="update") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Nero StartSmart Essentials.lnk (-ScParameter=8 ) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\audio\Nero Express Essentials SE.lnk (-ScParameter=8 /w) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\données\Nero Express Essentials SE.lnk (-ScParameter=8 /w) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Outils\Nero CD-DVD Speed.lnk (-ScParameter=8 ) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Outils\Nero DriveSpeed.lnk (-ScParameter=8 ) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Outils\Nero InfoTool.lnk (-ScParameter=8 ) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials\Outils\Nero Scout.lnk (-ScParameter=8 ) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk (/show) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk (/disable) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk (/enable) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn 4 Time\Popcorn Time.lnk (--no-proxy-server) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Désinstaller QuickTime.lnk (/i {0E64B098-8018-4256-BA23-C316A43AD9B0} /qf) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Remote PC\Uninstall.lnk (-runfromtemp) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Drive Manager\Remover Samsung Drive Manager.lnk (-runfromtemp -l0x0012 -removeonly) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Drive Manager\Samsung Drive Manager Update.lnk (-I -Manual) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk () $4;�T (hpqtra08.exeF�4;�TG{\*FGhpqtra08.exe{?z# C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk () Samsung Drive Manager$^2�C�T(ABRTMon.exeD�tHrtHr*��; ¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs ¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ¤¤¤¤¤¤¤¤¤¤ | Policies | Registry [HKU\S-1-5-18\Control Panel\Desktop] "DragFullWindows"=1 "FontSmoothing"=2 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "UserPreferencesMask"=0x9E3E038012000000 "LowLevelHooksTimeout"=100 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [07/08/2015 10:50:44] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=145 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "link"=0x1A000000 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 ""=0 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=1 "TaskbarGlomLevel"=0 "Start_PowerButtonAction"=2 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x06000000050000000400000002000000030000000100000000000000FFFFFFFF "0"=0x6100630063006500730073006F006900720073000000 "1"=0x6E006F007400650070006100640020006500780065000000 "3"=0x74006F007200720065006E0074000000 "2"=0x68006F0073000000 "4"=0x730070007900680075006E007400650072000000 "5"=0x720065006700680075006E007400650072000000 "6"=0x73006D0070006C0061007900650072000000 [HKU\S-1-5-20\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKU\S-1-5-19\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=60 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=58 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=60 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=1071 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ¤¤¤¤¤¤¤¤¤¤ | Winlogon [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=7 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "System"= "Taskman"= ¤¤¤¤¤¤¤¤¤¤ | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Firefox.exe\Shell\open\Command] ""=C:\Program Files (x86)\Mozilla Firefox\firefox.exe [19/03/2016 11:58:06] [HKLM\Software\Clients\StartMenuInternet\Firefox.exe\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [09/03/2016 07:53:02] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\opera.exe\Shell\open\Command] ""= [HKLM\Software\Clients\StartMenuInternet\opera.exe\InstallInfo] "ReinstallCommand"= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox.exe\Shell\open\Command] ""=C:\Program Files (x86)\Mozilla Firefox\firefox.exe [19/03/2016 11:58:06] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox.exe\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [09/03/2016 07:53:02] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\opera.exe\Shell\open\Command] ""= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\opera.exe\InstallInfo] "ReinstallCommand"= ¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags ¤¤¤¤¤¤¤¤¤¤ | IFEO ¤¤¤¤¤¤¤¤¤¤ | Mountpoints2 ¤¤¤¤¤¤¤¤¤¤ | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ¤¤¤¤¤¤¤¤¤¤ | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x32D6613E3DDFCB01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ¤¤¤¤¤¤¤¤¤¤ | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist) ¤¤¤¤¤¤¤¤¤¤ | Hosts # T411 # DOMAINE t411.me #104.18.37.180 t411.me www.t411.me forum.t411.me wiki.t411.me api.t411.me #104.18.36.180 t411.me www.t411.me forum.t411.me wiki.t411.me api.t411.me # DOMAINE t411.io #104.24.125.37 t411.io www.t411.io forum.t411.io wiki.t411.io api.t411.io #104.24.124.37 t411.io www.t411.io forum.t411.io wiki.t411.io api.t411.io # DOMAINE t411.in #108.162.202.144 t411.in www.t411.in forum.t411.in wiki.t411.in api.t411.in #108.162.201.144 t411.in www.t411.in forum.t411.in wiki.t411.in api.t411.in # DOMAINE t411.ch #162.159.241.142 t411.ch www.t411.ch forum.t411.ch wiki.t411.ch api.t411.ch #162.159.240.142 t411.ch www.t411.ch forum.t411.ch wiki.t411.ch api.t411.ch #DOMAINE t411.download #141.101.124.142 t411.download #108.162.207.142 t411.download #Domaine mail.t411.me #188.126.79.37 mail.t411.me #Domaine irc.t411.in .io et .me #88.198.168.163 irc.t411.ch irc.t411.in irc.t411.io irc.t411.me #Blocage des faux sites T411 127.0.0.1 www.torrent411.in 127.0.0.1 www.toreent411.io [38] More lines ¤¤¤¤¤¤¤¤¤¤ | @ [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnableNegotiate"=1 "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0xB6A118893F04CA01 "ProxyEnable"=0 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "OperationalData"=1 "ImageStoreRandomFolder"=liksx86 [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x7590AD30EED0D001 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=www.google.com "Default_Page_URL"=http://www.google.com "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://www.google.com "Search Page"=www.google.com "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://www.google.com "Default_Page_URL"=http://www.google.com "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://www.google.com "Search Page"=http://www.google.com "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Enable Browser Extensions"=yes "Use Search Asst"=no "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Isolation"=PMIL [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchURL] "Default"=www.google.com [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ¤¤¤¤¤¤¤¤¤¤ | reparsepoint ¤¤¤¤¤¤¤¤¤¤ | Detection of offsets ¤¤¤¤¤¤¤¤¤¤ | Notify ¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS ¤¤¤¤¤¤¤¤¤¤ | Toolbar [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3507FA00-ADA2-4A02-99B9-51AD26CA9120}"= [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{3507FA00-ADA2-4A02-99B9-51AD26CA9120}"= [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ¤¤¤¤¤¤¤¤¤¤ | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}] : (Send by Bluetooth to) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}] : (Send by Bluetooth to) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}] : () - [] ¤¤¤¤¤¤¤¤¤¤ | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c9ab6446-7efc-47fe-966c-dc54324eff9f}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}] -> (Kaspersky Protection plugin) : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [08/12/2015 02:24:14] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] -> (HP Print Enhancer) : C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [20/09/2009 12:15:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54F73992-6549-4369-9A0D-84FD310A464A}] -> (Aimersoft Video Converter Ultimate) : C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll [15/11/2014 15:36:41] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [19/04/2015 01:43:29] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] -> (CIESpeechBHO Class) : C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [27/10/2010 17:19:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}] -> (Kaspersky Protection plugin) : C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [08/12/2015 02:24:14] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [19/04/2015 01:43:28] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] -> (HP Smart BHO Class) : C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [20/09/2009 12:15:26] ¤¤¤¤¤¤¤¤¤¤ | Chrome C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\extensions\eahebamiopdhefndnmappcihfajigkka = : __MSG_ExtensionDescription__ - __MSG_ExtensionName__ - permissions:[\u003Call_urls>webRequestwebRequestBlocking] - https://clients2.google.com/service/update2/crx C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\extensions\mapcejffhcbidcjmomhalabpcbaeimcb = : Download YouTube and other online videos - Aimersoft Video Converter Ultimate C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description_chrome__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\fpniocchabmgenibceglhnfeimmdhdfm = : Easily organize and share your personal media and online content on all of your devices no matter where you are. - Plex - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\jpnjjlbngpejmmhgcaagljaomgnginml = : __MSG_description__ - http://get.youripfast.com/?s=free-app - __MSG_name__ - [*://*.youripfast.com/*://*.findyouripfast.com/] - http://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\mapcejffhcbidcjmomhalabpcbaeimcb = : Download YouTube and other online videos - Aimersoft Video Converter Ultimate C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\eahebamiopdhefndnmappcihfajigkka] [HKLM\Software\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eahebamiopdhefndnmappcihfajigkka] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\mapcejffhcbidcjmomhalabpcbaeimcb] ¤¤¤¤¤¤¤¤¤¤ | Opera ¤¤¤¤¤¤¤¤¤¤ | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}"=C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt\ "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 18.0.0.160 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 18.0.0.160 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=] - (Module iTunes Detector) : [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] - () : C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0] - (DivX Web Player) : C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] - (Google Earth in your browser) : C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4] - (VLC Multimedia Plugin) : [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [Administrateur | j3mlvil9.default] : user_pref("browser.startup.homepage_override.buildID", "20160315153207"); [Administrateur | j3mlvil9.default] : user_pref("browser.startup.homepage_override.mstone", "45.0.1"); [Administrateur | j3mlvil9.default] : user_pref("extensions.blocklist.pingCountTotal", 2); [Administrateur | j3mlvil9.default] : user_pref("extensions.blocklist.pingCountVersion", 2); [Administrateur | j3mlvil9.default] : user_pref("extensions.bootstrappedAddons", "{\"loop@mozilla.org\":{\"version\":\"0.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com\":{\"version\":\"4.6.2.31\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 16.0.0\\\\FFExt\\\\light_plugin_firefox\",\"multiprocessCompatible\":false,\"runInSafeMode\":false},\"firefox-hotfix@mozilla.org\":{\"version\":\"20160106.01\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Administrateur\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\j3mlvil9.default\\\\extensions\\\\firefox-hotfix@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); [Administrateur | j3mlvil9.default] : user_pref("extensions.databaseSchema", 17); [Administrateur | j3mlvil9.default] : user_pref("extensions.e10sBlockedByAddons", true); [Administrateur | j3mlvil9.default] : user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1"); [Administrateur | j3mlvil9.default] : user_pref("extensions.getAddons.cache.lastUpdate", 1458790307); [Administrateur | j3mlvil9.default] : user_pref("extensions.getAddons.databaseSchema", 5); [Administrateur | j3mlvil9.default] : user_pref("extensions.hotfix.lastVersion", "20160106.01"); [Administrateur | j3mlvil9.default] : user_pref("extensions.lastAppVersion", "45.0.1"); [Administrateur | j3mlvil9.default] : user_pref("extensions.lastPlatformVersion", "45.0.1"); [Administrateur | j3mlvil9.default] : user_pref("extensions.pendingOperations", false); [Administrateur | j3mlvil9.default] : user_pref("extensions.shownSelectionUI", true); [Administrateur | j3mlvil9.default] : user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); [Administrateur | j3mlvil9.default] : user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"0.1\",\"st\":1458381488187}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"45.0.1\",\"st\":1458381488187}},\"winreg-app-global\":{\"{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Aimersoft\\\\Video Converter Ultimate\\\\SVRFirefoxExt\",\"e\":false,\"v\":\"5.0.0\",\"st\":1416058601781,\"mt\":1368519572000},\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.51\",\"st\":1438947444267,\"mt\":1253441726000},\"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 16.0.0\\\\FFExt\\\\light_plugin_firefox\",\"e\":true,\"v\":\"4.6.2.31\",\"st\":1457312162505,\"mt\":1457311697811}}}"); [Michel | kohsdtjr.default] : user_pref("browser.startup.homepage", "https://www.google.fr/"); [Michel | kohsdtjr.default] : user_pref("browser.startup.homepage_override.buildID", "20160315153207"); [Michel | kohsdtjr.default] : user_pref("browser.startup.homepage_override.mstone", "45.0.1"); [Michel | kohsdtjr.default] : user_pref("extensions.adblockplus.currentVersion", "2.7.2"); [Michel | kohsdtjr.default] : user_pref("extensions.adblockplus.notificationdata", "{\"lastCheck\":1459906601634,\"softExpiration\":1459995159467,\"hardExpiration\":1460079402538,\"data\":{\"notifications\":[],\"version\":\"201604060135\"},\"lastError\":0,\"downloadStatus\":\"synchronize_ok\",\"downloadCount\":11}"); [Michel | kohsdtjr.default] : user_pref("extensions.adblockplus.notifications_ignoredcategories", "[\"*\"]"); [Michel | kohsdtjr.default] : user_pref("extensions.adblockplus.notifications_showui", true); [Michel | kohsdtjr.default] : user_pref("extensions.blocklist.pingCountTotal", 10); [Michel | kohsdtjr.default] : user_pref("extensions.blocklist.pingCountVersion", 5); [Michel | kohsdtjr.default] : user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.7.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Michel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\kohsdtjr.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"loop@mozilla.org\":{\"version\":\"1.1.14\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Michel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\kohsdtjr.default\\\\features\\\\{04e045de-cead-4901-a90f-3d59e85edb93}\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com\":{\"version\":\"4.6.2.31\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 16.0.0\\\\FFExt\\\\light_plugin_firefox\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); [Michel | kohsdtjr.default] : user_pref("extensions.databaseSchema", 17); [Michel | kohsdtjr.default] : user_pref("extensions.e10sBlockedByAddons", true); [Michel | kohsdtjr.default] : user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.1"); [Michel | kohsdtjr.default] : user_pref("extensions.getAddons.cache.lastUpdate", 1459632380); [Michel | kohsdtjr.default] : user_pref("extensions.getAddons.databaseSchema", 5); [Michel | kohsdtjr.default] : user_pref("extensions.hotfix.lastVersion", "20160106.01"); [Michel | kohsdtjr.default] : user_pref("extensions.lastAppVersion", "45.0.1"); [Michel | kohsdtjr.default] : user_pref("extensions.lastPlatformVersion", "45.0.1"); [Michel | kohsdtjr.default] : user_pref("extensions.pendingOperations", false); [Michel | kohsdtjr.default] : user_pref("extensions.shownSelectionUI", true); [Michel | kohsdtjr.default] : user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{04e045de-cead-4901-a90f-3d59e85edb93}\",\"addons\":{\"loop@mozilla.org\":{\"version\":\"1.1.14\"}}}"); [Michel | kohsdtjr.default] : user_pref("extensions.ui.dictionary.hidden", true); [Michel | kohsdtjr.default] : user_pref("extensions.ui.experiment.hidden", true); [Michel | kohsdtjr.default] : user_pref("extensions.ui.lastCategory", "addons://discover/"); [Michel | kohsdtjr.default] : user_pref("extensions.ui.locale.hidden", true); [Michel | kohsdtjr.default] : user_pref("extensions.xpiState", "{\"app-profile\":{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\Michel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\kohsdtjr.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.7.2\",\"st\":1457977750859}},\"app-system-addons\":{\"loop@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Michel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\kohsdtjr.default\\\\features\\\\{04e045de-cead-4901-a90f-3d59e85edb93}\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.1.14\",\"st\":1459632387949}},\"app-system-defaults\":{\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":false,\"v\":\"0.1\",\"st\":1458381488187}},\"winreg-app-user\":{\"{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Aimersoft\\\\Video Converter Ultimate\\\\SVRFirefoxExt\",\"e\":false,\"v\":\"5.0.0\",\"st\":1416058601781,\"mt\":1368519572000},\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.51\",\"st\":1438947444267,\"mt\":1253441726000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":false,\"v\":\"45.0.1\",\"st\":1458381488187}},\"winreg-app-global\":{\"{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Aimersoft\\\\Video Converter Ultimate\\\\SVRFirefoxExt\",\"e\":false,\"v\":\"5.0.0\",\"st\":1416058601781,\"mt\":1368519572000},\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.51\",\"st\":1438947444267,\"mt\":1253441726000},\"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Kaspersky Lab\\\\Kaspersky Internet Security 16.0.0\\\\FFExt\\\\light_plugin_firefox\",\"e\":true,\"v\":\"4.6.2.31\",\"st\":1457312162505,\"mt\":1457311697811}}}"); ¤¤¤¤¤¤¤¤¤¤ | Active Connections TCP 127.0.0.1:5354 www.torrent411.in:49155 ESTABLISHED 2096 TCP 127.0.0.1:5354 www.torrent411.in:49156 ESTABLISHED 2096 TCP 127.0.0.1:27015 www.torrent411.in:49233 ESTABLISHED 2024 TCP 127.0.0.1:49155 www.torrent411.in:5354 ESTABLISHED 2024 TCP 127.0.0.1:49156 www.torrent411.in:5354 ESTABLISHED 2024 TCP 127.0.0.1:49158 www.torrent411.in:49846 ESTABLISHED 2072 TCP 127.0.0.1:49158 www.torrent411.in:49849 ESTABLISHED 2072 TCP 127.0.0.1:49158 www.torrent411.in:49857 ESTABLISHED 2072 TCP 127.0.0.1:49158 www.torrent411.in:49880 ESTABLISHED 2072 TCP 127.0.0.1:49158 www.torrent411.in:49881 ESTABLISHED 2072 TCP 127.0.0.1:49158 www.torrent411.in:49883 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49706 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49707 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49728 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49742 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49743 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49744 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49745 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49847 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49876 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49877 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49878 ESTABLISHED 2072 TCP 127.0.0.1:49159 www.torrent411.in:49879 ESTABLISHED 2072 TCP 127.0.0.1:49233 www.torrent411.in:27015 ESTABLISHED 5368 TCP 127.0.0.1:49706 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49707 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49728 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49742 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49743 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49744 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49745 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49846 www.torrent411.in:49158 ESTABLISHED 1704 TCP 127.0.0.1:49847 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49849 www.torrent411.in:49158 ESTABLISHED 1704 TCP 127.0.0.1:49857 www.torrent411.in:49158 ESTABLISHED 1704 TCP 127.0.0.1:49876 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49877 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49878 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49879 www.torrent411.in:49159 ESTABLISHED 1704 TCP 127.0.0.1:49880 www.torrent411.in:49158 ESTABLISHED 1704 TCP 127.0.0.1:49881 www.torrent411.in:49158 ESTABLISHED 1704 TCP 127.0.0.1:49883 www.torrent411.in:49158 ESTABLISHED 1704 TCP 192.168.0.35:49254 ec2-52-34-43-191.us-west-2.compute.amazonaws.com:http CLOSE_WAIT 2804 TCP 192.168.0.35:49255 ec2-52-18-78-108.eu-west-1.compute.amazonaws.com:https ESTABLISHED 2804 TCP 192.168.0.35:50623 62.128.100.131:https TIME_WAIT 0 TCP [2a01:e35:2f15:b640:7c4b:1988:d4e6:707a]:50622 par10s22-in-x0e.1e100.net:https ESTABLISHED 1704 ¤¤¤¤¤¤¤¤¤¤ | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{79788432-6DE3-4A20-8FB0-7B3083723727}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{BEFD6298-CC48-4B7E-A4B9-39870E83E707}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{79788432-6DE3-4A20-8FB0-7B3083723727}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{BEFD6298-CC48-4B7E-A4B9-39870E83E707}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{79788432-6DE3-4A20-8FB0-7B3083723727}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BEFD6298-CC48-4B7E-A4B9-39870E83E707}] "DhcpNameServer"=192.168.0.254 ¤¤¤¤¤¤¤¤¤¤ | Applications [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\foobar2000.exe] : "C:\Program Files (x86)\foobar2000\foobar2000.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files (x86)\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\Classes\Applications\nero.exe] : "C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : I:\DOSSIE~1\MICROS~1\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\smplayer.exe] : "C:\Program Files\SMPlayer\smplayer.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\WinRAR.exe] : "C:\Program Files (x86)\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\foobar2000.exe] : "C:\Program Files (x86)\foobar2000\foobar2000.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files (x86)\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\nero.exe] : "C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : I:\DOSSIE~1\MICROS~1\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\smplayer.exe] : "C:\Program Files\SMPlayer\smplayer.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WinRAR.exe] : "C:\Program Files (x86)\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted) Term - : ¤¤¤¤¤¤¤¤¤¤ | Software [HKU\S-1-5-18\Software\AMD] [HKU\S-1-5-18\Software\Apple Computer, Inc.] [HKU\S-1-5-18\Software\Apple Inc.] [HKU\S-1-5-18\Software\ATI] [HKU\S-1-5-18\Software\Google] [HKU\S-1-5-18\Software\Hewlett-Packard] [HKU\S-1-5-18\Software\Macromedia] [HKU\S-1-5-18\Software\Malwarebytes' Anti-Malware] [HKU\S-1-5-18\Software\Microsoft] [HKU\S-1-5-18\Software\Netscape] [HKU\S-1-5-18\Software\PDFCreator] [HKU\S-1-5-18\Software\Piriform] [HKU\S-1-5-18\Software\Policies] [HKU\S-1-5-18\Software\Skype] [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-18\Software\Microsoft\Windows\DWM] [HKU\S-1-5-18\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Adobe] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Ahead] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\AppDataLow] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Apple Inc.] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Atheros] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\BitTorrent] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Clarus] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Clients] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\CyberLink] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\DivX] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\eMule] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\foobar2000] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Google] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\KasperskyLab] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\LogiShrd] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Logitech] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\MozillaPlugins] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\NVIDIA Corporation] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Piriform] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Policies] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Realtek] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\sysinternals] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Trolltech] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\WinRAR] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Wow6432Node] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1770880902-1296739278-1374194367-500\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-20\Software\AppDataLow] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Piriform] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Wow6432Node] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\DWM] [HKU\S-1-5-20\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-20\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-19\Software\AppDataLow] [HKU\S-1-5-19\Software\Hewlett-Packard] [HKU\S-1-5-19\Software\Microsoft] [HKU\S-1-5-19\Software\Piriform] [HKU\S-1-5-19\Software\Policies] [HKU\S-1-5-19\Software\Wow6432Node] [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft\Windows\DWM] [HKU\S-1-5-19\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-19\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ATHEROS] [HKLM\Software\ATI Technologies] [HKLM\Software\BrowserChoice] [HKLM\Software\Bullzip] [HKLM\Software\Clients] [HKLM\Software\Cyberlink] [HKLM\Software\DivX] [HKLM\Software\DTS] [HKLM\Software\EnigmaSoftwareGroup] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\KasperskyLab] [HKLM\Software\Khronos] [HKLM\Software\Lenovo] [HKLM\Software\Logishrd] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Paint.NET] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SMPlayer] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Volatile] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\ahead] [HKLM\Software\WOW6432Node\Aimersoft] [HKLM\Software\WOW6432Node\AimersoftSysMenuDATA] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\AVS4YOU] [HKLM\Software\WOW6432Node\CDDB] [HKLM\Software\WOW6432Node\Clarus, Inc.] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DivX] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS Todo Backup] [HKLM\Software\WOW6432Node\ej-technologies] [HKLM\Software\WOW6432Node\foobar2000] [HKLM\Software\WOW6432Node\Free YouTube Downloader] [HKLM\Software\WOW6432Node\Freemake] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\HP] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\IncrediMail] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Internet Download Manager] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\KasperskyLab] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lame For Audacity] [HKLM\Software\WOW6432Node\Lenovo] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAGIX] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\WOW6432Node\Marvell] [HKLM\Software\WOW6432Node\McAfee.com] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MixMeister Technology] [HKLM\Software\WOW6432Node\MOVAVI] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\Nullsoft] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice.org] [HKLM\Software\WOW6432Node\PDFCreator] [HKLM\Software\WOW6432Node\pdfsam] [HKLM\Software\WOW6432Node\PornTime] [HKLM\Software\WOW6432Node\QiSS] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\VirtualDJ] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Webber Software] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\Xara] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ¤¤¤¤¤¤¤¤¤¤ | Drives J: I: [26/04/2015 21:25:46] - |A| - (.-.) - [243648] - (4.42.0.0) - I:\Firefox Setup Stub 37.0.2 (1).exe ¤¤¤¤¤¤¤¤¤¤ | C: [14/07/2009 05:18:56] - |SHDC| - [23843603] - C:\$Recycle.Bin [02/03/2016 04:19:09] - |DC| - [4186198] - C:\AdwCleaner [25/03/2011 17:22:49] - |DC| - [142568203] - C:\ATI [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/04/2015 00:49:54] - (.-.) - [0] - (0.0.0.0) - C:\autoexec.bat [12/11/2014 18:16:22] - |SHDC| - [0] - C:\BOOT [31/03/2011 22:47:10] - |HDC| - [0] - C:\Config.Msi [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [15/07/2015 03:36:16] - |SHD| - [947973] - C:\found.000 [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/12/2015 04:24:45] - (.-.) - [6426832896] - (0.0.0.0) - C:\hiberfil.sys [10/03/2011 18:09:02] - |DC| - [570074] - C:\Intel [07/04/2011 05:06:33] - |HDC| - [5731184] - C:\jexepackres [03/03/2012 16:30:57] - |HDC| - [0] - C:\kleaner.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/11/2014 18:22:20] - (.-.) - [8569114624] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |DC| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |RDC| - [14276905393] - C:\Program Files [14/07/2009 05:20:08] - |RDC| - [5998169785] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HDC| - [43891985494] - C:\ProgramData [08/04/2016 22:20:50] - |DC| - [262056] - C:\QuickDiag [MD5.6F6325C4F8C365408211F5CD8092FC6D] - [08/04/2016 22:31:12] - (.-.) - [151531] - (0.0.0.0) - C:\QuickDiag.txt [MD5.298C5AF7F20B9726218D66AAE0EB68BD] - [08/04/2016 22:26:26] - (.-.) - [332931] - (0.0.0.0) - C:\QuickDiag_08_04_2016_22_26_26.txt [10/03/2011 18:15:06] - |DC| - [0] - C:\RaidTool [10/03/2011 18:06:19] - |SHDC| - [173147937] - C:\Recovery [26/04/2015 17:40:38] - |D| - [8397851] - C:\sh4ldr [MD5.7FF3E647D4EC0E67DDA38F5DD5DAB2AD] - [26/04/2015 18:06:38] - (.-.) - [7476] - (0.0.0.0) - C:\sh4_service.log [MD5.D07138915E1B489BA08D2DBDFF441A60] - [26/04/2015 18:04:28] - (.-.) - [285747] - (0.0.0.0) - C:\shldr [MD5.025926B83A938B5215F3C1DCC882F21C] - [26/04/2015 18:04:28] - (.-.) - [8192] - (0.0.0.0) - C:\shldr.mbr [MD5.661B7E5B3F5854AAFEE89DCB4149988F] - [26/04/2015 20:05:53] - (.-.) - [21013] - (0.0.0.0) - C:\spyhunter.log [11/03/2011 01:01:48] - |SHD| - [0] - C:\System Volume Information [14/07/2009 05:20:08] - |RDC| - [94525757480] - C:\Users [14/07/2009 05:20:08] - |DC| - [37597114394] - C:\Windows ¤¤¤¤¤¤¤¤¤¤ | C:\Windows [14/07/2009 07:32:38] - |DC| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |DC| - [38132843] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |DC| - [11035914] - C:\Windows\AppPatch [MD5.C8FFDFB586E0F16E1E03AF87DCBB3437] - [10/03/2011 18:08:31] - (.-.) - [27083] - (0.0.0.0) - C:\Windows\Ascd_tmp.ini [14/07/2009 05:20:08] - |RSDC| - [1521927558] - C:\Windows\assembly [MD5.9FCFE78AFBA95C1F3AD8E3F99C5C4636] - [10/03/2011 18:11:03] - (.Copyright (C) 2009 - AsTaskSchedule.) - [16896] - (0.1.0.4) - C:\Windows\AsTaskSched.dll [MD5.4B908E7BD52D998AA09F96019539A1D2] - [26/01/2011 00:42:00] - (.-.) - [30707] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/03/2011 17:24:46] - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [10/03/2011 19:07:47] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 05:20:09] - |D| - [29163158] - C:\Windows\Boot [MD5.2D9DD900CCF4B228EE9377C5FDF5DB6C] - [14/07/2009 07:38:36] - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |DC| - [3233280] - C:\Windows\Branding [MD5.DB8DA5E9883091498FC1F4590A2F8718] - [13/11/2014 18:58:58] - (.Copyright (C) 2014 Rsupport Co., Ltd. - Rsupport Credential Provider.) - [25896] - (5.0.3.2) - C:\Windows\cremgr64.dll [14/07/2009 05:20:09] - |DC| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |DC| - [1565186] - C:\Windows\debug [MD5.F390146AE3A191CF2C6F7E06F7A79D6A] - [13/07/2013 21:24:42] - (.-.) - [98] - (0.0.0.0) - C:\Windows\DeleteOnReboot.bat [14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |DC| - [0] - C:\Windows\DigitalLocker [30/10/2013 04:49:43] - |DC| - [5683036] - C:\Windows\Downloaded Installations [14/07/2009 07:32:38] - |DC| - [65] - C:\Windows\Downloaded Program Files [14/07/2009 17:35:13] - |DC| - [118084593] - C:\Windows\ehome [07/03/2016 02:44:41] - |DC| - [30328] - C:\Windows\ELAMBKUP [14/07/2009 07:37:46] - |DC| - [0] - C:\Windows\en-US [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [10/02/2016 07:39:52] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.19135) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSDC| - [425455479] - C:\Windows\Fonts [14/07/2009 17:24:08] - |DC| - [142848] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |DC| - [21741460] - C:\Windows\Globalization [14/07/2009 05:20:09] - |DC| - [109388478] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [14/07/2009 17:35:58] - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [MD5.47A849FA4067E4692A8FF10D3D622D3F] - [07/08/2015 13:31:53] - (.-.) - [235107] - (0.0.0.0) - C:\Windows\hpoins21.dat [MD5.50E5CC9E124AF68882F42B1972A65954] - [07/08/2015 13:31:53] - (.-.) - [5474] - (0.0.0.0) - C:\Windows\hpomdl21.dat [14/07/2009 05:20:09] - |DC| - [143547244] - C:\Windows\IME [14/07/2009 05:20:10] - |DC| - [164771470] - C:\Windows\inf [10/03/2011 18:11:14] - |SHDC| - [4679533028] - C:\Windows\Installer [27/03/2014 15:55:02] - |DC| - [0] - C:\Windows\Jaksta [14/07/2009 05:20:10] - |DC| - [48371] - C:\Windows\L2Schemas [MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [10/03/2011 18:08:36] - (.-.) - [1769] - (0.0.0.0) - C:\Windows\Language_trs.ini [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/03/2011 13:23:47] - (.-.) - [0] - (0.0.0.0) - C:\Windows\lgfwup.ini [14/07/2009 05:20:10] - |DC| - [0] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |DC| - [112849322] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSDC| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |DC| - [1000895845] - C:\Windows\Microsoft.NET [18/02/2014 20:37:21] - |DC| - [5524] - C:\Windows\Migration [02/12/2013 21:06:10] - |DC| - [0] - C:\Windows\Minidump [14/07/2009 05:20:10] - |DC| - [0] - C:\Windows\ModemLogs [31/03/2011 19:57:48] - |DC| - [942584] - C:\Windows\Msagent [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [12/08/2015 12:29:15] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.00DE0918A8C796CCCD7C441ADDF27035] - [26/04/2015 02:15:22] - (.-.) - [235196] - (0.0.0.0) - C:\Windows\ntbtlog.txt [MD5.C7B2659EA9F98C09710253721712A6CE] - [31/03/2011 19:58:08] - (.-.) - [376] - (0.0.0.0) - C:\Windows\ODBC.INI [14/07/2009 07:32:38] - |DC| - [65] - C:\Windows\Offline Web Pages [11/03/2011 01:00:56] - |DC| - [1049255] - C:\Windows\Panther [05/02/2013 23:56:27] - |DC| - [0] - C:\Windows\PCHEALTH [14/07/2009 07:32:38] - |DC| - [64249621] - C:\Windows\Performance [MD5.3259C6CD888C91EED081F45B3813FFF8] - [15/03/2015 21:49:33] - (.-.) - [32798] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |DC| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |DC| - [2972554] - C:\Windows\PolicyDefinitions [11/03/2011 01:01:57] - |DC| - [61019084] - C:\Windows\Prefetch [10/03/2011 18:07:28] - |DC| - [46080] - C:\Windows\pss [10/03/2011 18:15:03] - |DC| - [792356] - C:\Windows\RaidTool [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |DC| - [1071164] - C:\Windows\Registration [02/08/2014 00:55:27] - |DC| - [11278833] - C:\Windows\rescache [14/07/2009 05:20:10] - |DC| - [1674534] - C:\Windows\Resources [MD5.4D7C0EB7E11BE19FA6DDF5606C86D778] - [10/03/2011 18:10:03] - (.Copyright (C) 2010 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1251944] - (1.0.2.5) - C:\Windows\RtlExUpd.dll [14/07/2009 05:20:10] - |DC| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |DC| - [58021] - C:\Windows\schemas [14/07/2009 05:20:10] - |DC| - [5267690] - C:\Windows\security [14/07/2009 06:45:47] - |DC| - [673199932] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [133114738] - C:\Windows\servicing [14/07/2009 06:45:50] - |DC| - [42] - C:\Windows\Setup [MD5.AEDAF71BD1A1A9A2AB91C9C36457CD75] - [15/03/2015 17:29:22] - (.-.) - [54002] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/03/2015 17:29:22] - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [14/07/2009 17:35:13] - |DC| - [101851] - C:\Windows\ShellNew [10/03/2011 18:06:18] - |DC| - [1552863237] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |DC| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [19/08/2012 02:00:21] - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 05:20:10] - |DC| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |DC| - [6785266795] - C:\Windows\System32 [14/07/2009 05:20:14] - |DC| - [1452050367] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |DC| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |DC| - [38370] - C:\Windows\Tasks [14/07/2009 05:20:14] - |DC| - [18443723] - C:\Windows\Temp [14/07/2009 05:20:14] - |DC| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |DC| - [204288] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [10/03/2011 19:07:47] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.04583E2BAAB18EE73C85F417AD7D8CA7] - [31/03/2011 19:58:06] - (.-.) - [13] - (0.0.0.0) - C:\Windows\vbaddin.ini [14/07/2009 05:20:14] - |DC| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |DC| - [40681427] - C:\Windows\Web [MD5.E9E47D3311B6A074DE21D170B67F1524] - [14/07/2009 04:34:57] - (.-.) - [636] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.0203567B2CA2566EADC71148F3868F1B] - [10/03/2011 18:06:18] - (.-.) - [1515067] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.401CC007378046DBC9014934F6E5ED61] - [04/04/2011 00:06:31] - (.-.) - [83] - (0.0.0.0) - C:\Windows\wininit.ini [14/07/2009 05:20:14] - |D| - [18304321187] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ¤¤¤¤¤¤¤¤¤¤ | Systemroot\System ¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer [12/01/2002 01:13:20] - C:\Windows\Installer\146fe.msi : (ATI Stream SDK v2 - Advanced Micro Devices, Inc) [14/01/2016 11:36:30] - C:\Windows\Installer\151a4992.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [13/08/2012 11:24:16] - C:\Windows\Installer\170e6521.msi : (OpenOffice.org 3.4.1 - OpenOffice.org) [26/10/2011 11:34:01] - C:\Windows\Installer\19317ac3.msi : ( - dotPDN LLC) [15/10/2014 07:18:42] - C:\Windows\Installer\1f2333.msi : (iTunes Installer - Apple Inc.) [26/04/2015 21:08:35] - C:\Windows\Installer\203d63.msi : (Metric Collection SDK Redistributable - Lenovo Group Limited) [05/03/2014 02:06:03] - C:\Windows\Installer\2394f438.msi : (Kaspersky Internet Security - Kaspersky Lab) [25/04/2011 20:17:49] - C:\Windows\Installer\25f938e6.msi : (64 Bit HP CIO Components Installer Package - Hewlett-Packard) [10/02/2016 08:00:36] - C:\Windows\Installer\268ed77d.msi : (Google Update Helper - Google Inc.) [04/06/2015 20:08:23] - C:\Windows\Installer\27ed1023.msi : (Google Earth - Google) [18/03/2015 07:59:47] - C:\Windows\Installer\29e13d.msi : (HP Support Solutions Framework - Hewlett-Packard Company) [24/11/2013 18:56:01] - C:\Windows\Installer\316e2689.msi : ( -) [06/01/2009 02:42:07] - C:\Windows\Installer\40c16dc.msi : (HP Update - Hewlett-Packard) [15/10/2014 06:46:08] - C:\Windows\Installer\410ce8e.msi : (Apple Mobile Device Support Installer - Apple Inc.) [12/10/2014 05:26:10] - C:\Windows\Installer\410d1b6.msi : (Apple Application Support Installer - Apple Inc.) [15/10/2014 07:18:42] - C:\Windows\Installer\410d359.msi : (iTunes Installer - Apple Inc.) [07/10/2013 21:55:26] - C:\Windows\Installer\527fcb7.msi : (Google Earth Pro - Google) [10/01/2014 21:38:52] - C:\Windows\Installer\5336c88.msi : (Install/UnInstall PhysX Driver + Engines: 2.7.1/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation) [31/05/2014 23:26:20] - C:\Windows\Installer\5b89b68e.msi : (simfy - simfy AG) [17/03/2015 10:41:29] - C:\Windows\Installer\5d828.msi : ( - Adobe Systems Incorporated) [27/08/2014 02:53:46] - C:\Windows\Installer\60dd470.msi : (iCloud for Windows installer - Apple Inc.) [15/10/2014 07:18:42] - C:\Windows\Installer\64cc7.msi : (iTunes Installer - Apple Inc.) [19/04/2015 01:43:03] - C:\Windows\Installer\689dd.msi : (Java SE Runtime Environment 8.0 - Oracle Corporation) [19/04/2015 01:43:02] - C:\Windows\Installer\689ee.msi : (Java Auto Updater - Oracle Corporation) [07/10/2010 05:17:52] - C:\Windows\Installer\6bcdc.msi : (USB 3.0 Host Controller Driver - Renesas Electronics Corporation) [10/03/2011 18:15:55] - C:\Windows\Installer\6bce1.msi : (Blank Project Template - InstallShield) [23/09/2010 05:42:18] - C:\Windows\Installer\6bce6.msi : (Intel(R) Network Connections - Intel) [10/03/2011 18:35:18] - C:\Windows\Installer\72b68.msi : (Blank Project Template - NVIDIA Corporation) [20/09/2009 20:55:38] - C:\Windows\Installer\7e4e8.msi : ( - ) [22/05/2009 06:28:17] - C:\Windows\Installer\7e4f3.msi : ( - ) [14/05/2009 17:50:46] - C:\Windows\Installer\7e4fe.msi : (Hewlett-Packard - Hewlett-Packard) [22/05/2009 04:05:25] - C:\Windows\Installer\7e505.msi : ( - ) [17/10/2008 19:29:32] - C:\Windows\Installer\7e50c.msi : ( - ) [22/05/2009 05:40:28] - C:\Windows\Installer\7e513.msi : ( - ) [20/09/2009 19:13:27] - C:\Windows\Installer\7e51a.msi : ( - ) [20/09/2009 20:40:21] - C:\Windows\Installer\7e521.msi : ( - ) [20/09/2009 20:18:16] - C:\Windows\Installer\7e528.msi : ( - ) [22/05/2009 05:49:22] - C:\Windows\Installer\7e52f.msi : ( - ) [20/09/2009 21:07:47] - C:\Windows\Installer\7e536.msi : ( - ) [20/09/2009 21:24:04] - C:\Windows\Installer\7e53d.msi : ( - ) [20/09/2009 17:56:25] - C:\Windows\Installer\7e54b.msi : ( - ) [14/05/2009 17:15:22] - C:\Windows\Installer\7e552.msi : (Builds the Destinations MSI - Builds the Destinations MSI) [20/09/2009 21:36:15] - C:\Windows\Installer\7e55a.msi : ( - ) [20/09/2009 18:26:42] - C:\Windows\Installer\7e575.msi : ( - ) [22/05/2009 05:46:54] - C:\Windows\Installer\7e57d.msi : ( - ) [22/05/2009 05:21:36] - C:\Windows\Installer\7e588.msi : ( - ) [22/05/2009 05:05:55] - C:\Windows\Installer\7e58f.msi : ( - ) [22/05/2009 03:58:17] - C:\Windows\Installer\7e596.msi : ( - ) [01/08/2008 23:00:58] - C:\Windows\Installer\7e59d.msi : ( - ) [01/08/2008 23:00:58] - C:\Windows\Installer\7e5a4.msi : ( - ) [01/08/2008 23:00:58] - C:\Windows\Installer\7e5ab.msi : ( - ) [01/08/2008 23:00:58] - C:\Windows\Installer\7e5cc.msi : ( - ) [01/08/2008 23:00:58] - C:\Windows\Installer\7e5d3.msi : ( - ) [22/05/2009 05:09:31] - C:\Windows\Installer\7e5da.msi : ( - ) [14/05/2009 17:41:30] - C:\Windows\Installer\7e5e1.msi : ( - ) [20/09/2009 21:15:49] - C:\Windows\Installer\7e5e9.msi : ( - ) [20/09/2009 20:45:30] - C:\Windows\Installer\7e5f1.msi : ( - ) [07/08/2015 13:34:59] - C:\Windows\Installer\7e5f8.msi : ( -) [08/07/2009 12:51:17] - C:\Windows\Installer\7e5ff.msi : ( - ) [28/08/2009 22:34:50] - C:\Windows\Installer\836af3.msi : (Firebird SQL Server - MAGIX Edition - v2.1.27.0 (en-US) - MAGIX AG) [07/03/2016 02:43:36] - C:\Windows\Installer\95975.msi : (Kaspersky Internet Security - Kaspersky Lab) [15/03/2015 21:58:35] - C:\Windows\Installer\9759d.msi : (VirtualDJ Home FREE Installer - Atomix Productions) [26/08/2012 20:57:48] - C:\Windows\Installer\9abc4.msi : (QuickTime Installer - Apple Inc.) [25/07/2012 00:29:52] - C:\Windows\Installer\9abca.msi : ( - AOL Inc.) [26/07/2011 20:36:38] - C:\Windows\Installer\9abd0.msi : ( - DivX, Inc) [26/08/2012 20:58:25] - C:\Windows\Installer\9abfb.msi : ([ProductName] Installer - Apple Inc.) [26/02/2007 22:13:08] - C:\Windows\Installer\a20edf.msi : (Nero 7, Copyright 2007 Nero AG and its licensors - Nero AG) [07/06/2011 17:50:42] - C:\Windows\Installer\ae8e6.msi : (Apple Software Update Installer - Apple Inc.) [18/05/2010 18:23:20] - C:\Windows\Installer\b88a906.msi : ([ProductName] Installer - Apple Inc.) [02/06/2010 06:37:58] - C:\Windows\Installer\b9917.msi : (Blank Project Template - CyberLink Corp.) [03/06/2010 06:16:14] - C:\Windows\Installer\b991d.msi : (Blank Project Template - CyberLink Corp.) [02/06/2010 06:55:16] - C:\Windows\Installer\b993e.msi : (Blank Project Template - CyberLink Corp.) [14/05/2015 02:35:22] - C:\Windows\Installer\ec83.msi : (Skype - Skype Technologies S.A.) [15/06/2014 02:12:45] - C:\Windows\Installer\f36d767.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [15/03/2015 17:53:55] - C:\Windows\Installer\f71d69.msi : (VirtualDJ 8 Installer - Atomix Productions) ¤¤¤¤¤¤¤¤¤¤ | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [15/04/2015 10:40:56] - [16303] - C:\Windows\System32\ieuinit.inf [14/07/2009 07:13:15] - [1669656] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [15/04/2015 10:40:57] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [27/10/2012 21:30:16] - [1643788] - C:\Windows\Syswow64\PerfStringBackup.INI ¤¤¤¤¤¤¤¤¤¤ | [Administrateur] [24/03/2016 04:22:52] - |DC| - [21015] - C:\Users\Administrateur\.smplayer [07/08/2015 10:50:11] - |HDC| - [547746791] - C:\Users\Administrateur\AppData [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Application Data [07/08/2015 10:50:45] - |RDC| - [68795] - C:\Users\Administrateur\Contacts [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Cookies [07/08/2015 10:50:11] - |RDC| - [2439359] - C:\Users\Administrateur\Desktop [07/08/2015 10:50:11] - |RDC| - [402] - C:\Users\Administrateur\Documents [07/08/2015 10:50:11] - |RDC| - [5212010] - C:\Users\Administrateur\Downloads [07/08/2015 10:50:11] - |RDC| - [2177] - C:\Users\Administrateur\Favorites [07/08/2015 10:50:11] - |RDC| - [2476] - C:\Users\Administrateur\Links [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Local Settings [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Menu Démarrer [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Mes documents [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Modèles [07/08/2015 10:50:11] - |RDC| - [504] - C:\Users\Administrateur\Music [07/08/2015 10:50:11] - |ASH| - [1310720] - C:\Users\Administrateur\NTUSER.DAT [07/08/2015 10:50:12] - |ASH| - [262144] - C:\Users\Administrateur\ntuser.dat.LOG1 [07/08/2015 10:50:12] - |ASH| - [0] - C:\Users\Administrateur\ntuser.dat.LOG2 [07/08/2015 10:50:12] - |ASH| - [65536] - C:\Users\Administrateur\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [07/08/2015 10:50:12] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [07/08/2015 10:50:12] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [07/08/2015 10:50:12] - |SHC| - [20] - C:\Users\Administrateur\ntuser.ini [07/08/2015 10:50:11] - |RDC| - [294263] - C:\Users\Administrateur\Pictures [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Recent [07/08/2015 10:50:11] - |RDC| - [282] - C:\Users\Administrateur\Saved Games [07/08/2015 10:50:53] - |RDC| - [1020] - C:\Users\Administrateur\Searches [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\SendTo [07/08/2015 10:50:11] - |RDC| - [504] - C:\Users\Administrateur\Videos [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Voisinage d'impression [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\Voisinage réseau [24/03/2016 04:38:50] - |DC| - [25024710] - C:\Users\Administrateur\AppData\Local\Adobe [08/04/2016 21:52:40] - |DC| - [1950597] - C:\Users\Administrateur\AppData\Local\Ahead [25/02/2016 04:05:42] - |DC| - [0] - C:\Users\Administrateur\AppData\Local\Aimersoft [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\AppData\Local\Application Data [07/08/2015 10:51:20] - |DC| - [0] - C:\Users\Administrateur\AppData\Local\BMExplorer [24/03/2016 04:38:54] - |DC| - [0] - C:\Users\Administrateur\AppData\Local\CEF [24/03/2016 04:22:55] - |DC| - [86620] - C:\Users\Administrateur\AppData\Local\fontconfig [24/03/2016 04:21:56] - |DC| - [338723] - C:\Users\Administrateur\AppData\Local\Foofind Download Manager [07/08/2015 10:50:59] - |AC| - [158264] - C:\Users\Administrateur\AppData\Local\GDIPFONTCACHEV1.DAT [07/08/2015 10:50:58] - |DC| - [300171135] - C:\Users\Administrateur\AppData\Local\Google [08/04/2016 16:56:32] - |DC| - [71] - C:\Users\Administrateur\AppData\Local\GWX [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\AppData\Local\Historique [07/08/2015 11:34:07] - |AHC| - [2944011] - C:\Users\Administrateur\AppData\Local\IconCache.db [07/08/2015 10:50:11] - |DC| - [58790929] - C:\Users\Administrateur\AppData\Local\Microsoft [07/08/2015 10:50:11] - |DC| - [0] - C:\Users\Administrateur\AppData\Local\Microsoft Help [21/03/2016 06:33:36] - |DC| - [11633004] - C:\Users\Administrateur\AppData\Local\Mozilla [07/08/2015 10:50:13] - |DC| - [86976323] - C:\Users\Administrateur\AppData\Local\NVIDIA [07/08/2015 10:51:18] - |DC| - [1619] - C:\Users\Administrateur\AppData\Local\NVIDIA Corporation [07/08/2015 10:51:10] - |DC| - [40960] - C:\Users\Administrateur\AppData\Local\Power2Go [07/08/2015 10:50:11] - |DC| - [36969502] - C:\Users\Administrateur\AppData\Local\Temp [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files [07/08/2015 10:50:53] - |ASHC| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [07/08/2015 10:50:12] - |SHDC| - [0] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [07/08/2015 10:50:11] - |RDC| - [29505] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [07/08/2015 10:50:11] - |RDC| - [14657] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [07/08/2015 10:50:53] - |RDC| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [08/04/2016 20:10:21] - |RDC| - [206] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [07/08/2015 10:50:11] - |DC| - [9605] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [07/08/2015 10:50:53] - |ASHC| - [338] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/08/2015 10:50:58] - |DC| - [2324] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [07/08/2015 10:51:02] - |AC| - [1447] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [07/08/2015 10:50:11] - |RDC| - [580] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [07/08/2015 10:50:53] - |RDC| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [07/08/2015 10:50:53] - |ASHC| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | [Michel] [06/02/2014 16:09:22] - |DC| - [2420] - C:\Users\Michel\.android [26/11/2014 11:11:46] - |DC| - [410] - C:\Users\Michel\.pdfsam [31/05/2014 23:31:27] - |AC| - [32] - C:\Users\Michel\.simfy [17/12/2014 21:17:02] - |DC| - [3526964] - C:\Users\Michel\.smplayer [10/03/2011 18:06:22] - |HDC| - [34631643404] - C:\Users\Michel\AppData [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Application Data [10/03/2011 18:06:25] - |RDC| - [68787] - C:\Users\Michel\Contacts [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Cookies [10/03/2011 18:06:22] - |RDC| - [609626600] - C:\Users\Michel\Desktop [10/03/2011 18:06:22] - |RDC| - [249542582] - C:\Users\Michel\Documents [10/03/2011 18:06:22] - |RDC| - [8374630155] - C:\Users\Michel\Downloads [30/10/2013 05:14:42] - |RDC| - [2372797] - C:\Users\Michel\Dropbox [01/11/2015 03:48:56] - |DC| - [326] - C:\Users\Michel\Equalizer [10/03/2011 18:06:22] - |RDC| - [4342] - C:\Users\Michel\Favorites [24/04/2015 23:43:46] - |AC| - [271092] - C:\Users\Michel\fullscreen000.png [10/03/2011 18:06:22] - |RDC| - [4236] - C:\Users\Michel\Links [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Local Settings [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Menu Démarrer [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Mes documents [30/10/2013 05:16:08] - |AC| - [689] - C:\Users\Michel\Michel - Raccourci.lnk [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Modèles [10/03/2011 18:06:22] - |RDC| - [6943538813] - C:\Users\Michel\Music [10/03/2011 18:06:22] - |ASH| - [37224448] - C:\Users\Michel\NTUSER.DAT [10/03/2011 18:06:22] - |ASH| - [262144] - C:\Users\Michel\ntuser.dat.LOG1 [10/03/2011 18:06:22] - |ASH| - [0] - C:\Users\Michel\ntuser.dat.LOG2 [10/03/2011 18:06:22] - |ASH| - [65536] - C:\Users\Michel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [10/03/2011 18:06:22] - |ASH| - [524288] - C:\Users\Michel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [10/03/2011 18:06:22] - |ASH| - [524288] - C:\Users\Michel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [10/03/2011 18:06:22] - |SHC| - [20] - C:\Users\Michel\ntuser.ini [10/03/2011 18:06:22] - |RDC| - [158174147] - C:\Users\Michel\Pictures [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Recent [10/08/2013 16:30:22] - |AC| - [907] - C:\Users\Michel\Recherches - Raccourci.lnk [10/03/2011 18:06:22] - |RDC| - [282] - C:\Users\Michel\Saved Games [10/03/2011 18:06:31] - |RDC| - [2205] - C:\Users\Michel\Searches [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\SendTo [26/04/2015 00:49:37] - |DC| - [7435] - C:\Users\Michel\Start Menu [25/04/2015 00:00:31] - |ASHC| - [23040] - C:\Users\Michel\Thumbs.db [14/05/2015 02:36:46] - |DC| - [73728] - C:\Users\Michel\Tracing [10/03/2011 18:06:22] - |RDC| - [504] - C:\Users\Michel\Videos [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Voisinage d'impression [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\Voisinage réseau [24/04/2015 23:44:05] - |AC| - [66849] - C:\Users\Michel\windowplus000.png [19/04/2015 05:30:03] - |AC| - [1876992] - C:\Users\Michel\ZHPCleaner.exe [06/04/2016 06:04:07] - |DC| - [5129] - C:\Users\Michel\AppData\Local\4kdownload.com [17/11/2014 22:53:49] - |DC| - [217088] - C:\Users\Michel\AppData\Local\6078FA17-6246-440E-AEDD-423D627C659E.aplzod [18/08/2014 15:07:08] - |DC| - [44901950] - C:\Users\Michel\AppData\Local\Adobe [17/11/2014 22:30:12] - |DC| - [14411876] - C:\Users\Michel\AppData\Local\adslTV [02/04/2011 18:26:52] - |DC| - [1973322] - C:\Users\Michel\AppData\Local\Ahead [15/11/2014 15:36:50] - |DC| - [41] - C:\Users\Michel\AppData\Local\Aimersoft [07/04/2011 05:21:39] - |DC| - [43590503] - C:\Users\Michel\AppData\Local\AirVideoServer [16/11/2014 05:18:00] - |DC| - [9940837] - C:\Users\Michel\AppData\Local\AirVideoServerHD [07/04/2011 05:20:54] - |DC| - [0] - C:\Users\Michel\AppData\Local\Apple [19/04/2011 15:49:57] - |DC| - [94338994] - C:\Users\Michel\AppData\Local\Apple Computer [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\AppData\Local\Application Data [10/03/2011 18:46:35] - |DC| - [1230145] - C:\Users\Michel\AppData\Local\Apps [25/03/2011 17:24:50] - |DC| - [61337] - C:\Users\Michel\AppData\Local\ATI [11/05/2011 03:16:56] - |DC| - [121064] - C:\Users\Michel\AppData\Local\Audiogalaxy [10/03/2011 18:23:58] - |DC| - [0] - C:\Users\Michel\AppData\Local\BMExplorer [06/02/2014 16:09:20] - |DC| - [0] - C:\Users\Michel\AppData\Local\cache [25/02/2016 05:11:50] - |DC| - [0] - C:\Users\Michel\AppData\Local\CEF [31/03/2016 18:47:34] - |DC| - [2021376] - C:\Users\Michel\AppData\Local\Clarus [17/03/2011 20:35:25] - |DC| - [397946306] - C:\Users\Michel\AppData\Local\CrashDumps [25/03/2011 13:28:37] - |DC| - [128425] - C:\Users\Michel\AppData\Local\Cyberlink [29/12/2011 19:18:31] - |AC| - [9728] - C:\Users\Michel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [26/08/2012 21:00:34] - |DC| - [107] - C:\Users\Michel\AppData\Local\DDMSettings [10/03/2011 18:46:35] - |DC| - [0] - C:\Users\Michel\AppData\Local\Deployment [05/04/2011 03:42:24] - |DC| - [4173313] - C:\Users\Michel\AppData\Local\Diagnostics [25/06/2015 20:44:38] - |DC| - [73579792] - C:\Users\Michel\AppData\Local\Dropbox [31/03/2011 15:08:23] - |DC| - [0] - C:\Users\Michel\AppData\Local\ElevatedDiagnostics [12/03/2015 03:16:59] - |SHDC| - [0] - C:\Users\Michel\AppData\Local\EmieBrowserModeList [19/06/2014 06:16:39] - |SHDC| - [0] - C:\Users\Michel\AppData\Local\EmieSiteList [19/06/2014 06:16:39] - |SHDC| - [0] - C:\Users\Michel\AppData\Local\EmieUserList [02/11/2014 08:08:52] - |DC| - [131868] - C:\Users\Michel\AppData\Local\Emit [17/03/2011 20:34:17] - |DC| - [57604037] - C:\Users\Michel\AppData\Local\eMule [17/12/2014 21:17:05] - |DC| - [86620] - C:\Users\Michel\AppData\Local\fontconfig [12/09/2014 17:46:58] - |DC| - [820] - C:\Users\Michel\AppData\Local\Foofind Download Manager [27/10/2012 21:05:36] - |DC| - [638] - C:\Users\Michel\AppData\Local\FreeMi [10/03/2011 18:26:38] - |AC| - [158264] - C:\Users\Michel\AppData\Local\GDIPFONTCACHEV1.DAT [10/03/2011 18:46:40] - |DC| - [1116363766] - C:\Users\Michel\AppData\Local\Google [06/06/2015 06:20:49] - |DC| - [71] - C:\Users\Michel\AppData\Local\GWX [18/03/2015 08:04:33] - |DC| - [1383] - C:\Users\Michel\AppData\Local\Hewlett-Packard [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\AppData\Local\Historique [31/03/2011 22:51:15] - |DC| - [718980] - C:\Users\Michel\AppData\Local\HP [26/04/2015 06:38:45] - |AHC| - [4930653] - C:\Users\Michel\AppData\Local\IconCache.db [24/03/2013 00:06:16] - |DC| - [1400] - C:\Users\Michel\AppData\Local\iMobie_Inc [26/04/2015 21:08:39] - |DC| - [14629] - C:\Users\Michel\AppData\Local\Lenovo [14/06/2012 15:19:54] - |DC| - [0] - C:\Users\Michel\AppData\Local\Macromedia [10/03/2011 18:06:22] - |DC| - [8226091956] - C:\Users\Michel\AppData\Local\Microsoft [05/02/2013 23:54:58] - |DC| - [310272] - C:\Users\Michel\AppData\Local\Microsoft Help [13/05/2015 16:58:52] - |DC| - [6920230] - C:\Users\Michel\AppData\Local\Movavi [14/03/2016 19:43:44] - |DC| - [117455604] - C:\Users\Michel\AppData\Local\Mozilla [01/02/2015 18:29:11] - |DC| - [1642864] - C:\Users\Michel\AppData\Local\node-webkit [20/02/2014 02:31:58] - |DC| - [1530399365] - C:\Users\Michel\AppData\Local\NVIDIA [20/02/2014 06:00:04] - |DC| - [163087] - C:\Users\Michel\AppData\Local\NVIDIA Corporation [26/10/2011 11:33:55] - |DC| - [0] - C:\Users\Michel\AppData\Local\Paint.NET [13/04/2015 20:19:54] - |DC| - [0] - C:\Users\Michel\AppData\Local\PDF Writer [03/02/2015 21:05:21] - |DC| - [92467411] - C:\Users\Michel\AppData\Local\Popcorn Time [01/02/2015 18:36:29] - |DC| - [20490665] - C:\Users\Michel\AppData\Local\Popcorn-Time [02/02/2015 03:46:55] - |DC| - [74398984] - C:\Users\Michel\AppData\Local\PopcornTimeDesktop [19/06/2015 16:26:54] - |DC| - [18012996] - C:\Users\Michel\AppData\Local\PornTime [25/03/2011 13:36:36] - |DC| - [40960] - C:\Users\Michel\AppData\Local\Power2Go [16/11/2013 02:22:14] - |DC| - [7333502] - C:\Users\Michel\AppData\Local\Program Files [04/11/2012 17:17:45] - |DC| - [0] - C:\Users\Michel\AppData\Local\Programs [20/04/2011 02:32:56] - |AC| - [600] - C:\Users\Michel\AppData\Local\PUTTY.RND [03/07/2012 22:33:37] - |AC| - [7600] - C:\Users\Michel\AppData\Local\Resmon.ResmonCfg [05/02/2008 14:28:20] - |AC| - [51] - C:\Users\Michel\AppData\Local\setup.txt [16/04/2015 03:07:19] - |DC| - [5115842] - C:\Users\Michel\AppData\Local\Skype [10/11/2013 17:12:13] - |DC| - [74507918] - C:\Users\Michel\AppData\Local\Spotify [10/03/2011 18:06:22] - |DC| - [38539364] - C:\Users\Michel\AppData\Local\Temp [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\AppData\Local\Temporary Internet Files [10/03/2011 18:06:24] - |DC| - [68474522] - C:\Users\Michel\AppData\Local\VirtualStore [03/11/2014 07:01:14] - |DC| - [3761] - C:\Users\Michel\AppData\Local\VODOBOX [03/03/2012 17:30:06] - |AC| - [17408] - C:\Users\Michel\AppData\Local\WebpageIcons.db [05/04/2011 02:19:02] - |DC| - [0] - C:\Users\Michel\AppData\Local\Xara [04/04/2011 15:27:07] - |DC| - [0] - C:\Users\Michel\AppData\Local\Yahoo [10/03/2011 18:06:31] - |ASH| - [174] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [10/03/2011 18:06:22] - |SHD| - [0] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/03/2011 18:06:22] - |RDC| - [78954] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/03/2011 18:06:22] - |RDC| - [14199] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/03/2011 18:06:31] - |RDC| - [174] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/12/2014 21:39:59] - |DC| - [10314] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adsl TV [16/11/2013 02:22:15] - |DC| - [2866] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon [09/03/2016 06:37:51] - |DC| - [5704] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [28/05/2011 01:21:00] - |DC| - [1061] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU [08/04/2016 17:04:49] - |RDC| - [206] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [17/06/2014 13:15:56] - |DC| - [2730] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center [25/03/2011 13:19:52] - |DC| - [9605] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [26/08/2012 21:06:56] - |ASH| - [472] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/03/2016 21:28:28] - |DC| - [1086] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [18/03/2014 02:47:30] - |DC| - [1086] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [14/06/2015 23:49:26] - |DC| - [4719] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [10/03/2011 18:06:22] - |RDC| - [580] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [10/03/2011 18:13:00] - |DC| - [1000] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell [24/05/2011 17:28:02] - |DC| - [0] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain [03/02/2015 21:05:34] - |DC| - [4361] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time [10/11/2013 17:12:12] - |AC| - [1797] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [10/03/2011 18:06:31] - |RDC| - [2572] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [25/06/2013 14:38:46] - |DC| - [3088] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [24/11/2013 19:04:09] - |DC| - [8146] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ [03/06/2012 17:40:32] - |DC| - [0] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weeny Free Audio Cutter [29/04/2011 00:44:16] - |DC| - [3188] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [10/03/2011 18:06:31] - |ASH| - [174] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [06/11/2014 07:15:25] - |AC| - [1159] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [04/03/2013 16:21:44] - |AC| - [1239] - C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ¤¤¤¤¤¤¤¤¤¤ | [Public] [25/03/2011 13:39:51] - |DC| - [185] - C:\Users\Public\CyberLink [14/07/2009 05:20:08] - |RHDC| - [51737] - C:\Users\Public\Desktop [14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RDC| - [104458] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RDC| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHDC| - [0] - C:\Users\Public\Favorites [14/07/2009 05:20:08] - |RHDC| - [3970] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RDC| - [380] - C:\Users\Public\Music [05/03/2014 05:21:25] - |A| - [262144] - C:\Users\Public\ntuser.dat [05/03/2014 05:21:25] - |ASH| - [5120] - C:\Users\Public\ntuser.dat.LOG1 [05/03/2014 05:21:25] - |ASH| - [0] - C:\Users\Public\ntuser.dat.LOG2 [05/03/2014 05:21:25] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{27906e30-a404-11e3-a790-002683147116}.TM.blf [05/03/2014 05:21:25] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{27906e30-a404-11e3-a790-002683147116}.TMContainer00000000000000000001.regtrans-ms [05/03/2014 05:21:25] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{27906e30-a404-11e3-a790-002683147116}.TMContainer00000000000000000002.regtrans-ms [05/03/2014 05:21:26] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{27906e3b-a404-11e3-a790-002683147116}.TM.blf [05/03/2014 05:21:26] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{27906e3b-a404-11e3-a790-002683147116}.TMContainer00000000000000000001.regtrans-ms [05/03/2014 05:21:26] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{27906e3b-a404-11e3-a790-002683147116}.TMContainer00000000000000000002.regtrans-ms [14/07/2009 05:20:08] - |RDC| - [2618837] - C:\Users\Public\Pictures [14/07/2009 17:35:05] - |RDC| - [9699579] - C:\Users\Public\Recorded TV [14/07/2009 05:20:08] - |RDC| - [884] - C:\Users\Public\Videos ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData [01/04/2011 01:37:38] - |DC| - [363100767] - C:\ProgramData\Adobe [23/08/2015 22:05:19] - |DC| - [443] - C:\ProgramData\Aimersoft DVD Ripper [24/02/2015 05:46:08] - |DC| - [110] - C:\ProgramData\Aimersoft Video Converter Ultimate [07/04/2011 05:20:49] - |DC| - [276045382] - C:\ProgramData\Apple [19/04/2011 15:49:20] - |DC| - [107588849] - C:\ProgramData\Apple Computer [14/07/2009 07:08:56] - |SHD| - [40223471123] - C:\ProgramData\Application Data [10/09/2011 03:47:28] - |DC| - [0] - C:\ProgramData\AVS4YOU [10/03/2011 18:06:19] - |SHD| - [51737] - C:\ProgramData\Bureau [25/03/2011 13:16:35] - |DC| - [151017] - C:\ProgramData\CyberLink [14/07/2009 07:08:56] - |SHD| - [51737] - C:\ProgramData\Desktop [26/08/2012 20:57:34] - |DC| - [12528543] - C:\ProgramData\DivX [14/07/2009 07:08:56] - |SHD| - [104458] - C:\ProgramData\Documents [25/06/2015 20:44:38] - |DC| - [642226] - C:\ProgramData\Dropbox [17/03/2011 20:36:30] - |DC| - [0] - C:\ProgramData\eMule [10/03/2011 18:06:19] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [18/03/2014 02:47:29] - |DC| - [5081896] - C:\ProgramData\Freemake [04/08/2014 04:10:13] - |DC| - [0] - C:\ProgramData\GlarySoft [31/03/2011 22:50:44] - |DC| - [445215] - C:\ProgramData\Hewlett-Packard [31/03/2011 22:46:14] - |DC| - [25225170] - C:\ProgramData\HP [07/08/2015 13:36:17] - |DC| - [8988] - C:\ProgramData\HP Product Assistant [31/03/2011 22:46:29] - |AC| - [45576] - C:\ProgramData\hpzinstall.log [18/07/2015 06:34:58] - |DC| - [0] - C:\ProgramData\IDM [20/04/2011 01:21:54] - |DC| - [565320] - C:\ProgramData\iRinger [17/03/2011 14:47:02] - |DC| - [1116879037] - C:\ProgramData\Kaspersky Lab [31/03/2011 14:53:31] - |DC| - [253384] - C:\ProgramData\LogiShrd [05/04/2011 01:59:28] - |DC| - [5424172] - C:\ProgramData\MAGIX [03/03/2012 18:00:37] - |DC| - [34328150] - C:\ProgramData\Malwarebytes [26/08/2012 20:37:33] - |DC| - [0] - C:\ProgramData\McAfee [10/03/2011 18:06:19] - |SHD| - [825590] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SDC| - [946427725] - C:\ProgramData\Microsoft [05/02/2013 23:54:57] - |DC| - [66862] - C:\ProgramData\Microsoft Help [10/03/2011 18:06:19] - |SHD| - [31386] - C:\ProgramData\Modèles [13/05/2015 16:58:05] - |DC| - [5389] - C:\ProgramData\Movavi [05/06/2012 16:00:29] - |DC| - [37990] - C:\ProgramData\Mozilla [02/04/2011 18:26:34] - |DC| - [2839479] - C:\ProgramData\Nero [27/08/2012 00:40:10] - |DC| - [170] - C:\ProgramData\Norton [27/08/2012 00:40:09] - |DC| - [711340] - C:\ProgramData\NortonInstaller [05/03/2014 05:21:25] - |A| - [262144] - C:\ProgramData\ntuser.dat [05/03/2014 05:21:25] - |ASH| - [5120] - C:\ProgramData\ntuser.dat.LOG1 [05/03/2014 05:21:25] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2 [05/03/2014 05:21:25] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{27906e29-a404-11e3-a790-002683147116}.TM.blf [05/03/2014 05:21:25] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{27906e29-a404-11e3-a790-002683147116}.TMContainer00000000000000000001.regtrans-ms [05/03/2014 05:21:25] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{27906e29-a404-11e3-a790-002683147116}.TMContainer00000000000000000002.regtrans-ms [05/03/2014 05:21:26] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{27906e34-a404-11e3-a790-002683147116}.TM.blf [05/03/2014 05:21:26] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{27906e34-a404-11e3-a790-002683147116}.TMContainer00000000000000000001.regtrans-ms [05/03/2014 05:21:26] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{27906e34-a404-11e3-a790-002683147116}.TMContainer00000000000000000002.regtrans-ms [10/03/2011 18:45:48] - |DC| - [2398101] - C:\ProgramData\NVIDIA [10/03/2011 18:35:16] - |DC| - [626071359] - C:\ProgramData\NVIDIA Corporation [27/12/2013 22:19:09] - |DC| - [70997662] - C:\ProgramData\Oracle [13/04/2015 20:16:32] - |DC| - [910] - C:\ProgramData\PDF Writer [25/05/2013 19:50:12] - |DC| - [165410] - C:\ProgramData\QiSS [05/02/2013 19:00:48] - |DC| - [65962672] - C:\ProgramData\Skype [14/07/2009 07:08:56] - |SHD| - [825590] - C:\ProgramData\Start Menu [15/04/2011 14:34:18] - |DC| - [399] - C:\ProgramData\Sun [27/08/2012 00:40:12] - |DC| - [0] - C:\ProgramData\Symantec [25/03/2011 13:15:35] - |ADC| - [250421] - C:\ProgramData\Temp [14/07/2009 07:08:56] - |SHD| - [31386] - C:\ProgramData\Templates [31/03/2011 22:51:47] - |DC| - [208] - C:\ProgramData\WEBREG [17/06/2014 13:15:44] - |DC| - [489908] - C:\ProgramData\WindSolutions [24/08/2015 19:25:37] - |DC| - [0] - C:\ProgramData\xml_param [18/03/2011 00:04:42] - |DC| - [0] - C:\ProgramData\Yahoo! [19/04/2011 15:49:45] - |DC| - [1942] - C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu [07/08/2015 13:36:16] - |AC| - [1433] - C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk [14/07/2009 07:01:14] - |AC| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [10/03/2011 18:06:19] - |SHD| - [410098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RDC| - [410098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |AC| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk [12/03/2015 03:02:08] - |AC| - [971] - C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [06/04/2016 06:00:42] - |DC| - [3804] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download [26/08/2012 20:58:23] - |AC| - [1262] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\50 FREE MP3s +1 Free Audiobook!.lnk [14/07/2009 05:20:08] - |RDC| - [46036] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [25/02/2016 05:06:50] - |AC| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [14/07/2009 07:32:38] - |RDC| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [15/11/2014 15:36:42] - |DC| - [18716] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft [07/04/2011 05:16:25] - |DC| - [1945] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Video Server [16/11/2014 05:18:00] - |DC| - [2381] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Video Server HD [02/05/2011 04:27:02] - |DC| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon [20/10/2015 18:00:51] - |DC| - [3729] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft [18/06/2014 00:36:43] - |DC| - [1729] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Recorder [07/04/2011 05:20:53] - |AC| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [25/03/2011 17:23:53] - |DC| - [10075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2 [28/05/2011 01:20:46] - |DC| - [9455] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU [10/03/2011 18:16:31] - |RDC| - [4209] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program [13/04/2015 20:16:39] - |DC| - [6367] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip [10/02/2014 05:45:27] - |DC| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [25/03/2011 13:17:58] - |DC| - [2074] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [07/08/2015 10:50:52] - |ASHC| - [87] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [26/04/2015 21:07:03] - |DC| - [5973] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX [23/04/2011 01:17:16] - |DC| - [3429] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [12/03/2016 06:09:06] - |DC| - [3031] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule [07/08/2015 13:37:06] - |AC| - [1090] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement OCR I.R.I.S..lnk [27/03/2014 19:21:23] - |AC| - [1135] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [12/09/2014 17:46:26] - |AC| - [903] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foofind Download Manager.lnk [18/03/2014 02:47:29] - |DC| - [1010] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [27/10/2012 21:13:23] - |DC| - [903] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMi UPnP Media Server [14/07/2009 07:32:38] - |RDC| - [6112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [10/03/2011 19:15:23] - |DC| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D [04/02/2015 21:00:10] - |DC| - [8179] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro [04/06/2015 20:08:37] - |AC| - [2174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk [19/03/2015 02:07:55] - |DC| - [19361] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [15/11/2014 00:28:05] - |DC| - [17142] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [04/06/2014 18:47:39] - |DC| - [1748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie [10/03/2011 18:25:19] - |RDC| - [1604] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [13/11/2014 20:50:54] - |DC| - [3942] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [15/09/2014 16:04:32] - |DC| - [11292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [08/03/2015 22:15:34] - |AC| - [1967] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk [08/03/2015 22:15:34] - |AC| - [1946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [08/03/2015 22:15:34] - |AC| - [2023] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [07/03/2016 02:45:31] - |DC| - [8439] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security [26/04/2015 21:08:02] - |DC| - [1240] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo [13/07/2013 21:56:16] - |DC| - [1901] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [14/07/2009 05:20:08] - |RDC| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [11/03/2011 01:03:36] - |AC| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [05/02/2013 23:57:12] - |DC| - [32320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [12/07/2013 03:00:52] - |DC| - [2283] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [24/11/2013 18:58:12] - |DC| - [804] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister [13/05/2015 16:58:09] - |DC| - [4445] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 15 [13/03/2016 19:43:31] - |DC| - [6244] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozartViewer 10 [14/03/2016 19:43:36] - |AC| - [1181] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [24/05/2011 17:28:02] - |DC| - [2338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain [18/12/2014 05:24:06] - |DC| - [3552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 [02/04/2011 18:26:51] - |DC| - [29587] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials [20/02/2014 02:31:49] - |DC| - [10859] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [04/03/2013 16:20:35] - |SDC| - [7672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [31/03/2011 19:58:07] - |DC| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils d'administration [04/10/2011 01:29:34] - |DC| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxelon Media Converter [26/11/2014 11:08:28] - |DC| - [4787] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge [06/06/2013 19:39:12] - |DC| - [1436] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFTK Builder [02/01/2015 04:48:42] - |DC| - [1161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn 4 Time [08/06/2015 22:48:19] - |DC| - [2262] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PornTime [25/05/2013 19:50:17] - |DC| - [833] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qloud Server [26/08/2012 20:58:01] - |DC| - [9169] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [10/03/2011 18:11:38] - |DC| - [2577] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [13/11/2014 18:56:51] - |DC| - [8306] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [07/04/2011 05:21:03] - |DC| - [4791] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Services d’impression Bonjour [14/07/2009 06:57:08] - |AC| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [31/05/2014 23:30:46] - |DC| - [851] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simfy [16/04/2015 03:07:10] - |DC| - [2155] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [17/12/2014 21:15:53] - |DC| - [2388] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer [10/09/2014 01:47:11] - |DC| - [763] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl [14/07/2009 05:20:08] - |RDC| - [4103] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 17:35:05] - |RHDC| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [27/07/2014 15:01:15] - |DC| - [1236] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360 [15/11/2014 15:45:32] - |AC| - [1019] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat.lnk [14/07/2009 06:57:09] - |AC| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [11/03/2011 01:03:33] - |AC| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |AC| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 06:57:06] - |AC| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [29/04/2011 00:44:16] - |DC| - [3134] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [14/07/2009 06:57:08] - |AC| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [07/08/2015 13:35:53] - |AC| - [2117] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [20/03/2016 03:59:34] - |AC| - [1812] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86) [06/04/2016 06:00:38] - |DC| - [297683074] - C:\Program Files (x86)\4KDownload [04/02/2014 07:16:27] - |DC| - [204938216] - C:\Program Files (x86)\Adobe [17/11/2014 22:59:48] - |DC| - [105316477] - C:\Program Files (x86)\adslTV [20/02/2014 02:31:46] - |DC| - [0] - C:\Program Files (x86)\AGEIA Technologies [15/11/2014 15:36:34] - |DC| - [169734857] - C:\Program Files (x86)\Aimersoft [07/04/2011 05:16:24] - |DC| - [13553504] - C:\Program Files (x86)\AirVideoServer [16/11/2014 05:18:00] - |DC| - [47034942] - C:\Program Files (x86)\AirVideoServer HD [20/10/2015 17:59:54] - |DC| - [123388165] - C:\Program Files (x86)\Anvsoft [15/06/2011 00:52:48] - |DC| - [2307582] - C:\Program Files (x86)\Apple Software Update [25/03/2011 17:23:53] - |DC| - [54221243] - C:\Program Files (x86)\ATI Stream [28/05/2011 01:20:50] - |DC| - [84817176] - C:\Program Files (x86)\AVS4YOU [10/03/2011 18:16:30] - |DC| - [57884158] - C:\Program Files (x86)\Bluetooth Suite [26/08/2012 21:02:22] - |DC| - [631113] - C:\Program Files (x86)\Bonjour [20/03/2016 03:59:34] - |DC| - [56443236] - C:\Program Files (x86)\Clarus [14/07/2009 05:20:08] - |DC| - [909100231] - C:\Program Files (x86)\Common Files [25/03/2011 13:17:49] - |DC| - [185410508] - C:\Program Files (x86)\CyberLink [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [26/08/2012 20:58:02] - |DC| - [179614033] - C:\Program Files (x86)\DivX [12/11/2014 17:35:59] - |DC| - [780583] - C:\Program Files (x86)\EaseUS [12/03/2016 06:09:05] - |DC| - [10906334] - C:\Program Files (x86)\eMule [25/04/2015 05:04:51] - |DC| - [8856425] - C:\Program Files (x86)\Ffmpeg 0.6.2 For Audacity 2.0.5 [27/07/2014 15:01:15] - |DC| - [8915530] - C:\Program Files (x86)\File Recovery [27/03/2014 19:21:22] - |DC| - [11805213] - C:\Program Files (x86)\foobar2000 [18/03/2011 00:56:25] - |DC| - [809557437] - C:\Program Files (x86)\Google [11/11/2014 01:33:16] - |DC| - [6827304] - C:\Program Files (x86)\GUM2AC7.tmp [22/10/2015 03:47:03] - |DC| - [0] - C:\Program Files (x86)\GUM5F5B.tmp [11/11/2014 01:33:16] - |AC| - [6000640] - C:\Program Files (x86)\GUT2AC8.tmp [18/03/2015 08:00:50] - |DC| - [1999465] - C:\Program Files (x86)\Hewlett-Packard [31/03/2011 22:47:11] - |DC| - [346673383] - C:\Program Files (x86)\HP [03/06/2012 17:41:35] - |DC| - [0] - C:\Program Files (x86)\hpmonitor [10/03/2011 18:09:42] - |HDC| - [60148337] - C:\Program Files (x86)\InstallShield Installation Information [10/03/2011 18:09:17] - |DC| - [24954655] - C:\Program Files (x86)\Intel [18/07/2015 06:34:33] - |DC| - [414256] - C:\Program Files (x86)\Internet Download Manager [14/07/2009 05:20:08] - |DC| - [11850665] - C:\Program Files (x86)\Internet Explorer [13/11/2014 20:50:31] - |DC| - [196924589] - C:\Program Files (x86)\iTunes [07/04/2011 05:07:08] - |DC| - [145963286] - C:\Program Files (x86)\Java [08/03/2015 22:15:25] - |DC| - [116175583] - C:\Program Files (x86)\JDownloader [07/03/2016 02:44:35] - |DC| - [171094436] - C:\Program Files (x86)\Kaspersky Lab [09/05/2014 01:46:47] - |DC| - [1615213] - C:\Program Files (x86)\Lame For Audacity [26/04/2015 21:08:02] - |DC| - [15493889] - C:\Program Files (x86)\Lenovo [10/03/2011 18:12:56] - |DC| - [721217] - C:\Program Files (x86)\Marvell [31/03/2011 19:57:49] - |DC| - [205986] - C:\Program Files (x86)\Microsoft FrontPage [07/02/2013 13:23:20] - |DC| - [8188848] - C:\Program Files (x86)\Microsoft Office [14/03/2013 04:00:23] - |DC| - [42884494] - C:\Program Files (x86)\Microsoft Silverlight [31/03/2011 19:57:50] - |DC| - [14904] - C:\Program Files (x86)\Microsoft Visual Studio [05/02/2013 23:55:08] - |DC| - [1387249] - C:\Program Files (x86)\Microsoft Visual Studio 8 [05/02/2013 23:56:37] - |DC| - [3726168] - C:\Program Files (x86)\Microsoft Works [10/03/2011 19:00:44] - |DC| - [8175999] - C:\Program Files (x86)\Microsoft.NET [13/05/2015 16:58:04] - |DC| - [109527538] - C:\Program Files (x86)\Movavi Video Converter 15 [13/03/2016 19:43:30] - |DC| - [16390683] - C:\Program Files (x86)\MozartViewer10 [19/03/2016 11:58:05] - |DC| - [95547329] - C:\Program Files (x86)\Mozilla Firefox [14/03/2016 19:43:30] - |DC| - [244060] - C:\Program Files (x86)\Mozilla Maintenance Service [14/07/2009 07:32:38] - |DC| - [26521] - C:\Program Files (x86)\MSBuild [06/02/2013 00:53:22] - |DC| - [1526705] - C:\Program Files (x86)\MSECache [15/07/2011 03:00:28] - |DC| - [0] - C:\Program Files (x86)\MSXML 4.0 [02/04/2011 18:26:34] - |DC| - [77649969] - C:\Program Files (x86)\Nero [26/08/2012 21:03:35] - |DC| - [201991420] - C:\Program Files (x86)\NVIDIA Corporation [04/03/2013 16:20:28] - |DC| - [302800250] - C:\Program Files (x86)\OpenOffice.org 3 [03/03/2013 03:42:04] - |DC| - [354816] - C:\Program Files (x86)\OxelonMedia [02/06/2014 17:16:16] - |DC| - [23146676] - C:\Program Files (x86)\PDFCreator [26/11/2014 11:08:27] - |DC| - [15925880] - C:\Program Files (x86)\pdfsam [03/02/2015 20:49:42] - |DC| - [0] - C:\Program Files (x86)\Popcorn 4 Time [02/01/2015 04:48:34] - |DC| - [187772454] - C:\Program Files (x86)\Popcorn Time [08/06/2015 22:48:16] - |DC| - [71984656] - C:\Program Files (x86)\PornTime [26/08/2012 20:57:58] - |DC| - [75949401] - C:\Program Files (x86)\QuickTime [10/03/2011 18:10:09] - |DC| - [3360505] - C:\Program Files (x86)\Realtek [14/07/2009 07:32:38] - |DC| - [39175425] - C:\Program Files (x86)\Reference Assemblies [10/03/2011 18:11:35] - |DC| - [1031375] - C:\Program Files (x86)\Renesas Electronics [13/11/2014 18:56:51] - |DC| - [35214330] - C:\Program Files (x86)\Samsung [31/05/2014 23:30:46] - |DC| - [3618843] - C:\Program Files (x86)\simfy [16/04/2015 03:07:10] - |RDC| - [47241813] - C:\Program Files (x86)\Skype [10/03/2011 18:10:04] - |HDC| - [0] - C:\Program Files (x86)\Temp [14/07/2009 06:57:06] - |HDC| - [0] - C:\Program Files (x86)\Uninstall Information [12/03/2015 03:02:08] - |DC| - [399736] - C:\Program Files (x86)\uTorrent [24/11/2013 19:04:09] - |DC| - [63519748] - C:\Program Files (x86)\VirtualDJ [04/04/2011 00:05:45] - |DC| - [69449167] - C:\Program Files (x86)\Winamp [15/11/2014 15:45:07] - |DC| - [1369666] - C:\Program Files (x86)\windirstat [14/07/2009 07:32:38] - |DC| - [524800] - C:\Program Files (x86)\Windows Defender [14/07/2009 05:20:08] - |DC| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |DC| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |DC| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |DC| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |DC| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |DC| - [6018726] - C:\Program Files (x86)\Windows Sidebar [29/04/2011 00:44:02] - |DC| - [4055815] - C:\Program Files (x86)\WinRAR [18/03/2011 00:04:40] - |DC| - [0] - C:\Program Files (x86)\Yahoo! ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files [26/08/2012 21:02:22] - |DC| - [613967] - C:\Program Files\Bonjour [07/04/2011 05:21:03] - |DC| - [3322575] - C:\Program Files\Bonjour Print Services [13/04/2015 20:16:32] - |DC| - [46240878] - C:\Program Files\Bullzip [10/02/2014 05:45:27] - |DC| - [18386088] - C:\Program Files\CCleaner [14/07/2009 05:20:08] - |DC| - [140511650] - C:\Program Files\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [26/08/2012 20:59:12] - |DC| - [6213992] - C:\Program Files\DivX [14/07/2009 07:32:38] - |DC| - [90256916] - C:\Program Files\DVD Maker [26/04/2015 17:39:36] - |DC| - [10709827373] - C:\Program Files\Enigma Software Group [10/03/2011 18:06:19] - |SHD| - [140511650] - C:\Program Files\Fichiers communs [31/03/2011 22:46:59] - |DC| - [242437] - C:\Program Files\HP [10/03/2011 18:20:23] - |DC| - [0] - C:\Program Files\Intel [14/07/2009 05:20:08] - |DC| - [30569868] - C:\Program Files\Internet Explorer [13/11/2014 20:50:31] - |DC| - [3922323] - C:\Program Files\iPod [13/11/2014 20:50:31] - |DC| - [6921496] - C:\Program Files\iTunes [13/07/2013 21:56:11] - |DC| - [2255279] - C:\Program Files\Logitech [14/07/2009 07:32:38] - |DC| - [149237810] - C:\Program Files\Microsoft Games [05/02/2013 23:55:11] - |DC| - [593814] - C:\Program Files\Microsoft Office [14/03/2013 04:00:23] - |DC| - [55714702] - C:\Program Files\Microsoft Silverlight [18/12/2014 05:24:05] - |DC| - [44654898] - C:\Program Files\MPC-HC [14/07/2009 07:32:38] - |DC| - [25757] - C:\Program Files\MSBuild [10/03/2011 18:35:13] - |DC| - [2565900641] - C:\Program Files\NVIDIA Corporation [10/03/2011 18:10:36] - |DC| - [18063792] - C:\Program Files\Realtek [14/07/2009 07:32:38] - |DC| - [36832937] - C:\Program Files\Reference Assemblies [13/11/2014 18:56:55] - |DC| - [63163512] - C:\Program Files\Remote PC (Compte Samsung - Pgm installation) [17/12/2014 21:15:52] - |DC| - [72649190] - C:\Program Files\SMPlayer [03/10/2012 00:46:28] - |DC| - [15523816] - C:\Program Files\Speccy [14/07/2009 07:09:26] - |HDC| - [0] - C:\Program Files\Uninstall Information [15/11/2014 15:39:21] - |DC| - [1678914] - C:\Program Files\windirstat_windirstat_1.1.2_francais_13900 [14/07/2009 07:32:38] - |DC| - [4039680] - C:\Program Files\Windows Defender [14/07/2009 17:35:26] - |DC| - [9241208] - C:\Program Files\Windows Journal [14/07/2009 05:20:08] - |DC| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |DC| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |DC| - [12627636] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |DC| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |DC| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |DC| - [7044767] - C:\Program Files\Windows Sidebar ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files [25/06/2011 18:49:01] - |DC| - [9204859] - C:\Program Files (x86)\Common Files\Adobe [31/05/2014 23:30:45] - |DC| - [49035776] - C:\Program Files (x86)\Common Files\Adobe AIR [02/04/2011 18:26:34] - |DC| - [73824908] - C:\Program Files (x86)\Common Files\Ahead [23/08/2015 22:05:28] - |DC| - [3220317] - C:\Program Files (x86)\Common Files\Aimersoft [19/04/2011 15:48:59] - |DC| - [192677310] - C:\Program Files (x86)\Common Files\Apple [10/03/2011 18:16:34] - |DC| - [9374] - C:\Program Files (x86)\Common Files\Atheros [28/05/2011 01:20:39] - |DC| - [105135557] - C:\Program Files (x86)\Common Files\AVSMedia [25/03/2011 13:22:25] - |DC| - [0] - C:\Program Files (x86)\Common Files\CyberLink [14/05/2014 03:02:11] - |DC| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER [26/08/2012 20:59:10] - |DC| - [38910678] - C:\Program Files (x86)\Common Files\DivX Shared [23/04/2011 01:17:15] - |DC| - [26953203] - C:\Program Files (x86)\Common Files\DVDVideoSoft [31/03/2011 22:47:28] - |DC| - [531477] - C:\Program Files (x86)\Common Files\Hewlett-Packard [07/08/2015 13:35:07] - |DC| - [5665956] - C:\Program Files (x86)\Common Files\HP [10/03/2011 18:10:00] - |DC| - [5144981] - C:\Program Files (x86)\Common Files\InstallShield [19/04/2015 01:43:55] - |DC| - [1664921] - C:\Program Files (x86)\Common Files\Java [26/04/2015 21:08:32] - |DC| - [6160796] - C:\Program Files (x86)\Common Files\LENOVO [05/04/2011 01:59:27] - |DC| - [11687672] - C:\Program Files (x86)\Common Files\MAGIX Services [05/04/2011 02:00:44] - |DC| - [1782272] - C:\Program Files (x86)\Common Files\MAGIX Shared [14/07/2009 05:20:08] - |DC| - [243193960] - C:\Program Files (x86)\Common Files\microsoft shared [31/07/2013 01:43:08] - |DC| - [0] - C:\Program Files (x86)\Common Files\PDF Architect [04/04/2011 00:05:47] - |DC| - [4780336] - C:\Program Files (x86)\Common Files\PX Storage Engine [14/07/2009 05:20:08] - |DC| - [2702] - C:\Program Files (x86)\Common Files\Services [16/04/2015 03:07:10] - |DC| - [2399872] - C:\Program Files (x86)\Common Files\Skype [14/07/2009 05:20:08] - |DC| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [27/08/2012 12:02:23] - |DC| - [0] - C:\Program Files (x86)\Common Files\Symantec Shared [14/07/2009 05:20:08] - |DC| - [48527891] - C:\Program Files (x86)\Common Files\System [24/11/2013 18:56:01] - |DC| - [37381632] - C:\Program Files (x86)\Common Files\Wise Installation Wizard [04/11/2012 17:19:58] - |AC| - [6] - C:\Program Files (x86)\Common Files\WPVersion.txt ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common files [15/11/2014 15:36:50] - |DC| - [5973908] - C:\Program Files\Common files\Aimersoft [19/04/2011 15:49:11] - |DC| - [57710833] - C:\Program Files\Common files\Apple [13/04/2015 20:16:36] - |DC| - [449448] - C:\Program Files\Common files\Bullzip [31/03/2011 14:53:18] - |DC| - [6273575] - C:\Program Files\Common files\Logishrd [14/07/2009 05:20:08] - |DC| - [57302221] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |DC| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |DC| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |DC| - [12190195] - C:\Program Files\Common files\System ¤¤¤¤¤¤¤¤¤¤ | Tasks [MD5.F1802B33AD23953774ABA024AF6D76C6] - [19/06/2015 16:26:05] - |AC| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.8051F04F7E7EEB37799A2757FDF157A6] - [25/06/2015 20:44:39] - |AC| - [1148] - C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1770880902-1296739278-1374194367-1000Core.job [MD5.25B8B55FFC145A317E92A0C9D8F87D11] - [25/06/2015 20:44:39] - |AC| - [1200] - C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1770880902-1296739278-1374194367-1000UA.job [MD5.A2413E278686446893FFCF07F63D48FB] - [18/03/2011 00:56:28] - |AC| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.A6A8AAD2016A17A854BC54E88D2A3F53] - [18/03/2011 00:56:28] - |AC| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AHC| - [6] - C:\Windows\Tasks\SA.DAT [MD5.B17FB2CB1399C2AA1F29CD041D8EFA71] - [14/07/2009 07:08:49] - |A| - [32482] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.112C71C44E37AFEFFED72B26B90C6CFB] - [26/04/2015 17:52:01] - |AC| - [396] - C:\Windows\Tasks\SpyHunter4.job [MD5.B63AD96D5AB77552EFDB7D2277C3B0CB] - [25/12/2014 21:58:00] - |AC| - [3886] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.4BFA82D79F07E0E98035FEA9BD4969FA] - [19/06/2015 16:26:05] - |AC| - [3940] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [15/06/2011 00:52:49] - |D| - [3386] - C:\Windows\System32\Tasks\Apple [MD5.5B8FC54FE1C0DD6BDCE0DFC6677C5226] - [10/02/2014 05:45:30] - |AC| - [2774] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.833AF99912763D8F2F83CFC250695FFF] - [10/03/2011 18:45:49] - |A| - [3540] - C:\Windows\System32\Tasks\CreateChoiceProcessTask : C:\Windows\System32\browserchoice.exe [MD5.9DDDFBD6B7192FAE8B5EE21505955D0D] - [25/06/2015 20:44:39] - |AC| - [3776] - C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1770880902-1296739278-1374194367-1000Core : C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [MD5.116F8EE63D0C3C7AF91011D312B256F9] - [25/06/2015 20:44:39] - |AC| - [4172] - C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1770880902-1296739278-1374194367-1000UA : C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [MD5.3E1FAB6B3D394F3DA8123E4923DBBB1D] - [18/03/2011 00:56:28] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.7C68DC99F7A000832371D960313FE738] - [18/03/2011 00:56:28] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [26/04/2015 21:08:39] - |DC| - [3868] - C:\Windows\System32\Tasks\Lenovo [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [309732] - C:\Windows\System32\Tasks\Microsoft [MD5.89B2680B9E67849F8E47C664858A2480] - [31/03/2011 22:51:14] - |AC| - [3148] - C:\Windows\System32\Tasks\SidebarExecute : C:\Program Files\Windows Sidebar\sidebar.exe [MD5.F62D87B366981E29025D8BA4C2D18B9B] - [26/04/2015 17:52:01] - |AC| - [3224] - C:\Windows\System32\Tasks\SpyHunter4 : C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [MD5.B9875AC0FE5C263AEFDFCFD740756EBA] - [13/07/2015 12:42:00] - |AC| - [3332] - C:\Windows\System32\Tasks\SpyHunter4Startup : "C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe" [MD5.913D5FA23755DB4FDEF22CC4928B5433] - [03/11/2014 17:49:11] - |AC| - [3172] - C:\Windows\System32\Tasks\VDBASShutdown : rundll32.exe [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4482] - C:\Windows\System32\Tasks\WPD [MD5.D1F14DE163B00333AF0F05888B763E8B] - [29/07/2011 04:43:01] - |A| - [3154] - C:\Windows\System32\Tasks\{071B5FFA-2261-4E63-9313-2D47F18621B0} : C:\Windows\system32\pcalua.exe [MD5.18E0400822A3C3624298496788EA6602] - [30/10/2013 04:59:08] - |AC| - [3296] - C:\Windows\System32\Tasks\{1F56B007-1514-4D2B-917E-641EEF60D25B} : C:\Windows\system32\pcalua.exe [MD5.19B73570300C855A7284D5648478B135] - [12/03/2015 04:10:41] - |AC| - [3158] - C:\Windows\System32\Tasks\{546D6448-2327-4963-B63E-A8E7C81AEE26} : C:\Windows\system32\pcalua.exe [MD5.FDDBFA9027EA3021594B68C834AE6E3D] - [19/04/2015 02:39:30] - |AC| - [3154] - C:\Windows\System32\Tasks\{8F0B7516-9FA3-4659-BDC4-FB22A5DCCC75} : C:\Windows\system32\pcalua.exe [MD5.CB32227843EB2CBD982C6DCC6EC630DD] - [03/05/2011 16:13:55] - |A| - [3194] - C:\Windows\System32\Tasks\{90A6B097-7740-4C89-AD63-632CB5C17B0C} : C:\Windows\system32\pcalua.exe [MD5.A21CF6A437124C0E16548FC4367D76AA] - [26/11/2014 02:07:53] - |AC| - [3036] - C:\Windows\System32\Tasks\{995B0697-274F-4E9F-84E7-AC5D785839F6} : C:\Windows\system32\pcalua.exe [MD5.9D7B04A0DE8BBF855BC544B62C481823] - [24/05/2011 17:29:04] - |A| - [3180] - C:\Windows\System32\Tasks\{AE0A54B9-2089-4272-9516-A48BE4214DD7} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ¤¤¤¤¤¤¤¤¤¤ | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "TCP Query User{2BB74267-C527-46AE-B948-C281CC8894F7}I:\dossier système - pgm files 2\emule\emule.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=I:\dossier système - pgm files 2\emule\emule.exe|Name=eMule|Desc=eMule|Defer=User| "UDP Query User{2E2A4CF0-AAA5-402F-B5BF-6FD7CFE7EFEE}I:\dossier système - pgm files 2\emule\emule.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=I:\dossier système - pgm files 2\emule\emule.exe|Name=eMule|Desc=eMule|Defer=User| "{C0E82A25-7572-4706-A6D8-AD45D6F5AA9E}"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=I:\dossier système - pgm files 2\emule\emule.exe|Name=eMule|Desc=eMule| "{326A248A-7E81-41E6-AB83-A3759718B203}"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=I:\dossier système - pgm files 2\emule\emule.exe|Name=eMule|Desc=eMule| "{908F22D0-D11B-4282-BBC8-BC1294E39B09}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=65091|Name=eMule| "{62F270BE-E55A-40AA-AD91-14C9C4B5A796}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=427|RPort=427|App=C:\Windows\system32\svchost.exe|Svc=HPSLPSVC|Name=SLP_Service|Desc=SLP_Service| "{CB54C586-570E-4793-B1CC-0FE1D16C41A9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe|Name=hpqtra08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe| "{4CBDF8D7-6FF8-415D-8E2E-90B305CE994D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe|Name=hpqste08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe| "{A545163E-B7EB-48B5-AE1C-91D0EA058250}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe|Name=hpofxm08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe| "{60412765-95B8-45A0-A198-D105062649AF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe|Name=hposfx08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe| "{99C6DFCB-026B-479D-B9A0-761E8AA10388}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe|Name=hposid01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe| "{1828C5AD-CFD5-419A-B029-1D5E774648CB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe|Name=hpqkygrp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe| "{7222D9E1-7DDB-4CCC-AD5D-039A77DDF31F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe|Name=hpqcopy2.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe| "{B4BE727E-422A-41CD-A71F-BB78329B7E30}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe|Name=hpfccopy.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe| "{B7FF4400-9690-4067-96D8-8F5CA4799015}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe|Name=hpzwiz01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe| "{E004FB0C-554D-4DF0-BE3F-EBA63ACF2F62}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe|Name=hpoews01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe| "{0B49177B-8CEE-4FCA-88E3-60516B166EDF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe|Name=hpqnrs08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe| "{019B3C21-FE44-450F-9A70-A8A381B16D81}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe|Name=hpiscnapp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe| "{523FF04E-063B-4CEF-9C9B-A6BD81856722}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe|Name=hpqphotocrm.exe|Desc=C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe| "{11CB6937-A395-471B-AE00-327E6F23C575}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe|Name=hpqsudi.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe| "{6CD45BFC-F7C3-4914-BE46-0063E68675DA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe|Name=hpqpsapp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe| "{AED75456-2670-4E33-B407-ADD9E9A8BF97}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe|Name=hpofxs08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe| "{892BA2DB-BEF5-47A7-85E6-D7F37B5F0BF6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe|Name=hpqfxt08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe| "{B576F7AF-C658-4897-B6BB-36EC629BCB8D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe|Name=hpqpse.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe| "{93C381EF-F65C-4761-82EE-E42CB643373A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe|Name=hpqgplgtupl.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe| "{4AE4C731-FE55-4F75-B720-4A2DC985B3D7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe|Name=hpqgpc01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe| "{C13B41EA-97E5-409C-83D2-AE6D8F6BD836}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe|Name=hpqusgm.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe| "{E335B85E-78FA-4719-B2ED-75624951DA15}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe|Name=hpqusgh.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe| "{5D03F17C-23F9-4356-B0D3-F02C0E53396C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\hp software update\hpwucli.exe|Name=hpwucli.exe|Desc=C:\Program Files (x86)\HP\hp software update\hpwucli.exe| "{0D7555ED-7042-4114-BF0D-4EDC2B04CF06}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe|Name=smartwebprintexe.exe|Desc=C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe| "TCP Query User{A349BCDA-BCB1-4059-AF41-85BAE5E2BFB5}C:\program files (x86)\winamp\winamp.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\winamp\winamp.exe|Name=Winamp|Desc=Winamp| "UDP Query User{613840E7-22AC-44E0-82EA-E7DFB6BB4FA3}C:\program files (x86)\winamp\winamp.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\winamp\winamp.exe|Name=Winamp|Desc=Winamp| "{721DBF08-5296-4A94-B7DB-E90B1988AEC4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe|Name=Air Video Server| "{DF50A839-D62B-4BF1-92C4-D45648131652}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe|Name=Air Video Server| "{86CE1BD5-C517-4C29-A74A-716AF91F21C5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe|Name=Air Video Server Incoming Requests|Desc=Allows incoming requests for Air Video Server.|EmbedCtxt=InMethod| "{F06BE95B-D59F-4218-8F8B-CC16B02E244D}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe|Name=Air Video Server Outgoing Requests|Desc=Allows outgoping requests for Air Video Server.|EmbedCtxt=InMethod| "{868A5C83-4791-4045-B65E-100BBBDCA5D6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{F2C6EC74-38FE-4A24-958F-5BEE8ACD1C70}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "TCP Query User{89867416-347B-46A5-862B-E9B05C98F0E9}C:\program files (x86)\winamp\winamp.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\winamp\winamp.exe|Name=Winamp|Desc=Winamp|Defer=User| "UDP Query User{6D2C62BB-97D9-4A8E-B724-A6D77014BAC7}C:\program files (x86)\winamp\winamp.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\winamp\winamp.exe|Name=Winamp|Desc=Winamp|Defer=User| "{1359F73C-5A3A-4156-ACD3-6064AD831FCC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{2975C868-5333-418D-ACA4-D5DC7EC3DF85}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{D00508C5-2D61-4F01-A2AA-539923BF2111}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{7C8BF086-E892-4AC1-AB94-A8EBB4CCD766}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{2C89CA54-55F4-410F-985D-3670AE78D8FA}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{5A515BF8-1BBB-41A8-BE9F-31E86FBA2B69}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "TCP Query User{A704FBCB-BF99-4BE1-ACD7-00433B198748}I:\dossier système - pgm files 28\qloud server\qlouddaemon.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=I:\dossier système - pgm files 28\qloud server\qlouddaemon.exe|Name=Qloud Server Daemon|Desc=Qloud Server Daemon|Defer=User| "UDP Query User{ED0A4901-D930-4DEE-8C43-2C723BB8151D}I:\dossier système - pgm files 28\qloud server\qlouddaemon.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=I:\dossier système - pgm files 28\qloud server\qlouddaemon.exe|Name=Qloud Server Daemon|Desc=Qloud Server Daemon|Defer=User| "{A4EC8D26-7362-4602-B948-2E7AD745ACD3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{F1588FB3-7C2A-40D8-A6FC-351DC6A952EF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "TCP Query User{15DC3CB0-7D39-4A92-9886-06E43547FD52}C:\users\michel\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\michel\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "UDP Query User{0EB968B6-DD19-497C-9110-D7D1C73C3FDD}C:\users\michel\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\michel\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "{89008A4B-5EE3-418F-8F75-F43CC5EDF53A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTP)|Desc=TCP exceptions for NVIDIA Network Service| "{DCB423AB-BD34-499D-A74D-AFDC1A9478F2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTPS)|Desc=TCP exceptions for NVIDIA Network Service| "{BA8FC9E5-7C19-4AAD-9984-09992228C1B4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47987|LPort=47988|LPort=47989|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe|Name=SHIELD Streaming Service TCP Exception|Desc=TCP exceptions for SHIELD Streaming service| "{77E1452A-5ACE-44C8-A5CA-D0CDC5950C33}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe|Name=SHIELD Streaming Service UDP Exception|Desc=UDP exceptions for SHIELD Streaming service| "{B537F9AA-8940-450B-82A8-C795F8CD5887}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47991|LPort=47995|LPort=47996|LPort=47998|LPort=35043|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming Application TCP Exception|Desc=TCP exceptions for SHIELD Streaming| "{52A971C7-3DE4-48DD-AF89-37A1EC637494}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=48000|LPort=47999|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming Application UDP Exception|Desc=UDP exceptions for SHIELD Streaming| "{681915C9-C577-4C6E-BCFA-CE8D3E2943D6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Winamp\winamp.exe|Name=Winamp| "{DF2E9001-74E3-431C-9B56-DDDCDB1F5B2A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Winamp\winamp.exe|Name=Winamp| "TCP Query User{877D69C4-4FD6-4EE8-AC67-F2CE3CB42B31}C:\users\michel\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\michel\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "UDP Query User{96DEC320-7E43-410B-96E9-42A223218643}C:\users\michel\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\michel\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "{FC09CFBA-7BED-4D33-95FC-4979A1ABD561}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=I:\Dossier système - pgm files 2\Foofind Download Manager\foofind_download_manager.exe|Name=Foofind Download Manager| "{3A938779-21A9-4807-A9DE-3B760734072E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=I:\Dossier système - pgm files 2\Foofind Download Manager\foofind_download_manager.exe|Name=Foofind Download Manager| "{7FBDEEE8-0E5C-4DD5-A206-462153BBA1FC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|Name=VDBAS Web Player| "TCP Query User{129E916A-CBBB-4A49-BB23-72D29E2DFA39}C:\program files (x86)\emit\erlang\erts-5.8.4\bin\erl.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\emit\erlang\erts-5.8.4\bin\erl.exe|Name=erl|Desc=erl|Defer=User| "UDP Query User{A839076E-12AE-45AA-80EB-9A9AC9402042}C:\program files (x86)\emit\erlang\erts-5.8.4\bin\erl.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\emit\erlang\erts-5.8.4\bin\erl.exe|Name=erl|Desc=erl|Defer=User| "{8A0EA5CA-0712-4DD6-9B80-45F115520E65}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{31D03FAB-EF0A-4E2E-A88D-4D28AAB50F19}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{D7E20C99-DE40-4B5B-A930-CCE8195634F0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{1C5B35C9-B4CA-4D70-8352-83EA41381A5F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{D19DCF6F-D1C8-4DAB-AFAB-AF87617E0F73}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{EAA97511-3DFA-4015-AA07-AED09487B00F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{65D73747-C237-43B0-A068-E3DE9B3616A0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{5EC6307A-FFD8-482C-BA41-BADB924007CE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{5A94C0B2-2B61-4BC0-AB03-3E8321925421}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe|Name=Agent.exe|Desc=C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe| "{8BF4D240-D5D0-4E5D-91B9-C16362D5AB00}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe|Name=AirVideoServer HD| "{5F2924FB-5CDC-436C-8AB9-D6CE0511B159}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe|Name=AirVideoServer HD| "{BF90DDDA-90F0-400B-A7E5-3310C1D0B1FC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe|Name=AirVideoServer HD Incoming Requests|Desc=Allows incoming requests for Air Video Server.|EmbedCtxt=InMethod| "{CC61131D-9966-47D7-B3A8-2AA9CABF119C}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe|Name=AirVideoServer HD Outgoing Requests|Desc=Allows outgoping requests for Air Video Server.|EmbedCtxt=InMethod| "{6079D190-2106-4DF0-B2BA-147BE654F945}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\adslTV\adsltv.exe|Name=adsl TV (EXE)| "{251A7B7A-DDDE-4066-B63D-0496AF341760}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\adslTV\adsltv.exe|Name=adsl TV (EXE)| "{DF275D76-105A-4493-9CE0-172DFF23924A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\VideoLAN\VLC\vlc.exe|Name=adsl TV (VLC)| "{6E911D13-6B7B-4792-A086-2FD580F3C294}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\VideoLAN\VLC\vlc.exe|Name=adsl TV (VLC)| "{89DF9436-5E74-4138-A286-14489DD8B7BB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Michel\AppData\Local\Temp\7zS044F\setup\hpznui40.exe|Name=hpznui40.exe|Desc=C:\Users\Michel\AppData\Local\Temp\7zS044F\setup\hpznui40.exe| "{59B29C22-D299-467D-9D6F-B60F0520144E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| "{44E39C3E-809D-4AE8-9A40-CE622573BD21}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| "{F3B8757A-09E2-46AA-A0BA-81E998D6350E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| "{3A8D35AB-F99F-4F74-997C-95D12C3E6198}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| "{1B0C24E3-7CA5-4490-AAFA-6EDB9D4E73E1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{707B7D29-D967-4F00-88DF-37F056C70E05}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{FAA12042-6A0A-42CE-9D83-811DF7A4E160}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{6E88D1D0-84E4-4736-A250-90635B888520}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{09493D0A-EF65-47F8-8A59-336B9A2FB888}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\PornTime\PornTime.exe|Name=PornTime| "{FFE9EC02-4CA5-48FC-9269-8225063D7D4C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\PornTime\PornTime.exe|Name=PornTime| "{53F93129-B4D3-44D1-AA48-4FABF289B041}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Michel\AppData\Roaming\PT\updater.exe|Name=PornTime Updater| "{0E983C6A-AA29-4841-BD74-FED7B4083322}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Michel\AppData\Roaming\PT\updater.exe|Name=PornTime Updater| "{39FBB3FC-FD2A-4A03-84F0-2241F34FC8E1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Administrateur\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Administrateur\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Administrateur\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Administrateur\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "TCP Query User{BB288F60-78D3-4965-878F-AFA622D7A805}C:\users\administrateur\desktop\quickdiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\administrateur\desktop\quickdiag.exe|Name=quickdiag.exe|Desc=quickdiag.exe|Defer=User| "UDP Query User{E0EC3C71-B3E6-4B83-BB0F-C7D0AA8BCEE7}C:\users\administrateur\desktop\quickdiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\administrateur\desktop\quickdiag.exe|Name=quickdiag.exe|Desc=quickdiag.exe|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] ¤¤¤¤¤¤¤¤¤¤ | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{37C9A9DF-DC57-451E-8ED1-81D2EBB3F713}] : (cm_km_w) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C7C038AD-1F2D-44D4-B2FE-D912BE20E6D5}] : (BluetoothVirtual) [] -> @oem17.inf,%BluetoothVirtualName%;Bluetooth Virtual Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FCBEEF3E-F7AA-4F70-A494-A19CFE10FD1E}] : (Rsupport) [] -> Rsupport Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted) [22/06/2015 21:40:04] - (6.8.0.54) - (Kaspersky Lab ZAO - Kaspersky Unified Driver) - C:\Windows\system32\DRIVERS\kl1.sys [06/07/2015 01:10:20] - (2.1.0.8) - (Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak)) - C:\Windows\system32\DRIVERS\cm_km.sys [10/03/2011 18:15:05] - (1.17.58.2) - (JMicron Technology Corp. - JMicron JMB36X RAID Driver) - C:\Windows\system32\DRIVERS\jraid.sys [06/06/2015 09:48:24] - (10.0.0.20) - (Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64]) - C:\Windows\system32\DRIVERS\klbackupdisk.sys [10/03/2011 18:25:11] - (10.1.0.1008) - (Intel Corporation - Intel Rapid Storage Technology driver - x64) - C:\Windows\system32\DRIVERS\iaStor.sys [27/08/2010 19:53:22] - (1.0.0.1045) - (Marvell Semiconductor, Inc. - Marvell magni Windows Driver) - C:\Windows\system32\DRIVERS\mv91xx.sys [28/08/2010 02:49:02] - (1.0.0.1202) - (Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL) - C:\Windows\system32\DRIVERS\mvxxmm.sys [27/04/2011 00:33:02] - (1.1.2.5) - (Advanced Micro Devices - Storage Filter Driver) - C:\Windows\system32\drivers\amdxata.sys [27/06/2015 02:30:00] - (10.0.0.13) - (Kaspersky Lab ZAO - Backup File Filter [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klbackupflt.sys [07/03/2016 02:43:56] - (10.0.0.1502) - (AO Kaspersky Lab - Filter Core [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klflt.sys [07/03/2016 02:43:56] - (10.0.0.1547) - (AO Kaspersky Lab - Core System Interceptors [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klif.sys [07/03/2016 02:43:55] - (10.0.0.1505) - (AO Kaspersky Lab - klhk [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klhk.sys [08/12/2015 02:24:14] - (10.0.0.38) - (AO Kaspersky Lab - Format Recognizer [fre_wnet_x64]) - C:\Windows\system32\DRIVERS\klpd.sys [11/06/2015 16:56:56] - (1.7.0.15) - (Kaspersky Lab ZAO - Network filtering component [fre_wnet_amd64]) - C:\Windows\system32\DRIVERS\kltdi.sys [11/06/2015 20:32:42] - (8.0.0.102) - (Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klim6.sys [16/06/2015 22:56:32] - (10.0.0.85) - (Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_win7_x64]) - C:\Windows\system32\DRIVERS\klwtp.sys [14/07/2009 02:00:40] - (6.1.7600.16385) - (Brother Industries Ltd. - Pilote Brother Série I/F (WDM)) - C:\Windows\system32\DRIVERS\serial.sys [23/06/2015 19:30:50] - (10.0.0.25) - (Kaspersky Lab ZAO - Network Processor [fre_wnet_x64]) - C:\Windows\system32\DRIVERS\kneps.sys [11/08/2015 01:08:38] - (10.18.13.5382) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 353.82) - C:\Windows\system32\DRIVERS\nvlddmkm.sys [10/03/2011 18:09:43] - (7.0.0.1144) - (Intel Corporation - Intel(R) Management Engine Interface) - C:\Windows\system32\DRIVERS\HECIx64.sys [10/03/2011 18:19:54] - (11.8.74.0) - (Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver) - C:\Windows\system32\DRIVERS\e1c62x64.sys [30/09/2010 07:00:06] - (2.0.26.0) - (Renesas Electronics Corporation - USB 3.0 Host Controller Driver) - C:\Windows\system32\DRIVERS\nusb3xhc.sys [03/02/2013 05:04:29] - (2.2.3.0) - (GEAR Software Inc. - CD DVD Filter) - C:\Windows\SYSTEM32\DRIVERS\GEARAspiWDM.sys [03/11/2014 22:55:51] - (5.2.0.0) - (Rsupport Corporation - Rsupport VRVD5) - C:\Windows\system32\DRIVERS\vrvd5.sys [27/10/2010 16:50:28] - (1.0.0.0) - (Atheros - Atheros BUS driver) - C:\Windows\system32\DRIVERS\btath_bus.sys [20/02/2014 02:24:06] - (1.2.20.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [30/09/2010 07:00:06] - (2.0.26.0) - (Renesas Electronics Corporation - USB 3.0 Hub Driver) - C:\Windows\system32\DRIVERS\nusb3hub.sys [11/08/2015 01:08:34] - (1.3.34.3) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [10/03/2011 18:10:22] - (6.0.1.6235) - (Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver) - C:\Windows\system32\drivers\RTKVHD64.sys [27/10/2010 16:50:28] - (6.1.7600.16385) - (Atheros - BtFilter Driver) - C:\Windows\system32\DRIVERS\btfilter.sys [06/06/2015 09:31:42] - (10.0.0.18) - (Kaspersky Lab ZAO - Keyboard Device Filter [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klkbdflt.sys [07/06/2015 02:50:04] - (10.0.0.11) - (Kaspersky Lab ZAO - Mouse Device Filter [fre_wlh_x64]) - C:\Windows\system32\DRIVERS\klmouflt.sys [09/03/2016 07:50:34] - (5.1.2.247) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [27/10/2010 16:50:28] - (1.0.0.0) - (Atheros - Atheros AVRCP driver) - C:\Windows\system32\DRIVERS\btath_rcp.sys [27/10/2010 16:50:28] - (1.0.0.0) - (Atheros - Atheros A2DP driver) - C:\Windows\system32\drivers\btath_a2dp.sys [27/10/2010 16:50:28] - (1.0.0.0) - (Atheros - Atheros HCRP driver) - C:\Windows\system32\DRIVERS\btath_hcrp.sys [27/10/2010 16:50:28] - (1.0.0.0) - (Atheros - Atheros FILTER driver) - C:\Windows\system32\DRIVERS\btath_flt.sys [27/10/2010 16:50:28] - (1.0.0.0) - (Atheros - Atheros FILTER driver) - C:\Windows\system32\DRIVERS\btath_lwflt.sys [06/06/2015 09:51:00] - (10.0.0.24) - (AO Kaspersky Lab - Virtual Disk [fre_wnet_x64]) - C:\Windows\system32\DRIVERS\kldisk.sys [20/03/2016 03:59:36] - (1.6.0.0) - ( - Driver for SecretZone) - C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20/03/2016 03:59:36] - (2.3.3.0) - ( - Virtual Disk Driver for SecretZone) - C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys ¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - cm_km (Kaspersky Lab ZAO Cryptographic Module x64 (Weak)) -> system32\DRIVERS\cm_km.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Disk (Pilote de disque) -> system32\drivers\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStor (Intel AHCI Controller) -> system32\DRIVERS\iaStor.sys R0 - JRAID () -> system32\DRIVERS\jraid.sys R0 - kl1 (kl1) -> system32\DRIVERS\kl1.sys R0 - klbackupdisk (Kaspersky Lab klbackupdisk) -> system32\DRIVERS\klbackupdisk.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msahci () -> system32\drivers\msahci.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - mv91xx () -> system32\DRIVERS\mv91xx.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pciide () -> system32\drivers\pciide.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - sbp2port (Pilote de bus de transport/protocole SBP-2) -> system32\DRIVERS\sbp2port.sys R0 - spldr (Security Processor Loader Driver) -> (?) R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> system32\DRIVERS\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - klbackupflt (Kaspersky Lab klbackupflt) -> system32\DRIVERS\klbackupflt.sys R1 - klhk (Kaspersky Lab service driver) -> system32\DRIVERS\klhk.sys R1 - KLIF (Kaspersky Lab Driver) -> system32\DRIVERS\klif.sys R1 - KLIM6 (Kaspersky Anti-Virus NDIS 6 Filter) -> system32\DRIVERS\klim6.sys R1 - klpd (Kaspersky Lab format recognizer driver) -> system32\DRIVERS\klpd.sys R1 - kltdi (kltdi) -> system32\DRIVERS\kltdi.sys R1 - Klwtp (Klwtp) -> system32\DRIVERS\klwtp.sys R1 - kneps (kneps) -> system32\DRIVERS\kneps.sys R1 - Msfs () -> (?) R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys R1 - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe R2 - Apple Mobile Device (Apple Mobile Device) -> "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" R2 - AtherosSvc (AtherosSvc) -> C:\Program Files (x86)\Bluetooth Suite\adminservice.exe R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - AVP16.0.0 (Kaspersky Anti-Virus Service 16.0.0) -> "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe" -r R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - Bonjour Service (Service Bonjour) -> "C:\Program Files\Bonjour\mDNSResponder.exe" S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - Fabs (FABS - Helping agent for MAGIX media database) -> C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - Freemake Improver (Freemake Improver) -> "C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe" R2 - gearsec (gearsec) -> C:\Windows\SysWOW64\gearsec.exe R2 - gpsvc (@gpapi.dll,-112) -> %windir%\system32\svchost.exe -k GPSvcGroup S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - hpqddsvc (Service HP CUE DeviceDiscovery) -> %SystemRoot%\system32\svchost.exe -k hpdevmgmt R2 - HPSLPSVC (HP Network Devices Support) -> %SystemRoot%\system32\svchost.exe -k HPService R2 - HPSupportSolutionsFrameworkService (HP Support Solutions Framework Service) -> "C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe" R2 - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - kldisk (kldisk) -> system32\DRIVERS\kldisk.sys R2 - L4301_Solar (Logitech Solar Keyboard Service) -> C:\Program Files\Logitech\SolarApp\L4301_Solar.exe R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - Net Driver HPZ12 () -> %SystemRoot%\System32\svchost.exe -k HPZ12 R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - NvNetworkService (NVIDIA Network Service) -> "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" R2 - NvStreamSvc (NVIDIA Streamer Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" R2 - nvsvc (NVIDIA Display Driver Service) -> "C:\Windows\system32\nvvsvc.exe" R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Pml Driver HPZ12 () -> %SystemRoot%\System32\svchost.exe -k HPZ12 S2 - PornTime Updater () -> C:\Users\Michel\AppData\Roaming\PT\updater.exe R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RemotePC Agent (RemotePC Agent) -> "C:\Program Files (x86)\Samsung\Remote PC\rvagent.exe" R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe S2 - SpyHunter 4 Service (SpyHunter 4 Service) -> C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe R2 - Stereo Service (NVIDIA Stereoscopic 3D Driver Service) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - SysMain (Superfetch) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SZDrvSvc (Samsung Drive Manager Service) -> "C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe" R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Update service () -> C:\Program Files (x86)\Popcorn Time\Updater.exe R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - WinDefend (@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103) -> %SystemRoot%\System32\svchost.exe -k secsvcs R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - wuauserv (Windows Update) -> %systemroot%\system32\svchost.exe -k netsvcs ¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [27/04/2011 00:33:02] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [27/04/2011 00:33:02] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.4BF5BCA6E2608CD8A00BC4A6673A9F47] - [17/11/2010 14:04:32] - (.Copyright (c) 2004-2010 Advanced Micro Devices - AMD High Definition Audio Function Driver.) - [112.52 Ko] - (7.12.0.7700) - C:\Windows\System32\Drivers\AtihdW76.sys [MD5.DCC8177244FE79C61C4E73C65E63922A] - [27/01/2011 01:37:20] - (.Copyright (C) 1998-2006 ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - [8873 Ko] - (8.1.1.1123) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.7FE67D107329DC2CF89136A8E19BCEB7] - [27/01/2011 00:13:32] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [292.5 Ko] - (8.14.1.6187) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3B1B573371B206D1D5F25E0EF5FCD6D6] - [27/10/2010 16:50:28] - (.Copyright (C) Atheros Solutions 2008 - Atheros A2DP driver.) - [294.61 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\btath_a2dp.sys [MD5.2D0446336D9DB55A742B999EC16ADF15] - [27/10/2010 16:50:28] - (.Copyright (C) Atheros Solutions 2008 - Atheros BUS driver.) - [30.35 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\btath_bus.sys [MD5.AAAE03F8EDA817EC28C5445193EA8BF3] - [27/10/2010 16:50:28] - (.Copyright (C) Atheros Solutions 2008 - Atheros FILTER driver.) - [37.35 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\btath_flt.sys [MD5.9A9694BBEB2849EAF95DFFCAE5DF02AD] - [27/10/2010 16:50:28] - (.Copyright (C) Atheros Solutions 2008 - Atheros HCRP driver.) - [198.85 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\btath_hcrp.sys [MD5.FC0A8075DDF2E9C66267AEC91E0676F9] - [27/10/2010 16:50:28] - (.Copyright (C) Atheros Solutions 2008 - Atheros FILTER driver.) - [57.61 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\btath_lwflt.sys [MD5.5EB4815CBDDBA4541F2380DAE6E269AB] - [27/10/2010 16:50:28] - (.Copyright (C) Atheros Solutions 2008 - Atheros AVRCP driver.) - [152.85 Ko] - (1.0.0.0) - C:\Windows\System32\Drivers\btath_rcp.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.B2A6D2A30E93B6F215F74AC7E1733C9C] - [06/07/2015 01:10:20] - (.© 2014 Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) - [380.68 Ko] - (2.1.0.8) - C:\Windows\System32\Drivers\cm_km.sys [MD5.6BAFD9819D9FEC2EDBAEBC8493C711A4] - [10/03/2011 18:19:54] - (.Copyright(C) 2010, Intel Corporation. - Intel(R) Gigabit Adapter NDIS 6.x driver.) - [306.17 Ko] - (11.8.74.0) - C:\Windows\System32\Drivers\e1c62x64.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - [26/04/2015 17:39:49] - (.-.) - [22.17 Ko] - (1.2.0.119) - C:\Windows\System32\Drivers\EsgScanner.sys [MD5.B8F263E9001B6FAF6DFA8463A91DF0F7] - [12/11/2014 17:37:31] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Driver.) - [59.51 Ko] - (1.0.1.0) - C:\Windows\System32\Drivers\eubakup.sys [MD5.EE694263D68E21C6AC4E0FE462E7535B] - [12/11/2014 17:37:30] - (.-.) - [47.01 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\EUBKMON.sys [MD5.163744EDDC4E9B100079B7B6A511B043] - [12/11/2014 17:37:31] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Access Driver.) - [18.01 Ko] - (1.2.0.1) - C:\Windows\System32\Drivers\eudskacs.sys [MD5.F1A6F12FEC38B38BA6ADE3DA76C7BB2F] - [12/11/2014 17:37:31] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Image Preview Driver.) - [184.51 Ko] - (1.0.0.1) - C:\Windows\System32\Drivers\EuFdDisk.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.8E98D21EE06192492A5671A6144D092F] - [03/02/2013 05:04:29] - (.Copyright (C) GEAR Software Inc. 1997-2012 - CD DVD Filter.) - [32.46 Ko] - (2.2.3.0) - C:\Windows\System32\Drivers\GEARAspiWDM.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - [10/03/2011 18:09:43] - (.Copyright © 2006-2010, Intel Corporation. - Intel(R) Management Engine Interface.) - [55.02 Ko] - (7.0.0.1144) - C:\Windows\System32\Drivers\HECIx64.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [10/03/2011 19:07:53] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.D7921D5A870B11CC1ADAB198A519D50A] - [10/03/2011 18:25:11] - (.Copyright(C) Intel Corporation 1994-2010 - Intel Rapid Storage Technology driver - x64.) - [428.52 Ko] - (10.1.0.1008) - C:\Windows\System32\Drivers\iaStor.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [27/04/2011 00:33:03] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.A577F5DB30F70ECA9708C07C2EACBD9D] - [10/03/2011 18:15:05] - (.Copyright (C) JMicron Technology Corp. - JMicron JMB36X RAID Driver.) - [118.09 Ko] - (1.17.58.2) - C:\Windows\System32\Drivers\jraid.sys [MD5.BEE1682DA217A4AD46C36896769AA580] - [22/06/2015 21:40:04] - (.© 2015 Kaspersky Lab ZAO. - Kaspersky Unified Driver.) - [467.18 Ko] - (6.8.0.54) - C:\Windows\System32\Drivers\kl1.sys [MD5.86F40D79CE80ACBE6BEBAC8CE89D75A0] - [06/06/2015 09:48:24] - (.© 2015 Kaspersky Lab ZAO. - Backup Disk Filter [fre_wnet_x64].) - [52.18 Ko] - (10.0.0.20) - C:\Windows\System32\Drivers\klbackupdisk.sys [MD5.C80861511ADA03A65DC12FAA207592F8] - [27/06/2015 02:30:00] - (.© 2015 Kaspersky Lab ZAO. - Backup File Filter [fre_wlh_x64].) - [68.36 Ko] - (10.0.0.13) - C:\Windows\System32\Drivers\klbackupflt.sys [MD5.80D7529E1CF09261FADF55E69EFDA90B] - [06/06/2015 09:51:00] - (.© 2016 AO Kaspersky Lab. - Virtual Disk [fre_wnet_x64].) - [75.91 Ko] - (10.0.0.24) - C:\Windows\System32\Drivers\kldisk.sys [MD5.DE7D2DEDE9C9D5219AA439172BA8D21C] - [07/03/2016 02:43:56] - (.© 2015 AO Kaspersky Lab. - Filter Core [fre_wlh_x64].) - [177.38 Ko] - (10.0.0.1502) - C:\Windows\System32\Drivers\klflt.sys [MD5.C62B714428FD30DD7B3115566C3F470B] - [07/03/2016 02:43:55] - (.© 2015 AO Kaspersky Lab. - klhk [fre_wlh_x64].) - [221.68 Ko] - (10.0.0.1505) - C:\Windows\System32\Drivers\klhk.sys [MD5.16E6DEF683D0EFAC8EED0D0FF4FE00DD] - [07/03/2016 02:43:56] - (.© 2016 AO Kaspersky Lab. - Core System Interceptors [fre_wlh_x64].) - [912.9 Ko] - (10.0.0.1547) - C:\Windows\System32\Drivers\klif.sys [MD5.3553584440A11136C899B67ACC8CBE9D] - [11/06/2015 20:32:42] - (.© 2015 Kaspersky Lab ZAO. - Kaspersky Lab Intermediate Network Driver [fre_wlh_x64].) - [38.18 Ko] - (8.0.0.102) - C:\Windows\System32\Drivers\klim6.sys [MD5.22C4E9381C60DA78161FA042FDBA6873] - [06/06/2015 09:31:42] - (.© 2015 Kaspersky Lab ZAO. - Keyboard Device Filter [fre_wlh_x64].) - [40.18 Ko] - (10.0.0.18) - C:\Windows\System32\Drivers\klkbdflt.sys [MD5.D792857D47B8DF5BFEC02534C1933BE2] - [07/06/2015 02:50:04] - (.© 2015 Kaspersky Lab ZAO. - Mouse Device Filter [fre_wlh_x64].) - [40.67 Ko] - (10.0.0.11) - C:\Windows\System32\Drivers\klmouflt.sys [MD5.F610F5F17BC87D61EF8954CCD793BAE4] - [08/12/2015 02:24:14] - (.© 2015 AO Kaspersky Lab. - Format Recognizer [fre_wnet_x64].) - [40.38 Ko] - (10.0.0.38) - C:\Windows\System32\Drivers\klpd.sys [MD5.B36DEE2A91F9388C4D3ED744592DE81D] - [11/06/2015 16:56:56] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Network filtering component [fre_wnet_amd64].) - [63.68 Ko] - (1.7.0.15) - C:\Windows\System32\Drivers\kltdi.sys [MD5.2AA3537309C2B9A7F120FB9E6A38250A] - [16/06/2015 22:56:32] - (.© 2015 Kaspersky Lab ZAO. - WFP Network Connection Filter Driver [fre_win7_x64].) - [100.68 Ko] - (10.0.0.85) - C:\Windows\System32\Drivers\klwtp.sys [MD5.1686DE8288052316EFDD49EEA8929065] - [23/06/2015 19:30:50] - (.© 2015 Kaspersky Lab ZAO. - Network Processor [fre_wnet_x64].) - [182.67 Ko] - (10.0.0.25) - C:\Windows\System32\Drivers\kneps.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.34D08C9C64F657D194961E96C47E9C69] - [27/08/2010 19:53:22] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell magni Windows Driver.) - [290.04 Ko] - (1.0.0.1045) - C:\Windows\System32\Drivers\mv91xx.sys [MD5.193F5A4206041B5EC412D529C7116D16] - [28/08/2010 02:49:02] - (.© Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) - [6 Ko] - (1.0.0.1202) - C:\Windows\System32\Drivers\mvxxmm.sys [MD5.EE00C544C025958AF50C7B199F3C8595] - [25/07/2013 17:53:46] - (.Copyright (C) 2009 Apple Inc. - Apple Mobile Device Ethernet.) - [22.5 Ko] - (1.8.5.1) - C:\Windows\System32\Drivers\netaapl64.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.786DB821BFD57C0551DBBE4F75384A7D] - [30/09/2010 07:00:06] - (.(C) 2010 Renesas Electronics Corporation - USB 3.0 Hub Driver.) - [78.5 Ko] - (2.0.26.0) - C:\Windows\System32\Drivers\nusb3hub.sys [MD5.DAA8005CAF745042BB427A1ED7433354] - [30/09/2010 07:00:06] - (.(C) 2010 Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) - [176.5 Ko] - (2.0.26.0) - C:\Windows\System32\Drivers\nusb3xhc.sys [MD5.C1CBFEA565CB9BF8AE63657EE10DCE73] - [11/08/2015 01:08:34] - (.(C) NVIDIA Corporation. - NVIDIA HDMI Audio Driver.) - [208.36 Ko] - (1.3.34.3) - C:\Windows\System32\Drivers\nvhda64v.sys [MD5.98C14B589F567F5880C0B514632949E7] - [11/08/2015 01:08:38] - (.(C) 2015 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 353.82.) - [10804.14 Ko] - (10.18.13.5382) - C:\Windows\System32\Drivers\nvlddmkm.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [27/04/2011 00:33:03] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [27/04/2011 00:33:02] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.939C0FAE9CC0CDD69E6508BDE4C11FE5] - [20/02/2014 02:24:06] - (.(C) NVIDIA Corporation. - NVIDIA Virtual Audio Driver.) - [38.28 Ko] - (1.2.20.0) - C:\Windows\System32\Drivers\nvvad64v.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.DAB7318CCFA8081200D5B7B486793F74] - [10/03/2011 18:10:22] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [2476.6 Ko] - (6.0.1.6235) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - [14/07/2009 02:00:40] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.5C3BE22E485B9BF11FCEFDC676C728D0] - [16/08/2014 00:35:00] - (.© Apple, Inc. - Apple Mobile Device USB Driver.) - [53.5 Ko] - (1.65.0.0) - C:\Windows\System32\Drivers\usbaapl64.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.DDF7522FBEF8D50E015E743813595801] - [03/11/2014 22:55:51] - (.Copyright (C) 2007-2009 RSUPPORT CO., LTD. - Rsupport VRVD5.) - [13.03 Ko] - (5.2.0.0) - C:\Windows\System32\Drivers\vrvd5.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.19166026A93206F9C6A8CD3A1F010AE4] - [02/04/2009 14:30:14] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\ASUSHWIO.SYS [MD5.9B4D1B5302ADCADE0A7F1CCAEDA35B19] - [11/06/2004 08:45:00] - (.Copyright (c) GEAR Software Inc. 2004 - CDRom Class Filter Driver.) - [13.55 Ko] - (2.0.3.15) - C:\Windows\Syswow64\Drivers\GEARAspiWDM.sys ¤¤¤¤¤¤¤¤¤¤ | Uninstall [HKU\S-1-5-18\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\foobar2000] : (.-.) -> [HKU\S-1-5-20\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\foobar2000] : (.-.) -> [HKU\S-1-5-19\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\foobar2000] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bullzip PDF Printer_is1] : (Bullzip PDF Printer 10.11.0.2338.-.Bullzip) -> "C:\Program Files\Bullzip\PDF Printer\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\FreeMi UPnP Media Server] : (FreeMi UPnP Media Server.-.Stéphane Mitermite) -> "I:\Dossier système - pgm files 2\FreeMi UPnP Media Server\Uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Imaging Device Functions] : (HP Imaging Device Functions 13.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Photosmart Essential] : (HP Photosmart Essential 3.5.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Smart Web Printing] : (HP Smart Web Printing 4.51.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools] : (HP Solution Center 13.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HPExtendedCapabilities] : (HP Customer Participation Program 13.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HPOCR] : (OCR Software by I.R.I.S. 13.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\NVIDIA Display Control Panel] : (NVIDIA Display Control Panel.-.NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PROSetDX] : (Intel(R) Network Connections 15.6.25.0.-.Intel) -> MsiExec.exe /i{BCCC97EE-E162-448C-8847-59718FF29B04} ARPREMOVE=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Shop for HP Supplies] : (Shop for HP Supplies.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SMPlayer] : (SMPlayer 14.9.0.6558 (x64).-.Ricardo Villalba) -> C:\Program Files\SMPlayer\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SolarApp] : (Logitech Solar App 1.10.-.Logitech) -> C:\Program Files\Common Files\LogiShrd\SolarApp_Uninstall\setup.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.2.-.Cedrick Collomb) -> I:\Dossier système - pgm files 2\Unlocker\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}] : (Network64.-.Hewlett-Packard) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DA20600-6130-443B-9D4B-F30520315FA6}] : (Services d’impression Bonjour.-.Apple Inc.) -> MsiExec.exe /I{0DA20600-6130-443B-9D4B-F30520315FA6} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}] : (ATI Stream SDK v2 Developer.-.ATI Technologies Inc.) -> MsiExec.exe /I{22441735-5983-AD2A-5CC5-FA2CCD7EF732} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{230D1595-57DA-4933-8C4E-375797EBB7E1}] : (Bluetooth Win7 Suite (64).-.Atheros Communications) -> MsiExec.exe /X{230D1595-57DA-4933-8C4E-375797EBB7E1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1] : (MPC-HC 1.7.9 (64-bit).-.MPC-HC Team) -> "C:\Program Files\MPC-HC\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}] : (PVSonyDll.-.NVIDIA Corporation) -> MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}] : (Paint.NET v3.5.10.-.dotPDN LLC) -> MsiExec.exe /X{529125EF-E3AC-4B74-97E6-F688A7C0F1C0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6096C0CC-7E19-4355-87F0-627EC5AA146D}] : (iCloud.-.Apple Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{988329F4-A1A1-4D51-803C-EF2725A97627}] : (HP Photosmart All-In-One Driver Software 13.0 Rel. 2.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\setup\hpzscr40.exe -datfile hposcr21.dat -onestop -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 353.82.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 353.82.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 353.82.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 1.8.2.1.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B1770A59-00AE-46C0-BD16-10B46A9DDF96}\NVI2.DLL",UninstallPackage Display.GFExperience [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 334.89.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B1770A59-00AE-46C0-BD16-10B46A9DDF96}\NVI2.DLL",UninstallPackage Display.NVIRUSB [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.13.1220.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B1770A59-00AE-46C0-BD16-10B46A9DDF96}\NVI2.DLL",UninstallPackage Display.PhysX [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 11.10.13.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC] : (GeForce Experience NvStream Client Components.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.34.3.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 11.10.13.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.20.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B1770A59-00AE-46C0-BD16-10B46A9DDF96}\NVI2.DLL",UninstallPackage VirtualAudio.Driver [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BCCC97EE-E162-448C-8847-59718FF29B04}] : (Intel(R) Network Connections 15.6.25.0.-.Intel) -> MsiExec.exe /i{BCCC97EE-E162-448C-8847-59718FF29B04} ARPREMOVE=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{BDD99690-3541-4619-9D2A-3CDDB3E15F9E} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}] : (64 Bit HP CIO Components Installer.-.Hewlett-Packard) -> MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\4K Video Downloader_is1] : (4K Video Downloader 4.0.-.Open Media LLC) -> "C:\Program Files (x86)\4KDownload\4kvideodownloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\4K Video to MP3_is1] : (4K Video to MP3 2.1.-.Open Media LLC) -> "C:\Program Files (x86)\4KDownload\4kvideotomp3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\4K YouTube to MP3_is1] : (4K YouTube to MP3 3.0.-.Open Media LLC) -> "C:\Program Files (x86)\4KDownload\4kyoutubetomp3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\5513-1208-7298-9440] : (JDownloader 0.9.-.AppWork GmbH) -> C:\Program Files (x86)\JDownloader\JDUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 18 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Aimersoft DVD Ripper_is1] : (Aimersoft DVD Ripper(Build 3.0.0.2).-.Aimersoft Software) -> "C:\Program Files (x86)\Aimersoft\DVD Ripper\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Aimersoft Video Converter Ultimate_is1] : (Aimersoft Video Converter Ultimate(Build 5.7.0.1).-.Aimersoft Software) -> "C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Air Video Server] : (Air Video Server 2.4.3.-.InMethod, s.r.o.) -> C:\Program Files (x86)\AirVideoServer\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Air Video Server HD] : (Air Video Server HD 2.0.3-beta1.-.InMethod, s.r.o.) -> C:\Program Files (x86)\AirVideoServer HD\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Any Video Converter Ultimate_is1] : (Any Video Converter Ultimate 5.8.3.-.Any-Video-Converter.com) -> "C:\Program Files (x86)\Anvsoft\Any Video Converter Ultimate\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AVS DVD Copy_is1] : (AVS DVD Copy version 4.1.1.-.Online Media Technologies Ltd.) -> "C:\Program Files (x86)\AVS4YOU\AVSDVDCopy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AVS Update Manager_is1] : (AVS Update Manager 1.0.-.Online Media Technologies Ltd.) -> "C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AVS4YOU Software Navigator_is1] : (AVS4YOU Software Navigator 1.3.-.Online Media Technologies Ltd.) -> "C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AVS4YOU Video Converter 7_is1] : (AVS Video Converter 9.2.1.-.Online Media Technologies Ltd.) -> "C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DivX Setup] : (Configuration DivX.-.DivX, LLC) -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\eMule] : (eMule.-.) -> "C:\Program Files (x86)\eMule\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FFmpeg for Audacity_is1] : (FFmpeg v0.6.2 for Audacity.-.) -> "C:\Program Files (x86)\Ffmpeg 0.6.2 For Audacity 2.0.5\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\foobar2000] : (foobar2000 v1.3.9.-.Peter Pawlowski) -> "C:\Program Files (x86)\foobar2000\uninstall.exe" _?=C:\Program Files (x86)\foobar2000 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Freemake Audio Converter_is1] : (Freemake Audio Converter version 1.1.0.-.Ellora Assets Corporation) -> "I:\Dossier système - pgm files 2\Freemake\Freemake Audio Converter\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HP Smart Web Printing] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] : (CyberLink Blu-ray Disc Suite.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}] : (CyberLink LG Burning Tool.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}] : (Kaspersky Internet Security.-.Kaspersky Lab) -> MsiExec.exe /I{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LAME_is1] : (LAME v3.99.3 (for Windows).-.) -> "C:\Program Files (x86)\Lame For Audacity\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MagniDriver] : (marvell 91xx console driver.-.Marvell) -> C:\Program Files (x86)\Marvell\mv91xx\uninst-91xx.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Movavi Video Converter 15] : (Movavi Video Converter 15.-.Movavi) -> C:\Program Files (x86)\Movavi Video Converter 15\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 45.0.1 (x86 fr)] : (Mozilla Firefox 45.0.1 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Nero - Burning Rom!UninstallKey] : (.-.) -> C:\Program Files (x86)\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Oxelon Media Converter_is1] : (Oxelon Media Converter 1.1.-.Oxelon) -> "I:\Dossier système - pgm files 2\OxelonMedia\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\pdfsam] : (pdfsam.-.) -> C:\Program Files (x86)\pdfsam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PDFTK Builder_is1] : (PDFTK Builder 3.5.3.-.) -> "I:\Dossier système - pgm files 2\PDFTK Builder\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Popcorn Time_is1] : (Popcorn Time.-.Popcorn Time) -> "C:\Program Files (x86)\Popcorn Time\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Qloud Server] : (Qloud Server.-.QiSS) -> I:\Dossier système - pgm files 28\Qloud Server\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RegHunter] : (RegHunter.-.Enigma Software Group, LLC) -> C:\Users\Michel\AppData\Roaming\Enigma Software Group\rh_installer.exe -r rh [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SHAREit_is1] : (SHAREit.-.Lenovo Group Limited) -> "C:\Program Files (x86)\Lenovo\SHAREit\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Simfy] : (simfy.-.simfy AG) -> msiexec /qb /x {30827CFE-8B67-9DF9-580F-78BAA616E50E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Spotydl_is1] : (Spotydl 0.9.36.0.-.spotydl.com) -> "I:\Dossier système - pgm files 2\Spotydl\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SpyHunter] : (SpyHunter 4.-.Enigma Software Group, LLC) -> C:\Users\Michel\AppData\Roaming\Enigma Software Group\sh_installer.exe -r sh [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Undelete 360_is1] : (Undelete 360.-.File Recovery Ltd.) -> "C:\Program Files (x86)\File Recovery\undelete360\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uninstall_is1] : (Uninstall 1.0.0.1.-.) -> "C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\uTorrent] : (µTorrent.-.) -> "C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Winamp] : (Winamp.-.Nullsoft, Inc) -> "C:\Program Files (x86)\Winamp\UninstWA.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 4.00 (32 bits).-.win.rar GmbH) -> C:\Program Files (x86)\WinRAR\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.pdfforge) -> C:\Program Files (x86)\PDFCreator\unins000.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{058B3200-E0E1-11DE-72AE-01830C472CD6}] : (MozartViewer10.-.Mozart Music Software) -> C:\Program Files (x86)\MozartViewer10\Uninst_MozartViewer10.exe /U "C:\Program Files (x86)\MozartViewer10\Uninst_MozartViewer10.log" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E64B098-8018-4256-BA23-C316A43AD9B0}] : (QuickTime.-.Apple Inc.) -> MsiExec.exe /I{0E64B098-8018-4256-BA23-C316A43AD9B0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}] : (Status.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}] : (Scan.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{175F0111-2968-4935-8F70-33108C6A4DE3}] : (MarketResearch.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1] : (Any Video Recorder version 1.0.4.-.anvsoft, Inc.) -> "I:\Dossier système - pgm files 2\Any Video Recorder\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}] : (TrayApp.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] : (CyberLink Blu-ray Disc Suite.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}] : (HPPhotoSmartDiscLabel_PrintOnDisc.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] : (Skype™ 7.4.-.Skype Technologies S.A.) -> MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218045F0}] : (Java 8 Update 45.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218045F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}] : (CyberLink BD Advisor 2.0.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}] : (BufferChm.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1] : (PhoneClean 3.3.2.-.iMobie Inc.) -> "I:\Dossier système - pgm files 2\PhoneClean\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}] : (DeviceDiscovery.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{30827CFE-8B67-9DF9-580F-78BAA616E50E}] : (simfy.-.simfy AG) -> MsiExec.exe /I{30827CFE-8B67-9DF9-580F-78BAA616E50E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}] : (Firebird SQL Server - MAGIX Edition.-.MAGIX AG) -> MsiExec.exe /X{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}] : (JMicron JMB36X Driver.-.JMicron Technology Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3AFDD2C6-8663-46B5-B195-6CEB00D44768}] : (adsl TV.-.adsl TV / FM) -> "C:\Program Files (x86)\adslTV\Uninstall.exe" "C:\Program Files (x86)\adslTV\Uninstall.log" -u [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}] : (Copy.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}] : (CyberLink LG Burning Tool.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43CDF946-F5D9-4292-B006-BA0D92013021}] : (WebReg.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{440B915A-0C85-45DB-92AE-75AE14704A64}] : (Fax.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}] : (Google Earth Pro.-.Google) -> MsiExec.exe /X{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}] : (SolutionCenter.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}] : (UnloadSupport.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5442DAB8-7177-49E1-8B22-09A049EA5996}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{553C904F-57A2-4113-888E-BA0C3D1C69C0}] : (Microsoft VC9 runtime libraries.-.AOL Inc.) -> MsiExec.exe /I{553C904F-57A2-4113-888E-BA0C3D1C69C0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6179550A-3E7C-499E-BCC9-9E8113E0A285}] : (LG Tool Kit.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63FF21C9-A810-464F-B60A-3111747B1A6D}] : (GPBaseService2.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6450E6AC-0E02-4E24-A13E-EE7DC5F1CFAF}_is1] : (PornTime.-.PornTime) -> "C:\Program Files (x86)\PornTime\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{681B698F-C997-42C3-B184-B489C6CA24C9}] : (HPPhotoSmartDiscLabelContent1.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{685B0843-6C8D-4E42-B60D-2B86B45526E0}] : (PS_AIO_02_Software_Min.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}] : (HPSSupply.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BBA26E9-AB03-4FE7-831A-3535584CA002}] : (Toolbox.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6FF6CE46-2F27-4A4B-916F-AB1C678C8F5E}] : (MixMeister Pro 6.-.MixMeister Technology LLC) -> MsiExec.exe /I{6FF6CE46-2F27-4A4B-916F-AB1C678C8F5E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7059BDA7-E1DB-442C-B7A1-6144596720A4}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}] : (VirtualDJ Home FREE.-.Atomix Productions) -> MsiExec.exe /I{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{77D28FF5-242F-488A-8215-937D6A4D69E0}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{77D28FF5-242F-488A-8215-937D6A4D69E0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}] : (Kaspersky Internet Security.-.Kaspersky Lab) -> MsiExec.exe /I{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}] : (OpenOffice.org 3.4.1.-.Apache Software Foundation) -> MsiExec.exe /I{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80407BA7-7763-4395-AB98-5233F1B34E65}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{817750FA-EC6A-485D-9901-0683AE6FFDF1}] : (Google Earth.-.Google) -> MsiExec.exe /I{817750FA-EC6A-485D-9901-0683AE6FFDF1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{81CD6232-10F5-4832-B3DA-1B88B1571036}] : (Nero 7 Essentials.-.Nero AG) -> MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82730AAC-04BA-4684-A63F-286FB9847C15}] : (Remote PC Agent.-.RSUPPORT) -> "C:\Program Files (x86)\InstallShield Installation Information\{82730AAC-04BA-4684-A63F-286FB9847C15}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}] : (Apple Application Support.-.Apple Inc.) -> MsiExec.exe /I{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}] : (VC80CRTRedist - 8.0.50727.6195.-.DivX, Inc) -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{94F8D42D-BB31-4858-9705-7D756D8D9655}] : (PS_AIO_02_Software.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9B362566-EC1B-4700-BB9C-EC661BDE2175}] : (DocProc.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}] : (Samsung Drive Manager.-.Clarus, Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}\setup.exe" -runfromtemp -l0x040c -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824166751}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824166751} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B28635AB-1DF3-4F07-BFEA-975D911B549B}] : (hpphotosmartdisclabelplugin.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B4B2096B-B13E-408E-8985-BD07463D5487}] : (PS_AIO_02_ProductContext.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}] : (Destinations.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}] : (Metric Collection SDK 35.-.Lenovo Group Limited) -> MsiExec.exe /X{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C43326F5-F135-4551-8270-7F7ABA0462E1}] : (HPProductAssistant.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c600ab3d-8b64-41df-bf36-b3d87ce0706b}] : (C7200_Help.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}] : (HPPhotoGadget.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D0FC6861-DD0F-49D3-A7A4-BED8F1EFD3ED}_is1] : (Foofind Download Manager.-.Foofind Labs, S.L.) -> "I:\Dossier système - pgm files 2\Foofind Download Manager\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D79113E7-274C-470B-BD46-01B10219DF6A}] : (HPPhotosmartEssential.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}] : (AIO_Scan.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}] : (HPPhotoSmartDiscLabel_PaperLabel.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DC635845-46D3-404B-BCB1-FC4A91091AFA}] : (SmartWebPrinting.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}] : (HP Support Solutions Framework.-.Hewlett-Packard Company) -> MsiExec.exe /I{E35601C0-BA8E-4F32-919A-C7EF4CA81F67} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE5926BD-9590-48A3-AB1E-C1C49575823D}] : (C7200.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F33070AA-1979-4192-9B75-C018C2F423FF}] : (VirtualDJ 8.-.Atomix Productions) -> MsiExec.exe /I{F33070AA-1979-4192-9B75-C018C2F423FF} ¤¤¤¤¤¤¤¤¤¤ | Installer [HKCR\Installer\Products\00602AD00316B344D9B43F500213F56A] : Services d’impression Bonjour -> C:\Windows\Installer\{0DA20600-6130-443B-9D4B-F30520315FA6}\Bonjour.ico [HKCR\Installer\Products\09699DDB14539164D9A2C3DD3B1EF5E9] : Apple Mobile Device Support -> C:\Windows\Installer\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}\Installer.ico [HKCR\Installer\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B] : Skype™ 7.4 -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe [HKCR\Installer\Products\0B5B5B2C545249E44BAB45D8B40F1B69] : Metric Collection SDK 35 [HKCR\Installer\Products\0C10653EE8AB23F419A97CFEC48AF176] : HP Support Solutions Framework -> C:\Windows\Installer\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}\icon.ico [HKCR\Installer\Products\0F16CF44A8F23E11C8EA8BCAF6798BE8] : Google Earth Pro -> C:\Windows\Installer\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1110F57186925394F8073301C8A6D43E] : MarketResearch [HKCR\Installer\Products\12BFF2B688CA3C54A9D7B43B7E44CE19] : HPSSupply [HKCR\Installer\Products\19DBBBA25E197DA429A9EF511DCD5067] : iTunes -> C:\Windows\Installer\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}\Installer.ico [HKCR\Installer\Products\2326DC185F0123843BADB1881B750163] : Nero 7 Essentials -> C:\Windows\Installer\{81CD6232-10F5-4832-B3DA-1B88B1571036}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico [HKCR\Installer\Products\3480B586D8C624E46BD0B2684B55620E] : PS_AIO_02_Software_Min [HKCR\Installer\Products\38E1FB04BE028D11795C00905C206085] : Power2Go -> C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3AC763F0F2B39F344AA4528AEE964ED5] : Scan [HKCR\Installer\Products\42C6FBF1DF1C10144AB2C065F4E9E897] : PowerStarter -> C:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4AA7AEE2302C09b43AF491BFE71F8CC1] : BufferChm [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208540F] : Java 8 Update 45 [HKCR\Installer\Products\5104B339816461748A822598CF3061F5] : VC80CRTRedist - 8.0.50727.6195 [HKCR\Installer\Products\537144223895A2DAC55CAFC2DCE77F23] : ATI Stream SDK v2 Developer -> C:\Windows\Installer\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5426BE430D8CA8D48B8DEEFB7F9A4158] : Firebird SQL Server - MAGIX Edition -> C:\Windows\Installer\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}\ProgramIcon.exe [HKCR\Installer\Products\548536CD3D64B404CB1BCFA41990A1AF] : SmartWebPrinting [HKCR\Installer\Products\56A9756CEAC913B4B8B633600E36A066] : Apple Software Update -> C:\Windows\Installer\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\Installer.ico [HKCR\Installer\Products\5951D032AD753394C8E4737579BE7B1E] : Bluetooth Win7 Suite (64) -> C:\Windows\Installer\{230D1595-57DA-4933-8C4E-375797EBB7E1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5F62334C531F15542807F7A7AB40261E] : HPProductAssistant [HKCR\Installer\Products\5FF82D77F242A884285139D7A6D4960E] : Adobe AIR [HKCR\Installer\Products\649FDC349D5F29240B60ABD029100312] : WebReg [HKCR\Installer\Products\64EC6FF672F2B4A419F6BAC176C8F8E5] : MixMeister Pro 6 [HKCR\Installer\Products\665263B9B1CE0074BBC9CE66B1ED1257] : DocProc [HKCR\Installer\Products\68AB67CA408033019195008142617615] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824166751}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6E2B29C3D083fef44BFDA4B3B4667917] : Copy [HKCR\Installer\Products\6E3C12FFDF79F4745981D8BC9EC48245] : 64 Bit HP CIO Components Installer [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\70FE07A488F74344BB161DEDA89ED34D] : SolutionCenter [HKCR\Installer\Products\73FBFE5025E0975478C5E7FED0BFF4BC] : Network64 [HKCR\Installer\Products\786C8FF2D7BDcda45ACD7589E32C0564] : DeviceDiscovery [HKCR\Installer\Products\7AB7040836775934BA8925331F3BE456] : NVIDIA PhysX -> C:\Windows\Installer\{80407BA7-7763-4395-AB98-5233F1B34E65}\icon.ico [HKCR\Installer\Products\7ADB9507BD1EC2447B1A16449576024A] : HP Update [HKCR\Installer\Products\7C82C7E4AD5DF9E41AAC0694B045EA53] : UnloadSupport [HKCR\Installer\Products\7E31197DC472B074DB64101B2091FDA6] : HPPhotosmartEssential -> C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\890B46E081086524AB323C614AA39D0B] : QuickTime -> C:\Windows\Installer\{0E64B098-8018-4256-BA23-C316A43AD9B0}\Installer.ico [HKCR\Installer\Products\8BAD244577171E94B822900A94AE9569] : Renesas Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{5442DAB8-7177-49E1-8B22-09A049EA5996}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9AEB5FE03D9B7d649885BF960AABAECC] : Status [HKCR\Installer\Products\9C12FF36018AF4646BA0131147B7A1D6] : GPBaseService2 [HKCR\Installer\Products\9E62ABB630BA7EF438A1535385C40A20] : Toolbox [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A519B04458C0BD5429EA57EA4107A446] : Fax [HKCR\Installer\Products\AA9CFE021CBBDFD418FF9956F417BC8F] : HPPhotoSmartDiscLabel_PrintOnDisc [HKCR\Installer\Products\AB4027DB46DDE994B955A682C2FDF44A] : Destinations [HKCR\Installer\Products\AF057718A6CED58499106038EAF6DF1F] : Google Earth -> C:\Windows\Installer\{817750FA-EC6A-485D-9901-0683AE6FFDF1}\MainIcon.ico [HKCR\Installer\Products\B6902B4BE31BE8049858DB7064D34578] : PS_AIO_02_ProductContext [HKCR\Installer\Products\BA53682B3FD170F4FBAE79D519B145B9] : hpphotosmartdisclabelplugin [HKCR\Installer\Products\BFB17CE13A1093246BFA1BEA56B6510C] : TrayApp [HKCR\Installer\Products\C5EA7E77C181FAC4DAFB49F6111CEC62] : Kaspersky Internet Security -> C:\Windows\Installer\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}\setup2.ico [HKCR\Installer\Products\CC0C690691E75534780F26E75CAA41D6] : iCloud -> C:\Windows\Installer\{6096C0CC-7E19-4355-87F0-627EC5AA146D}\ARP.ico [HKCR\Installer\Products\D24D8F4913BB85847950D757D6D86955] : PS_AIO_02_Software [HKCR\Installer\Products\D366E3D3E7E477545A06E7DCDD5445A8] : PVSonyDll -> C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\d3ba006c46b8fd14fb633b8dc70e07b6] : C7200_Help [HKCR\Installer\Products\DB6295EE09593A84BAE11C4C595728D3] : C7200 [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\E2E0B68DA9FDC144FA77D8A1F00FF06A] : AIO_Scan [HKCR\Installer\Products\ED0FAC38B3D873C46A13B2F861CE0313] : Apple Application Support -> C:\Windows\Installer\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}\WinInstall.ico [HKCR\Installer\Products\EE79CCCB261EC84488749517F82FB940] : -> C:\Windows\Installer\{BCCC97EE-E162-448C-8847-59718FF29B04}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EFC7280376B89FD985F087AB6A615EE0] : simfy [HKCR\Installer\Products\F3124EAC797FD934DBE9977BD111B53E] : HPPhotoGadget [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F60C1AD7319C7C64A8F0ADC2AB71AED1] : OpenOffice.org 3.4.1 -> C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico [HKCR\Installer\Products\F896B186799C3C241B484B986CAC429C] : HPPhotoSmartDiscLabelContent1 [HKCR\Installer\Products\FC2F8D9DD2EF44647926109F61EF099A] : HPPhotoSmartDiscLabel_PaperLabel [HKCR\Installer\Products\FE521925CA3E47B4796E6F887A0C1F0C] : Paint.NET v3.5.10 -> C:\Windows\Installer\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}\_853F67D554F05449430E7E.exe ¤¤¤¤¤¤¤¤¤¤ | ADS @C:\ProgramData\Temp:373E1720 ¤¤¤¤¤¤¤¤¤¤ | Drives Disk: 0 Size=17.2T Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: ASUSTeK Computer INC. BIOS Manufacturer: American Megatrends Inc. System Manufacturer: System manufacturer System Product Name: System Product Name Logical Drives Mask: 0x000007dc Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 3858 | 22:48:09