--------------- QuickDiag | g3n-h@ckm@n | 2_12.08.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 15/08/2016 13:12:44 Updated 12/08/2016 | 12.00 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [philippe (Administrator)] - [PHILIPPE-PC] (S-1-5-21-3678015658-1535024606-787214864-1000) System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition3 Boot : Normal boot PC: EasyNote LS44HR - Packard Bell - IdNumber: NXBZ5MF006224356D01601 - UUID: AB20044B-BFAF-E111-A79D-B888E344CCFB Processor : X64 - 2095 Mhz - Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz InsydeH2O Version V1.20 - en|US|iso8859-1 - Packard Bell - S/N: NXBZ5MF006224356D01601 - V1.20 - ACRSYS - 1 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_10250513&REV_1001\4&1E96CE40&0&0001 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2805&SUBSYS_80860101&REV_1000\4&1E96CE40&0&0301 ---------- | Video Intel(R) HD Graphics 3000 - Resolution: 1600x900 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumd32,igd10umd32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0116&SUBSYS_066E1025&REV_09\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1935597568 AMD Radeon HD 7400M Series - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_6760&SUBSYS_066E1025&REV_00\4&22D184D6&0&0008 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 3000 - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:18 % CPU #3 value:0 % CPU #4 value:18 % Total Overall CPU Usage value:9 % ---------- | Network Atheros AR8151 PCI-E Gigabit Ethernet Controller [NDIS 6.20] : SENT:0 bytes/sec / RECVD:0 bytes/sec Carte réseau Broadcom 802.11n : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D} : SENT:0 bytes/sec / RECVD:0 bytes/sec Reusable ISATAP Interface {33A036A5-70B3-4E2C-9B90-3B68B1A0AF75} : SENT:0 bytes/sec / RECVD:0 bytes/sec Reusable ISATAP Interface {DA10369E-0829-4222-975D-878FCCD2E9F9} : SENT:0 bytes/sec / RECVD:0 bytes/sec Reusable ISATAP Interface {69AA4C0C-6242-4E65-9108-7709329DCED5} : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:9 bytes/sec, / RECEIVE Maximum:0 bytes/sec WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) - Ethernet 802.3 - Atheros - Status: - PnPID : PCI\VEN_1969&DEV_1083&SUBSYS_05131025&REV_C0\4&1326A0CB&0&00E0 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 RAS Async Adapter - - - Status: - PnPID : Carte Microsoft ISATAP #3 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0002 Carte réseau Broadcom 802.11n - Ethernet 802.3 - Broadcom - Status: - PnPID : PCI\VEN_14E4&DEV_4358&SUBSYS_E040105B&REV_00\4&38F406B&0&00E1 Carte Microsoft ISATAP #2 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0005 Carte Microsoft ISATAP #4 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0003 TAP-Windows Adapter V9 - - TAP-Windows Provider V9 - Status: - PnPID : ROOT\NET\0000 Anchorfree HSS VPN Adapter - Ethernet 802.3 - Anchorfree HSS VPN Adapter - Status: - PnPID : ROOT\NET\0001 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0006 ---------- | Memory RAM = Total (MB) : 4043 | Free (MB) : 1681 Pagefile = Total (MB) : 8083 | Free (MB) : 5519 Virtual = Total (MB) : 4194 | Free (MB) : 4024 Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Samsung - PartNumber: M471B5273CH0-CH9 - S/N: 007554E9 ---------- | SID Users Administrateur : [S-1-5-21-3678015658-1535024606-787214864-500] HomeGroupUser$ : [S-1-5-21-3678015658-1535024606-787214864-1002] Invité : [S-1-5-21-3678015658-1535024606-787214864-501] philippe : [S-1-5-21-3678015658-1535024606-787214864-1000] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-3678015658-1535024606-787214864-1001] ---------- | Drives E:\ -> [CDROM] | [Audio CD] D:\ -> [Fixed] | [DATA] | Total : 340.12 Go | Free : 99.05 Go -> NTFS [ATA] C:\ -> [Fixed] | [Packard Bell] | Total : 339.87 Go | Free : 227.18 Go -> NTFS [ATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:1,854,278 bytes/sec, Written:0 bytes/sec Max Read:1,854,278 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:1,854,278 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : IDE\DISKHITACHI_HTS547575A9E384_________________JE4OA60A\4&23E9CEA8&0&0.0.0 ---------- | Windows updates Last detection : 2016-08-14 10:48:43 Downloaded last ones : 2016-08-12 09:22:28 Installed last ones : 2016-08-12 09:22:34 Next search : 2016-08-15 15:19:05 Windows Is Activated ---------- | Browsers IE : 11.0.9600.18427 (© Microsoft Corporation. Tous droits réservés.) FF : 47.0.0.5999 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.210 FlashPlayer Plugin : 22.0.0.209 ---------- | Security AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 23/07/2016 16:53:21] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 328 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23455) = C:\Windows\System32\smss.exe [23/06/2016 23:31:22] CPU Usage:0 % 780 | [Owner : | Parent : 460() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 01:52:37] CPU Usage:0 % 836 | [Owner : | Parent : 780(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [13/05/2015 09:26:01] CPU Usage:0 % 860 | [Owner : | Parent : 780(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23497) = C:\Windows\System32\lsass.exe [10/08/2016 10:25:39] CPU Usage:0 % 868 | [Owner : | Parent : 780(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 05:23:53] CPU Usage:0 % 924 | [Owner : | Parent : 788() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe [12/11/2014 15:51:08] CPU Usage:0 % 128 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 488 | [Owner : | Parent : 836(services.exe) | ?????] - (.ESET - ESET Service.) - (9.0.385.1) = C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [23/06/2016 14:12:04] CPU Usage:0 % 552 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 616 | [Owner : | Parent : 836(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe [16/07/2015 03:17:14] CPU Usage:0 % 712 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 744 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 808 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 956 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1088 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1208 | [Owner : | Parent : 616(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe [16/07/2015 03:17:22] CPU Usage:0 % 1244 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1404 | [Owner : | Parent : 744(svchost.exe) | ?????] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe [14/07/2009 02:07:15] CPU Usage:0 % 1412 | [Owner : | Parent : 472(csrss.exe) | ?????] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23455) = C:\Windows\System32\conhost.exe [23/06/2016 23:31:22] CPU Usage:0 % 1508 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe [23/06/2014 18:31:35] CPU Usage:0 % 1536 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1620 | [Owner : | Parent : 836(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) - (9.0.0.0) = C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [30/09/2010 03:06:46] CPU Usage:0 % 1700 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Updates Skype Click to Call.) - (8.3.0.9150) = C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [25/05/2016 10:30:36] CPU Usage:0 % 1768 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) - (8.3.0.9150) = C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [25/05/2016 10:31:20] CPU Usage:0 % 1812 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1872 | [Owner : | Parent : 836(services.exe) | ?????] - (.Dritek System Inc. - Dritek WMI Service.) - (3.6.0.2308) = C:\Program Files (x86)\Launch Manager\dsiwmis.exe [14/02/2012 19:13:25] CPU Usage:0 % 1916 | [Owner : | Parent : 1872(dsiwmis.exe) | ?????] - (.Dritek System Inc. - Launch Manager utility process.) - (1.4.0.2308) = C:\Program Files (x86)\Launch Manager\LMutilps32.exe [14/02/2012 19:13:25] CPU Usage:0 % 1924 | [Owner : | Parent : 836(services.exe) | ?????] - (.Acer Incorporated - ePowerSvc.) - (6.0.3008.0) = C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [22/06/2014 22:26:26] CPU Usage:0 % 1968 | [Owner : | Parent : 836(services.exe) | ?????] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe [31/07/2015 11:18:47] CPU Usage:0 % 2028 | [Owner : | Parent : 836(services.exe) | ?????] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (8.0.0.0) = C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [11/12/2015 12:34:24] CPU Usage:0 % 752 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1224 | [Owner : | Parent : 836(services.exe) | ?????] - (.Acer Incorporated - Global Registration Service.) - (1.0.0.3) = C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [30/05/2011 04:54:14] CPU Usage:0 % 1716 | [Owner : | Parent : 836(services.exe) | ?????] - (.AnchorFree Inc. - Hotspot Shield 5.4.9.) - (5.4.9.9763) = C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [06/08/2016 00:21:44] CPU Usage:0 % 1724 | [Owner : | Parent : 836(services.exe) | ?????] - (.Acer Incorporated - Updater Service.) - (1.2.3502.0) = C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [28/10/2015 15:12:41] CPU Usage:0 % 2076 | [Owner : | Parent : 836(services.exe) | ?????] - (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) - (1.0.3.1) = C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe [08/08/2016 14:16:06] CPU Usage:0 % 2156 | [Owner : | Parent : 836(services.exe) | ?????] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.5.0) = C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [11/04/2015 17:55:15] CPU Usage:0 % 2420 | [Owner : | Parent : 2076(mepService.exe) | ?????] - (.Microsoft Corporation - Print driver host for 32bit applications.) - (6.1.7601.17777) = C:\Windows\splwow64.exe [23/06/2014 18:31:35] CPU Usage:0 % 2632 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3424 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - IAStorDataSvc.) - (10.1.2.1004) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [22/06/2014 21:56:59] CPU Usage:0 % 3468 | [Owner : | Parent : 3440() | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.31.5) = C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe [29/07/2016 11:11:19] CPU Usage:0 % 3484 | [Owner : | Parent : 3440() | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.31.5) = C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe [29/07/2016 11:11:19] CPU Usage:0 % 3568 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - Local Manageability Service.) - (7.0.4.1197) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [22/06/2014 22:00:51] CPU Usage:0 % 3596 | [Owner : | Parent : 836(services.exe) | ?????] - (.Nero AG - NeroUpdate.) - (1.0.31.0) = C:\Program Files (x86)\Nero\Update\NASvc.exe [30/03/2011 01:33:08] CPU Usage:0 % 3696 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:25 % 3740 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2010 05:25:05] CPU Usage:0 % 3788 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe [21/09/2011 11:36:31] CPU Usage:0 % 304 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - User Notification Service.) - (7.0.4.1197) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [22/06/2014 22:00:52] CPU Usage:0 % 692 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe [21/11/2010 05:24:03] CPU Usage:0 % 1548 | [Owner : philippe | Parent : 836(services.exe) | 14.16 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [24/06/2014 15:54:55] CPU Usage:0 % 3552 | [Owner : philippe | Parent : 488(ekrn.exe) | 38.35 Mo] - (.ESET - ESET Main GUI.) - (9.0.385.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [10/06/2016 15:10:42] CPU Usage:0 % 2344 | [Owner : philippe | Parent : 2076(mepService.exe) | 41.59 Mo] - (.SEIKO EPSON CORPORATION - MyEpson Portal.) - (1.1.2.4) = C:\Program Files (x86)\epson\MyEpson Portal\mep.exe [04/08/2016 17:27:48] CPU Usage:0 % 1376 | [Owner : | Parent : 956(svchost.exe) | ?????] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [21/11/2010 05:24:27] CPU Usage:0 % 3892 | [Owner : philippe | Parent : 744(svchost.exe) | 43.88 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 01:37:38] CPU Usage:0 % 1820 | [Owner : philippe | Parent : 1096() | 64.23 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23418) = C:\Windows\explorer.exe [20/05/2016 07:51:16] CPU Usage:0 % 3564 | [Owner : philippe | Parent : 2344(mep.exe) | 10.65 Mo] - (.Microsoft Corporation - Print driver host for 32bit applications.) - (6.1.7601.17777) = C:\Windows\splwow64.exe [23/06/2014 18:31:35] CPU Usage:0 % 3592 | [Owner : philippe | Parent : 3184(SynTPEnh.exe) | 59.42 Mo] - (.AnchorFree Inc. - Hotspot Shield 5.4.9.) - (5.4.9.9763) = C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe [06/08/2016 00:16:06] CPU Usage:0 % 3184 | [Owner : philippe | Parent : 1820(explorer.exe) | 15.32 Mo] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.1.6.0) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [14/02/2012 19:13:57] CPU Usage:0 % 4116 | [Owner : philippe | Parent : 1820(explorer.exe) | 12.04 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.650) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [22/06/2014 22:07:15] CPU Usage:0 % 4220 | [Owner : philippe | Parent : 1820(explorer.exe) | 11.61 Mo] - (.Acer Incorporated - ePowerTray.) - (6.0.3008.0) = C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [22/06/2014 22:26:26] CPU Usage:0 % 4228 | [Owner : philippe | Parent : 1820(explorer.exe) | 7.95 Mo] - (.Intel Corporation - igfxTray Module.) - (8.15.10.4229) = C:\Windows\System32\igfxtray.exe [01/06/2015 21:00:40] CPU Usage:0 % 4236 | [Owner : philippe | Parent : 1820(explorer.exe) | 7.69 Mo] - (.Intel Corporation - hkcmd Module.) - (8.15.10.4229) = C:\Windows\System32\hkcmd.exe [01/06/2015 21:00:12] CPU Usage:0 % 4244 | [Owner : philippe | Parent : 1820(explorer.exe) | 8.8 Mo] - (.Intel Corporation - persistence Module.) - (8.15.10.4229) = C:\Windows\System32\igfxpers.exe [01/06/2015 21:00:32] CPU Usage:0 % 4300 | [Owner : philippe | Parent : 1820(explorer.exe) | 9.31 Mo] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (8.0.0.0) = C:\Windows\System32\spool\drivers\x64\3\E_IATILRE.EXE [11/12/2015 12:32:26] CPU Usage:0 % 4408 | [Owner : philippe | Parent : 128(svchost.exe) | 7.73 Mo] - (.Intel Corporation - igfxsrvc Module.) - (8.15.10.4229) = C:\Windows\System32\igfxsrvc.exe [01/06/2015 21:00:40] CPU Usage:0 % 4420 | [Owner : philippe | Parent : 4312() | 15.62 Mo] - (.Dritek System Inc. - Launch Manager.) - (5.1.7.2308) = C:\Program Files (x86)\Launch Manager\LManager.exe [14/02/2012 19:13:25] CPU Usage:0 % 4436 | [Owner : philippe | Parent : 4312() | 13.39 Mo] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) - (2.0.0.145) = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [24/02/2015 17:31:02] CPU Usage:0 % 4580 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS.) - (1.0.0.1) = C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [21/01/2015 17:32:04] CPU Usage:0 % 4588 | [Owner : philippe | Parent : 4312() | 8.83 Mo] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (3.2.0.0) = C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [20/01/2016 12:21:14] CPU Usage:0 % 4684 | [Owner : philippe | Parent : 4312() | 5.58 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.101.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [22/06/2016 02:13:02] CPU Usage:0 % 4748 | [Owner : | Parent : 712(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.18741) = C:\Windows\System32\audiodg.exe [11/03/2015 12:59:52] CPU Usage:0 % 4780 | [Owner : philippe | Parent : 4572() | 9.9 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe [15/07/2015 22:08:14] CPU Usage:0 % 4944 | [Owner : philippe | Parent : 128(svchost.exe) | 6.55 Mo] - (.Intel Corporation - igfxext Module.) - (8.15.10.4229) = C:\Windows\System32\igfxext.exe [01/06/2015 21:00:30] CPU Usage:0 % 4984 | [Owner : philippe | Parent : 4420(LManager.exe) | 6.48 Mo] - (.Dritek System Inc. - MMDx64Fx Application.) - (2.0.0.2308) = C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe [14/02/2012 19:13:25] CPU Usage:0 % 5004 | [Owner : philippe | Parent : 128(svchost.exe) | 6.72 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe [14/07/2009 01:47:12] CPU Usage:0 % 5016 | [Owner : philippe | Parent : 1872(dsiwmis.exe) | 5.06 Mo] - (.Dritek System Inc. - Launch Manager Worker.) - (2.5.1.2308) = C:\Program Files (x86)\Launch Manager\LMworker.exe [14/02/2012 19:13:25] CPU Usage:0 % 4280 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 664 | [Owner : | Parent : 1924(ePowerSvc.exe) | ?????] - (.Acer Incorporated - ePowerEvent.) - (6.0.3008.0) = C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe [22/06/2014 22:26:26] CPU Usage:0 % 5480 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 5784 | [Owner : philippe | Parent : 3184(SynTPEnh.exe) | 3.82 Mo] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.1.6.0) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [14/02/2012 19:13:57] CPU Usage:0 % 5872 | [Owner : philippe | Parent : 4780(MOM.exe) | 10.46 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe [15/07/2015 22:08:10] CPU Usage:0 % 5460 | [Owner : philippe | Parent : 956(svchost.exe) | 7.07 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [21/11/2010 05:24:27] CPU Usage:0 % 5892 | [Owner : philippe | Parent : 5460(taskeng.exe) | 1.04 Mo] - (.CyberLink - MediaEspresso DeviceDetector.) - (6.5.1705.37845) = C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [20/05/2011 19:44:32] CPU Usage:0 % 5196 | [Owner : philippe | Parent : 1820(explorer.exe) | 336.76 Mo] - (.Mozilla Corporation - Firefox.) - (47.0.0.5999) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [10/06/2016 19:43:16] CPU Usage:0 % 5736 | [Owner : philippe | Parent : 1820(explorer.exe) | 155.55 Mo] - (.Mozilla Corporation - Thunderbird.) - (45.2.0.6025) = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [09/07/2016 14:28:54] CPU Usage:0 % 1780 | [Owner : philippe | Parent : 1820(explorer.exe) | 24.46 Mo] - (.SosVirus - QuickDiag.) - (12.8.2016.1) = C:\Users\philippe\Desktop\quickdiag_2_12.08.2016.1.exe [15/08/2016 13:11:02] CPU Usage:0 % 4928 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 05:23:56] CPU Usage:0 % ---------- | MD5 [MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [20/05/2016 07:51:16] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.23418) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.34DA670F767DE80A5157D1238DD80CE2] - [23/06/2016 23:31:22] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23455) : C:\Windows\System32\Kernel32.dll [MD5.13FE29C1C8E782829C7FAA3B14F4A666] - [10/08/2016 10:25:39] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23497) : C:\Windows\System32\lsass.exe [MD5.622C96AFB07BB82C8650B47172137AC4] - [20/03/2016 10:47:00] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [13/05/2015 09:26:01] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.06BF84D26A05D400F6B3FB3D3DE0B03A] - [09/12/2015 19:28:44] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985 Ko] - (6.1.7601.19061) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 05:24:28] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [12/11/2014 15:51:08] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 12:26:48] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [24/06/2014 16:13:31] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [21/11/2010 05:24:32] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.D469B77687E12FE43E344806740B624D] - [22/06/2014 21:56:48] - (.Copyright(C) Intel Corporation 1994-2011 - Intel Rapid Storage Technology driver - x64.) - [429.02 Ko] - (10.1.2.1004) : C:\Windows\System32\Drivers\iastor.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.B7FADA5E1E55BB63F90EB9F8F016113B] - [10/08/2016 10:25:39] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23497) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 12:26:30] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.E47D571FEC2C76E867935109AB2A770C] - [21/06/2016 13:20:21] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [23/02/2016 20:27:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [21/11/2010 05:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [24/06/2014 16:14:46] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 12:26:48] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.Acer Incorporated.-.SysHook Dynamic Link Library.) - (6.0.3008.0) -- C:\Program Files\Packard Bell\Packard Bell Power Management\SysHook.dll (.Seiko Epson Corporation.-.Epson Easy Photo Print (TBL x64).) - (2.7.0.0) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.21.0.0) -- C:\Program Files\WinRAR\rarext.dll (.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll (.ESET.-.ESET Shell Extension.) - (9.0.385.0) -- C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.205) -- C:\Windows\system32\RtkAPO64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU CCleaner - ("C:\Program Files\CCleaner\CCleaner64.exe" /AUTO [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\...\Run]) - User: philippe-PC\philippe EPLTarget\P0000000000000000 - (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILRE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-510 Series" /EF "HKCU" [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\...\Run]) - User: philippe-PC\philippe CyberGhost - ("C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\...\Run]) - User: philippe-PC\philippe SynTPEnh - (%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [HKLM\...\Run]) - User: Public RtHDVCpl - (C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [HKLM\...\Run]) - User: Public AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\...\Run]) - User: Public Power Management - (C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [HKLM\...\Run]) - User: Public IgfxTray - ("C:\Windows\system32\igfxtray.exe" [HKLM\...\Run]) - User: Public HotKeysCmds - ("C:\Windows\system32\hkcmd.exe" [HKLM\...\Run]) - User: Public Persistence - ("C:\Windows\system32\igfxpers.exe" [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" /AUTO "EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILRE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-510 Series" /EF "HKCU" "CyberGhost"="C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Power Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [22/06/2014 22:26:26] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [14/02/2012 19:13:25] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [24/02/2015 17:31:02] "StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=cb3060bf-a4e4-47d4-bb41-7bca32a "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=860 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK C:\Users\philippe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk (/lite) C:\Users\philippe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\eadeb0e02ef33b82\Aide.lnk (--launch-help) C:\Users\philippe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Manuels EPSON.lnk (/LA "FR" /FR "STARTMENU") C:\Users\philippe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) C:\Users\philippe\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\philippe\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( -extoff) C:\Users\philippe\Desktop\utilitaire\Manuels EPSON.lnk (/LA "FR" /FR "DESKTOP") C:\Users\philippe\Desktop\utilitaire\MyEpson Portal.lnk (/S) C:\Users\philippe\Desktop\utilitaire\Samsung Kies (Lite).lnk (/lite) C:\Users\Public\Desktop\Help.lnk (--launch-help) C:\Users\Public\Desktop\WildTangent Games App - packardbell.lnk (/src desktopoem /dp packardbellnb) C:\ProgramData\Microsoft\Windows\GameExplorer\{0f8ade68-df58-4eae-a24a-e238d634bf55}\PlayTasks\0\Agatha Christie - Death on the Nile.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{12fa7db4-d91e-4b7a-b7ff-4216b5e151e8}\PlayTasks\0\Crazy Chicken Kart 2.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{134726E5-0682-43C5-8AA2-DD4D6A866DD4}\PlayTasks\0\Bejeweled 2 Deluxe.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{29556c6b-abba-4173-8102-4642846d5b4f}\PlayTasks\0\Wedding Dash.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{3266d333-42e6-4cb3-a50a-a87067dede95}\PlayTasks\0\Torchlight.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{3edea465-61b0-4949-97e6-2cdc82169b9f}\PlayTasks\0\John Deere Drive Green.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{46A07E00-B5A3-4EA8-B375-A503EBB9D726}\PlayTasks\0\Final Drive Nitro.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{471351f0-4e8a-47bf-a6b3-3de3c99ae340}\PlayTasks\0\Jewel Match 3.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{5ae0d760-ddcf-4247-85df-eacefd518e86}\PlayTasks\0\Plants vs. Zombies - Game of the Year.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{6BDF3201-10E6-46ED-9A87-7FD18C418CFD}\PlayTasks\0\FATE.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{6E7DD52D-205E-4D6D-AF6A-0C34703DFA61}\PlayTasks\0\Chuzzle Deluxe.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{82cff345-989a-4f4d-94de-db6de238eb5f}\PlayTasks\0\Mystery of Mortlake Mansion.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{951226E3-26FC-40BC-8085-3677B1128F59}\PlayTasks\0\Polar Bowler.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{a382b548-99a3-4dca-9a58-62b8e08af23d}\PlayTasks\0\Jewel Quest Solitaire.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{A4B598D2-9BFF-456F-A667-D3B8A0849286}\PlayTasks\0\Insaniquarium Deluxe.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{C8DEFEB5-AFE9-48D0-A9E6-355F537F0BAD}\PlayTasks\0\Slingo Deluxe.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{d8addf57-a369-460f-8a5c-2f240d8e33b7}\PlayTasks\0\Virtual Villagers 4 - The Tree of Life.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{f405496e-4cd5-4891-a8bc-3e58bd47b25c}\PlayTasks\0\Penguins!.lnk (/launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Aide.lnk (Start Help -help) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso\MediaEspresso Gadget.lnk (gadget) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\MyEpson Portal.lnk (/S) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON XP-510 Series\Comment acheter.lnk (/T "MENU" /D "EPSON XP-510 Series" /M "XP-510 Series" /A) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON XP-510 Series\Désinstallation du pilote d'impression EPSON.lnk (/R /APD /P:"EPSON XP-510 Series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON XP-510 Series\Mise à jour du logiciel.lnk (/RUN /D "EPSON XP-510 Series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON XP-510 Series\Support technique.lnk (C:\Windows\system32\spool\DRIVERS\x64\3\E_IGEPLRE.DLL,GE_OpenELINK "XP-510 Series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON Software Updater.lnk (/ST) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Manuels EPSON.lnk (/LA "FR" /FR "STARTMENU") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET NOD32 Antivirus\Désinstaller.lnk (/i {96202342-C4D5-4A2E-9B5F-9087ADECF177}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Agatha Christie - Death on the Nile.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Crazy Chicken Kart 2.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match 3.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\John Deere Drive Green.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Packard Bell Games.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mystery of Mortlake Mansion.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies - Game of the Year.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Slingo Deluxe.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers 4 - The Tree of Life.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Wedding Dash.lnk (/launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - packardbell.lnk (/src gamesmenuoem /dp packardbellnb) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Mode sans échec).lnk (-safe-mode) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk (http://go.packardbell.com/?id=9660) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Identity Card.lnk (Identity Card) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk (/lite) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk (/removeonly) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk (/removeonly) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk (-Iskins) ---------- | AppCertDlls | AppInit_DLLs ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Control Panel\Desktop] "ScreenSaveActive"=0 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=0 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveTimeOut"=23400 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\philippe\AppData\Roaming\Mozilla\Firefox\Fond d'écran.bmp [16/11/2014 20:44:09] "ScreenSaverIsSecure"=0 "LogPixels"=96 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "link"=0x1C000000 "Browse For Folder Width"=347 "Browse For Folder Height"=288 [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "ShowSuperHidden"=0 ""=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableLinkedConnections"=1 "EnableSecureUIAPath"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=17 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableLinkedConnections"=1 "EnableSecureUIAPath"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=244 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "AutoAdminLogon"=0 "DefaultUserName"=philippe [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [10/08/2016 10:25:27] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [10/08/2016 10:25:27] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\philippe\Downloads\Firefox Setup 3.5.19.exe"=1 "C:\Users\philippe\Downloads\Thunderbird Setup 24.6.0.exe"=1 "C:\Users\philippe\AppData\Local\Temp\fp_pl_pfs_installer.exe"=1 "C:\Users\philippe\Downloads\vlc-2.1.3-win32.exe"=1 "C:\Users\philippe\Downloads\Kies3Setup.exe"=1 "C:\Users\philippe\Downloads\ZHPDiag2.exe"=1 "C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe"=1 "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe"=1 "C:\Users\philippe\Downloads\spybot-2.3.exe"=1 "C:\Users\philippe\Downloads\jxpiinstall.exe"=1 "C:\Users\philippe\Downloads\HJTInstall.exe"=1 "C:\Users\philippe\Downloads\mbam-setup-2.0.3.1025.exe"=1 "C:\Users\philippe\Downloads\ccsetup419.exe"=1 "C:\Users\philippe\Downloads\install_reader11_fr_mssd_aaa_aih.exe"=1 "C:\Users\philippe\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe"=1 "C:\Users\philippe\Downloads\FurMark_1.15.1.0_Setup.exe"=1 "C:\Users\philippe\Desktop\whocrashedSetup.exe"=1 "C:\AMD\AMD-Catalyst-Omega-14.12-Without-DOTNet45-Win7-64bit\Packages\Apps\VC12RTx86\vcredist_x86\vcredist_x86.exe"=1 "C:\AMD\AMD-Catalyst-Omega-14.12-Without-DOTNet45-Win7-64bit\Packages\Apps\VC12RTx64\vcredist_x64\vcredist_x64.exe"=1 "C:\AMD\AMD-Catalyst-Omega-14.12-Without-DOTNet45-Win7-64bit\Packages\Apps\Raptr\RaptrInstaller\amd_ge_installer.exe"=1 "C:\Users\philippe\Downloads\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe"=1 "C:\Users\philippe\Desktop\outis desinfections\whocrashedSetup.exe"=1 "C:\Users\philippe\Downloads\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit(1).exe"=1 "C:\Users\philippe\Desktop\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe"=1 "C:\Users\philippe\Downloads\Intel Driver Update Utility Installer.exe"=1 "C:\Users\philippe\Downloads\Intel Driver Update Utility Installer(1).exe"=1 "C:\Users\philippe\Downloads\Intel Driver Update Utility Installer(2).exe"=1 "C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe"=1 "C:\Users\philippe\Downloads\Setup_FileViewPro_[2015].exe"=1 "C:\Users\philippe\Downloads\ZHPDiag2(1).exe"=1 "C:\Users\philippe\Downloads\jxpiinstall(1).exe"=1 "C:\Users\philippe\Downloads\SumatraPDF-3.0-install.exe"=1 "C:\Users\philippe\Downloads\SkypeSetup.exe"=1 "C:\Users\philippe\Downloads\KiesSetup.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u45-windows-au.exe"=1 "C:\Users\philippe\Downloads\jxpiinstall(2).exe"=1 "C:\Users\philippe\Downloads\esetsmartinstaller_enu.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u51-windows-au.exe"=1 "C:\Users\philippe\Downloads\amd-catalyst-15.7-with-dotnet45-win7-64bit.exe"=1 "C:\Users\philippe\Downloads\jxpiinstall(3).exe"=1 "C:\Users\philippe\Downloads\produkey_setup.exe"=1 "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNRUD.EXE"=1 "C:\AMD\AMD-Catalyst-15.7.1-Without-DOTNet45-Win7-64bit\Packages\Apps\Raptr\RaptrInstaller\amd_ge_installer.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u60-windows-au.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u65-windows-au.exe"=1 "C:\Users\philippe\Downloads\XnView-win.exe"=1 "C:\Users\philippe\Downloads\Acer.1.5.2904.19458_AVC120510-01.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u66-windows-au.exe"=1 "C:\Users\philippe\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_fr.exe"=1 "C:\Users\philippe\Downloads\GoogleEarthSetup.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u71-windows-au.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u73-windows-au.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u77-windows-au.exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u91-windows-au.exe"=1 "C:\Users\philippe\AppData\Local\Temp\ese289F.tmp.exe"=1 "C:\Users\philippe\Desktop\ZHPFix.exe"=1 "C:\Program Files (x86)\ZHPFix\ZHPhep.exe"=1 "C:\Users\philippe\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe"=1 "C:\Users\philippe\Downloads\mbam-setup-cnet.35891-2.2.1.1043(1).exe"=1 "C:\Users\philippe\Downloads\mbam-setup-cnet.35891-2.2.1.1043(3).exe"=1 "C:\Users\philippe\Downloads\mbam-setup-cnet.35891-2.2.1.1043(4).exe"=1 "C:\Users\philippe\Downloads\mbam-setup-cnet.35891-2.2.1.1043(5).exe"=1 "C:\Users\philippe\AppData\Local\Temp\jre-8u101-windows-au.exe"=1 "C:\Users\philippe\Downloads\CG_5.5.1.342961.exe"=1 "C:\Users\philippe\Downloads\HotspotShield\HSS-4.04-install-e-684-plain.exe"=1 "C:\Users\philippe\Downloads\HSS-5.4.9-install-plain-773-plain.exe"=1 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x9F6680E0528ECF01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | @ [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP "Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\System32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "DisableFirstRunCustomize"=1 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C00000002000000010000000083FFFF0083FFFFFFFFFFFFFFFFFFFF8D01000033000000AD0400005B020000 "IconCache"=rfv8osz "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFB0010000970000003004000077020000 "OperationalData"=5 "ImageStoreRandomFolder"=s8pt7b0 "IE10TourNoShow"=1 "Search Bar"=https://www.google.com/ "Start Default_Page_URL"=https://www.google.com/ "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "CustomizeSearch"=https://www.google.com/ "SearchMigratedDefaultName"=google.com "SearchMigratedDefaultURL"=https://www.google.com/ "Start Page_TIMESTAMP"=0xE025E6C9C7F3D101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?pc=UE12&ocid=UE12DHP "Start Page Redirect Cache_TIMESTAMP"=0x16F51A757FF4D101 "Start Page Redirect Cache AcceptLangs"=fr-FR [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"=https://www.google.com/ "Search Bar"=https://www.google.com/ "Start Page"=https://www.google.com/ "Start Default_Page_URL"=https://www.google.com/ "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "CustomizeSearch"=https://www.google.com/ "SearchMigratedDefaultName"=google.com "SearchMigratedDefaultURL"=https://www.google.com/ [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Internet Explorer\SearchURL] "Default"=https://www.google.com/ [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Internet Explorer\AboutURLs] "Tabs"=https://www.google.com/ [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xDA3F2D144990CF01 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyOverride"=*.local "WarNonBadCertReceving"=1 "WarNonHTTPSToHTTPRedirect"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "TabProcGrowth"=Medium "Print_Background"=0 "AlwaysShowMenus"=0 "StatusBarWeb"=1 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Search Bar"=https://www.google.com/ "Start Default_Page_URL"=https://www.google.com/ "CustomizeSearch"=https://www.google.com/ "SearchMigratedDefaultName"=google.com "SearchMigratedDefaultURL"=https://www.google.com/ [HKLM\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"=https://www.google.com/ "Search Bar"=https://www.google.com/ "Start Page"=https://www.google.com/ "Start Default_Page_URL"=https://www.google.com/ "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "CustomizeSearch"=https://www.google.com/ "SearchMigratedDefaultName"=google.com "SearchMigratedDefaultURL"=https://www.google.com/ [HKLM\Software\Microsoft\Internet Explorer\SearchURL] "Default"=https://www.google.com/ [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=https://www.google.com/ "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "TabProcGrowth"=Medium "Print_Background"=0 "AlwaysShowMenus"=0 "StatusBarWeb"=1 "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Search Bar"=https://www.google.com/ "Start Default_Page_URL"=https://www.google.com/ "CustomizeSearch"=https://www.google.com/ "SearchMigratedDefaultName"=google.com "SearchMigratedDefaultURL"=https://www.google.com/ [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"=https://www.google.com/ "Search Bar"=https://www.google.com/ "Start Page"=https://www.google.com/ "Start Default_Page_URL"=https://www.google.com/ "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "CustomizeSearch"=https://www.google.com/ "SearchMigratedDefaultName"=google.com "SearchMigratedDefaultURL"=https://www.google.com/ [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchURL] "Default"=https://www.google.com/ [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=https://www.google.com/ "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100000000000000001000000800600005E01000007000000C900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000071CB8D86DF844388428FA844297B3F00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=0 [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "Version"=4 "UpgradeTime"=0x4CCD8A0FC201D001 "KnownProvidersUpgradeTime"=0x628D6A981E92CF01 "DownloadRetries"=1 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "{8dcb7100-df86-4384-8842-8fa844297b3f}"=Bing "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101) - [] ---------- | SearchScopes [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5608F1A-21A5-476A-B553-5653B602E21A}] - (Yahoo Search) - https://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Windows Live ID Sign-in Helper) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [29/03/2011 06:35:06] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] -> (Skype Click to Call for Internet Explorer) : C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [25/05/2016 10:30:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 12:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [28/07/2016 09:35:31] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Windows Live ID Sign-in Helper) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [29/03/2011 06:35:06] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] -> (Skype Click to Call for Internet Explorer) : C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [25/05/2016 10:30:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [28/07/2016 09:35:28] ---------- | Chrome ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.209 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.209 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] - (Google Earth in your browser) : C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll C:\Users\philippe\AppData\Roaming\Mozilla\Firefox\Profiles\36q5y8k7.default-1448095414472\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160604131506"); user_pref("browser.startup.homepage_override.mstone", "47.0"); user_pref("extensions.blocklist.pingCountTotal", 243); user_pref("extensions.blocklist.pingCountVersion", 59); user_pref("extensions.bootstrappedAddons", "{\"loop@mozilla.org\":{\"version\":\"1.3.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"version\":\"8.3.0.9150\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", true); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1471172630); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160128.01"); user_pref("extensions.lastAppVersion", "47.0"); user_pref("extensions.lastPlatformVersion", "47.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pocket.settings.signupAB", "storyboard_lm"); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1465580608567},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1465580608564},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1465580608554}},\"app-global\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi\",\"e\":true,\"v\":\"8.3.0.9150\",\"st\":1464161860000},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1465580608648}},\"winreg-app-global\":{\"e-webprint@epson.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Epson Software\\\\E-Web Print\\\\Firefox Add-on\",\"e\":false,\"v\":\"1.23.00\",\"st\":1446313098211,\"mt\":1432711826000}}}"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.baseURI", "resource://82af8dca-6de9-405d-bd5e-43525bdad38a/"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.domain", "82af8dca-6de9-405d-bd5e-43525bdad38a"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.load.reason", "startup"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.rootURI", "jar:file:///C:/Program%20Files%20(x86)/Mozilla%20Firefox/browser/extensions/%7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D.xpi!/"); user_pref("extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.sdk.version", "8.3.0.9150"); user_pref("network.proxy.type", 0); ---------- | Active Connections TCP 127.0.0.1:20371 philippe-PC:49182 ESTABLISHED 1716 TCP 127.0.0.1:49182 philippe-PC:20371 ESTABLISHED 3592 TCP 127.0.0.1:49258 philippe-PC:49259 ESTABLISHED 5196 TCP 127.0.0.1:49259 philippe-PC:49258 ESTABLISHED 5196 TCP 127.0.0.1:49260 philippe-PC:49261 ESTABLISHED 5736 TCP 127.0.0.1:49261 philippe-PC:49260 ESTABLISHED 5736 TCP 127.0.0.1:49467 philippe-PC:49468 ESTABLISHED 7116 TCP 127.0.0.1:49468 philippe-PC:49467 ESTABLISHED 7116 TCP 127.0.0.1:49481 philippe-PC:49482 ESTABLISHED 7116 TCP 127.0.0.1:49482 philippe-PC:49481 ESTABLISHED 7116 TCP 192.168.0.14:49650 192.168.0.11:54243 TIME_WAIT 0 TCP 192.168.0.14:49652 192.168.0.11:54243 TIME_WAIT 0 TCP 192.168.0.14:49654 192.168.0.11:54243 TIME_WAIT 0 TCP 192.168.0.14:49660 192.168.0.11:54243 TIME_WAIT 0 TCP 192.168.0.14:49661 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49662 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49663 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49664 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49665 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49666 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49667 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49668 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49669 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49670 91-228-166-148.ptr.eset.com:https TIME_WAIT 0 TCP 192.168.0.14:49671 ec2-54-148-104-15.us-west-2.compute.amazonaws.com:https ESTABLISHED 5196 TCP 192.168.0.14:49672 ec2-54-148-104-15.us-west-2.compute.amazonaws.com:https TIME_WAIT 0 TCP 192.168.0.14:49675 93.184.220.29:http ESTABLISHED 5196 TCP 192.168.0.14:49676 ec2-52-35-149-230.us-west-2.compute.amazonaws.com:https ESTABLISHED 5196 TCP 192.168.0.14:49677 ec2-52-35-149-230.us-west-2.compute.amazonaws.com:https TIME_WAIT 0 TCP 192.168.0.14:49678 ec2-52-35-149-230.us-west-2.compute.amazonaws.com:https ESTABLISHED 5196 TCP 192.168.0.14:49679 ec2-52-35-149-230.us-west-2.compute.amazonaws.com:https ESTABLISHED 5196 TCP 192.168.0.14:49682 ec2-54-187-134-130.us-west-2.compute.amazonaws.com:https ESTABLISHED 5196 TCP 192.168.0.14:49683 ec2-54-187-134-130.us-west-2.compute.amazonaws.com:https TIME_WAIT 0 TCP 192.168.0.14:49684 38-90-226-28.ptr.eset.com:http CLOSE_WAIT 488 TCP [::1]:2869 philippe-PC:49648 TIME_WAIT 0 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D}] "NameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{B088F48F-E883-43F4-94F0-D225CA72B993}] "DhcpNameServer"=8.8.8.8 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D}] "NameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{B088F48F-E883-43F4-94F0-D225CA72B993}] "DhcpNameServer"=8.8.8.8 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{89F11EBB-B6CD-41EA-BFD5-6A38BE937B7D}] "NameServer"=192.168.0.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{B088F48F-E883-43F4-94F0-D225CA72B993}] "DhcpNameServer"=8.8.8.8 ---------- | Applications [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\Classes\Applications\soffice.exe] : "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PhotoshopElementsEditor.exe] : "C:\Program Files (x86)\Adobe\Photoshop Elements 9\PhotoshopElementsEditor.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SumatraPDF.exe] : "C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PhotoshopElementsEditor.exe] : "C:\Program Files (x86)\Adobe\Photoshop Elements 9\PhotoshopElementsEditor.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SumatraPDF.exe] : "C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\xnview.exe] : "C:\Program Files (x86)\XnView\xnview.exe" "%1" ---------- | Svchost - Netsvcs (Whitelisted) Term - : ---------- | Software [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Acer] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Adobe] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\AMD] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\AppDataLow] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\ATI] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Clients] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Cyberlink] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Dritek] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Elguevel software] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\EPSON] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\EPSON Software Updater] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\ESET] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Google] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\IM Providers] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Intel] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\JavaSoft] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Macromedia] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\MainConcept] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Mozilla] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Nero] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\OEM] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\OpenOffice] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Piriform] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Policies] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\QtProject] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Raptr] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Realtek] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Resplendence Sp] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Samsung] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Skype] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Symantec] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Synaptics] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Sysinternals] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Thunderbird] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Trolltech] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\WinRAR] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\WinRAR SFX] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Wow6432Node] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3678015658-1535024606-787214864-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Acer] [HKLM\Software\AdsFix] [HKLM\Software\AMD] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Broadcom] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\CyberGhost] [HKLM\Software\Cyberlink] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EPSON] [HKLM\Software\EpsonNet] [HKLM\Software\ESET] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OemSetup] [HKLM\Software\OOBEOffer] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SAMSUNG] [HKLM\Software\Software] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\Synaptics] [HKLM\Software\Sysinternals] [HKLM\Software\TAP-Windows] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Atheros Communications Inc.] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\CyberGhost] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Dritek] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\EpsonNet] [HKLM\Software\WOW6432Node\ESET] [HKLM\Software\WOW6432Node\Evernote] [HKLM\Software\WOW6432Node\FUHU, Inc.] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HotspotShield] [HKLM\Software\WOW6432Node\HotspotShield MSI] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaRa] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OEM] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Packard Bell] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\SEIKO EPSON CORPORATION] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Sonic] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\SymNRT] [HKLM\Software\WOW6432Node\Sysinternals] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\XnView] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives E: D: [11/06/2013 01:35:17] - |A| - (.-.) - [478] - (0.0.0.0) - D:\Packard Bell (C) - Raccourci.lnk ---------- | C: [14/07/2009 05:18:56] - |SHD| - [4131577450] - C:\$Recycle.Bin [15/01/2015 15:20:26] - |D| - [1407181846] - C:\AMD [22/06/2014 21:54:48] - |AHD| - [39285804] - C:\book [MD5.047762BFD95D8312BD22FF6FEB2A548C] - [14/02/2012 19:16:09] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.B43EF4B5C2D3A15439D80A59D121CE33] - [29/07/2015 14:15:57] - |A| - (.-.) - [1132] - (0.0.0.0) - C:\DelFix.txt [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [05/12/2015 13:56:19] - |AD| - [16209657712] - C:\images [22/06/2014 21:51:02] - |HD| - [1008840] - C:\Intel [14/02/2012 19:12:25] - |HD| - [3227868160] - C:\OEM [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/11/2014 12:45:09] - |ASH| - (.-.) - [4139630592] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |RD| - [801819008] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [8780866934] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [5973530911] - C:\ProgramData [15/08/2016 13:12:34] - |D| - [262056] - C:\QuickDiag [MD5.61B13215EF04BA5B4A05D74B5CEEFDAA] - [15/08/2016 13:12:44] - |A| - (.-.) - [134888] - (0.0.0.0) - C:\QuickDiag.txt [22/06/2014 22:52:01] - |SHD| - [265372362] - C:\Recovery [17/01/2015 13:37:03] - |D| - [134] - C:\remenber [27/01/2015 19:11:32] - |D| - [20629] - C:\Spacekace [22/06/2014 21:44:51] - |SHD| - [0] - C:\System Volume Information [14/07/2009 05:20:08] - |RD| - [39329599852] - C:\Users [12/07/2007 03:48:01] - |D| - [36325649649] - C:\Windows ---------- | C:\Windows [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 05:20:08] - |D| - [35662987] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [11036468] - C:\Windows\AppPatch [14/02/2012 20:00:34] - |D| - [106352] - C:\Windows\ar [14/07/2009 05:20:08] - |RSD| - [1717843296] - C:\Windows\assembly [MD5.91A3D3F806D9A4CC141E15A046289193] - [20/10/2011 10:24:55] - |A| - (.-.) - [35707] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/06/2014 21:53:26] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/02/2012 20:00:37] - |D| - [107376] - C:\Windows\bg [14/07/2009 05:20:09] - |D| - [29163158] - C:\Windows\Boot [MD5.3BEA85D0E968FE5960E43F4808792DAD] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding [14/02/2012 20:01:59] - |D| - [107888] - C:\Windows\ca [MD5.6FBB766EB79F9EED3684194EEAF838DF] - [23/06/2014 07:43:18] - |A| - (.-.) - [11453] - (0.0.0.0) - C:\Windows\ChangeLang_Done.tag [14/02/2012 20:00:39] - |D| - [106864] - C:\Windows\cs [MD5.8036950E2436D7A7B0FFECCBEFADCA8D] - [25/10/2011 02:57:28] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\CSUP.TXT [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/02/2012 20:00:42] - |D| - [106864] - C:\Windows\da [14/02/2012 20:00:45] - |D| - [107888] - C:\Windows\de [14/07/2009 06:45:54] - |D| - [9084] - C:\Windows\debug [12/02/2011 06:00:23] - |AD| - [371775] - C:\Windows\DeployWinRE2 [14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/08/2015 22:20:49] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\EEventManager.INI [21/11/2010 09:16:47] - |D| - [118084593] - C:\Windows\ehome [14/02/2012 20:00:48] - |D| - [107888] - C:\Windows\el [14/02/2012 20:00:51] - |D| - [106864] - C:\Windows\en [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US [20/07/2016 23:01:52] - |D| - [6388816] - C:\Windows\EOONotify [08/03/2015 14:58:19] - |D| - [146480413] - C:\Windows\ERUNT [14/02/2012 20:00:53] - |D| - [107376] - C:\Windows\es [MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [20/05/2016 07:51:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.23418) - C:\Windows\explorer.exe [14/02/2012 20:00:56] - |D| - [106864] - C:\Windows\fi [14/07/2009 05:20:09] - |RSD| - [370127911] - C:\Windows\Fonts [14/02/2012 20:00:59] - |D| - [107376] - C:\Windows\fr [23/06/2014 07:40:14] - |D| - [142848] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [83144388] - C:\Windows\Globalization [14/02/2012 20:01:02] - |D| - [106352] - C:\Windows\he [14/07/2009 05:20:09] - |D| - [40554785] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 09:17:39] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [14/02/2012 20:01:04] - |D| - [107376] - C:\Windows\hr [14/02/2012 20:01:07] - |D| - [106864] - C:\Windows\hu [14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [159896213] - C:\Windows\inf [MD5.2EAE98B466CFE4C9362D004ED469422A] - [22/06/2014 21:54:48] - |A| - (.-.) - [411494] - (0.0.0.0) - C:\Windows\InfoCtrPackard Bell.ico [14/02/2012 19:24:08] - |SHD| - [3312235938] - C:\Windows\Installer [14/02/2012 20:01:10] - |D| - [106864] - C:\Windows\it [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 05:20:10] - |D| - [2626275] - C:\Windows\LiveKernelReports [MD5.66E4EFA6CACCC787604772D8F418CA4F] - [22/06/2014 22:04:16] - |A| - (.-.) - [184] - (0.0.0.0) - C:\Windows\LMv4.UNI [14/07/2009 05:20:10] - |D| - [166808886] - C:\Windows\Logs [MD5.BBF1106FEF85FD9049506FA8AD454D75] - [30/12/2013 10:52:44] - |A| - (.Copyright (C) 2003-2006, (주)마크애니 - KTMusic Download ActiveX Module.) - [90112] - (1.7.2009.1116) - C:\Windows\MAMCityDownload.ocx [MD5.F9FCD1220E1B880111258C03D1650994] - [30/12/2013 10:52:44] - |A| - (.Copyright 2004 - (주)마크애니 ContentSAFER 설치 마법사.) - [330240] - (1.4.2012.508) - C:\Windows\MASetupCaller.dll [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [1017261102] - C:\Windows\Microsoft.NET [24/06/2014 21:16:03] - |D| - [5787] - C:\Windows\Migration [03/01/2015 21:35:19] - |D| - [0] - C:\Windows\Minidump [MD5.5020157E1EF2A6E686C7F2D23AE63915] - [23/04/2009 06:33:49] - |A| - (.-.) - [3480] - (0.0.0.0) - C:\Windows\MOD01OPK04000N0001.enc [MD5.F84761245FE28B08E51042E4C6779FAF] - [25/10/2011 02:57:36] - |A| - (.-.) - [2208] - (0.0.0.0) - C:\Windows\MOD01SET00000000W4.enc [MD5.E551DAEAF6F19A8FCFA8E0D689870CD3] - [14/02/2012 19:15:40] - |A| - (.-.) - [2008] - (0.0.0.0) - C:\Windows\MOD01SET5K000G0002.enc [MD5.D404977604A82CADDF95AA15C57F154B] - [13/02/2011 07:21:07] - |A| - (.-.) - [2456] - (0.0.0.0) - C:\Windows\MOD01SET74FR0N0005.enc [MD5.E104E3A31B6DBF5E055E0F9732E7C324] - [14/02/2012 19:15:40] - |A| - (.-.) - [2080] - (0.0.0.0) - C:\Windows\MOD01SET75000N0008.enc [MD5.B8A876B19D8072B89F06A2A1F1411344] - [14/02/2012 19:15:40] - |A| - (.-.) - [2060] - (0.0.0.0) - C:\Windows\MOD01SET78000G0014.enc [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.35783FF1CCAB7CFBFE799EF8D6476C0D] - [30/12/2013 10:52:44] - |A| - (.Copyright (C) 2007 - NYEDownload MFC 응용 프로그램.) - [30568] - (1.0.2007.927) - C:\Windows\MusiccityDownload.exe [23/06/2014 07:33:03] - |D| - [15323353] - C:\Windows\NAPP_Dism_Log [MD5.2852D5DC4DF9BF5390976C9890076DE1] - [12/02/2011 06:00:23] - |A| - (.-.) - [741] - (0.0.0.0) - C:\Windows\NewDeployWinRE.cmd [14/02/2012 20:01:23] - |D| - [107376] - C:\Windows\nl [14/02/2012 20:01:26] - |D| - [107376] - C:\Windows\no [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [12/08/2015 10:10:44] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/06/2014 23:16:16] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\nsreg.dat [14/02/2012 19:52:45] - |D| - [230731] - C:\Windows\oem [14/02/2012 20:04:07] - |D| - [479232] - C:\Windows\OEMTemp [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/02/2012 19:25:46] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\PACK.tag [12/07/2007 03:49:28] - |D| - [677610] - C:\Windows\Panther [14/02/2012 19:55:27] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 07:32:38] - |D| - [63437126] - C:\Windows\Performance [14/02/2012 20:01:29] - |D| - [107376] - C:\Windows\pl [14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [2971716] - C:\Windows\PolicyDefinitions [21/07/2016 21:00:23] - |D| - [45100671] - C:\Windows\Prefetch [14/02/2012 20:01:31] - |D| - [107376] - C:\Windows\pt-br [14/02/2012 20:03:18] - |D| - [107888] - C:\Windows\pt-pt [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration [14/07/2009 05:20:10] - |D| - [11999466] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources [14/02/2012 20:01:34] - |D| - [107376] - C:\Windows\ro [MD5.12D992C04EE8278FDEBFEFB8B261DAAA] - [22/06/2014 22:06:56] - |A| - (.Copyright (C) 2011 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1284712] - (1.0.2.7) - C:\Windows\RtlExUpd.dll [14/02/2012 20:01:37] - |D| - [106864] - C:\Windows\ru [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [1056768] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [48877617] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [150795311] - C:\Windows\servicing [MD5.585469F5F4871C02CC09CAFA250D4251] - [16/04/2012 23:37:25] - |A| - (.Copyright © Helge Klein - SetACL 2.) - [456704] - (2.2.0.0) - C:\Windows\SetACL.exe [14/07/2009 06:45:50] - |D| - [457] - C:\Windows\Setup [14/02/2012 20:01:40] - |D| - [107376] - C:\Windows\sk [14/02/2012 20:01:43] - |D| - [107376] - C:\Windows\sl [22/06/2014 21:48:03] - |D| - [1293415064] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [23/06/2014 18:31:35] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [30/06/2014 16:06:34] - |D| - [0] - C:\Windows\Sun [14/02/2012 20:01:46] - |D| - [106864] - C:\Windows\sv [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [12/07/2007 03:51:11] - |D| - [5631107310] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1461666603] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [39416] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [5351776] - C:\Windows\Temp [14/02/2012 20:01:49] - |D| - [106352] - C:\Windows\th [14/02/2012 20:01:52] - |D| - [106864] - C:\Windows\tr [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [43081804] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.1876DF014A443FE32802D7E769D5AE59] - [14/02/2012 19:13:25] - |A| - (.Copyright (C) 2000-2010 Dritek System Inc. - Uninstall Application.) - [281680] - (2.5.1.2026) - C:\Windows\UNINSTLMv4.EXE [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [43918084] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.323B5D92A17E5041A2F8E79FDFB705B6] - [22/06/2014 21:48:09] - |A| - (.-.) - [2096562] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.A176DBB6BE2BADC8CFBD2FECAB0FCBEF] - [16/11/2014 20:47:50] - |A| - (.-.) - [2685] - (0.0.0.0) - C:\Windows\wininit.ini [14/07/2009 05:20:14] - |D| - [20035603698] - C:\Windows\winsxs [MD5.4D620865394151B96C54752B743D6D12] - [14/05/2011 01:42:24] - |A| - (.© 2010 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [302448] - (15.4.3538.513) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.72F2D357120F95C1E725C22915FE95E1] - [03/01/2015 15:58:53] - |A| - (.-.) - [193] - (0.0.0.0) - C:\Windows\WORDPAD.INI [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe [14/02/2012 20:01:55] - |D| - [104816] - C:\Windows\zh-tw ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [25/07/2015 02:16:18] - C:\Windows\Installer\10d054.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:27:12] - C:\Windows\Installer\10d05a.msi : (AMD Wireless Display v3.0 Installer - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 10:49:56] - C:\Windows\Installer\10d277.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:24:38] - C:\Windows\Installer\10d27d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:19:42] - C:\Windows\Installer\10d283.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:19:52] - C:\Windows\Installer\10d289.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:02] - C:\Windows\Installer\10d28f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:10] - C:\Windows\Installer\10d295.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:18] - C:\Windows\Installer\10d29b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:26] - C:\Windows\Installer\10d2a1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:36] - C:\Windows\Installer\10d2a7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:46] - C:\Windows\Installer\10d2ad.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:20:54] - C:\Windows\Installer\10d2b3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:02] - C:\Windows\Installer\10d2b9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:10] - C:\Windows\Installer\10d2bf.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:18] - C:\Windows\Installer\10d2c5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:28] - C:\Windows\Installer\10d2cb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:36] - C:\Windows\Installer\10d2d1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:46] - C:\Windows\Installer\10d2d7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:21:54] - C:\Windows\Installer\10d2dd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:02] - C:\Windows\Installer\10d2e3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:10] - C:\Windows\Installer\10d2e9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:18] - C:\Windows\Installer\10d2ef.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:26] - C:\Windows\Installer\10d2f5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:34] - C:\Windows\Installer\10d2fb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:42] - C:\Windows\Installer\10d301.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:22:52] - C:\Windows\Installer\10d307.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/07/2015 02:19:30] - C:\Windows\Installer\10d30e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2012 19:51:41] - C:\Windows\Installer\1306a9.msi : (Evernote v. 4.5.1 - Evernote Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2012 19:54:29] - C:\Windows\Installer\130bb8.msi : (Windows Live Messenger Resources setup package - Корпорация Майкрософт) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2012 19:55:06] - C:\Windows\Installer\130eab.msi : (Windows Live Mail setup package - Корпорация Майкрософт) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/07/2011 12:01:23] - C:\Windows\Installer\14acf.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:38:56] - C:\Windows\Installer\14ad6.msi : (Adobe Photoshop Elements 9 - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:41:06] - C:\Windows\Installer\14adc.msi : (Elements 9 Organizer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:41:20] - C:\Windows\Installer\14ae2.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:41:20] - C:\Windows\Installer\14ae8.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:41:22] - C:\Windows\Installer\14aee.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:41:22] - C:\Windows\Installer\14af4.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2014 22:21:10] - C:\Windows\Installer\14afa.msi : (Adobe Help - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2010 10:39:35] - C:\Windows\Installer\14b1a.msi : (Adobe Premiere Elements 9 - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/11/2014 17:28:30] - C:\Windows\Installer\1ae380.msi : (Intel(R) Driver Update Utility 2.0 - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 09:45:36] - C:\Windows\Installer\1d7ac4a.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2012 20:20:42] - C:\Windows\Installer\1f348.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2012 20:21:53] - C:\Windows\Installer\1f34d.msi : (Fooz Kids - FUHU, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 13:02:49] - C:\Windows\Installer\1f357.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/01/2011 09:53:34] - C:\Windows\Installer\2022e.msi : (Nero Multimedia Suite 10 Essentials - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/10/2010 16:48:00] - C:\Windows\Installer\20234.msi : (Nero DiscSpeed 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/01/2011 17:15:00] - C:\Windows\Installer\2023b.msi : (Nero StartSmart 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2010 12:34:26] - C:\Windows\Installer\20242.msi : (Nero DiscSpeed 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2010 12:49:32] - C:\Windows\Installer\20249.msi : (Nero StartSmart 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/09/2015 10:28:07] - C:\Windows\Installer\2118f7.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/10/2014 11:19:28] - C:\Windows\Installer\22687d6.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:22] - C:\Windows\Installer\296c59.msi : (Nero Multimedia Suite 10 Essentials - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:50] - C:\Windows\Installer\296c5f.msi : (NeroControlCenter - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:46] - C:\Windows\Installer\296c66.msi : (Nero Core Components 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:52] - C:\Windows\Installer\296c6d.msi : (Nero BackItUp 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:32] - C:\Windows\Installer\296c74.msi : (Nero Express 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:28] - C:\Windows\Installer\296c7b.msi : (Nero RescueAgent 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:52] - C:\Windows\Installer\296c82.msi : (Nero BackItUp 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:48] - C:\Windows\Installer\296c89.msi : (Nero ControlCenter 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:30] - C:\Windows\Installer\296c90.msi : (Nero Express 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:28] - C:\Windows\Installer\296c97.msi : (Nero RescueAgent 10 Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/07/2011 09:00:28] - C:\Windows\Installer\296c9d.msi : (Nero Update - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/11/2009 10:39:48] - C:\Windows\Installer\30f911.msi : ( - LEVEUGLE Damien) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/04/2015 17:10:24] - C:\Windows\Installer\3365d0.msi : (Blank Project Template - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/07/2016 11:11:16] - C:\Windows\Installer\36410d.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/10/2011 07:12:40] - C:\Windows\Installer\3eefe.msi : (PX Profile Update - AMD) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/11/2014 22:17:28] - C:\Windows\Installer\4efd3a.msi : (Drag & Drop Transcoding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/11/2014 22:14:06] - C:\Windows\Installer\4efd40.msi : (AMD Accelerated Video Transcoding INstallation package - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2016 23:17:59] - C:\Windows\Installer\51cd612.msi : (ESET NOD32 Antivirus - ESET, spol. s r.o.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/04/2011 09:56:02] - C:\Windows\Installer\5debf.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/05/2012 12:45:40] - C:\Windows\Installer\5f6a250.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/11/2014 22:16:42] - C:\Windows\Installer\60016c.msi : (AMD Wireless Display v3.0 Installer - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2016 20:29:30] - C:\Windows\Installer\a86d38.msi : (Hotspot Shield 5.4.9 Embedded - Buildbot) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/08/2015 00:00:00] - C:\Windows\Installer\ab36b13.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/04/2015 18:17:15] - C:\Windows\Installer\b2c642.msi : (Blank Project Template - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2016 12:09:58] - C:\Windows\Installer\b437483.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2016 04:41:00] - C:\Windows\Installer\b85db93.msi : (Epson Software Updater - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/01/2016 19:35:17] - C:\Windows\Installer\bc9c8cd.msi : (Google Earth - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/10/2015 17:37:24] - C:\Windows\Installer\d0bc8c.msi : (OpenOffice 4.1.2 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2014 10:38:28] - C:\Windows\Installer\d0eba.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2016 09:34:52] - C:\Windows\Installer\d30d4.msi : (Java SE Runtime Environment 8 Update 101 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2016 09:34:41] - C:\Windows\Installer\d30e1.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/07/2015 16:33:18] - C:\Windows\Installer\e01cfd.msi : (AMD Wireless Display v3.0 Installer - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2014 22:11:41] - C:\Windows\Installer\f176b.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2014 22:11:41] - C:\Windows\Installer\f1771.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2014 22:11:41] - C:\Windows\Installer\f1777.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [15/04/2015 07:52:27] - [16303] - C:\Windows\System32\ieuinit.inf [22/06/2014 22:12:19] - [749082] - C:\Windows\System32\oem16.inf [14/07/2009 07:13:15] - [1668256] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [15/04/2015 07:52:28] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [24/06/2014 21:18:01] - [1643324] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | [philippe] [26/08/2015 20:29:18] - |D| - [449] - C:\Users\philippe\.oracle_jre_usage [22/06/2014 22:52:14] - |HD| - [1977746315] - C:\Users\philippe\AppData [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Application Data [22/06/2014 22:54:16] - |RD| - [68789] - C:\Users\philippe\Contacts [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Cookies [22/06/2014 22:52:14] - |RD| - [535152190] - C:\Users\philippe\Desktop [22/06/2014 22:52:14] - |RD| - [1088930] - C:\Users\philippe\Documents [22/06/2014 22:52:14] - |RD| - [30706425116] - C:\Users\philippe\Downloads [22/06/2014 22:52:14] - |RD| - [7541] - C:\Users\philippe\Favorites [22/06/2014 22:52:14] - |RD| - [2416] - C:\Users\philippe\Links [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Local Settings [11/04/2015 17:44:18] - |D| - [0] - C:\Users\philippe\MediaEspresso [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Menu Démarrer [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Mes documents [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Modèles [22/06/2014 22:52:14] - |RD| - [504] - C:\Users\philippe\Music [22/06/2014 22:52:14] - |ASH| - [2097152] - C:\Users\philippe\ntuser.dat [22/06/2014 22:52:14] - |ASH| - [262144] - C:\Users\philippe\ntuser.dat.LOG1 [22/06/2014 22:52:14] - |ASH| - [0] - C:\Users\philippe\ntuser.dat.LOG2 [22/06/2014 22:52:14] - |ASH| - [65536] - C:\Users\philippe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [22/06/2014 22:52:14] - |ASH| - [524288] - C:\Users\philippe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [22/06/2014 22:52:14] - |ASH| - [524288] - C:\Users\philippe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [29/06/2014 12:35:54] - |ASH| - [65536] - C:\Users\philippe\ntuser.dat{17d927f8-ff79-11e3-971c-c0188513f579}.TM.blf [29/06/2014 12:35:54] - |ASH| - [524288] - C:\Users\philippe\ntuser.dat{17d927f8-ff79-11e3-971c-c0188513f579}.TMContainer00000000000000000001.regtrans-ms [29/06/2014 12:35:55] - |ASH| - [524288] - C:\Users\philippe\ntuser.dat{17d927f8-ff79-11e3-971c-c0188513f579}.TMContainer00000000000000000002.regtrans-ms [12/11/2014 12:45:32] - |ASH| - [65536] - C:\Users\philippe\ntuser.dat{f4685cfb-6a58-11e4-ad09-b888e344ccfb}.TM.blf [12/11/2014 12:45:32] - |ASH| - [524288] - C:\Users\philippe\ntuser.dat{f4685cfb-6a58-11e4-ad09-b888e344ccfb}.TMContainer00000000000000000001.regtrans-ms [12/11/2014 12:45:32] - |ASH| - [524288] - C:\Users\philippe\ntuser.dat{f4685cfb-6a58-11e4-ad09-b888e344ccfb}.TMContainer00000000000000000002.regtrans-ms [22/06/2014 22:52:14] - |SH| - [20] - C:\Users\philippe\ntuser.ini [22/06/2014 22:52:14] - |RD| - [68683518] - C:\Users\philippe\Pictures [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Recent [22/06/2014 22:52:14] - |RD| - [282] - C:\Users\philippe\Saved Games [22/06/2014 22:54:27] - |RD| - [1020] - C:\Users\philippe\Searches [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\SendTo [25/03/2015 19:27:19] - |D| - [303104] - C:\Users\philippe\Tracing [22/06/2014 22:52:14] - |RD| - [504] - C:\Users\philippe\Videos [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Voisinage d'impression [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\Voisinage réseau [22/06/2014 23:09:53] - |D| - [4594642] - C:\Users\philippe\AppData\Roaming\Adobe [15/01/2015 15:27:04] - |D| - [0] - C:\Users\philippe\AppData\Roaming\ATI [13/11/2014 17:38:56] - |D| - [262161] - C:\Users\philippe\AppData\Roaming\CyberLink [16/08/2015 14:19:51] - |D| - [203] - C:\Users\philippe\AppData\Roaming\dvdcss [03/08/2015 08:40:32] - |D| - [7153] - C:\Users\philippe\AppData\Roaming\Epson [23/06/2014 00:21:54] - |D| - [0] - C:\Users\philippe\AppData\Roaming\ESET [14/08/2016 17:15:34] - |D| - [1383504] - C:\Users\philippe\AppData\Roaming\Hotspot Shield [22/06/2014 22:54:18] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Identities [27/01/2015 19:14:35] - |D| - [520] - C:\Users\philippe\AppData\Roaming\IsolatedStorage [15/01/2015 15:31:50] - |D| - [0] - C:\Users\philippe\AppData\Roaming\library_dir [22/06/2014 22:52:14] - |D| - [537] - C:\Users\philippe\AppData\Roaming\Macromedia [22/06/2014 22:52:14] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Media Center Programs [22/06/2014 22:52:14] - |SD| - [606175] - C:\Users\philippe\AppData\Roaming\Microsoft [22/06/2014 23:16:14] - |D| - [100897049] - C:\Users\philippe\AppData\Roaming\Mozilla [15/12/2015 15:58:56] - |D| - [13579577] - C:\Users\philippe\AppData\Roaming\OpenOffice [12/11/2014 20:15:19] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Oracle [26/06/2014 18:45:16] - |D| - [867245] - C:\Users\philippe\AppData\Roaming\Samsung [22/06/2014 22:54:40] - |D| - [576] - C:\Users\philippe\AppData\Roaming\Screensaver [25/03/2015 18:40:35] - |D| - [32825982] - C:\Users\philippe\AppData\Roaming\Skype [06/03/2015 15:17:28] - |D| - [748] - C:\Users\philippe\AppData\Roaming\SNS [08/03/2015 14:56:30] - |D| - [711535] - C:\Users\philippe\AppData\Roaming\SumatraPDF [26/08/2015 20:29:18] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Sun [23/06/2014 00:00:51] - |D| - [463054735] - C:\Users\philippe\AppData\Roaming\Thunderbird [23/06/2014 15:50:59] - |D| - [84904] - C:\Users\philippe\AppData\Roaming\vlc [22/06/2014 22:58:32] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Windows Live Writer [22/06/2014 23:59:22] - |D| - [12] - C:\Users\philippe\AppData\Roaming\WinRAR [27/10/2015 15:57:40] - |D| - [24122] - C:\Users\philippe\AppData\Roaming\XnView [06/01/2015 11:15:04] - |D| - [4901528] - C:\Users\philippe\AppData\Roaming\ZHP [22/06/2014 22:54:39] - |D| - [2321716] - C:\Users\philippe\AppData\Local\Adobe [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\AppData\Local\Application Data [15/01/2015 15:27:04] - |D| - [59854] - C:\Users\philippe\AppData\Local\ATI [27/06/2014 19:26:30] - |D| - [0] - C:\Users\philippe\AppData\Local\CrashDumps [14/08/2016 17:36:55] - |D| - [0] - C:\Users\philippe\AppData\Local\CrashRpt [13/11/2014 17:37:58] - |D| - [108159] - C:\Users\philippe\AppData\Local\Cyberlink [23/06/2014 00:39:46] - |D| - [0] - C:\Users\philippe\AppData\Local\Diagnostics [26/06/2014 18:43:45] - |D| - [75937756] - C:\Users\philippe\AppData\Local\Downloaded Installations [22/12/2014 22:26:01] - |D| - [0] - C:\Users\philippe\AppData\Local\ElevatedDiagnostics [28/03/2015 21:32:58] - |D| - [1519] - C:\Users\philippe\AppData\Local\Elguevel_Software [16/11/2014 19:23:36] - |SHD| - [0] - C:\Users\philippe\AppData\Local\EmieBrowserModeList [12/11/2014 14:56:56] - |SHD| - [0] - C:\Users\philippe\AppData\Local\EmieSiteList [12/11/2014 14:56:56] - |SHD| - [0] - C:\Users\philippe\AppData\Local\EmieUserList [23/06/2014 00:21:54] - |D| - [497567724] - C:\Users\philippe\AppData\Local\ESET [22/06/2014 22:52:47] - |A| - [65288] - C:\Users\philippe\AppData\Local\GDIPFONTCACHEV1.DAT [01/06/2015 09:22:33] - |D| - [71] - C:\Users\philippe\AppData\Local\GWX [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\AppData\Local\Historique [28/10/2015 14:18:48] - |AH| - [5736784] - C:\Users\philippe\AppData\Local\IconCache.db [20/01/2015 19:41:14] - |D| - [526] - C:\Users\philippe\AppData\Local\Intel [23/06/2014 14:10:48] - |D| - [0] - C:\Users\philippe\AppData\Local\Macromedia [22/06/2014 22:52:14] - |D| - [266509069] - C:\Users\philippe\AppData\Local\Microsoft [23/06/2014 19:31:41] - |D| - [4841] - C:\Users\philippe\AppData\Local\Microsoft Games [22/06/2014 23:16:14] - |D| - [209340816] - C:\Users\philippe\AppData\Local\Mozilla [30/06/2014 13:56:50] - |D| - [0] - C:\Users\philippe\AppData\Local\Programs [11/04/2015 19:34:32] - |D| - [11484] - C:\Users\philippe\AppData\Local\Samsung [25/03/2015 19:18:15] - |D| - [5535345] - C:\Users\philippe\AppData\Local\Skype [22/06/2014 22:52:14] - |D| - [574400] - C:\Users\philippe\AppData\Local\Temp [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\AppData\Local\Temporary Internet Files [23/06/2014 00:00:51] - |D| - [36410332] - C:\Users\philippe\AppData\Local\Thunderbird [22/06/2014 22:53:16] - |D| - [26050] - C:\Users\philippe\AppData\Local\VirtualStore [27/01/2015 19:04:42] - |D| - [299008] - C:\Users\philippe\AppData\Local\Windows Live [22/06/2014 22:58:32] - |D| - [648363] - C:\Users\philippe\AppData\Local\Windows Live Writer [22/06/2014 22:54:27] - |ASH| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [22/06/2014 22:52:14] - |SHD| - [0] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [22/06/2014 22:52:14] - |RD| - [26247] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [22/06/2014 22:52:14] - |RD| - [14651] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [22/06/2014 22:54:27] - |RD| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/06/2014 22:54:27] - |ASH| - [476] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [22/06/2014 22:54:28] - |A| - [1441] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [22/06/2014 22:52:14] - |RD| - [580] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [30/07/2015 13:21:51] - |D| - [3813] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ProduKey [05/07/2016 15:03:17] - |A| - [853] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk [22/06/2014 22:54:27] - |RD| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [22/06/2014 23:33:55] - |D| - [4085] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [22/06/2014 22:54:27] - |ASH| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [13/11/2014 17:38:48] - |D| - [120] - C:\Users\Public\CyberLink [14/07/2009 05:20:08] - |RHD| - [32604] - C:\Users\Public\Desktop [14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RD| - [278] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 05:20:08] - |RHD| - [3983] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RD| - [17452082] - C:\Users\Public\Music [14/07/2009 05:20:08] - |RD| - [5838651] - C:\Users\Public\Pictures [21/11/2010 09:16:41] - |RD| - [9699579] - C:\Users\Public\Recorded TV [14/02/2012 20:19:13] - |D| - [29538] - C:\Users\Public\Symantec [14/07/2009 05:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ---------- | C:\ProgramData [14/02/2012 20:17:32] - |D| - [2187191332] - C:\ProgramData\Adobe [15/01/2015 15:29:51] - |D| - [499704] - C:\ProgramData\AMD [14/07/2009 07:08:56] - |SHD| - [67207258544] - C:\ProgramData\Application Data [05/08/2015 10:06:51] - |D| - [186] - C:\ProgramData\ATI [22/06/2014 22:52:00] - |SHD| - [32604] - C:\ProgramData\Bureau [22/06/2014 22:16:31] - |D| - [105] - C:\ProgramData\CLSK [13/11/2014 17:38:11] - |D| - [41525] - C:\ProgramData\CyberLink [14/07/2009 07:08:56] - |SHD| - [32604] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [278] - C:\ProgramData\Documents [31/07/2015 11:10:03] - |D| - [11385299] - C:\ProgramData\Epson [21/07/2016 10:49:38] - |D| - [308578219] - C:\ProgramData\ESET [14/02/2012 19:51:40] - |D| - [0] - C:\ProgramData\Evernote [22/06/2014 22:52:00] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [14/02/2012 20:22:16] - |D| - [0] - C:\ProgramData\Fooz Kids [14/08/2016 17:16:32] - |D| - [1994138] - C:\ProgramData\Hotspot Shield [22/06/2014 22:16:16] - |D| - [11760] - C:\ProgramData\install_clap [21/01/2015 17:32:06] - |D| - [0] - C:\ProgramData\Intel [20/01/2015 19:43:23] - |D| - [1209] - C:\ProgramData\IntelDLM [27/01/2015 19:14:35] - |D| - [520] - C:\ProgramData\IsolatedStorage [12/11/2014 14:59:30] - |D| - [54828756] - C:\ProgramData\Malwarebytes [22/06/2014 22:52:00] - |SHD| - [288787] - C:\ProgramData\Menu Démarrer [14/07/2009 05:20:08] - |SD| - [1714217268] - C:\ProgramData\Microsoft [22/06/2014 22:52:00] - |SHD| - [31386] - C:\ProgramData\Modèles [22/06/2014 23:25:23] - |D| - [38042] - C:\ProgramData\Mozilla [14/02/2012 20:11:02] - |D| - [2588027] - C:\ProgramData\Nero [14/02/2012 20:16:30] - |D| - [6617756] - C:\ProgramData\oem [30/06/2014 16:02:29] - |D| - [0] - C:\ProgramData\Oracle [15/01/2015 15:22:58] - |D| - [33371766] - C:\ProgramData\Package Cache [14/02/2012 19:53:06] - |D| - [3185494] - C:\ProgramData\Packard Bell [27/10/2015 18:02:15] - |D| - [1714] - C:\ProgramData\regid.1986-12.com.adobe [22/07/2016 16:29:50] - |D| - [96220] - C:\ProgramData\RogueKiller [11/04/2015 17:54:50] - |D| - [11727703] - C:\ProgramData\Samsung [14/02/2012 19:50:42] - |D| - [124301312] - C:\ProgramData\Skype [31/10/2015 19:38:42] - |D| - [645] - C:\ProgramData\Sony Corporation [14/07/2009 07:08:56] - |SHD| - [288787] - C:\ProgramData\Start Menu [30/06/2014 16:02:18] - |D| - [329] - C:\ProgramData\Sun [14/02/2012 20:23:41] - |D| - [1111720] - C:\ProgramData\Temp [28/10/2015 14:16:28] - |A| - [32] - C:\ProgramData\Temp.log [14/07/2009 07:08:56] - |SHD| - [31386] - C:\ProgramData\Templates [31/10/2015 19:38:46] - |D| - [4680] - C:\ProgramData\UDL [14/02/2012 19:25:57] - |D| - [1511741060] - C:\ProgramData\WildTangent ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [22/06/2014 22:52:00] - |SHD| - [285797] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [285797] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] - |RD| - [42268] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/07/2009 07:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/06/2014 22:21:16] - |A| - [1531] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [22/06/2014 22:21:11] - |A| - [1009] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [22/06/2014 22:18:52] - |A| - [1892] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk [22/06/2014 22:22:20] - |A| - [2279] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk [05/08/2015 10:03:34] - |D| - [4045] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [12/11/2014 20:48:46] - |D| - [934] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [14/02/2012 20:25:52] - |A| - [1949] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Contact a friend for assistance.lnk [14/02/2012 20:25:41] - |RD| - [4424] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso [14/07/2009 06:54:23] - |ASH| - [1914] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [23/06/2014 00:01:22] - |D| - [2675] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elguevel software [31/07/2015 11:18:47] - |D| - [7832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [31/07/2015 11:19:21] - |D| - [5672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [21/07/2016 10:49:38] - |D| - [9284] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [14/02/2012 19:51:56] - |D| - [2525] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote [14/02/2012 20:22:17] - |A| - [1874] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk [14/07/2009 07:32:38] - |RD| - [49292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [12/01/2016 19:35:43] - |A| - [2168] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk [14/02/2012 20:23:41] - |D| - [2123] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeMedia [14/08/2016 17:16:33] - |D| - [2242] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield [22/06/2014 21:57:12] - |RD| - [1612] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [20/01/2015 20:15:11] - |D| - [1200] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility [12/11/2014 20:13:41] - |D| - [6907] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [23/07/2016 16:53:23] - |D| - [3715] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [14/02/2012 19:19:50] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [22/06/2014 22:24:07] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [24/06/2014 11:33:46] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [22/06/2014 23:16:06] - |D| - [3960] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [22/06/2014 23:25:27] - |A| - [1171] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [23/06/2014 00:00:46] - |A| - [2110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [14/02/2012 20:11:06] - |D| - [16456] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [15/12/2015 15:57:56] - |SD| - [7280] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2 [14/02/2012 19:52:46] - |RD| - [8581] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support [26/06/2014 18:45:24] - |D| - [10727] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [14/09/2015 10:28:59] - |D| - [2149] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [22/06/2014 22:16:31] - |RD| - [2077] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social Networks [14/07/2009 05:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [08/03/2015 14:55:49] - |A| - [1941] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk [28/10/2015 14:17:38] - |RD| - [2058] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Web Camera [23/06/2014 15:50:22] - |D| - [6822] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [06/08/2015 12:48:20] - |A| - [2557] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft PowerPoint .lnk [14/02/2012 20:13:45] - |A| - [2194] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome Center.lnk [14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [14/02/2012 19:19:50] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/02/2012 20:02:01] - |RD| - [4582] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [14/02/2012 19:58:40] - |A| - [1460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [14/02/2012 19:56:35] - |A| - [2488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [14/02/2012 20:00:31] - |A| - [1307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [14/02/2012 20:00:24] - |A| - [1376] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [22/06/2014 23:33:55] - |D| - [4013] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [27/10/2015 15:57:01] - |D| - [2147] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView [14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [14/02/2012 20:17:26] - |D| - [2065984856] - C:\Program Files (x86)\Adobe [05/08/2015 10:02:50] - |D| - [111145897] - C:\Program Files (x86)\AMD [20/01/2015 18:41:30] - |D| - [764784] - C:\Program Files (x86)\AMD AVT [22/06/2014 21:49:10] - |D| - [3929] - C:\Program Files (x86)\ATI Technologies [22/06/2014 22:12:34] - |D| - [6836502] - C:\Program Files (x86)\Cisco [23/06/2014 00:01:22] - |D| - [119808] - C:\Program Files (x86)\Clean Up [14/07/2009 05:20:08] - |D| - [2074519487] - C:\Program Files (x86)\Common Files [14/02/2012 20:23:31] - |D| - [217827115] - C:\Program Files (x86)\CyberLink [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [31/07/2015 11:18:42] - |D| - [19232262] - C:\Program Files (x86)\epson [31/07/2015 11:19:20] - |D| - [150523169] - C:\Program Files (x86)\EPSON Software [27/06/2014 12:53:58] - |D| - [205375193] - C:\Program Files (x86)\ESET [14/02/2012 19:51:54] - |D| - [158994568] - C:\Program Files (x86)\Evernote [14/02/2012 20:20:44] - |D| - [22658280] - C:\Program Files (x86)\Fooz Kids [12/01/2016 19:33:25] - |D| - [196771901] - C:\Program Files (x86)\Google [14/08/2016 17:15:46] - |D| - [41106032] - C:\Program Files (x86)\Hotspot Shield [14/02/2012 19:53:06] - |HD| - [108137436] - C:\Program Files (x86)\InstallShield Installation Information [22/06/2014 21:51:14] - |D| - [197140801] - C:\Program Files (x86)\Intel [20/01/2015 20:15:11] - |D| - [3408697] - C:\Program Files (x86)\Intel Driver Update Utility [14/07/2009 05:20:08] - |D| - [10534282] - C:\Program Files (x86)\Internet Explorer [29/07/2015 13:21:34] - |D| - [180021475] - C:\Program Files (x86)\Java [22/06/2014 22:04:14] - |D| - [9328489] - C:\Program Files (x86)\Launch Manager [23/07/2016 16:53:19] - |D| - [59400768] - C:\Program Files (x86)\Malwarebytes Anti-Malware [22/06/2014 22:15:40] - |D| - [20460033] - C:\Program Files (x86)\Microsoft [22/06/2014 22:24:07] - |D| - [40773758] - C:\Program Files (x86)\Microsoft Office [24/06/2014 11:32:33] - |D| - [42886030] - C:\Program Files (x86)\Microsoft Silverlight [14/02/2012 20:00:19] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [14/02/2012 20:07:57] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [10/06/2016 19:43:15] - |D| - [97130699] - C:\Program Files (x86)\Mozilla Firefox [22/06/2014 23:25:22] - |D| - [291350] - C:\Program Files (x86)\Mozilla Maintenance Service [09/07/2016 14:28:46] - |D| - [88496022] - C:\Program Files (x86)\Mozilla Thunderbird [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [06/08/2015 12:45:33] - |D| - [66546585] - C:\Program Files (x86)\MSECache [25/06/2014 09:46:04] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [14/02/2012 20:11:06] - |D| - [479182973] - C:\Program Files (x86)\Nero [30/07/2015 13:21:51] - |D| - [82155] - C:\Program Files (x86)\NirSoft [22/06/2014 22:52:37] - |D| - [109582] - C:\Program Files (x86)\OEM [15/12/2015 15:56:54] - |D| - [326547768] - C:\Program Files (x86)\OpenOffice 4 [14/02/2012 19:52:46] - |D| - [69342437] - C:\Program Files (x86)\Packard Bell [14/02/2012 19:27:32] - |D| - [437632547] - C:\Program Files (x86)\Packard Bell Games [05/08/2015 10:04:12] - |D| - [259584] - C:\Program Files (x86)\Raptr [22/06/2014 22:07:01] - |D| - [13659098] - C:\Program Files (x86)\Realtek [14/07/2009 07:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [26/06/2014 18:44:37] - |D| - [351082083] - C:\Program Files (x86)\Samsung [25/03/2015 19:18:00] - |RD| - [77686069] - C:\Program Files (x86)\Skype [22/06/2014 22:16:21] - |D| - [34830488] - C:\Program Files (x86)\Social Networks [08/03/2015 14:55:48] - |D| - [11100584] - C:\Program Files (x86)\SumatraPDF [14/02/2012 20:19:13] - |D| - [762296] - C:\Program Files (x86)\SymSilent [22/06/2014 22:06:58] - |HD| - [0] - C:\Program Files (x86)\Temp [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [22/06/2014 22:25:29] - |D| - [42309685] - C:\Program Files (x86)\Video Web Camera [23/06/2014 15:50:11] - |D| - [100325589] - C:\Program Files (x86)\VideoLAN [14/02/2012 19:25:58] - |D| - [10314604] - C:\Program Files (x86)\WildTangent Games [14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [14/02/2012 19:56:20] - |D| - [528469246] - C:\Program Files (x86)\Windows Live [14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar [27/10/2015 15:56:57] - |D| - [17931380] - C:\Program Files (x86)\XnView [21/07/2016 20:57:40] - |D| - [7233263] - C:\Program Files (x86)\ZHPFix ---------- | C:\Program Files [22/06/2014 22:52:29] - |D| - [692735] - C:\Program Files\Accessory Store [15/01/2015 15:21:57] - |D| - [35198644] - C:\Program Files\AMD [22/06/2014 21:49:13] - |D| - [20019] - C:\Program Files\ATI [22/06/2014 22:11:44] - |D| - [14124002] - C:\Program Files\Broadcom [12/11/2014 20:48:39] - |D| - [17824308] - C:\Program Files\CCleaner [14/07/2009 05:20:08] - |D| - [76460025] - C:\Program Files\Common Files [14/08/2016 16:58:10] - |D| - [1024] - C:\Program Files\CyberGhost 5 [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker [31/07/2015 11:20:55] - |D| - [3622184] - C:\Program Files\EpsonNet [12/11/2014 19:30:00] - |D| - [123652567] - C:\Program Files\ESET [22/06/2014 22:52:00] - |SHD| - [76460025] - C:\Program Files\Fichiers communs [20/01/2015 19:45:00] - |D| - [26228] - C:\Program Files\Intel [14/07/2009 05:20:08] - |D| - [30572565] - C:\Program Files\Internet Explorer [14/07/2009 07:32:38] - |D| - [148931122] - C:\Program Files\Microsoft Games [24/06/2014 11:32:33] - |D| - [55717262] - C:\Program Files\Microsoft Silverlight [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [14/02/2012 19:52:59] - |D| - [36947702] - C:\Program Files\Packard Bell [22/06/2014 22:07:38] - |D| - [18385996] - C:\Program Files\Realtek [14/07/2009 07:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies [11/04/2015 17:55:13] - |D| - [5487939] - C:\Program Files\SAMSUNG [22/06/2014 22:05:47] - |D| - [34856554] - C:\Program Files\Synaptics [14/08/2016 16:58:23] - |D| - [266835] - C:\Program Files\TAP-Windows [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [15/01/2015 14:56:02] - |D| - [10792000] - C:\Program Files\WhoCrashed [14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [14/02/2012 19:55:12] - |D| - [12116351] - C:\Program Files\Windows Live [14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [7044767] - C:\Program Files\Windows Sidebar [22/06/2014 23:33:31] - |D| - [5177890] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [14/02/2012 20:17:26] - |D| - [776622570] - C:\Program Files (x86)\Common Files\Adobe [14/02/2012 20:22:15] - |D| - [31529878] - C:\Program Files (x86)\Common Files\Adobe AIR [20/01/2015 18:41:28] - |D| - [2460960] - C:\Program Files (x86)\Common Files\ATI Technologies [14/02/2012 20:23:26] - |D| - [3257529] - C:\Program Files (x86)\Common Files\InstallShield [28/07/2016 09:36:47] - |D| - [1973320] - C:\Program Files (x86)\Common Files\Java [14/07/2009 05:20:08] - |D| - [130254322] - C:\Program Files (x86)\Common Files\microsoft shared [14/02/2012 20:11:10] - |D| - [9030799] - C:\Program Files (x86)\Common Files\Nero [22/06/2014 22:00:51] - |D| - [162236] - C:\Program Files (x86)\Common Files\postureAgent [22/06/2014 22:17:07] - |D| - [4550480] - C:\Program Files (x86)\Common Files\PX Storage Engine [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/09/2015 10:28:58] - |D| - [2399872] - C:\Program Files (x86)\Common Files\Skype [22/06/2014 22:17:07] - |D| - [373167] - C:\Program Files (x86)\Common Files\Sonic Shared [14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [14/07/2009 05:20:08] - |D| - [10241523] - C:\Program Files (x86)\Common Files\System [14/02/2012 19:53:49] - |D| - [1060556346] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [15/01/2015 15:24:20] - |D| - [4042369] - C:\Program Files\Common files\ATI Technologies [21/09/2015 12:34:30] - |D| - [366885] - C:\Program Files\Common files\AV [31/07/2015 12:07:31] - |D| - [152640] - C:\Program Files\Common files\EPSON [14/07/2009 05:20:08] - |D| - [59096466] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [12190195] - C:\Program Files\Common files\System ---------- | Tasks [MD5.644B1A12AB1CB75517300D68151E817B] - [23/06/2014 13:59:00] - |A| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.03EA44E1D59B8854FA21FF02105E46A6] - [11/12/2015 12:34:35] - |A| - [727] - C:\Windows\Tasks\EPSON XP-510 Series Invitation {862C8B6A-C2BD-4075-9C25-5FA9CFA8DD35}.job [MD5.F0213274B1F62BAF8373BE058E86EE47] - [11/12/2015 12:34:30] - |A| - [913] - C:\Windows\Tasks\EPSON XP-510 Series Update {862C8B6A-C2BD-4075-9C25-5FA9CFA8DD35}.job [MD5.E5A09012D3A9AA358E6414DB33C8DADD] - [12/01/2016 19:33:27] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.CB5A25D586127437141E28674C302B3E] - [03/02/2016 18:55:23] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15ea3ac2a4dde.job [MD5.D4E8B6DF26697030A33108575B17B3B5] - [12/01/2016 19:33:29] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.3A6DA685FD4AEF099B24328E6D1CE815] - [10/05/2016 23:02:24] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1aaff407a59df.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.B0498CEE84448B6F50B7C9B0D911D3CF] - [14/07/2009 07:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.81057A5612A7F24DD072892729C658B7] - [23/06/2014 13:59:00] - |A| - [3940] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.AFC9172DACBF613B423373CA7A380C16] - [12/11/2014 20:48:48] - |A| - [2778] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.B930F5DC22A39D341751B14D675F101B] - [14/02/2012 20:25:41] - |A| - [3200] - C:\Windows\System32\Tasks\DeviceDetector : C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [MD5.9B9C13FD7CA7AD7906CBAA045CA16627] - [11/12/2015 12:34:35] - |A| - [3794] - C:\Windows\System32\Tasks\EPSON XP-510 Series Invitation {862C8B6A-C2BD-4075-9C25-5FA9CFA8DD35} : C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLRE.EXE [MD5.79A7671C74C89BB4FE91B9611504B244] - [11/12/2015 12:34:30] - |A| - [3980] - C:\Windows\System32\Tasks\EPSON XP-510 Series Update {862C8B6A-C2BD-4075-9C25-5FA9CFA8DD35} : C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLRE.EXE [MD5.00000000000000000000000000000000] - [23/06/2014 19:30:52] - |D| - [0] - C:\Windows\System32\Tasks\Games [MD5.D6302A8EE07EA8A058377F4DC95726CD] - [12/01/2016 19:33:28] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F19615BFF55594034C60442BD3A155EF] - [03/02/2016 18:55:23] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d15ea3ac2a4dde : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.8B014DC4A9B697F3EF11EA7DC61FC162] - [12/01/2016 19:33:29] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.8AB409051B4D9AFAF356673B41B8F8AE] - [10/05/2016 23:02:25] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1aaff407a59df : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [307250] - C:\Windows\System32\Tasks\Microsoft [MD5.7408BFEA5BC95A5FF00669473AE8C66F] - [14/02/2012 20:12:24] - |A| - [2806] - C:\Windows\System32\Tasks\NBAgent : C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [MD5.00000000000000000000000000000000] - [30/06/2014 13:59:31] - |D| - [0] - C:\Windows\System32\Tasks\Safer-Networking [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4488] - C:\Windows\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{FA81F793-2C4E-42E5-A76B-9098E45EDD0C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "{06A9990E-5297-494C-83DC-CAF8DCABC4CC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{16EAA431-71A5-4754-A47B-7E47A99C9D4D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{0C9630C0-A337-42EB-8605-988BA5EDD6D3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{99318D3E-2165-4458-9391-CF9EEB7CC593}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE| "{DF048157-B3A0-451E-88A7-A55CE3F2B786}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Mesh\MOE.exe|Name=Windows Live Mesh|Edge=TRUE| "{D389B8BB-E8E0-4497-9202-CFBCB1AAF24D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\HomeMedia\HomeMedia.exe|Name=HomeMedia|Desc=HomeMedia| "{D19A070A-3A95-47C6-B4D4-EFB5A156D6CE}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{760848B6-B137-4832-B1E5-F7E0AA5411D2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{4A9D22D2-FAD3-4D04-93D3-65AF6E9DC934}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "TCP Query User{4AEA11E8-08A1-4070-9E9E-BD52F66CC6E7}C:\program files (x86)\epson software\event manager\eeventmanager.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\epson software\event manager\eeventmanager.exe|Name=EEventManager Application|Desc=EEventManager Application|Defer=User| "UDP Query User{31C3F3F9-57F8-43E8-B47D-49DCE5BE27FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\epson software\event manager\eeventmanager.exe|Name=EEventManager Application|Desc=EEventManager Application|Defer=User| "{900A3587-091A-44E2-A910-CFA95C03C73A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\epson software\event manager\eeventmanager.exe|Name=EEventManager Application|Desc=EEventManager Application| "{0EB908DC-576B-45A6-9D34-4D07ACF3ACCC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\epson software\event manager\eeventmanager.exe|Name=EEventManager Application|Desc=EEventManager Application| "{B134327F-99B1-429E-9409-9F1DD4FE01BA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{B7A978D5-6427-4E5D-B118-CEB820EF3F62}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{4076D2BB-0380-47DA-9FD7-1DCE0D1F2C86}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{1FA52B74-6E8D-4E64-A773-BE45F9918536}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (amdkmdap) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{56EBD688-B772-4181-9610-8633FCEE988D}] : (SymIRON) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (amdkmdap) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{F12D3CF8-B11D-457E-8641-BE2AF2D6D204}] : () [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [13/07/2009 23:59:33] - (1.28.3.52) - (LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort)) - C:\Windows\system32\drivers\lsi_sas.sys [22/06/2014 22:18:49] - (3.0.93.0) - (Sonic Solutions - Px Engine Device Driver for 64-bit Windows) - C:\Windows\System32\Drivers\PxHlpa64.sys [17/09/2013 16:17:38] - (9.0.384.0) - (ESET - Amon monitor) - C:\Windows\system32\DRIVERS\eamonm.sys [21/07/2016 10:49:38] - (0.0.0.0) - ( -) - C:\Program Files\ESET\ESET NOD32 Antivirus\em015_64.dat [17/09/2013 16:17:38] - (9.0.382.0) - (ESET - ESET Helper driver) - C:\Windows\system32\DRIVERS\ehdrv.sys [21/07/2016 10:49:38] - (0.0.0.0) - ( -) - C:\Program Files\ESET\ESET NOD32 Antivirus\em006_64.dat [21/07/2016 10:49:38] - (0.0.0.0) - ( -) - C:\Program Files\ESET\ESET NOD32 Antivirus\em018_64.dat [14/08/2016 17:15:46] - (6.0.0.12) - (AnchorFree Inc. - Hotspot Shield Routing Driver) - C:\Windows\system32\DRIVERS\hssdrv6.sys [14/02/2012 19:13:24] - (1.0.0.36) - (Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller) - C:\Windows\system32\DRIVERS\L1C62x64.sys [14/02/2012 19:13:57] - (15.1.6.0) - (Synaptics Incorporated - Synaptics Touchpad Driver) - C:\Windows\system32\DRIVERS\SynTP.sys [23/12/2014 02:41:00] - (32.0.0.3) - (Anchorfree Inc. - Anchorfree HSS VPN Adapter) - C:\Windows\system32\DRIVERS\taphss6.sys [17/09/2013 16:17:38] - (9.0.382.0) - (ESET - ESET Personal Firewall driver) - C:\Windows\system32\DRIVERS\epfwwfpr.sys [05/08/2016 14:50:26] - (1.1.0.0) - (AnchorFree Inc. - Hotspot Shield support device driver) - C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Microsoft ACPI Driver) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Compbatt (Microsoft Composite Battery Driver) -> system32\drivers\compbatt.sys R0 - Disk (Pilote de disque) -> system32\drivers\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStor (Intel AHCI Controller) -> system32\DRIVERS\iaStor.sys R0 - intelide () -> system32\drivers\intelide.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - LSI_SAS () -> system32\drivers\lsi_sas.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msahci () -> system32\drivers\msahci.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - PxHlpa64 (PxHlpa64) -> System32\Drivers\PxHlpa64.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - spldr (Security Processor Loader Driver) -> (?) R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Microsoft Virtual Drive Enumerator Driver) -> system32\drivers\vdrvroot.sys R0 - volmgr (Volume Manager Driver) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> \SystemRoot\system32\drivers\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - eamonm (eamonm) -> system32\DRIVERS\eamonm.sys R1 - ehdrv (ehdrv) -> system32\DRIVERS\ehdrv.sys R1 - HssDRV6 (Hotspot Shield Routing Driver 6) -> system32\DRIVERS\hssdrv6.sys R1 - Msfs () -> (?) R1 - mssmbios (Microsoft System Management BIOS Driver) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys S1 - Serial (Serial port driver) -> \SystemRoot\system32\drivers\serial.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Terminal Device Driver) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeActiveFileMonitor9.0 (Adobe Active File Monitor V9) -> C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe R2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - c2cautoupdatesvc (Skype Click to Call Updater) -> "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service R2 - c2cpnrsvc (Skype Click to Call PNR Service) -> "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - DsiWMIService (Dritek WMI Service) -> C:\Program Files (x86)\Launch Manager\dsiwmis.exe R2 - ekrn (ESET Service) -> "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe" R2 - epfwwfpr (epfwwfpr) -> system32\DRIVERS\epfwwfpr.sys R2 - ePowerSvc (ePower Service) -> C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe R2 - EpsonScanSvc (Epson Scanner Service) -> C:\Windows\system32\EscSvc64.exe R2 - EPSON_PM_RPCV4_06 (EPSON V3 Service4(06)) -> C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - gpsvc (@gpapi.dll,-112) -> %windir%\system32\svchost.exe -k GPSvcGroup R2 - GREGService (GREGService) -> C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - hshld (Hotspot Shield Service) -> C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe R2 - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - Live Updater Service (Live Updater Service) -> C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - LMS (Intel(R) Management and Security Application Local Management Service) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - MyEpson Portal Service (MyEpson Portal Service) -> "C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe" R2 - NAUpdate (@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200) -> "C:\Program Files (x86)\Nero\Update\NASvc.exe" R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - ss_conn_service (SAMSUNG Mobile Connectivity Service) -> "C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe" R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UNS (Intel(R) Management and Security Application User Notification Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - WinDefend (@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103) -> %SystemRoot%\System32\svchost.exe -k secsvcs R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Wlansvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs ---------- | System files (Microsoft Files whitelisted) [MD5.78488AF2AB2111D67B3C4044707A519B] - [12/01/2016 11:08:31] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\043047C3.sys [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.EEC575E7FF361B00199F704ABA94B934] - [16/07/2015 04:09:00] - (.© Advanced Micro Devices. - AMD ACP Binaries.) - [290.7 Ko] - (2.15.30.19) - C:\Windows\System32\Drivers\amdacpksd.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [14/07/2011 07:35:47] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [14/07/2011 07:35:47] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.207BEEDFC2E357A4A27E99DEA0FBEDF3] - [16/07/2015 04:06:36] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [21115.5 Ko] - (8.1.1.1500) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.50228D17A34A1E5CF93084A6AE70870B] - [16/07/2015 03:13:26] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [649.5 Ko] - (8.14.1.6463) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.11F844B46B631337395651ABE9C4167B] - [22/06/2014 22:11:45] - (.1998-2010, Broadcom Corp. All Rights Rsvd - Broadcom 802.11 Network Adapter wireless driver.) - [4618.56 Ko] - (5.100.82.87) - C:\Windows\System32\Drivers\BCMWL664.SYS [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.EFE63BDFC12A1DD65FBB9E621F29B78C] - [22/06/2014 22:18:49] - (.Copyright (c) 1994-2005 Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) - [9.98 Ko] - (8.0.0.212) - C:\Windows\System32\Drivers\cdr4_xp.sys [MD5.60B3B1A2544EB7843F26EC291BB590BB] - [22/06/2014 22:18:49] - (.Copyright (c) 1994-2005 Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) - [9.98 Ko] - (8.0.0.212) - C:\Windows\System32\Drivers\cdralw2k.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.EDC6E9C057C9D7F83EEA22B4CEF5DCAD] - [10/06/2009 22:35:09] - (.1998-2007, Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) - [142.38 Ko] - (8.4.1.0) - C:\Windows\System32\Drivers\E1G6032E.sys [MD5.87527FD162CD2285A548A934FF094229] - [17/09/2013 16:17:38] - (.Copyright (c) ESET, spol. s r.o. 1992-2016. - Amon monitor.) - [257.16 Ko] - (9.0.384.0) - C:\Windows\System32\Drivers\eamonm.sys [MD5.FD4BC52A6978A50A81B01E2C74D8737E] - [17/09/2013 16:17:38] - (.Copyright (c) ESET, spol. s r.o. 1992-2013. - Devmon monitor.) - [233.69 Ko] - (7.0.207.0) - C:\Windows\System32\Drivers\edevmon.sys [MD5.3944E86529A072405EADA8A8D9B27CE8] - [17/09/2013 16:17:38] - (.Copyright (c) ESET, spol. s r.o. 1992-2016. - ESET Helper driver.) - [192.66 Ko] - (9.0.382.0) - C:\Windows\System32\Drivers\ehdrv.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.3B085449438B2BCFD09CC84A0B90D1DB] - [17/09/2013 14:17:38] - (.Copyright (c) ESET, spol. s r.o. 1992-2013. - Epfw NDIS LightWeight Filter.) - [43.09 Ko] - (7.0.206.0) - C:\Windows\System32\Drivers\EpfwLWF.sys [MD5.9C5A9121C4381755E9924889B1B819E5] - [17/09/2013 16:17:38] - (.Copyright (c) ESET, spol. s r.o. 1992-2016. - ESET Personal Firewall driver.) - [177.16 Ko] - (9.0.382.0) - C:\Windows\System32\Drivers\epfwwfpr.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - [14/02/2012 19:13:46] - (.Copyright © 2006-2010, Intel Corporation. - Intel(R) Management Engine Interface.) - [55.02 Ko] - (7.0.0.1144) - C:\Windows\System32\Drivers\HECIx64.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [21/11/2010 05:23:47] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.FE9D668A8F10FCB5B0A21BF1C6E48705] - [14/08/2016 17:15:46] - (.© AnchorFree Inc. - Hotspot Shield Routing Driver.) - [43.7 Ko] - (6.0.0.12) - C:\Windows\System32\Drivers\hssdrv6.sys [MD5.D469B77687E12FE43E344806740B624D] - [22/06/2014 21:56:48] - (.Copyright(C) Intel Corporation 1994-2011 - Intel Rapid Storage Technology driver - x64.) - [429.02 Ko] - (10.1.2.1004) - C:\Windows\System32\Drivers\iaStor.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [14/07/2011 07:35:47] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.79AE3CC82CA1563A4B392207997ACE7C] - [01/06/2015 21:00:18] - (.Copyright (c) 1998-2012 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [5257.98 Ko] - (9.17.10.4229) - C:\Windows\System32\Drivers\igdkmd64.sys [MD5.33FAA40B288002C89529DBD14F3AB72C] - [20/10/2011 10:24:55] - (.Copyright (c) 1998-2006 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [12001.44 Ko] - (8.15.10.2476) - C:\Windows\System32\Drivers\igdpmd64.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.F5495B38BFB9149925F54F65AB40EFBF] - [21/01/2015 17:29:04] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [334.5 Ko] - (6.14.0.3097) - C:\Windows\System32\Drivers\IntcDAud.sys [MD5.0E154DA6CA9105354A07D0C576804037] - [14/02/2012 19:13:24] - (.2001-2010 Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) - [75.11 Ko] - (1.0.0.36) - C:\Windows\System32\Drivers\L1C62x64.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [23/07/2016 16:53:19] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [23/07/2016 16:53:19] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [23/07/2016 16:53:44] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.452ACB7A9914398D9E18CCCFFCF92208] - [23/07/2016 16:53:19] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.38 Ko] - (1.0.6.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [14/07/2011 07:35:47] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [14/07/2011 07:35:47] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.87B04878A6D59D6C79251DC960C674C1] - [22/06/2014 22:18:49] - (.Copyright © Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) - [54.55 Ko] - (3.0.93.0) - C:\Windows\System32\Drivers\PxHlpa64.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.B60ACCD29F8FAFC4A6344CD2BD5CA3A5] - [22/06/2014 22:07:21] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [2748.98 Ko] - (6.0.1.6329) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.9BEB5F18A418FF70659CE2E356829568] - [22/06/2014 22:09:02] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [241.6 Ko] - (6.1.7600.30123) - C:\Windows\System32\Drivers\RtsUStor.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - [14/07/2009 02:00:40] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.30710AEFCE721CEEE0F35EB6A01C263C] - [11/04/2015 17:55:14] - (.Copyright (c) DEVGURU 2002-2008.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) - [107.75 Ko] - (2.11.10.0) - C:\Windows\System32\Drivers\ssudbus.sys [MD5.91310683D7B6B292B746D60734B59322] - [11/04/2015 17:55:14] - (.Copyright (c) DEVGURU 2002-2008. (www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) - [201.25 Ko] - (2.11.10.0) - C:\Windows\System32\Drivers\ssudmdm.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.EF51B22706DB03F0857FADE127C804EC] - [14/02/2012 19:13:57] - (.Copyright (C) Synaptics Incorporated 1996-2010 - Synaptics Touchpad Driver.) - [1351.05 Ko] - (15.1.6.0) - C:\Windows\System32\Drivers\SynTP.sys [MD5.3C32FF010F869BC184DF71290477384E] - [22/08/2013 14:40:24] - (.OpenVPN Technologies, Inc. - TAP-Windows Virtual Network Driver.) - [39.71 Ko] - (9.0.0.9) - C:\Windows\System32\Drivers\tap0901.sys [MD5.EC7442AEDD575913CFA092746DEBEEF2] - [23/12/2014 02:41:00] - (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) - [41.2 Ko] - (32.0.0.3) - C:\Windows\System32\Drivers\taphss6.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [22/07/2016 16:31:18] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\Windows\System32\Drivers\TrueSight.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys ---------- | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Branding] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Broadcom 802.11 Network Adapter] : (Broadcom 802.11 Network Adapter.-.Broadcom Corporation) -> "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON XP-510 Series] : (Désinstallation de l'imprimante EPSON XP-510 Series.-.SEIKO EPSON Corporation) -> C:\Windows\system32\spool\DRIVERS\x64\3\E_IINSLRE.EXE /R /APD /P:"EPSON XP-510 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SynTPDeinstKey] : (Synaptics Pointing Device Driver.-.Synaptics Incorporated) -> rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TAP-Windows] : (TAP-Windows 9.9.2.-.) -> C:\Program Files\TAP-Windows\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WhoCrashed_is1] : (WhoCrashed 5.03.-.Resplendence Software Projects Sp.) -> "C:\Program Files\WhoCrashed\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.21 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3E31400D-274E-4647-916C-2CACC3741799}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{426582A8-202F-D13C-8BD5-F00551BAFC93}] : (AMD Wireless Display v3.0.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{426582A8-202F-D13C-8BD5-F00551BAFC93} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8B6CFE66-6961-3E02-3C57-9BA146AFB935}] : (AMD Wireless Display v3.0.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{8B6CFE66-6961-3E02-3C57-9BA146AFB935} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{8DF1EF50-AEB6-902C-F68C-4683C45784E6} REBOOT=ReallySuppress [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8F2415FA-72F2-F029-0450-4EB2FAE484C5}] : (AMD Accelerated Video Transcoding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{8F2415FA-72F2-F029-0450-4EB2FAE484C5} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{96202342-C4D5-4A2E-9B5F-9087ADECF177}] : (ESET NOD32 Antivirus.-.ESET, spol. s r.o.) -> MsiExec.exe /I{96202342-C4D5-4A2E-9B5F-9087ADECF177} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C270821D-2479-D0F4-1BD1-7BBAF6762A98}] : (AMD Wireless Display v3.0.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{C270821D-2479-D0F4-1BD1-7BBAF6762A98} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] : (SAMSUNG USB Driver for Mobile Phones.-.SAMSUNG Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F6BF49D7-479E-23FE-A8A9-63D193D05697}] : (AMD Drag and Drop Transcoding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{F6BF49D7-479E-23FE-A8A9-63D193D05697} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 22 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_210_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 22 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Photoshop Elements 9] : (Adobe Photoshop Elements 9.-.Adobe Systems Incorporated) -> msiexec /i {007F778D-F15C-4EAB-AE92-071D21FAF632} NOT_STANDALONE=1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Premiere Elements 9] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1] : (Adobe Community Help.-.Adobe Systems Incorporated) -> msiexec /qb /x {F302F4F0-588D-6501-1ACF-BE3FDCC9135D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ESET Online Scanner] : (ESET Online Scanner v3.-.) -> C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FoozKids] : (Fooz Kids.-.FUHU, Inc.) -> msiexec /qb /x {FE8FF1DC-90A3-A976-4ED7-43C280CEC0E0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HotspotShield] : (Hotspot Shield 5.4.9.-.AnchorFree Inc.) -> C:\Program Files (x86)\Hotspot Shield\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Identity Card] : (Identity Card.-.Packard Bell) -> C:\Program Files (x86)\Packard Bell\Identity Card\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}] : (Packard Bell Social Networks.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}] : (Samsung Kies.-.Samsung Electronics Co., Ltd.) -> "C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}] : (Samsung Kies3.-.Samsung Electronics Co., Ltd.) -> "C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}] : (Video Web Camera.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{A0382E3C-7384-429A-9BFA-AF5888E5A193}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}] : (CyberLink MediaEspresso.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LManager] : (Launch Manager.-.Packard Bell) -> C:\Windows\UNINSTLMv4.EXE LMv4.UNI [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0 (x86 fr)] : (Mozilla Firefox 47.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Thunderbird 45.2.0 (x86 fr)] : (Mozilla Thunderbird 45.2.0 (x86 fr).-.Mozilla) -> C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyEpson Portal] : (MyEpson Portal.-.SEIKO EPSON Corporation) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NirSoft ProduKey] : (NirSoft ProduKey.-.) -> "C:\Program Files (x86)\NirSoft\ProduKey\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Packard Bell Registration] : (Packard Bell Registration.-.Packard Bell) -> C:\Program Files (x86)\Packard Bell\Registration\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Packard Bell Screensaver] : (Packard Bell ScreenSaver.-.Packard Bell) -> C:\Program Files (x86)\Packard Bell\Screensaver\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Packard Bell Welcome Center] : (Welcome Center.-.Packard Bell) -> C:\Program Files (x86)\Packard Bell\Welcome Center\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PremElem90] : (Adobe Premiere Elements 9.-.Adobe Systems Incorporated) -> msiexec /I {EB9955F8-467C-47FC-90F8-12CD5DF684C3} REMOVEPREFS=1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SumatraPDF] : (SumatraPDF.-.Krzysztof Kowalczyk) -> "C:\Program Files (x86)\SumatraPDF\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player 2.1.3.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent packardbell Master Uninstall] : (Packard Bell Games.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-packardbell-main] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\Packard Bell Games\Game Explorer Categories - main\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-02405c2c-c6d1-40e2-bf38-6f293a335345] : (Crazy Chicken Kart 2.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Crazy Chicken Kart 2\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-037c7359-84ef-475c-bb76-1e531f2ea62a] : (Plants vs. Zombies - Game of the Year.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-0b36192e-217d-4497-ba63-8aa9df334d56] : (Chuzzle Deluxe.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Chuzzle Deluxe\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-0f4a2665-a213-49c5-9f95-9bbcb863ee45] : (Penguins!.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Penguins!\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-1e24f91f-8423-48e3-b15e-55b2de08d88b] : (Final Drive: Nitro.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Final Drive Nitro\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-1f3c318a-7e9e-483a-9690-237df7aaed21] : (Slingo Deluxe.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Slingo Deluxe\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-24ae76d8-1378-4747-b3f0-69a3ee2db275] : (John Deere Drive Green.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\John Deere Drive Green\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-335c29c1-ba96-4947-a42e-bfbe77c2a13f] : (Insaniquarium Deluxe.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Insaniquarium Deluxe\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-35dd7e35-10bc-474e-8f9c-20541165a3bf] : (Virtual Villagers 4 - The Tree of Life.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-3d2fe7ca-d808-4ef8-b33b-e1185aae26e3] : (Jewel Match 3.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Jewel Match 3\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-4a32c5df-3031-4d4b-a6db-b21448eae47d] : (FATE.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\FATE\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-56d9137e-91ac-4124-84ea-265fc46c6de1] : (Wedding Dash.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Wedding Dash\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-5a9582ca-888e-4da2-b1f6-90449c74d50d] : (Polar Bowler.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Polar Bowler\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-5f38b7c7-fbcd-43cf-bd2d-0089c027330f] : (Bejeweled 2 Deluxe.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Bejeweled 2 Deluxe\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-821ce47e-da60-46d1-90ac-ca509230d782] : (Jewel Quest Solitaire.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Jewel Quest Solitaire\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-a9b41cd8-b99f-4635-9de0-82c3756c6afa] : (Agatha Christie - Death on the Nile.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-c9cc3ecc-308c-4e1d-9552-8afecbab3600] : (Torchlight.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Torchlight\uninstall\uninstaller.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-d127a8ee-b8b6-4e41-bc11-00bfbf14c2e4] : (Mystery of Mortlake Mansion.-.WildTangent) -> "C:\Program Files (x86)\Packard Bell Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\XnView_is1] : (XnView 2.34.-.Gougelet Pierre-e) -> "C:\Program Files (x86)\XnView\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ZHPFix_is1] : (ZHPFix 2015.-.Nicolas Coolman) -> "C:\Program Files (x86)\ZHPFix\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{007F778D-F15C-4EAB-AE92-071D21FAF632}] : (Adobe Photoshop Elements 9.-.Adobe Systems Incorporated) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{048B7EB5-977B-4444-B3F8-B8C2D2675314}] : (Clean Up.-.Elguevel software) -> MsiExec.exe /I{048B7EB5-977B-4444-B3F8-B8C2D2675314} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}] : (Epson Easy Photo Print 2.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}\setup.exe" -runfromtemp -l0x040c UNINST -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}] : (Nero BackItUp 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] : (Microsoft_VC90_CRT_x86.-.Adobe) -> MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0C2D7460-3633-F05A-4504-A4BAF0508E63}] : (AMD Catalyst Control Center.-.Nom de votre société) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{12E727B6-24CD-0CA2-E63F-815CE9F03BC1}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20E59B20-3E77-B07B-B854-2B03CE86FC64}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{226552DB-BCAF-5406-8283-5F500AFC0C16}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}] : (Nero Core Components 10.-.Nero AG) -> MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25175695-4B20-4298-9F34-C2C57CD277B3}] : (Elements STI Installer.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{25175695-4B20-4298-9F34-C2C57CD277B3}" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26024DF7-8D9A-0047-3AA1-63AC45B68413}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217071FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180101F0}] : (Java 8 Update 101.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180101F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}] : (Evernote v. 4.5.1.-.Evernote Corp.) -> MsiExec.exe /X{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App] : (Update Installer for WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3108C217-BE83-42E4-AE9E-A56A2A92E549}] : (Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver.-.Atheros Communications Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{31796434-736D-4601-6D86-D95696812FAF}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3361D415-BA35-4143-B301-661991BA6219}] : (MyEpson Portal.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33643918-7957-4839-92C7-EA96CB621A98}] : (Nero Express 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34490F4E-48D0-492E-8249-B48BECF0537C}] : (Nero DiscSpeed 10.-.Nero AG) -> MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}] : (Packard Bell Power Management.-.Packard Bell) -> "C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x40c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E31400D-274E-4647-916C-2CACC3741799}] : (EpsonNet Print.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.EXE" -runfromtemp -l0x0409 -EPSON -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{41727356-2969-83D0-9DAF-41DFB6CE6C82}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}] : (Elements 9 Organizer.-.Adobe Systems Incorporated) -> MsiExec.exe /I{433EACD8-4747-4A6A-826A-FFA9F39B0D40} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}] : (Nero ControlCenter 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{53DB9A5D-87C7-5067-D8A2-F53FB3F621BB}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5883C8CF-D9F6-CACD-01E9-8D4DE18B7B86}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{59DB38EB-F864-4E10-841D-38CFBCF864B0}] : (Intel(R) Driver Update Utility 2.0.-.Intel) -> MsiExec.exe /X{59DB38EB-F864-4E10-841D-38CFBCF864B0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5A9F93EE-DF6F-AE8E-A43E-76B12F2BA707}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5D25D99C-A5CF-4E0E-A542-202E187C37A0}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}] : (Nero Multimedia Suite 10 Essentials.-.Nero AG) -> MsiExec.exe /I{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}] : (Packard Bell Social Networks.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] : (Nero Update.-.Nero AG) -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{68AB6930-5BFF-4FF6-923B-516A91984FE6}] : (Nero BackItUp 10.-.Nero AG) -> MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}] : (Nero Multimedia Suite 10 Essentials.-.Nero AG) -> MsiExec.exe /I{68AFA3A7-9265-4ABD-994A-ACA413E3715C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A0549A9-1B96-498C-ACBC-3943001FEB19}] : (Skype™ 7.8.-.Skype Technologies S.A.) -> MsiExec.exe /X{6A0549A9-1B96-498C-ACBC-3943001FEB19} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}] : (Nero Control Center 10.-.Nero AG) -> MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70550193-1C22-445C-8FA4-564E155DB1A7}] : (Nero Express 10.-.Nero AG) -> MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell] : (WildTangent Games App (Packard Bell Games).-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Touchpoints\packardbell\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7382003B-637E-2598-F9D6-0B4C70EA358F}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}] : (Samsung Kies.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{77F2CBFF-0687-BBAD-6A44-C0034AFE71FA}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F811A54-5A09-4579-90E1-C93498E230D9}] : (Packard Bell Recovery Management.-.Packard Bell) -> "C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x40c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{817750FA-EC6A-485D-9901-0683AE6FFDF1}] : (Google Earth.-.Google) -> MsiExec.exe /I{817750FA-EC6A-485D-9901-0683AE6FFDF1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8409c4f7-2340-4933-a304-5d37db4fb48b}] : (Intel® Driver Update Utility.-.Intel) -> "C:\ProgramData\Package Cache\{8409c4f7-2340-4933-a304-5d37db4fb48b}\Intel® Driver Update Utility Installer.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.SEIKO EPSON CORPORATION) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88547073-C566-4895-9005-EBE98EA3F7C7}] : (Samsung Kies3.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{88547073-C566-4895-9005-EBE98EA3F7C7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}] : (Fooz Kids Platform.-.FUHU, Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}\setup.exe" -runfromtemp -l0x0409 -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] : (Microsoft_VC80_CRT_x86.-.Adobe) -> MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92E25238-61A3-4ACD-A407-3C480EEF47A7}] : (Nero RescueAgent 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{93ED5459-3A8E-67EB-C68F-47CD6AFE25A4}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911}] : (Realtek USB 2.0 Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A0030B28-1F49-2734-BFD7-74666118637E}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A0382E3C-7384-429A-9BFA-AF5888E5A193}] : (Video Web Camera.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{A0382E3C-7384-429A-9BFA-AF5888E5A193}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A03D0AB9-E804-E8B1-2EC5-0E28DAEAC11A}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A0CC276F-2890-DE82-1C93-BF827B3DCD2D}] : (Catalyst Control Center Graphics Previews Common.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA4BF92B-2AAF-11DA-9D78-000129760D75}] : (HomeMedia.-.CyberLink Corporation) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF2D6CE8-FF11-72F6-DA20-DF02E68E211D}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF599C42-A2E5-4251-B7EE-4925A1673946}] : (Hotspot Shield 5.4.9 Embedded.-.Buildbot) -> MsiExec.exe /X{AF599C42-A2E5-4251-B7EE-4925A1673946} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2F0BB2B-34ED-AEB8-CFD5-B4405D8DAD54}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}] : (Почта Windows Live.-.Корпорация Майкрософт) -> MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD96BA19-5A46-E2F7-5652-E13BBA085317}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C18A0418-442A-4186-AF98-D08F5054A2FC}] : (Nero DiscSpeed 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C2409A7D-665E-F6E9-CAE1-DFCF83DBF632}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C4A8B568-5F30-E41F-5F15-80E0902C204E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7AA3D65-1F84-4590-AFAA-0777A04B6687}] : (Epson Software Updater.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{C7AA3D65-1F84-4590-AFAA-0777A04B6687} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CBFD061C-4B27-4A89-ADD8-210316EEFA11}] : (Windows Live Messenger.-.Корпорация Майкрософт) -> MsiExec.exe /X{CBFD061C-4B27-4A89-ADD8-210316EEFA11} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}] : (Microsoft_VC80_MFC_x86.-.Adobe) -> MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}] : (Microsoft_VC80_MFCLOC_x86.-.Adobe) -> MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}] : (OpenOffice 4.1.2.-.Apache Software Foundation) -> MsiExec.exe /I{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E281AD0E-78A6-DE8A-9903-A449EE18FB17}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}] : (Elements STI Installer.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E337E787-CF61-4B7B-B84F-509202A54023}] : (Nero RescueAgent 10.-.Nero AG) -> MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3739848-5329-48E3-8D28-5BBD6E8BE384}] : (CyberLink MediaEspresso.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{e48a2f61-851a-4155-82f9-af1b04db8c3b}] : (Logiciel pour périphérique à chipset Intel®.-.Intel(R) Corporation) -> "C:\ProgramData\Package Cache\{e48a2f61-851a-4155-82f9-af1b04db8c3b}\SetupChipset.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E8478C78-A2BE-A85B-4EDC-FB02B6AE1A3E}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EB9955F8-467C-47FC-90F8-12CD5DF684C3}] : (Adobe Premiere Elements 9.-.Adobe Systems Incorporated) -> MsiExec.exe /I{EB9955F8-467C-47FC-90F8-12CD5DF684C3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F1CA8888-41BB-7DCE-D9A4-751AFC4F1353}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}] : (Adobe Community Help.-.Adobe Systems Incorporated) -> MsiExec.exe /I{F302F4F0-588D-6501-1ACF-BE3FDCC9135D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}] : (Nero StartSmart 10 Help (CHM).-.Nero AG) -> MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}] : (Nero StartSmart 10.-.Nero AG) -> MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}] : (Intel(R) SDK for OpenCL - CPU Only Runtime Package.-.Intel Corporation) -> C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDB3B167-F4FA-461D-976F-286304A57B2A}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{FDB3B167-F4FA-461D-976F-286304A57B2A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FE8FF1DC-90A3-A976-4ED7-43C280CEC0E0}] : (Fooz Kids.-.FUHU, Inc.) -> MsiExec.exe /I{FE8FF1DC-90A3-A976-4ED7-43C280CEC0E0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FE9A8A35-DBD4-9D26-84A2-CFF68BEFAAB6}] : (PX Profile Update.-.AMD) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF5E3D2F-586A-3CF2-CFAE-3B03862F5512}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> ---------- | Installer [HKCR\Installer\Products\02B95E0277E3B70B8B45B230EC68CF46] : CCC Help Greek -> C:\Windows\Installer\{20E59B20-3E77-B07B-B854-2B03CE86FC64}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0396BA86FFB56FF429B315A61989F46E] : Nero BackItUp 10 -> C:\Windows\Installer\{68AB6930-5BFF-4FF6-923B-516A91984FE6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\05FE1FD86BEAC2096FC864384C75486E] : AMD Catalyst Install Manager -> C:\Windows\Installer\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0647D2C03363A50F54404AAB0F05E836] : AMD Catalyst Control Center -> C:\Windows\Installer\{0C2D7460-3633-F05A-4504-A4BAF0508E63}\ARPPRODUCTICON.exe [HKCR\Installer\Products\08512982BB4E0E11F97DC11CED0FC7EB] : Evernote v. 4.5.1 -> C:\Windows\Installer\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}\Evernote.ico [HKCR\Installer\Products\0F4F203FD8851056A1FCEBF3CD9C31D5] : Adobe Community Help [HKCR\Installer\Products\1038C85769625584FA5435B4210089A0] : Samsung Kies -> C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\243202695D4CE2A4B9F50978DACE1F77] : ESET NOD32 Antivirus -> C:\Windows\Installer\{96202342-C4D5-4A2E-9B5F-9087ADECF177}\Icon_Product [HKCR\Installer\Products\24C995FA5E2A15247BEE94521A769364] : Hotspot Shield 5.4.9 Embedded [HKCR\Installer\Products\37074588665C59840950BE9EE83A7F7C] : Samsung Kies3 -> C:\Windows\Installer\{88547073-C566-4895-9005-EBE98EA3F7C7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3910550722C1C544F84A65E451D51B7A] : Nero Express 10 -> C:\Windows\Installer\{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3DB4FB266F1B2AF43888CC6074CAFB68] : Nero Multimedia Suite 10 Essentials -> C:\Windows\Installer\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42D78011D76588D7966C7D0AB8F5C474] : Catalyst Control Center - Branding -> C:\Windows\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\43469713D6371064D6689D656918F2FA] : CCC Help Hungarian -> C:\Windows\Installer\{31796434-736D-4601-6D86-D95696812FAF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\Windows\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\Windows\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110100F] : Java 8 Update 101 -> C:\Program Files (x86)\Java\jre1.8.0_101\\bin\javaws.exe [HKCR\Installer\Products\514D163353AB34143B10669119AB2691] : MyEpson Portal [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\56D3AA7C48F10954FAAA70770AB46678] : Epson Software Updater -> C:\Windows\Installer\{C7AA3D65-1F84-4590-AFAA-0777A04B6687}\icon.ico [HKCR\Installer\Products\5BE7B840B77944443B8F8B2C2D763541] : Clean Up [HKCR\Installer\Products\5D6775DE4B957B64FA18F5D2497D6C04] : Cisco PEAP Module [HKCR\Installer\Products\6116D6C8427B0184F8D20D746E7B6DE8] : Mesh Runtime [HKCR\Installer\Products\6537271496920D38D9FA14FD6BECC628] : CCC Help Japanese -> C:\Windows\Installer\{41727356-2969-83D0-9DAF-41DFB6CE6C82}\ARPPRODUCTICON.exe [HKCR\Installer\Products\66EFC6B8169620E3C375B91A64FA9B53] : AMD Wireless Display v3.0 -> C:\Windows\Installer\{8B6CFE66-6961-3E02-3C57-9BA146AFB935}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6B727E21DC422AC06EF318C59E0FB31C] : CCC Help Spanish -> C:\Windows\Installer\{12E727B6-24CD-0CA2-E63F-815CE9F03BC1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\7040BB568CC47CD459E2E3FEFD5006A2] : Nero Update -> C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\70DA7C156F3C5364E8A83231608D01EF] : Cisco LEAP Module [HKCR\Installer\Products\761B3BDFAF4FD16479F68236405AB7A2] : Adobe AIR [HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module [HKCR\Installer\Products\787E733E16FCB7B48BF40529205A0432] : Nero RescueAgent 10 -> C:\Windows\Installer\{E337E787-CF61-4B7B-B84F-509202A54023}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7A3AFA865629DBA499A4CA4A313E17C5] : Nero Multimedia Suite 10 Essentials -> C:\Windows\Installer\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7D94FB6FE974EF328A9A361D390D6579] : AMD Drag and Drop Transcoding -> C:\Windows\Installer\{F6BF49D7-479E-23FE-A8A9-63D193D05697}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E] : Junk Mail filter update [HKCR\Installer\Products\7FD42062A9D87400A31A36CA546B4831] : CCC Help Italian -> C:\Windows\Installer\{26024DF7-8D9A-0047-3AA1-63AC45B68413}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8140A81CA2446814FA890DF805452ACF] : Nero DiscSpeed 10 Help (CHM) -> C:\Windows\Installer\{C18A0418-442A-4186-AF98-D08F5054A2FC}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\8193463375979384297CAE69BC26A189] : Nero Express 10 Help (CHM) -> C:\Windows\Installer\{33643918-7957-4839-92C7-EA96CB621A98}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\82B0300A94F14372FB7D4766168136E7] : CCC Help Portuguese -> C:\Windows\Installer\{A0030B28-1F49-2734-BFD7-74666118637E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\83252E293A16DCA44A70C384E0FE747A] : Nero RescueAgent 10 Help (CHM) -> C:\Windows\Installer\{92E25238-61A3-4ACD-A407-3C480EEF47A7}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\843B1BCDE49CD6D4C80ED7D95AFC66E3] : OpenOffice 4.1.2 -> C:\Windows\Installer\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}\soffice.ico [HKCR\Installer\Products\8489373E92353E84D882B5DBE6B83E48] : MediaEspresso -> C:\Windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe [HKCR\Installer\Products\865B8A4C03F5F14EF551080E09C202E4] : CCC Help Dutch -> C:\Windows\Installer\{C4A8B568-5F30-E41F-5F15-80E0902C204E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\87C8748EEB2AB58AE4CDBF206BEAA1E3] : CCC Help German -> C:\Windows\Installer\{E8478C78-A2BE-A85B-4EDC-FB02B6AE1A3E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8888AC1FBB14ECD79D4A57A1CFF43135] : CCC Help Czech -> C:\Windows\Installer\{F1CA8888-41BB-7DCE-D9A4-751AFC4F1353}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8A285624F202C31DB85D0F5015ABCF39] : AMD Wireless Display v3.0 -> C:\Windows\Installer\{426582A8-202F-D13C-8BD5-F00551BAFC93}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8A2F6342E7B4C6B4EAE406C448AAA6F4] : Nero Core Components 10 [HKCR\Installer\Products\8DCAE3347474A6A428A6FF9A3FB9D004] : Elements 9 Organizer -> C:\Windows\Installer\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8EC6D2FA11FF6F27AD02FD206EE812D1] : CCC Help Thai -> C:\Windows\Installer\{AF2D6CE8-FF11-72F6-DA20-DF02E68E211D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F5599BEC764CF74098F21DCD56F483C] : Adobe Premiere Elements 9 -> c:\Windows\Installer\{EB9955F8-467C-47FC-90F8-12CD5DF684C3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\91AB69DB64A57F2E65251EB3AB803571] : CCC Help Finnish -> C:\Windows\Installer\{BD96BA19-5A46-E2F7-5652-E13BBA085317}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9545DE39E8A3BE766CF874DCA6EF524A] : CCC Help Turkish -> C:\Windows\Installer\{93ED5459-3A8E-67EB-C68F-47CD6AFE25A4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9A1221D6FB710CE4182F723DE03C7010] : Skype Click to Call -> C:\Windows\Installer\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}\ICON_PRODUCT [HKCR\Installer\Products\9A9450A669B1C894CACB933400F1BE91] : Skype™ 7.8 -> C:\Windows\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe [HKCR\Installer\Products\9BA0D30A408E1B8EE25CE082ADAE1CA1] : Catalyst Control Center Localization All -> C:\Windows\Installer\{A03D0AB9-E804-E8B1-2EC5-0E28DAEAC11A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\AF057718A6CED58499106038EAF6DF1F] : Google Earth -> C:\Windows\Installer\{817750FA-EC6A-485D-9901-0683AE6FFDF1}\MainIcon.ico [HKCR\Installer\Products\AF5142F82F27920F4005E42BAF4E485C] : AMD Accelerated Video Transcoding -> C:\Windows\Installer\{8F2415FA-72F2-F029-0450-4EB2FAE484C5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1B2B325BD8D14B409FF4C7D992E57A8] : Nero ControlCenter 10 Help (CHM) -> C:\Windows\Installer\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\Windows\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B2BB0F2BDE438BEAFC5D4B04D5D8DA45] : CCC Help Swedish -> C:\Windows\Installer\{B2F0BB2B-34ED-AEB8-CFD5-B4405D8DAD54}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B3002837E73689529F6DB0C407AE53F8] : CCC Help Chinese Standard -> C:\Windows\Installer\{7382003B-637E-2598-F9D6-0B4C70EA358F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B6668C80205C3BA44BBC7DA44CD241EF] : Nero BackItUp 10 Help (CHM) -> C:\Windows\Installer\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\BD255622FACB60452838F505A0CFC061] : CCC Help Norwegian -> C:\Windows\Installer\{226552DB-BCAF-5406-8283-5F500AFC0C16}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BE83BD95468F01E448D183FCCB8F460B] : Intel(R) Driver Update Utility 2.0 -> C:\Windows\Installer\{59DB38EB-F864-4E10-841D-38CFBCF864B0}\ProductIcon [HKCR\Installer\Products\C3E2830A4837A924B9AFFA85885E1A39] : Vedio WebCam -> C:\Windows\Installer\{A0382E3C-7384-429A-9BFA-AF5888E5A193}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C9F7116F5BDA0954B94E217CEB2C7820] : Nero StartSmart 10 Help (CHM) -> C:\Windows\Installer\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 [HKCR\Installer\Products\CD1FF8EF3A09679AE47D342C08EC0C0E] : Fooz Kids [HKCR\Installer\Products\D128072C97424F0DB11DB7AB6F67A289] : AMD Wireless Display v3.0 -> C:\Windows\Installer\{C270821D-2479-D0F4-1BD1-7BBAF6762A98}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D5A9BD357C7876058D2A5FF33B6F12BB] : CCC Help Polish -> C:\Windows\Installer\{53DB9A5D-87C7-5067-D8A2-F53FB3F621BB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D7A9042CE5669E6FAC1EFDFC38BD6F23] : CCC Help Danish -> C:\Windows\Installer\{C2409A7D-665E-F6E9-CAE1-DFCF83DBF632}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D877F700C51FBAE4EA2970D112AF6F23] : Adobe Photoshop Elements 9 [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\E066CC7BD13FC094DBA2C22BCEA5E5A3] : Intel(R) Chipset Device Software [HKCR\Installer\Products\E0DA182E6A87A8ED99304A94EE81BF71] : CCC Help English -> C:\Windows\Installer\{E281AD0E-78A6-DE8A-9903-A449EE18FB17}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E309FE46A00DC414494ABF3A86FFDC9C] : Social Networks -> C:\Windows\Installer\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E4F094430D84E29428944BB8CE0F35C7] : Nero DiscSpeed 10 -> C:\Windows\Installer\{34490F4E-48D0-492E-8249-B48BECF0537C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E984D16F44C6CA94DA20D78ACA7AA356] : Nero StartSmart 10 -> C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EE39F9A5F6FDE8EA4AE3671BF2B27A70] : CCC Help Russian -> C:\Windows\Installer\{5A9F93EE-DF6F-AE8E-A43E-76B12F2BA707}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F2D3E5FFA6852FC3FCEAB33068F25521] : CCC Help Chinese Traditional -> C:\Windows\Installer\{FF5E3D2F-586A-3CF2-CFAE-3B03862F5512}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F672CC0A098228EDC139FB28B7D3DCD2] : Catalyst Control Center Graphics Previews Common -> C:\Windows\Installer\{A0CC276F-2890-DE82-1C93-BF827B3DCD2D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F998BFD62A710F845A33DED88666FC83] : Nero Control Center 10 -> C:\Windows\Installer\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FC8C38856F9DDCAC109ED8D41EB8B768] : CCC Help Korean -> C:\Windows\Installer\{5883C8CF-D9F6-CACD-01E9-8D4DE18B7B86}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FFBC2F777860DABBA6440C30A4EF17AF] : CCC Help French -> C:\Windows\Installer\{77F2CBFF-0687-BBAD-6A44-C0034AFE71FA}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=715G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 27-UNKNWN 19G No No 2,048 38,912,000 1 1 07-NTFS 100M Yes No 38,914,048 204,800 2 2 07-NTFS 348G No No 39,118,848 712,751,104 3 3 07-NTFS 348G No No 751,869,952 713,275,392 ---------- | MBR Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: Packard Bell BIOS Manufacturer: Packard Bell System Manufacturer: Packard Bell System Product Name: EasyNote LS44HR Logical Drives Mask: 0x0000001c Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante IEXPLORE.EXE, version : 11.0.9600.18427, horodatage : 0x57a02609 Nom du module défaillant : MSHTML.dll, version : 11.0.9600.18427, horodatage : 0x57a0353c Code d’exception : 0xc00000fd Décalage d’erreur : 0x003db9d3 ID du processus défaillant : 0x14fc Heure de début de l’application défaillante : 0x01d1f3c7aeb88150 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Chemin d’accès du module défaillant: C:\Windows\system32\MSHTML.dll ID de rapport : de01dcc1-5fdc-11e6-94e1-b888e344ccfb ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante IEXPLORE.EXE, version : 11.0.9600.18377, horodatage : 0x575afa93 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x1bb722f9 ID du processus défaillant : 0x17f0 Heure de début de l’application défaillante : 0x01d1eeff703dbc2f Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Chemin d’accès du module défaillant: unknown ID de rapport : 05e55fed-5afc-11e6-b7db-b888e344ccfb ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ Nom de l’application défaillante IEXPLORE.EXE, version : 11.0.9600.18377, horodatage : 0x575afa93 Nom du module défaillant : jscript9.dll, version : 11.0.9600.18377, horodatage : 0x575b0383 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000a8278 ID du processus défaillant : 0x1bb8 Heure de début de l’application défaillante : 0x01d1ee529ee7ee11 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Chemin d’accès du module défaillant: C:\Windows\SysWOW64\jscript9.dll ID de rapport : 00d1c85f-5a85-11e6-beab-b888e344ccfb ------------ Nom de l’application défaillante IEXPLORE.EXE, version : 11.0.9600.18377, horodatage : 0x575afa93 Nom du module défaillant : jscript9.dll, version : 11.0.9600.18377, horodatage : 0x575b0383 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000a8278 ID du processus défaillant : 0xb64 Heure de début de l’application défaillante : 0x01d1ee50659cc076 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Chemin d’accès du module défaillant: C:\Windows\SysWOW64\jscript9.dll ID de rapport : d97287c8-5a45-11e6-beab-b888e344ccfb ------------ Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. ------------ ----------( EOF)---------- - 3460 | 13:27:13