--------------- QuickDiag | g3n-h@ckm@n | 2_02.11.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 20/12/2016 21:15:21 Updated 02/11/2016 | 17.15 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [cecile (Administrator)] - [CECILE-PC] (S-1-5-21-1971661368-2378366175-2141996692-1000) System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition2 Boot : Normal boot PC: HP G72 Notebook PC - Hewlett-Packard - IdNumber: 4CZ02426W4 - UUID: 3A1E5937-55B7-FABF-A4E5-0E667CE08400 Processor : X64 - 1862 Mhz - Intel(R) Pentium(R) CPU P6000 @ 1.87GHz Default System BIOS - - Hewlett-Packard - S/N: 4CZ02426W4 - F.0A - HPQOEM - 1 CoreTemp : 49 Celsius ----------| Quick ---------- | SoundDevice ATI High Definition Audio Device - Status: OK - Manufacturer: ATI Technologies Inc. - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002\5&37EB0373&0&0001 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0270&SUBSYS_103C143A&REV_1001\4&2B667FEA&0&0001 ---------- | Video Intel(R) Graphics Media Accelerator HD - Resolution: 1600x900 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0046&SUBSYS_143A103C&REV_02\3&11583659&0&10 - AdapterCompatibility: ATI Technologies Inc. - RAM: 1806622720 ATI Mobility Radeon HD 5470 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: atiu9p64.dll,atiuxp64.dll,atiuxp64.dll,atiu9pag,atiuxpag,atiuxpag,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_68E0&SUBSYS_143A103C&REV_00\4&136621A8&0&0008 - AdapterCompatibility: ATI Technologies Inc. - RAM: 536870912 Inegrated Video Chipset DeviceName: Intel(R) Graphics Media Accelerator HD - DriverVersion: 8.14.01.6099 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:31 % CPU #2 value:75 % Total Overall CPU Usage value:53 % ---------- | Network Realtek PCIe FE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Broadcom 4313 802.11b_g_n : SENT:0 bytes/sec / RECVD:0 bytes/sec Microsoft Virtual WiFi Miniport Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{3DA1D3CB-661D-4DF3-8BEE-F1B5832DAE1D} : SENT:0 bytes/sec / RECVD:0 bytes/sec 6TO4 Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Connexion au réseau local* 13 : SENT:0 bytes/sec / RECVD:0 bytes/sec Connexion au réseau local* 14 : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:53 bytes/sec, / RECEIVE Maximum:0 bytes/sec WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Realtek PCIe FE Family Controller - - - Status: - PnPID : WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP #2 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0004 RAS Async Adapter - - - Status: - PnPID : Broadcom 4313 802.11b/g/n - Ethernet 802.3 - Broadcom - Status: - PnPID : PCI\VEN_14E4&DEV_4727&SUBSYS_145C103C&REV_01\4&24D1E8A0&0&00E2 Microsoft Virtual WiFi Miniport Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&13B8FA1F&0&01 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0005 Carte Microsoft 6to4 - Tunnel - Microsoft - Status: - PnPID : ROOT\*6TO4MP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0002 Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 Carte Microsoft ISATAP #4 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0006 ---------- | Memory RAM = Total (MB) : 3987 | Free (MB) : 1127 Pagefile = Total (MB) : 7973 | Free (MB) : 5285 Virtual = Total (MB) : 4194 | Free (MB) : 4027 Physical Memory 0 : Capacity: 2147483648 - DIMM0 - Posit.: 1 - Manufacturer: Samsung - PartNumber: M471B5673FH0-CH9 - S/N: 93D10113 Physical Memory 1 : Capacity: 2147483648 - DIMM1 - Posit.: 2 - Manufacturer: Samsung - PartNumber: M471B5673FH0-CH9 - S/N: 93D10099 ---------- | SID Users Administrateur : [S-1-5-21-1971661368-2378366175-2141996692-500] cecile : [S-1-5-21-1971661368-2378366175-2141996692-1000] HomeGroupUser$ : [S-1-5-21-1971661368-2378366175-2141996692-1002] Invité : [S-1-5-21-1971661368-2378366175-2141996692-501] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-1971661368-2378366175-2141996692-1001] ---------- | Drives F:\ -> [CDROM] | [Va Vis et Deviens] | Total : 7.42 Go | Free : 0 Go -> UDF [ATAPI] E:\ -> [Fixed] | [HP_TOOLS] | Total : 0.1 Go | Free : 0.09 Go -> FAT32 [ATA] D:\ -> [Fixed] | [RECOVERY] | Total : 13.95 Go | Free : 1.95 Go -> NTFS [ATA] C:\ -> [Fixed] | [] | Total : 451.51 Go | Free : 106.87 Go -> NTFS [ATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:, E:] : Read:4,680,718 bytes/sec, Written:0 bytes/sec Max Read:4,680,718 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:4,680,718 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : IDE\DISKTOSHIBA_MK5056GSY_______________________LH003C__\4&18964C76&0&0.0.0 ---------- | Windows updates Last detection : 2016-06-14 06:24:39 Downloaded last ones : 2016-06-09 18:03:01 Installed last ones : 2016-06-09 19:05:41 Next search : 2016-12-20 20:13:05 Windows Is Activated ---------- | Browsers IE : 11.0.9600.18315 (© Microsoft Corporation. Tous droits réservés.) FF : 50.1.0.6186 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 24.0.0.186 FlashPlayer Plugin : 24.0.0.186 ---------- | Security AV : Avast Antivirus Enabled AS : Norton Internet Security Disabled FW : Norton Internet Security Disabled WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 340 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23418) = C:\Windows\System32\smss.exe [11/05/2016 13:02:50] CPU Usage:0 % 564 | [Owner : | Parent : 424() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 00:52:37] CPU Usage:0 % 612 | [Owner : | Parent : 564(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [13/05/2015 17:01:45] CPU Usage:0 % 628 | [Owner : | Parent : 564(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23418) = C:\Windows\System32\lsass.exe [11/05/2016 13:02:50] CPU Usage:0 % 636 | [Owner : | Parent : 564(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [22/06/2011 08:52:28] CPU Usage:0 % 704 | [Owner : | Parent : 556() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe [16/10/2014 07:52:57] CPU Usage:0 % 796 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 904 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 992 | [Owner : | Parent : 612(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1051) = C:\Windows\System32\atiesrxx.exe [03/03/2010 08:12:14] CPU Usage:0 % 108 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 392 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 500 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 388 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:50 % 1044 | [Owner : | Parent : 108(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.18741) = C:\Windows\System32\audiodg.exe [11/03/2015 08:53:09] CPU Usage:0 % 1264 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1296 | [Owner : | Parent : 992(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1051) = C:\Windows\System32\atieclxx.exe [03/03/2010 08:12:54] CPU Usage:0 % 1408 | [Owner : | Parent : 612(services.exe) | ?????] - (.AVAST Software - avast! Service.) - (12.3.3154.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [20/12/2016 12:43:30] CPU Usage:0 % 1416 | [Owner : | Parent : 392(svchost.exe) | ?????] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe [14/07/2009 01:07:15] CPU Usage:0 % 1424 | [Owner : | Parent : 476(csrss.exe) | ?????] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23418) = C:\Windows\System32\conhost.exe [11/05/2016 13:02:50] CPU Usage:0 % 1600 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe [19/08/2012 21:49:10] CPU Usage:0 % 1636 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1736 | [Owner : | Parent : 612(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.20.5020) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [21/10/2016 19:02:44] CPU Usage:0 % 1756 | [Owner : | Parent : 612(services.exe) | ?????] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - (1.0.64.10) = C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [25/06/2010 22:13:02] CPU Usage:0 % 1792 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1848 | [Owner : | Parent : 612(services.exe) | ?????] - (.EasyBits Software AS - Shared EasyBits services for Windows.) - (5.0.0.101) = C:\Windows\SysWOW64\ezSharedSvcHost.exe [12/05/2010 19:24:33] CPU Usage:0 % 1916 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1944 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\SysWOW64\svchost.exe [14/07/2009 00:19:28] CPU Usage:0 % 2004 | [Owner : | Parent : 612(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [18/01/2010 14:04:08] CPU Usage:0 % 1508 | [Owner : | Parent : 612(services.exe) | ?????] - (.Hewlett-Packard Company - LightScribe Service.) - (1.18.12.1) = C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [22/02/2010 10:45:44] CPU Usage:0 % 2096 | [Owner : | Parent : 612(services.exe) | ?????] - (.Intel Corporation - Local Manageability Service.) - (6.0.40.1213) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [25/06/2010 22:11:20] CPU Usage:0 % 2300 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Installateur Windows®.) - (5.0.7601.18896) = C:\Windows\System32\msiexec.exe [07/08/2015 07:49:35] CPU Usage:0 % 2376 | [Owner : cecile | Parent : 612(services.exe) | 11.28 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [09/01/2013 06:16:23] CPU Usage:0 % 2572 | [Owner : | Parent : 388(svchost.exe) | ?????] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [22/06/2011 08:52:34] CPU Usage:0 % 2612 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 2760 | [Owner : cecile | Parent : 392(svchost.exe) | 27.86 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 00:37:38] CPU Usage:0 % 2772 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 2792 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Microsoft SeaPort Search Enhancement Broker.) - (3.1.158.0) = C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [25/02/2011 10:46:22] CPU Usage:0 % 2800 | [Owner : cecile | Parent : 2744() | 83.27 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.19135) = C:\Windows\explorer.exe [10/02/2016 10:39:13] CPU Usage:0 % 2260 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [08/10/2014 17:18:56] CPU Usage:0 % 2148 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 3088 | [Owner : | Parent : 612(services.exe) | ?????] - (.McAfee, Inc. - Intel Security True Key.) - (4.11.110.0) = C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [19/12/2016 21:55:27] CPU Usage:0 % 3316 | [Owner : | Parent : 612(services.exe) | ?????] - (.McAfee, Inc. - Intel Security True Key.) - (4.11.110.0) = C:\Program Files\TrueKey\McTkSchedulerService.exe [04/09/2016 18:25:04] CPU Usage:0 % 3388 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [21/09/2010 13:49:00] CPU Usage:0 % 3448 | [Owner : | Parent : 3388(WLIDSVC.EXE) | ?????] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [21/09/2010 13:49:00] CPU Usage:0 % 3500 | [Owner : | Parent : 612(services.exe) | ?????] - (.Intel Corporation - RAID Monitor.) - (8.9.4.1004) = C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe [25/06/2010 22:11:46] CPU Usage:0 % 3532 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [08/10/2014 17:18:50] CPU Usage:0 % 3856 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Office Client Virtualization Service.) - (14.0.7147.5000) = C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [18/03/2015 18:51:28] CPU Usage:0 % 4032 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [22/06/2011 08:51:38] CPU Usage:0 % 4076 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe [29/06/2011 11:24:11] CPU Usage:0 % 3080 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 4136 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 4316 | [Owner : cecile | Parent : 796(svchost.exe) | 5.64 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe [14/07/2009 00:57:20] CPU Usage:0 % 4684 | [Owner : | Parent : 4076(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe [29/06/2011 11:24:10] CPU Usage:12 % 4772 | [Owner : cecile | Parent : 2800(explorer.exe) | 6.1 Mo] - (.Intel Corporation - Event Monitor User Notification Tool.) - (8.9.4.1004) = C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [25/06/2010 22:11:46] CPU Usage:0 % 4784 | [Owner : cecile | Parent : 2800(explorer.exe) | 8.35 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.29) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [25/06/2010 22:13:03] CPU Usage:0 % 4800 | [Owner : cecile | Parent : 2800(explorer.exe) | 9.74 Mo] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2082) = C:\Windows\System32\hkcmd.exe [03/03/2010 07:08:10] CPU Usage:0 % 4808 | [Owner : cecile | Parent : 2800(explorer.exe) | 7.24 Mo] - (.Intel Corporation - persistence Module.) - (8.15.10.2082) = C:\Windows\System32\igfxpers.exe [03/03/2010 07:08:12] CPU Usage:0 % 4832 | [Owner : cecile | Parent : 796(svchost.exe) | 5.23 Mo] - (.Intel Corporation - igfxsrvc Module.) - (8.15.10.2082) = C:\Windows\System32\igfxsrvc.exe [03/03/2010 07:08:14] CPU Usage:0 % 4840 | [Owner : cecile | Parent : 2800(explorer.exe) | 3.78 Mo] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) - (6.0.170.4) = C:\Program Files\Java\jre6\bin\jusched.exe [12/05/2010 19:35:34] CPU Usage:0 % 4452 | [Owner : cecile | Parent : 2800(explorer.exe) | 10.88 Mo] - (.Hewlett-Packard Company -.) - (1.18.12.1) = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [22/02/2010 10:40:30] CPU Usage:0 % 984 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 5088 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [22/06/2011 08:52:40] CPU Usage:0 % 5044 | [Owner : cecile | Parent : 2800(explorer.exe) | 111.78 Mo] - (.Skype Technologies S.A. - Skype.) - (7.30.0.105) = C:\Program Files (x86)\Skype\Phone\Skype.exe [15/11/2016 16:33:56] CPU Usage:0 % 828 | [Owner : cecile | Parent : 2800(explorer.exe) | 15.17 Mo] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) - (140.0.212.0) = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [18/11/2009 04:42:52] CPU Usage:0 % 4400 | [Owner : cecile | Parent : 2800(explorer.exe) | 131.24 Mo] - (.Dropbox, Inc. - Dropbox.) - (16.4.29.0) = C:\Users\cecile\AppData\Roaming\Dropbox\bin\Dropbox.exe [16/12/2016 09:34:41] CPU Usage:0 % 5000 | [Owner : cecile | Parent : 3144() | 8.7 Mo] - (.AVAST Software - avast! Antivirus.) - (12.3.3154.23) = C:\Program Files\AVAST Software\Avast\avastui.exe [20/12/2016 12:51:46] CPU Usage:0 % 3352 | [Owner : cecile | Parent : 2800(explorer.exe) | 381.52 Mo] - (.Mozilla Corporation - Firefox.) - (50.1.0.6186) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [18/11/2016 08:06:07] CPU Usage:4 % 3744 | [Owner : cecile | Parent : 828(hpqtra08.exe) | 11.28 Mo] - (.Hewlett-Packard Co. - HP CUE Status Root.) - (140.0.212.0) = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe [18/11/2009 04:02:34] CPU Usage:0 % 5160 | [Owner : cecile | Parent : 796(svchost.exe) | 5.72 Mo] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) - (140.0.323.0) = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe [18/11/2009 04:02:34] CPU Usage:0 % 5192 | [Owner : cecile | Parent : 796(svchost.exe) | 9.7 Mo] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe [17/11/2009 20:49:08] CPU Usage:0 % 5672 | [Owner : cecile | Parent : 388(svchost.exe) | 5.97 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [22/06/2011 08:52:34] CPU Usage:0 % 5308 | [Owner : | Parent : 612(services.exe) | ?????] - (.Hewlett-Packard Company - HP Support Assistant Service.) - (7.2.45.3) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [04/11/2013 18:31:56] CPU Usage:0 % 3584 | [Owner : | Parent : 612(services.exe) | ?????] - (.Hewlett-Packard - HPPA_Service.) - (1.0.6.0) = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [05/04/2010 11:12:00] CPU Usage:0 % 4892 | [Owner : | Parent : 612(services.exe) | ?????] - (.Intel Corporation - User Notification Service.) - (6.0.40.1213) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [25/06/2010 22:11:21] CPU Usage:0 % 4208 | [Owner : | Parent : 612(services.exe) | ?????] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) - (6.1.16.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [13/05/2013 20:09:20] CPU Usage:0 % 2876 | [Owner : cecile | Parent : 112() | 51.94 Mo] - (.Hewlett-Packard - HP Wireless Assistant.) - (4.0.6.0) = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [05/04/2010 11:12:02] CPU Usage:0 % 6796 | [Owner : cecile | Parent : 3352(firefox.exe) | 13.95 Mo] - (.Mozilla Corporation - Plugin Container for Firefox.) - (50.1.0.6186) = C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18/11/2016 08:06:07] CPU Usage:0 % 6852 | [Owner : cecile | Parent : 6796(plugin-container.exe) | 10.22 Mo] - (.Adobe Systems, Inc. - Adobe Flash Player 24.0 r0.) - (24.0.0.186) = C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe [20/12/2016 13:47:49] CPU Usage:0 % 6876 | [Owner : cecile | Parent : 6852(FlashPlayerPlugin_24_0_0_186.exe) | 33.67 Mo] - (.Adobe Systems, Inc. - Adobe Flash Player 24.0 r0.) - (24.0.0.186) = C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_186.exe [20/12/2016 13:47:49] CPU Usage:0 % 6376 | [Owner : | Parent : 612(services.exe) | ?????] - (.Microsoft Corporation - Programme d’installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe [22/06/2011 08:52:06] CPU Usage:0 % 3136 | [Owner : Système | Parent : 4076(SearchIndexer.exe) | 5.09 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe [29/06/2011 11:24:10] CPU Usage:0 % 404 | [Owner : cecile | Parent : 2800(explorer.exe) | 23.75 Mo] - (.SosVirus - QuickDiag.) - (2.11.2016.1) = C:\Users\cecile\Downloads\QuickDiag.exe [20/12/2016 21:14:03] CPU Usage:0 % ---------- | MD5 [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [10/02/2016 10:39:13] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.19135) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [22/06/2011 08:52:25] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 00:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.ACEDF96749861DB3DA92AE9B9D94FE72] - [11/05/2016 13:02:50] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23418) : C:\Windows\System32\Kernel32.dll [MD5.54C0E3156872881F6AB017210278E27E] - [11/05/2016 13:02:50] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23418) : C:\Windows\System32\lsass.exe [MD5.622C96AFB07BB82C8650B47172137AC4] - [13/04/2016 12:45:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 00:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [13/05/2015 17:01:45] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 00:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.06BF84D26A05D400F6B3FB3D3DE0B03A] - [09/12/2015 18:10:49] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985 Ko] - (6.1.7601.19061) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [22/06/2011 08:51:34] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [16/10/2014 07:52:57] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 18:26:22] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [20/09/2013 15:22:44] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [22/06/2011 08:50:51] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [22/06/2011 08:51:00] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [22/06/2011 08:50:51] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 00:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.BE7D72FCF442C26975942007E0831241] - [25/06/2010 22:11:38] - (.Copyright(C) Intel Corporation 1994-2009 - Intel Matrix Storage Manager driver - x64.) - [400.02 Ko] - (8.9.4.1004) : C:\Windows\System32\Drivers\iastor.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 01:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.035C0A9A63DF3F3A52B90D8F6BF0F166] - [11/05/2016 13:02:50] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23418) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 18:26:18] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.09594D1089C523423B32A4229263F068] - [22/06/2011 08:52:32] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [10/03/2016 11:08:07] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 01:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [22/06/2011 08:52:07] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 01:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [12/06/2014 20:11:44] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 18:26:22] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [22/06/2011 08:52:18] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.3.0) -- C:\Users\cecile\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (.AVAST Software.-.avast! Shell Extension.) - (12.3.3154.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.Oodrive.-.OverlayExtension.) - (3.0.4611.16824) -- C:\Program Files (x86)\FNAC\FnacSynchro\OverlayExtension.dll (.Hewlett-Packard Company.-.Hewlett-Packard Company DeskBand.) - (1.0.1.18) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll (.Oodrive.-.Common.) - (3.0.4611.16823) -- C:\Program Files (x86)\FNAC\FnacSynchro\Common.dll (..-.Communication.) - (3.0.4611.16823) -- C:\Program Files (x86)\FNAC\FnacSynchro\Communication.dll (.Oodrive.-.Common.) - (3.0.4611.16823) -- C:\Program Files (x86)\FNAC\FnacSynchro\fr\Common.resources.dll (..-.ContextMenuExtension.) - (3.0.4611.16823) -- C:\Program Files (x86)\FNAC\FnacSynchro\ContextMenuExtension.dll (.Symantec Corporation.-.Symantec Shared Component Shell Extension Module.) - (17.0.0.136) -- C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\NavShExt.dll (.Symantec Corporation.-.Symantec Library.) - (109.0.0.107) -- C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\ccL90U.dll (.Symantec Corporation.-.Symantec Trust Validation Engine 64 bit.) - (109.0.0.107) -- C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\ccVrTrst.dll (.Symantec Corporation.-.Symantec Extended File Attributes.) - (2.0.0.115) -- C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\EFACli64.dll (.Symantec Corporation.-.Symantec Settings Manager Engine 64 bit.) - (109.0.0.107) -- C:\Program Files (x86)\Norton Internet Security\Engine64\17.0.0.136\ccSet.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.142) -- C:\Windows\system32\RtkAPO64.dll (.Hewlett-Packard Co..-.HP CUE DeviceDiscovery Service.) - (140.0.212.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll (.Hewlett-Packard Co..-.HP CUE DeviceDiscovery Common Library.) - (140.0.212.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll (.Hewlett-Packard Co..-.HP CUE Context Manager Objects.) - (140.0.323.0) -- C:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll (.Hewlett-Packard Co..-.HP CUE/AiO Context Information Objects.) - (140.0.323.0) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll (.Hewlett-Packard Co..-.HP OfficeJet COM Common Objects.) - (140.0.323.0) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll (.Hewlett-Packard.-.Dot4Net Module.) - (12.2.3.51) -- C:\windows\system32\hpzinw12.dll (.Hewlett-Packard.-.PmlDrv Module.) - (12.2.3.51) -- C:\windows\system32\hpzipm12.dll (.Hewlett-Packard.-.Hewlett-Packard WIA minidriver..) - (6.0.0.0) -- C:\Windows\system32\hposwia_p03b.dll (.Hewlett-Packard Co..-.HP Network Devices Support.) - (140.0.323.0) -- C:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll ---------- | ZeroAccess Check Zaccess : C:\Users\cecile\AppData\Local\Dropbox [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Dropbox - (Dropbox.lnk [Startup]) - User: cecile-PC\cecile LightScribe Control Panel - (C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\...\Run]) - User: cecile-PC\cecile OfficeSyncProcess - ("C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 90140061040C0000" [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\...\Run]) - User: cecile-PC\cecile Google Update - (C:\Users\cecile\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\...\Run]) - User: cecile-PC\cecile Dropbox Update - ("C:\Users\cecile\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\...\Run]) - User: cecile-PC\cecile Skype - ("C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\...\Run]) - User: cecile-PC\cecile HP Digital Imaging Monitor - (C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [Common Startup]) - User: Public IAAnotif - (C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [HKLM\...\Run]) - User: Public RTHDVCPL - (C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [HKLM\...\Run]) - User: Public IgfxTray - (C:\Windows\system32\igfxtray.exe [HKLM\...\Run]) - User: Public HotKeysCmds - (C:\Windows\system32\hkcmd.exe [HKLM\...\Run]) - User: Public Persistence - (C:\Windows\system32\igfxpers.exe [HKLM\...\Run]) - User: Public SunJavaUpdateSched - ("C:\Program Files\Java\jre6\bin\jusched.exe" [HKLM\...\Run]) - User: Public HPWirelessAssistant - (C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden "OfficeSyncProcess"="C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 90140061040C0000" "Google Update"=C:\Users\cecile\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [17/12/2016 11:05:48] "Dropbox Update"="C:\Users\cecile\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [25/06/2010 22:11:46] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s "IgfxTray"=C:\Windows\system32\igfxtray.exe [03/03/2010 07:08:14] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [03/03/2010 07:08:10] "Persistence"=C:\Windows\system32\igfxpers.exe [03/03/2010 07:08:12] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" "HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] : "C:\Users\cecile\AppData\Local\Google\Update\GoogleUpdate.exe" /c [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Quick Launch] : C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [18/01/2010 14:04:18] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisorDock] : C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [28/09/2010 14:04:20] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtkOSD] : C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [25/06/2010 22:13:03] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] : %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebSynchro] : "C:\Program Files (x86)\FNAC\FnacSynchro\WebSynchro.exe" Command::MinimizeRun ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=618f61fb-d74b-4952-8c89-ee714cc "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=628 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK C:\Users\cecile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk ("Microsoft Word 2010 90140061040C0000") C:\Users\cecile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk (view=DOCKVIEW,SYSTRAY) C:\Users\cecile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) C:\Users\cecile\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\cecile\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( -extoff) C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk (/home) C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk (/systemstartup) F1�I\D bin4��B�y�I\D*GEbin^2HZ��I r Dropbox.exeDミIUD�I:D*�< C:\Users\cecile\AppData\Roaming\Microsoft\Word\Je%20vous%20salue%20Marie305630183110253897\Je%20vous%20salue%20Marie.docx.lnk (0) C:\Users\cecile\Desktop\Dropbox.lnk (/home) C:\Users\cecile\Desktop\Microsoft Excel 2010.lnk ("Microsoft Excel 2010 90140061040C0000") C:\Users\cecile\Desktop\Microsoft PowerPoint 2010.lnk ("Microsoft PowerPoint 2010 90140061040C0000") C:\Users\cecile\Desktop\Microsoft Word 2010.lnk ("Microsoft Word 2010 90140061040C0000") C:\Users\cecile\Music\Desktop\Dropbox.lnk (/home) C:\ProgramData\Hewlett-Packard\HP Setup\launchreg.lnk (MODE=Registration) C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk (/ReinstallApp) C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk (/DelRP) C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk (/ReinstallDriver) C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk (/RecoveryReport) C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk (/CDCreator) C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk (-settings) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk (/showgadgets) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk (--open-source=startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Aide.lnk (Start Help -help) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Assistant.lnk (Start Wizard) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Avancé.lnk (Start Dashboard) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC.lnk (Start CCC) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Redémarrer Runtime.lnk (Restart) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9\Inscription en ligne.lnk (/LANG:Fra) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\- HP Game Console -.lnk ("C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Agatha Christie - Death on the Nile.lnk ("C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\DeathOnTheNile-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Aller aux jeux familiaux.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Aller aux jeux généraux.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Aller aux jeux Multi-joueurs.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Aller aux jeux pour enfants.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk ("C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blasterball 3.lnk ("C:\Program Files (x86)\HP Games\Blasterball 3\BlasterBall3-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bus Driver.lnk ("C:\Program Files (x86)\HP Games\Bus Driver\busdriver-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk ("C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Diner Dash 2 Restaurant Rescue.lnk ("C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\dinerdash2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dream Chronicles.lnk ("C:\Program Files (x86)\HP Games\Dream Chronicles\dream-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk ("C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Gem Shop.lnk ("C:\Program Files (x86)\HP Games\Gem Shop\GemShop-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk ("C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Insaniquarium-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest II.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest II\JewelQuest2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\JQSolitaire-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjongg Artifacts.lnk ("C:\Program Files (x86)\HP Games\Mahjongg Artifacts\mahjong_artifacts-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mystery P.I. - The Vegas Heist.lnk ("C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\MysteryPIVegas-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plus de jeux de HP Games.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Slingo Deluxe.lnk ("C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers - The Secret City.lnk ("C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Wedding Dash.lnk ("C:\Program Files (x86)\HP Games\Wedding Dash\Wedding Dash-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk ("C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HP Setup.lnk (DESKTOP) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HPAdvisor.lnk (view=DOCKVIEW,SYSTRAY) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCAlerts.lnk (view=STANDARD,SYSTRAY pillar=PC_ACTION_CENTER TOUCHPOINT=STARTMENU) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDashboard.lnk (view=STANDARD,SYSTRAY pillar=PC_HEALTH_SECURITY TOUCHPOINT=STARTMENU) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDiscovery.lnk (view=STANDARD,SYSTRAY pillar=ECENTER TOUCHPOINT=STARTMENU) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDock.lnk (view=DOCKVIEW,SYSTRAY) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Aide.lnk (/product-class=HP Photosmart Premium C309g-m) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Ajouter un périphérique.lnk (-addadevice) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Désinstaller.lnk (-datfile hposcr41.dat -onestop -forcereboot) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\Enregistrement du produit.lnk ("HP Photosmart Premium C309g-m") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Photosmart Premium C309g-m\USB vers sans fil.lnk (-addadevice -usbtowireless) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Mise en route.lnk (1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Microsoft Excel 2010.lnk ("Microsoft Excel 2010 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Microsoft OneNote 2010.lnk ("Microsoft OneNote 2010 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Microsoft PowerPoint 2010.lnk ("Microsoft PowerPoint 2010 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Microsoft Word 2010.lnk ("Microsoft Word 2010 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Outils Microsoft Office 2010\Bibliothèque multimédia Microsoft.lnk ("Bibliothèque multimédia Microsoft 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Outils Microsoft Office 2010\Certificat numérique pour les projets VBA.lnk ("Certificat numérique pour les projets VBA 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Outils Microsoft Office 2010\Microsoft Office 2010 Centre de téléchargement.lnk ("Microsoft Office 2010 Centre de téléchargement 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Outils Microsoft Office 2010\Microsoft Office Picture Manager.lnk ("Microsoft Office Picture Manager 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français)\Outils Microsoft Office 2010\Préférences de langue de Microsoft Office 2010.lnk ("Préférences de langue de Microsoft Office 2010 90140061040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPDFConverter\Désinstaller.lnk (/x{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\getonline.lnk (MODE=GETONLINE) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Configurer la visionneuse de photos Picasa.lnk (/reconfig) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk () �2r;Z hpqtra08.exeF�r;Zs=�J*]�hpqtra08.exei-h C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk (-Iskins) ---------- | AppCertDlls | AppInit_DLLs [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"= [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"= ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=57912636 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"= "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3C078012000000 "Wallpaper"=C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [17/09/2010 12:45:16] "SCRNSAVE.EXE"=C:\Windows\system32\PhotoScreensaver.scr [22/06/2011 08:52:09] "ScreenSaveTimeOut"=720 "ScreenSaverIsSecure"=0 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=145 [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "link"=0x1E000000 "Browse For Folder Width"=347 "Browse For Folder Height"=288 [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=1 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "AlwaysShowMenus"=1 "TaskbarSizeMove"=1 "NavPaneExpandToCurrentFolder"=1 ""=0 "ShowSuperHidden"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "HideFastUserSwitching"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=106 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "HideFastUserSwitching"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=1842 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=39 "AutoAdminLogon"=0 "DefaultUserName"=cecile [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""= [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Users\cecile\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\cecile\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [11/05/2016 13:04:37] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Users\cecile\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\cecile\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [11/05/2016 13:04:37] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ---------- | AppcompatFlags [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe"=2 "C:\Users\cecile\Desktop\Firefox Setup 3.6.10.exe"=1 "C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe"=1 "C:\Users\cecile\Desktop\jre-6u21-windows-i586-iftw-rv.exe"=1 "C:\Program Files (x86)\HP\Digital Imaging\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}\hpzstub.exe"=1 "C:\Windows\System32\atieclxx.exe"=512 "C:\Users\cecile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V3LFQ6CK\IE9-Windows7-x64-msn[1].exe"=1 "SIGN.MEDIA=AA80DCF Setup.exe"=1 "C:\Users\cecile\Downloads\install_flash_player(2).exe"=1 "C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"=512 "C:\Users\cecile\Desktop\PS_AIO_06_C309g-m_USW_Full_Win_fra_140_175 (1).exe"=1 "C:\Users\cecile\Downloads\picasa38-setup (1).exe"=1 "C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"=1 "C:\Users\cecile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVGVSBP4\picasa38-setup[1].exe"=1 "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"=1 "SIGN.IE=0101F28 download.exe"=1 "C:\Users\cecile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUWMYX59\download[1].exe"=1 "C:\Users\cecile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUWMYX59\BandooV7.exe"=1 "C:\Users\cecile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KUXDP43\install_flashplayer11x32ax_gtba_chra_dy_au_aih.exe"=1 "C:\Users\cecile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G3WA09IA\TeamViewerQS_Perso_fnac.exe"=1 "C:\Users\cecile\Desktop\TeamViewerQS_Perso_fnac.exe"=1 "C:\Users\cecile\Downloads\Firefox Setup 16.0.1.exe"=1 "C:\Users\cecile\Downloads\ccsetup324.exe"=1 "C:\Users\cecile\Downloads\X16-42928_TDCP9-HGJXM-DMFK9-4RTHP-TPXBR.exe"=2 "C:\Users\cecile\Downloads\install_reader11_fr_mssa_aih.exe"=1 "C:\Users\cecile\Downloads\monAlbumPhoto_Setupalt_3.5.exe"=1 "C:\Program Files (x86)\MonAlbumPhoto\monAlbumphoto.exe"=1 "C:\Users\cecile\Downloads\monAlbumPhoto_Setupalt_3.5(3).exe"=1 "C:\Users\cecile\Downloads\picasa39-setup.exe"=1 "C:\Users\cecile\Downloads\PDFCreator-1_7_3_setup.exe"=1 "C:\Users\cecile\Downloads\avast_free_antivirus_setup_online.exe"=1 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\I] : I:\LaunchU3.exe -a (AutoRun) [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{2bb858c7-2a26-11e6-abac-99b7502f071c}] : "G:\WD SmartWare.exe" autoplay=true (AutoRun) [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{c949c9da-0cde-11e0-a289-c971c8803f10}] : "G:\WD SmartWare.exe" autoplay=true (AutoRun) [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d4f44a73-0c60-11e0-a233-9a53c2f2f514}] : G:\LaunchU3.exe -a (AutoRun) [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{fddc292b-cd2b-11df-915d-f720a243890c}] : G:\LaunchU3.exe -a (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=1 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0xD36703AFAA14CB01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts [32] More lines ---------- | @ [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Start Page"=about:blank "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=0 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "CompatibilityFlags"=0 "IE8TourNoShow"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000008F0400007C020000 "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0x2369C88ED457CB01 "NotifyDownloadComplete"=yes "Use FormSuggest"=no "IE8RunOncePerInstallCompleted"=1 "IE8RunOnceCompletionTime"=0xDF2D7FB9D457CB01 "Check_Associations"=no "Error Dlg Displayed On Every Error"=no "TabShutdownDelay"=0 "DisableScriptDebuggerIE"=yes "IE9TourNoShow"=1 "IE9RunOncePerInstallCompleted"=1 "IE9RunOnceCompletionTime"=0x1E458ADEF72BCC01 "IconCache"=7mszuo3 "Search Bar"=https://www.google.com/?bcutc=sp-006 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFB0010000970000003004000077020000 "HistoryViewType"=0x0000 "OperationalData"=5 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x15912442D6BCD101 "IE10TourShown"=1 "IE10TourShownTime"=0xF6593542D6BCD101 "DefSpellLang"=fr-FR "ImageStoreRandomFolder"=aa6kzcd "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xB81305E074F2CE01 "DoNotTrack"=1 "FormSuggest Passwords"=no "FormSuggest PW Ask"=no [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://www.google.com/ie "Default_Search_URL"=http://www.google.com/ie [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Internet Explorer\SearchURL] ""=http://www.google.com/search?q=%s [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2720 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x588C96A414E5CE01 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableAutodial"=1 "GlobalUserOffline"=0 "NoNetAutodial"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=about:blank "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Enable third-party browser extensions (requires restart)"=yes "Check_Associations"=yes "FrameAuto"=1 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=about:blank "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Enable third-party browser extensions (requires restart)"=yes "Check_Associations"=yes "FrameAuto"=1 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Search Bar"=https://www.google.com/?bcutc=sp-006 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Dashboard"=C:\Program Files\Intel Security\True Key\MSIE\data\pages\dashboard-msie.html "Tabs"=about:newtab [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000030000000100000001500000001000000800600005E010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=21 "ITBar7Height64"=0 [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={E9410C70-B6AE-41FF-AB71-32F4B279EA5F} "DownloadRetries"=0 "DownloadUpdates"=1 "Version"=4 "UpgradeTime"=0x423C08FB6D03D001 "DoNotAskAgain"=google.com "KnownProvidersUpgradeTime"=0x6D444D97CAF0CE01 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "10"=10 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=Norton Toolbar "{8dcb7100-df86-4384-8842-8fa844297b3f}"=Bing "10"=10 "{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}"=True Key "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={E9410C70-B6AE-41FF-AB71-32F4B279EA5F} "DoNotAskAgain"=google.com ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}] : () - [] ---------- | SearchScopes [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{39ECCD3C-9BD5-4081-AA89-32FADF96750E}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 : [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Goo) - http://www.google.com/search?q={sear : [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}] - (Bing) - http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MIAWB2 : [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CEB3DF2A-396D-4850-A87B-FAAE76BC8DEF}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox : [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}] - (Google) - https://www.google.com/search?bcutc=sp-006&q={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{CEB3DF2A-396D-4850-A87B-FAAE76BC8DEF}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}] - (Google) - https://www.google.com/search?bcutc=sp-006&q={searchTerms} : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/12/2016 12:52:23] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live ID) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010 13:08:38] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [27/08/2012 08:10:24] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [12/05/2010 19:35:24] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [28/08/2013 02:28:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] -> (HP Print Enhancer) : C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [22/10/2009 05:29:58] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}] -> (True Key Helper) : C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [10/12/2016 00:25:44] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] -> (Symantec NCO BHO) : C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll [25/06/2010 22:26:21] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] -> (Symantec Intrusion Prevention) : C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL [25/06/2010 22:26:22] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [20/12/2016 12:52:23] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live ID) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010 13:08:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [27/08/2012 08:10:24] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] -> (Bing Bar Helper) : "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [12/05/2010 19:35:24] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [28/08/2013 02:28:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] -> (HP Smart BHO Class) : C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [22/10/2009 05:29:56] ---------- | Chrome C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\extensions\dloejdefkancmfajekobpfoacecnhpgp = : Upgrade your email Facebook and IM with cool emoticons and animated winks. Bandoo takes the social experience to a whole new level! - Bandoo C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl = : Skype Click to Call - Skype Click to Call [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl] ---------- | Opera ---------- | Firefox C:\Users\cecile\AppData\Roaming\Mozilla\Firefox\Profiles\d6opklj1.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} : : Bitdefender QuickScan - : http://quickscan.bitdefender.com/ C:\Users\cecile\AppData\Roaming\Mozilla\Firefox\Profiles\d6opklj1.default\Extensions\firefox-hotfix@mozilla.org.xpi C:\Users\cecile\AppData\Roaming\Mozilla\Firefox\Profiles\d6opklj1.default\Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}.xpi [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\mozilla\Firefox\Extensions] "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [HKLM\Software\mozilla\Firefox\Extensions] "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ "{4C0766D3-67A7-45a3-85A2-752F77312F32}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ "smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Users\cecile\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Users\cecile\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 24.0.0.186 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 24.0.0.186 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] - (Picasa3 plugin) : C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Users\cecile\AppData\Roaming\Mozilla\Firefox\Profiles\d6opklj1.default\Prefs.js user_pref("browser.newtab.url", "about:newtab"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.startup.homepage", "https://www.google.com/?bcutc=sp-006"); user_pref("browser.startup.homepage_override.buildID", "20161208153507"); user_pref("browser.startup.homepage_override.mstone", "50.1.0"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-panelmenu\",\"fullscreen-button\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\",\"search-container\"],\"addon-bar\":[\"addonbar-closebutton\",\"customizableui-special-spring1\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"urlbar-container\",\"webrtc-status-button\",\"bookmarks-menu-button\",\"pocket-button\",\"downloads-button\",\"home-button\",\"social-share-button\",\"widget:skype_ff_extension@jetpack-c2c-options-button\",\"loop-button-throttled\",\"loop-button\",\"action-button--skype_ff_extensionjetpack-c2c-options-button\",\"action-button--82af8dca-6de9-405d-bd5e-43525bdad38a-skypeutton\",\"bdqscan-1\",\"action-button--wrcavastcom-wrc-toolbar-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\",\"tabs-closebutton\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[\"action-button--skype_ff_extensionjetpack-c2c-options-button\",\"loop-button\",\"action-button--82af8dca-6de9-405d-bd5e-43525bdad38a-skypeutton\",\"pocket-button\",\"developer-button\",\"action-button--wrcavastcom-wrc-toolbar-button\"],\"dirtyAreaCache\":[\"addon-bar\",\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\"],\"currentVersion\":6,\"newElementCount\":1}"); user_pref("extensions.MicrosoftDM.lastRunTime", "Sat, 13 Nov 2010 11:39:53 GMT"); user_pref("extensions.avastsp.settings", "{\"current\":{\"callerId\":8018,\"userId\":\"c252ce81a4b1cbf77fde389ba8545881\",\"edition\":0,\"lastApplicationEventSent\":1482240733086},\"features\":{\"phishing\":true,\"dnt\":true,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":true,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":-1},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}"); user_pref("extensions.avastwrc.settings", "{\"current\":{\"callerId\":2020,\"userId\":\"c252ce81a4b1cbf77fde389ba8545881\",\"edition\":0,\"lastApplicationEventSent\":1482240733086},\"features\":{\"phishing\":true,\"dnt\":true,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":true,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":-1},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}"); user_pref("extensions.avastwrc.whiteList", "{\"trk\":{\"apps.facebook.com\":{\"703\":false},\"avast.com\":{\"779\":false}}}"); user_pref("extensions.blocklist.pingCountTotal", 974); user_pref("extensions.blocklist.pingCountVersion", 7); user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"webcompat@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"aushelper@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true},\"sp@avast.com\":{\"version\":\"10.3.5.39\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\SafePrice\\\\FF\",\"multiprocessCompatible\":false,\"runInSafeMode\":false},\"wrc@avast.com\":{\"version\":\"12.0.88\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10s.rollout.blocklist", "{dc572301-7619-498c-a57d-39143191b318}"); user_pref("extensions.e10s.rollout.hasAddon", false); user_pref("extensions.e10s.rollout.policy", "50allmpc"); user_pref("extensions.e10sBlockedByAddons", true); user_pref("extensions.enabledAddons", "%7B75493B06-1504-4976-9A55-B6FE240FF0BF%7D:3.4.0.0,%7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.152,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0"); user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,ffox@bandoo.com:5.1,{99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00,{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.2.0.10687,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"); user_pref("extensions.getAddons.cache.lastUpdate", 1482259858); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160826.01"); user_pref("extensions.lastAppVersion", "50.1.0"); user_pref("extensions.lastPlatformVersion", "50.1.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pocket.settings.signupAB", "storyboard_lm"); user_pref("extensions.pocket.settings.test.panelSignUp", "v1"); user_pref("extensions.pocket.settings.test.panelTab", "control"); user_pref("extensions.sdk-widget-inserted.widget:skype_ff_extension@jetpack-c2c-options-button", true); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.skype_toolbar.version", "6.3.0.11079"); user_pref("extensions.sp@avast.com.sdk.baseURI", "resource://sp-at-avast-dot-com/"); user_pref("extensions.sp@avast.com.sdk.domain", "sp-at-avast-dot-com"); user_pref("extensions.sp@avast.com.sdk.load.reason", "startup"); user_pref("extensions.sp@avast.com.sdk.rootURI", "file:///C:/Program%20Files/AVAST%20Software/Avast/SafePrice/FF/"); user_pref("extensions.sp@avast.com.sdk.version", "10.3.5.39"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.update.notifyUser", false); user_pref("extensions.wrc@avast.com.sdk.baseURI", "resource://wrc-at-avast-dot-com/"); user_pref("extensions.wrc@avast.com.sdk.domain", "wrc-at-avast-dot-com"); user_pref("extensions.wrc@avast.com.sdk.load.reason", "startup"); user_pref("extensions.wrc@avast.com.sdk.rootURI", "file:///C:/Program%20Files/AVAST%20Software/Avast/WebRep/FF/"); user_pref("extensions.wrc@avast.com.sdk.version", "12.0.88"); user_pref("extensions.xpiState", "{\"app-profile\":{\"firefox-hotfix@mozilla.org\":{\"d\":\"C:\\\\Users\\\\cecile\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\d6opklj1.default\\\\extensions\\\\firefox-hotfix@mozilla.org.xpi\",\"e\":false,\"v\":\"20160826.01\",\"st\":1472672861122},\"{75493B06-1504-4976-9A55-B6FE240FF0BF}\":{\"d\":\"C:\\\\Users\\\\cecile\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\d6opklj1.default\\\\extensions\\\\{75493B06-1504-4976-9A55-B6FE240FF0BF}.xpi\",\"e\":true,\"v\":\"3.4.0.0\",\"st\":1441736704060},\"{e001c731-5e37-4538-a5cb-8168736a2360}\":{\"d\":\"C:\\\\Users\\\\cecile\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\d6opklj1.default\\\\extensions\\\\{e001c731-5e37-4538-a5cb-8168736a2360}\",\"e\":true,\"v\":\"0.9.9.152\",\"st\":1482233284487,\"mt\":1482233255208}},\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1481659372311},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.5\",\"st\":1481659372301},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1481659372281},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1481659372259}},\"winreg-app-user\":{\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.60\",\"st\":1290158653284,\"mt\":1256185798000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"50.1.0\",\"st\":1481659372311}},\"winreg-app-global\":{\"smartwebprinting@hp.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn3\",\"e\":false,\"v\":\"4.60\",\"st\":1290158653284,\"mt\":1256185798000},\"sp@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\SafePrice\\\\FF\",\"e\":true,\"v\":\"10.3.5.39\",\"st\":1482234288087,\"mt\":1482234143879},\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":true,\"v\":\"12.0.88\",\"st\":1482234288777,\"mt\":1482234169338}}}"); user_pref("network.proxy.type", 0); ---------- | Active Connections TCP 127.0.0.1:49163 cecile-PC:49164 ESTABLISHED 1408 TCP 127.0.0.1:49164 cecile-PC:49163 ESTABLISHED 1408 TCP 127.0.0.1:49166 cecile-PC:49167 ESTABLISHED 1408 TCP 127.0.0.1:49167 cecile-PC:49166 ESTABLISHED 1408 TCP 127.0.0.1:49221 cecile-PC:49222 ESTABLISHED 3352 TCP 127.0.0.1:49222 cecile-PC:49221 ESTABLISHED 3352 TCP 127.0.0.1:49232 cecile-PC:49233 ESTABLISHED 4400 TCP 127.0.0.1:49233 cecile-PC:49232 ESTABLISHED 4400 TCP 127.0.0.1:49234 cecile-PC:49235 ESTABLISHED 4400 TCP 127.0.0.1:49235 cecile-PC:49234 ESTABLISHED 4400 TCP 127.0.0.1:49236 cecile-PC:49237 ESTABLISHED 4400 TCP 127.0.0.1:49237 cecile-PC:49236 ESTABLISHED 4400 TCP 192.168.0.10:49169 lon24.ff.avast.com:http ESTABLISHED 1408 TCP 192.168.0.10:49198 13.77.81.187:https ESTABLISHED 5044 TCP 192.168.0.10:49201 bay405-m.hotmail.com:https ESTABLISHED 5044 TCP 192.168.0.10:49205 157.55.130.146:40029 ESTABLISHED 5044 TCP 192.168.0.10:49209 40.77.226.192:https ESTABLISHED 5044 TCP 192.168.0.10:49210 91.190.217.49:12350 ESTABLISHED 5044 TCP 192.168.0.10:49227 client.v.dropbox.com:https CLOSE_WAIT 4400 TCP 192.168.0.10:49229 server-54-230-129-176.ams50.r.cloudfront.net:https CLOSE_WAIT 4400 TCP 192.168.0.10:49230 d.v.dropbox.com:https CLOSE_WAIT 4400 TCP 192.168.0.10:49231 server-54-230-129-176.ams50.r.cloudfront.net:https CLOSE_WAIT 4400 TCP 192.168.0.10:49238 162.125.18.133:https ESTABLISHED 4400 TCP 192.168.0.10:49240 api.v.dropbox.com:https CLOSE_WAIT 4400 TCP 192.168.0.10:59450 ec2-52-4-146-209.compute-1.amazonaws.com:https CLOSE_WAIT 4400 TCP 192.168.0.10:59482 40.77.226.194:https ESTABLISHED 3352 TCP 192.168.0.10:59514 23.99.209.154:https ESTABLISHED 3352 TCP 192.168.0.10:59609 40.101.29.114:https TIME_WAIT 0 TCP 192.168.0.10:59615 52.178.207.179:https TIME_WAIT 0 TCP 192.168.0.10:59616 52.178.207.179:https TIME_WAIT 0 TCP 192.168.0.10:59618 176.158.24.244:34130 TIME_WAIT 0 TCP 192.168.0.10:59619 40.101.29.114:https ESTABLISHED 3352 TCP 192.168.0.10:59620 40.101.29.114:https ESTABLISHED 3352 TCP 192.168.0.10:59621 r-174-58-45-5.ff.avast.com:http TIME_WAIT 0 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3DA1D3CB-661D-4DF3-8BEE-F1B5832DAE1D}] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{3DA1D3CB-661D-4DF3-8BEE-F1B5832DAE1D}] "DhcpNameServer"=212.27.40.241 212.27.40.240 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3DA1D3CB-661D-4DF3-8BEE-F1B5832DAE1D}] "DhcpNameServer"=212.27.40.241 212.27.40.240 ---------- | Applications [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Classes\Applications\CVH.EXE] : "C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE" "%1" [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Classes\Applications\docslnk.bat] : "C:\raccourci_office\docslnk.bat" "%1" [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Classes\Applications\execlslnk.bat] : "C:\raccourci_office\execlslnk.bat" "%1" [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\EXCEL.EXE] : "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\PicasaPhotoViewer.exe] : "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wksss.exe] : C:\PROGRA~2\MICROS~3\wksss.exe "%1" [HKLM\SOFTWARE\Classes\Applications\wkswp.exe] : C:\PROGRA~2\MICROS~3\WksWP.exe "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\EXCEL.EXE] : "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PicasaPhotoViewer.exe] : "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wksss.exe] : C:\PROGRA~2\MICROS~3\wksss.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wkswp.exe] : C:\PROGRA~2\MICROS~3\WksWP.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | Svchost - Netsvcs (Whitelisted) Term - : ---------- | Software [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Adobe] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\AppDataLow] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Apple Computer, Inc.] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\ATI] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\AVAST Software] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Clients] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\CyberLink] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Dropbox] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\DropboxUpdate] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\EasyBits] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Google] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Hewlett-Packard] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\HookNetwork] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\HP] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\IM Providers] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Intel] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Intel Security] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\JavaSoft] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Lake] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\LightScribe] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\LowRegistry] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Macromedia] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\MAP-DN] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\MCAFEE] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\monAlbumPhoto] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Mozilla] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\MozillaPlugins] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Netscape] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Norton] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\ODBC] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\PDF Architect 2] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\PDFCreator] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\pdfforge] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Piriform] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Policies] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Realtek] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Skype] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Synaptics] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\sysinternals] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\TeamViewer] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Trolltech] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\TrueKey] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Wow6432Node] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Yahoo] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\AppDataLow\Software\Adobe] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\AppDataLow\Software\Yahoo] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\ShellNoRoam] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Agere] [HKLM\Software\AMD] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Bitdefender Parental Control] [HKLM\Software\Bitdefender Parental Control 2013] [HKLM\Software\BrowserChoice] [HKLM\Software\Clients] [HKLM\Software\CUSTPDF Writer] [HKLM\Software\CXT] [HKLM\Software\Cyberlink] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HPQ] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Intel Security] [HKLM\Software\JavaSoft] [HKLM\Software\LSI] [HKLM\Software\Macromedia] [HKLM\Software\McAfee] [HKLM\Software\McAfee.com] [HKLM\Software\mcafeeupdater] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\ODBC] [HKLM\Software\pdfforge] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Sonic] [HKLM\Software\SRS Labs] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\sysinternals] [HKLM\Software\TrueKey] [HKLM\Software\WildTangent] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\BcmSetup] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Digital River] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\EasyBits] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GPL Ghostscript] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\HPQ] [HKLM\Software\WOW6432Node\ICE] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Intel Security] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\LightScribe] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAP-DN] [HKLM\Software\WOW6432Node\McAfee] [HKLM\Software\WOW6432Node\mcafeeupdater] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\mypdfconverter] [HKLM\Software\WOW6432Node\Norton] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Oodrive] [HKLM\Software\WOW6432Node\P2G_Upgrade] [HKLM\Software\WOW6432Node\PDF Architect 2] [HKLM\Software\WOW6432Node\PDFCreator] [HKLM\Software\WOW6432Node\PDR_Upgrade] [HKLM\Software\WOW6432Node\Product_Upgrade] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\SecureDigitalServices] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\TrueKey] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Win32 Services] [HKLM\Software\WOW6432Node\Windows] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives F: E: D: [17/09/2010 12:45:12] - |ASH| - (.-.) - [22] - (0.0.0.0) - D:\language.ini ---------- | C: [14/07/2009 04:18:56] - |SHD| - [516] - C:\$Recycle.Bin [01/01/2009 16:12:06] - |D| - [61084632] - C:\AdwCleaner [26/05/2016 09:24:45] - |D| - [127668759] - C:\AMD [MD5.B6338FFA5BDD2D7EF57C11E5A988232E] - [17/09/2010 15:26:26] - |A| - (.-.) - [2003387] - (0.0.0.0) - C:\bdlog.txt [MD5.A698BA191646371CE50685BBC70B281F] - [17/09/2010 15:26:26] - |A| - (.-.) - [2097177] - (0.0.0.0) - C:\bdlog.txt.old [MD5.30878C249146B2EEA1BA2C09E1981EEC] - [28/07/2014 21:50:10] - |A| - (.-.) - [7412760] - (0.0.0.0) - C:\bnd6E8D.tmp.exe [MD5.30878C249146B2EEA1BA2C09E1981EEC] - [28/07/2014 08:10:53] - |A| - (.-.) - [7412760] - (0.0.0.0) - C:\bndC7F1.tmp.exe [07/09/2009 02:57:12] - |SHD| - [15751156] - C:\boot [MD5.D6AE2D5521DD93AEBC90D411D099FA36] - [07/09/2009 02:57:12] - |RASH| - (.-.) - [383562] - (0.0.0.0) - C:\bootmgr [22/09/2010 10:38:30] - |HD| - [0] - C:\Config.Msi [14/07/2009 06:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.E7832D67AD190A920970CB5ADFC6D5D1] - [02/11/2015 11:28:48] - |A| - (.-.) - [383] - (0.0.0.0) - C:\ftconfig.ini [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/05/2016 18:07:05] - |ASH| - (.-.) - [3062255616] - (0.0.0.0) - C:\hiberfil.sys [28/01/2010 23:05:04] - |HD| - [90234080] - C:\HP [25/06/2010 22:11:12] - |D| - [849996] - C:\Intel [MD5.45810953A0C89763CE88016367368E3E] - [17/09/2010 13:51:57] - |A| - (.-.) - [7650] - (0.0.0.0) - C:\last.txt [13/11/2012 18:50:16] - |RHD| - [51376] - C:\MSOCache [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/05/2016 18:07:09] - |ASH| - (.-.) - [4083007488] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 04:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 04:20:08] - |RD| - [1980034611] - C:\Program Files [14/07/2009 04:20:08] - |RD| - [5224541299] - C:\Program Files (x86) [14/07/2009 04:20:08] - |HD| - [4617289108] - C:\ProgramData [20/12/2016 21:15:14] - |D| - [262056] - C:\QuickDiag [MD5.9E56E2FD65B353EB9E3BC2EDDC69B2E2] - [20/12/2016 21:15:21] - |A| - (.-.) - [153934] - (0.0.0.0) - C:\QuickDiag.txt [13/11/2012 19:06:03] - |D| - [301] - C:\raccourci_office [26/05/2016 10:20:28] - |SHD| - [971] - C:\Recovery [07/09/2009 01:40:40] - |D| - [3508847962] - C:\SwSetup [12/05/2010 16:49:57] - |SHD| - [0] - C:\System Volume Information [07/09/2009 01:40:40] - |HD| - [70133343] - C:\SYSTEM.SAV [11/11/2010 18:45:46] - |D| - [2076] - C:\Temp [14/07/2009 04:20:08] - |RD| - [302450756686] - C:\Users [14/07/2009 04:20:08] - |D| - [46518579997] - C:\Windows ---------- | C:\Windows [MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - [12/05/2010 17:02:12] - |A| - (.-.) - [20] - (0.0.0.0) - C:\Windows\(ôM [14/07/2009 06:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 04:20:08] - |D| - [28393297] - C:\Windows\AppCompat [14/07/2009 04:20:08] - |D| - [11035914] - C:\Windows\AppPatch [14/07/2009 04:20:08] - |RSD| - [1878039557] - C:\Windows\assembly [MD5.7BA2CC286C6696EBBBBD2B1ABFAD9458] - [03/03/2010 00:57:12] - |A| - (.-.) - [20692] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/06/2010 22:16:35] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.12EBDA58437CD1EA7066FCB6455241D2] - [20/12/2016 12:43:42] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [22/06/2011 08:51:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 04:20:09] - |D| - [29163158] - C:\Windows\Boot [MD5.CE6D2E515ABD090B21673AC94775FF29] - [14/07/2009 06:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 04:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [11/09/2012 11:52:45] - |A| - (.Copyright (c) 1999-2006 Microsoft Corporation - CAPICOM Module.) - [511328] - (2.1.0.2) - C:\Windows\capicom.dll [MD5.8B98969F852F06A9C1995EAF00F20670] - [26/05/2016 08:28:44] - |A| - (.-.) - [6611] - (0.0.0.0) - C:\Windows\comsetup.log [MD5.61BEBC36B8966558EF12A285959AC2B7] - [13/05/2010 02:23:55] - |A| - (.-.) - [12] - (0.0.0.0) - C:\Windows\CSUP.txt [14/07/2009 04:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 05:45:54] - |D| - [1825202] - C:\Windows\debug [MD5.7D96CD92B9307675F5F309F0BAB2F936] - [26/05/2016 08:25:23] - |A| - (.-.) - [10429] - (0.0.0.0) - C:\Windows\diagerr.xml [14/07/2009 06:32:38] - |D| - [3044378] - C:\Windows\diagnostics [MD5.EF82B304067EDCF3CF990A42DE93B695] - [26/05/2016 08:25:23] - |A| - (.-.) - [9510] - (0.0.0.0) - C:\Windows\diagwrn.xml [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\DigitalLocker [MD5.5ECCF3DE8FDB136EE456D50B493F8E81] - [12/05/2010 17:02:16] - |A| - (.-.) - [63509] - (0.0.0.0) - C:\Windows\DirectX.log [17/11/2010 15:10:35] - |D| - [1274880] - C:\Windows\Downloaded Installations [14/07/2009 06:32:38] - |D| - [1002607] - C:\Windows\Downloaded Program Files [MD5.124D1492E46BD47F5519DF113ECB5A58] - [25/06/2010 22:10:19] - |A| - (.-.) - [4496] - (0.0.0.0) - C:\Windows\DPINST.LOG [MD5.5CF3623667146DB16A53AC21401A6FAA] - [14/07/2009 05:46:06] - |A| - (.-.) - [4816] - (0.0.0.0) - C:\Windows\DtcInstall.log [26/06/2010 07:59:36] - |D| - [118084593] - C:\Windows\ehome [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\en-US [MD5.498F14C25995897267FE3F6AF3027F83] - [17/09/2010 19:09:04] - |A| - (.-.) - [36864] - (0.0.0.0) - C:\Windows\EP_UNINSTALL.EXE [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [10/02/2016 10:39:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.19135) - C:\Windows\explorer.exe [14/07/2009 04:20:09] - |RSD| - [399712775] - C:\Windows\Fonts [26/10/2010 16:58:36] - |D| - [107376] - C:\Windows\fr [13/05/2010 02:29:46] - |D| - [142848] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 00:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 04:20:09] - |D| - [34181371] - C:\Windows\Globalization [14/07/2009 04:20:09] - |D| - [56151696] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 01:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [25/06/2010 22:12:18] - |D| - [5626317] - C:\Windows\Hewlett-Packard [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 01:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.0D776C3A36F2B6E657939BB96096E070] - [14/07/2009 08:44:57] - |A| - (.-.) - [48223] - (0.0.0.0) - C:\Windows\HomeBasic.xml [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [26/06/2010 08:00:18] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [MD5.72D10E3A6D7686EC4E70E717B264A46D] - [19/11/2010 10:21:08] - |A| - (.-.) - [221089] - (0.0.0.0) - C:\Windows\hpoins41.dat [MD5.5230658F0C4AB2E235698C05A37CA270] - [18/11/2010 13:56:17] - |A| - (.-.) - [233436] - (0.0.0.0) - C:\Windows\hpoins41.dat.temp [MD5.A12A13DCAE427C595CAD5BF35AE10394] - [19/11/2010 10:21:08] - |A| - (.-.) - [1112] - (0.0.0.0) - C:\Windows\hpomdl41.dat [MD5.A12A13DCAE427C595CAD5BF35AE10394] - [08/11/2010 17:04:01] - |A| - (.-.) - [1112] - (0.0.0.0) - C:\Windows\hpomdl41.dat.temp [MD5.965153D3F0823DB0787F78CA093EE988] - [04/06/2013 07:33:59] - |A| - (.-.) - [9534] - (0.0.0.0) - C:\Windows\IE10_main.log [MD5.B31C82AD3D54D6C54B278FEEE1F32782] - [19/11/2013 09:07:26] - |A| - (.-.) - [10277] - (0.0.0.0) - C:\Windows\IE11_main.log [MD5.09019693B60EFE96582CE750F84A14F2] - [13/10/2010 13:55:09] - |A| - (.-.) - [12979] - (0.0.0.0) - C:\Windows\IE9_main.log [14/07/2009 04:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 04:20:10] - |D| - [190956069] - C:\Windows\inf [12/05/2010 17:00:25] - |SHD| - [2917567488] - C:\Windows\Installer [MD5.1795B9561FB1FC18C86E05103164B0F8] - [02/07/2013 17:40:58] - |A| - (.-.) - [1042] - (0.0.0.0) - C:\Windows\KB893803v2.log [MD5.61DBFDC89F34B0CE189A3DC0B4FDB9AB] - [25/06/2010 22:26:06] - |A| - (.-.) - [625] - (0.0.0.0) - C:\Windows\KB942288-v3.log [14/07/2009 04:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 04:20:10] - |D| - [5252960] - C:\Windows\LiveKernelReports [14/07/2009 04:20:10] - |D| - [203507664] - C:\Windows\Logs [MD5.9766956B1CD184E4C426BD47D90B8B1C] - [28/09/2010 14:00:12] - |A| - (.-.) - [12800] - (0.0.0.0) - C:\Windows\LPRES.DLL [14/07/2009 04:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.83FC7D407BBFCC770D72A599180362AB] - [28/12/2011 09:23:48] - |A| - (.-.) - [482061579] - (0.0.0.0) - C:\Windows\MEMORY.DMP [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 01:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 04:20:10] - |D| - [992077295] - C:\Windows\Microsoft.NET [01/03/2014 22:08:27] - |D| - [5524] - C:\Windows\Migration [28/12/2011 09:23:54] - |D| - [1759240] - C:\Windows\Minidump [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.C23785F136F2FD40E6036F1431C71A6D] - [23/09/2010 09:17:13] - |A| - (.-.) - [289688] - (0.0.0.0) - C:\Windows\msxml4-KB954430-enu.LOG [MD5.42A1E1956C59D52BA29AA2780446D384] - [24/09/2010 14:18:54] - |A| - (.-.) - [288066] - (0.0.0.0) - C:\Windows\msxml4-KB973688-enu.LOG [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [12/08/2015 09:46:37] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [07/09/2009 02:57:26] - |D| - [2050059] - C:\Windows\Panther [13/11/2012 18:31:29] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 06:32:38] - |D| - [62553229] - C:\Windows\Performance [MD5.2A14890A6472BDC966AF19A527A94446] - [17/09/2010 20:25:33] - |A| - (.-.) - [469350] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 04:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 04:20:10] - |D| - [2950101] - C:\Windows\PolicyDefinitions [25/06/2010 22:05:07] - |D| - [63011348] - C:\Windows\Prefetch [13/11/2012 17:47:29] - |D| - [1081] - C:\Windows\pss [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 00:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 04:20:10] - |D| - [22588] - C:\Windows\registration [14/07/2009 04:20:10] - |D| - [8159950] - C:\Windows\rescache [14/07/2009 04:20:10] - |D| - [1674534] - C:\Windows\Resources [MD5.5F4D225CEDF3830002BE6813DE966F4E] - [25/06/2010 22:13:01] - |A| - (.Realtek Semiconductor Corp. Copyright (C) 2010 - RtlExUpd DLL for setup utility function.) - [1247776] - (1.0.2.0) - C:\Windows\RtlExUpd.dll [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 04:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 04:20:10] - |D| - [7199920] - C:\Windows\security [14/07/2009 05:45:47] - |D| - [160237492] - C:\Windows\ServiceProfiles [14/07/2009 04:20:10] - |D| - [210863537] - C:\Windows\servicing [14/07/2009 05:45:50] - |D| - [1011] - C:\Windows\Setup [MD5.87A14D5E7B838C5C4879F50227C8420E] - [14/07/2009 05:51:00] - |A| - (.-.) - [452839] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D6DAD2329EFFEF95AD5A845D1242C260] - [14/07/2009 05:51:00] - |A| - (.-.) - [495] - (0.0.0.0) - C:\Windows\setuperr.log [25/06/2010 22:08:12] - |D| - [2381218465] - C:\Windows\SoftwareDistribution [14/07/2009 04:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [19/08/2012 21:49:10] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 06:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [05/09/2012 16:40:41] - |D| - [0] - C:\Windows\Sun [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 03:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 04:20:10] - |D| - [4373981586] - C:\Windows\System32 [14/07/2009 04:20:14] - |D| - [1272796439] - C:\Windows\SysWOW64 [14/07/2009 04:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 04:20:14] - |D| - [40436] - C:\Windows\Tasks [14/07/2009 04:20:14] - |D| - [185922911] - C:\Windows\Temp [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\tracing [MD5.80A0795D68E872BBD7A61CDC9762A9C8] - [17/10/2012 06:38:00] - |A| - (.-.) - [12656334] - (0.0.0.0) - C:\Windows\TrufosDllLog.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/10/2012 10:07:52] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\TrufosLog.txt [MD5.9AEB69C08205C250057B5168CC4455D4] - [07/09/2009 02:00:31] - |A| - (.-.) - [5767] - (0.0.0.0) - C:\Windows\TSSysprep.log [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 22:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 06:32:38] - |D| - [604160] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [22/06/2011 08:51:17] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 23:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 01:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [14/07/2009 04:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 04:20:14] - |D| - [40908004] - C:\Windows\Web [MD5.3E6F24B5319C375DD219EE357D9BAB06] - [14/07/2009 03:34:57] - |A| - (.-.) - [438] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 05:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.619670A7EB99878396BB10FD6EAAA040] - [25/06/2010 22:08:12] - |A| - (.-.) - [1877721] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 01:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 04:20:14] - |D| - [30124964200] - C:\Windows\winsxs [MD5.74908820C298AD4768EFA5E27AC4FC20] - [10/11/2010 01:28:46] - |A| - (.© 2010 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [301936] - (15.4.3508.1109) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 21:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 00:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [08/12/2011 09:29:29] - C:\Windows\Installer\133489.msi : (HP Wireless Assistant - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/08/2012 08:10:24] - C:\Windows\Installer\16b19.msi : (Google Toolbar for Internet Explorer - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:23:48] - C:\Windows\Installer\1b42f.msi : (ATI Catalyst Install Manager Installer (64 bit) - ATI Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/10/2009 20:53:50] - C:\Windows\Installer\1b43b.msi : (Branding - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:16:18] - C:\Windows\Installer\1b441.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:17:30] - C:\Windows\Installer\1b447.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:17:42] - C:\Windows\Installer\1b44d.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:17:56] - C:\Windows\Installer\1b453.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:15:42] - C:\Windows\Installer\1b459.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:15:32] - C:\Windows\Installer\1b45f.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:18:04] - C:\Windows\Installer\1b466.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:18:16] - C:\Windows\Installer\1b46c.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:18:26] - C:\Windows\Installer\1b472.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:18:36] - C:\Windows\Installer\1b478.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:18:44] - C:\Windows\Installer\1b47e.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:18:54] - C:\Windows\Installer\1b484.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:00] - C:\Windows\Installer\1b48a.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:10] - C:\Windows\Installer\1b490.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:20] - C:\Windows\Installer\1b496.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:30] - C:\Windows\Installer\1b49c.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:38] - C:\Windows\Installer\1b4a2.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:48] - C:\Windows\Installer\1b4a8.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:19:56] - C:\Windows\Installer\1b4ae.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:04] - C:\Windows\Installer\1b4b4.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:12] - C:\Windows\Installer\1b4ba.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:20] - C:\Windows\Installer\1b4c0.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:30] - C:\Windows\Installer\1b4c6.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:38] - C:\Windows\Installer\1b4cc.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:48] - C:\Windows\Installer\1b4d2.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:20:56] - C:\Windows\Installer\1b4d8.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:21:04] - C:\Windows\Installer\1b4de.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:21:14] - C:\Windows\Installer\1b4e4.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:21:34] - C:\Windows\Installer\1b4ea.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:21:58] - C:\Windows\Installer\1b4f0.msi : (Catalyst Control Center Utility 64 - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2010 14:17:02] - C:\Windows\Installer\1b4f7.msi : (Catalyst Control Center - ATI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/10/2009 09:43:13] - C:\Windows\Installer\1b7b40.msi : (64 Bit HP CIO Components Installer Package - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 09:59:56] - C:\Windows\Installer\1b7c00.msi : (HP Update - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/06/2010 22:18:22] - C:\Windows\Installer\1ea15.msi : (LS_HSI - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/01/2010 04:36:56] - C:\Windows\Installer\1ea4a.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/01/2010 21:15:56] - C:\Windows\Installer\1ec03.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/01/2010 21:19:28] - C:\Windows\Installer\1ec0b.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/01/2010 01:51:14] - C:\Windows\Installer\1ec14.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/01/2010 23:26:40] - C:\Windows\Installer\1ec1c.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2010 02:23:30] - C:\Windows\Installer\1ec22.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/01/2010 09:41:08] - C:\Windows\Installer\1ec2f.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2010 21:49:06] - C:\Windows\Installer\1ec38.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/11/2011 09:31:15] - C:\Windows\Installer\1f748b.msi : (HP Software Framework - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/11/2014 18:09:13] - C:\Windows\Installer\2662e1.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/11/2010 15:10:35] - C:\Windows\Installer\26a962.msi : (Blank Project Template - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/12/2010 08:43:10] - C:\Windows\Installer\2d8f6c.msi : (HP Advisor - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/12/2016 11:05:06] - C:\Windows\Installer\357114.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/01/2010 21:18:14] - C:\Windows\Installer\390fae.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2010 18:36:23] - C:\Windows\Installer\4bfd76.msi : (HP User Guides 0217 - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/10/2015 07:55:00] - C:\Windows\Installer\53d70.msi : (Intel® RealSense™ SDK 2014 Runtime (x64): Core - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2010 18:48:07] - C:\Windows\Installer\560008.msi : (Adobe AIR Installer - Adobe Systems Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2010 18:48:14] - C:\Windows\Installer\56000d.msi : (Acrobat.com - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/11/2016 17:39:56] - C:\Windows\Installer\5c9ca.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2010 18:58:21] - C:\Windows\Installer\60175c.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/01/2010 04:26:26] - C:\Windows\Installer\69650f.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/01/2010 21:18:22] - C:\Windows\Installer\696514.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/01/2010 21:25:18] - C:\Windows\Installer\696519.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/01/2010 21:16:00] - C:\Windows\Installer\69651e.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/01/2010 23:28:12] - C:\Windows\Installer\69652d.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2012 04:48:11] - C:\Windows\Installer\70c28b.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2010 19:35:20] - C:\Windows\Installer\81fd86.msi : (Java(TM) SE Runtime Environment 6.0 - Sun Microsystems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2010 19:35:30] - C:\Windows\Installer\81fd8b.msi : (Java(TM) SE Runtime Environment 6.0 - Sun Microsystems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2014 11:31:24] - C:\Windows\Installer\b10701.msi : (HP Support Assistant - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2013 12:03:14] - C:\Windows\Installer\b10709.msi : (Blank Project Template - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/12/2016 13:10:40] - C:\Windows\Installer\bde151.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/05/2011 12:01:41] - C:\Windows\Installer\d159d9.msi : (MyPDFConverter - Aedge Performance BCN SL) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/01/2010 23:05:50] - C:\Windows\Installer\e765.msi : ( - © 2008-2009 Hewlett-Packard Development Compay, L.P.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2010 09:41:13] - C:\Windows\Installer\ef81b.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 12:45:15] - C:\Windows\Installer\ef827.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2010 05:03:03] - C:\Windows\Installer\ef82f.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 09:29:29] - C:\Windows\Installer\ef837.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2010 08:37:16] - C:\Windows\Installer\ef840.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2010 09:34:25] - C:\Windows\Installer\ef848.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 09:46:23] - C:\Windows\Installer\ef850.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2010 10:15:19] - C:\Windows\Installer\ef85c.msi : (Hewlett-Packard - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 04:50:11] - C:\Windows\Installer\ef864.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 13:43:00] - C:\Windows\Installer\ef86d.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 13:03:11] - C:\Windows\Installer\ef875.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 13:16:43] - C:\Windows\Installer\ef87d.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 07:14:35] - C:\Windows\Installer\ef885.msi : (Builds the Destinations MSI - Builds the Destinations MSI) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2010 07:04:51] - C:\Windows\Installer\ef890.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 06:39:22] - C:\Windows\Installer\ef898.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 05:52:40] - C:\Windows\Installer\ef8a0.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 07:58:23] - C:\Windows\Installer\ef8a8.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/11/2009 09:42:30] - C:\Windows\Installer\ef8b0.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/10/2009 13:30:22] - C:\Windows\Installer\ef8b9.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 05:57:09] - [73] - C:\Windows\System32\desktop.ini [12/05/2010 20:24:16] - [188] - C:\Windows\System32\HPWA.ini [15/04/2015 15:14:55] - [16303] - C:\Windows\System32\ieuinit.inf [25/06/2010 22:09:32] - [1048812] - C:\Windows\System32\oem1.inf [14/07/2009 06:13:15] - [1671272] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 22:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [12/05/2010 20:24:16] - [211] - C:\Windows\Syswow64\HPWA.ini [15/04/2015 15:14:57] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 05:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [17/09/2010 20:55:10] - [1646340] - C:\Windows\Syswow64\PerfStringBackup.INI [25/06/2010 22:08:00] - [209] - C:\Windows\Syswow64\RStoneLog.ini [25/06/2010 22:08:00] - [268] - C:\Windows\Syswow64\RStoneLog2.ini ---------- | [Administrator] [02/12/2010 08:47:16] - |D| - [19906] - C:\Users\Administrator\AppData [02/12/2010 08:47:16] - |D| - [19906] - C:\Users\Administrator\AppData\Roaming\Hewlett-Packard ---------- | [cecile] [07/03/2011 10:39:08] - |D| - [1788587277] - C:\Users\cecile\2013-03 annecy [17/09/2010 12:27:42] - |HD| - [14750779551] - C:\Users\cecile\AppData [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Application Data [04/03/2014 17:43:32] - |A| - [62754] - C:\Users\cecile\commande globescout_2.pdf [17/09/2010 12:45:17] - |RD| - [89606] - C:\Users\cecile\Contacts [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Cookies [17/09/2010 12:27:42] - |RD| - [2300963478] - C:\Users\cecile\Desktop [17/09/2010 12:27:42] - |RD| - [5933846432] - C:\Users\cecile\Documents [17/09/2010 12:27:42] - |RD| - [2192018664] - C:\Users\cecile\Downloads [16/09/2014 12:50:28] - |RD| - [550449393] - C:\Users\cecile\Dropbox [25/07/2013 16:16:14] - |RD| - [276991675] - C:\Users\cecile\Dropbox (Ancien) [17/09/2010 12:27:42] - |RD| - [11287] - C:\Users\cecile\Favorites [17/09/2010 12:27:42] - |RD| - [4036] - C:\Users\cecile\Links [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Local Settings [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Menu Démarrer [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Mes documents [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Modèles [11/09/2012 11:46:35] - |D| - [0] - C:\Users\cecile\Mon nuage [17/09/2010 12:27:42] - |RD| - [338698085] - C:\Users\cecile\Music [17/09/2010 12:27:42] - |ASH| - [5767168] - C:\Users\cecile\ntuser.dat [17/09/2010 12:27:42] - |ASH| - [262144] - C:\Users\cecile\ntuser.dat.LOG1 [17/09/2010 12:27:42] - |ASH| - [204800] - C:\Users\cecile\ntuser.dat.LOG2 [17/09/2010 12:27:42] - |ASH| - [65536] - C:\Users\cecile\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [17/09/2010 12:27:42] - |ASH| - [524288] - C:\Users\cecile\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [17/09/2010 12:27:42] - |ASH| - [524288] - C:\Users\cecile\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [23/05/2011 16:01:26] - |ASH| - [65536] - C:\Users\cecile\ntuser.dat{021956bb-8544-11e0-a3e2-93ffa1165a1c}.TM.blf [23/05/2011 16:01:26] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{021956bb-8544-11e0-a3e2-93ffa1165a1c}.TMContainer00000000000000000001.regtrans-ms [23/05/2011 16:01:26] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{021956bb-8544-11e0-a3e2-93ffa1165a1c}.TMContainer00000000000000000002.regtrans-ms [17/09/2010 17:13:46] - |ASH| - [65536] - C:\Users\cecile\ntuser.dat{247405df-c26c-11df-9e52-b24d1ba63b0d}.TM.blf [17/09/2010 17:13:46] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{247405df-c26c-11df-9e52-b24d1ba63b0d}.TMContainer00000000000000000001.regtrans-ms [17/09/2010 17:13:46] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{247405df-c26c-11df-9e52-b24d1ba63b0d}.TMContainer00000000000000000002.regtrans-ms [28/08/2014 20:58:52] - |ASH| - [65536] - C:\Users\cecile\ntuser.dat{49bbc74e-2eec-11e4-9c9d-b151831e2f03}.TM.blf [28/08/2014 20:58:52] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{49bbc74e-2eec-11e4-9c9d-b151831e2f03}.TMContainer00000000000000000001.regtrans-ms [28/08/2014 20:58:52] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{49bbc74e-2eec-11e4-9c9d-b151831e2f03}.TMContainer00000000000000000002.regtrans-ms [24/03/2015 17:14:42] - |ASH| - [65536] - C:\Users\cecile\ntuser.dat{a85ea3fc-d240-11e4-aa5b-002682ab4dd1}.TM.blf [24/03/2015 17:14:42] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{a85ea3fc-d240-11e4-aa5b-002682ab4dd1}.TMContainer00000000000000000001.regtrans-ms [24/03/2015 17:14:42] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{a85ea3fc-d240-11e4-aa5b-002682ab4dd1}.TMContainer00000000000000000002.regtrans-ms [01/02/2015 09:39:48] - |ASH| - [65536] - C:\Users\cecile\ntuser.dat{b9fe5e58-a9ed-11e4-b2b2-002682ab4dd1}.TM.blf [01/02/2015 09:39:48] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{b9fe5e58-a9ed-11e4-b2b2-002682ab4dd1}.TMContainer00000000000000000001.regtrans-ms [01/02/2015 09:39:48] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{b9fe5e58-a9ed-11e4-b2b2-002682ab4dd1}.TMContainer00000000000000000002.regtrans-ms [11/01/2011 06:47:05] - |ASH| - [65536] - C:\Users\cecile\ntuser.dat{fddc395e-1d45-11e0-8ff8-9cd074bca115}.TM.blf [11/01/2011 06:47:05] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{fddc395e-1d45-11e0-8ff8-9cd074bca115}.TMContainer00000000000000000001.regtrans-ms [11/01/2011 06:47:05] - |ASH| - [524288] - C:\Users\cecile\ntuser.dat{fddc395e-1d45-11e0-8ff8-9cd074bca115}.TMContainer00000000000000000002.regtrans-ms [17/09/2010 12:27:42] - |SH| - [20] - C:\Users\cecile\ntuser.ini [17/09/2010 12:27:42] - |RD| - [256246248431] - C:\Users\cecile\Pictures [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Recent [17/09/2010 12:27:42] - |RD| - [282] - C:\Users\cecile\Saved Games [17/09/2010 12:45:25] - |RD| - [3041] - C:\Users\cecile\Searches [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\SendTo [13/10/2010 14:06:32] - |D| - [6119424] - C:\Users\cecile\Tracing [17/09/2010 12:27:42] - |RD| - [13396731659] - C:\Users\cecile\Videos [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Voisinage d'impression [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\Voisinage réseau [11/09/2012 11:46:58] - |HD| - [0] - C:\Users\cecile\_wsfnac [17/09/2010 14:35:39] - |D| - [43056416] - C:\Users\cecile\AppData\Roaming\Adobe [17/09/2010 12:46:44] - |D| - [0] - C:\Users\cecile\AppData\Roaming\ATI [20/12/2016 12:55:45] - |D| - [29906514] - C:\Users\cecile\AppData\Roaming\AVAST Software [25/03/2012 15:45:46] - |A| - [25] - C:\Users\cecile\AppData\Roaming\bdfvconp.ini [05/02/2014 14:54:08] - |A| - [385] - C:\Users\cecile\AppData\Roaming\Bitdefuser_gensett.xml [29/05/2011 11:01:06] - |D| - [0] - C:\Users\cecile\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [19/09/2010 18:25:42] - |D| - [175704] - C:\Users\cecile\AppData\Roaming\CyberLink [25/07/2013 16:13:34] - |D| - [202910331] - C:\Users\cecile\AppData\Roaming\Dropbox [31/12/2013 20:52:14] - |D| - [2311] - C:\Users\cecile\AppData\Roaming\dvdcss [13/01/2011 18:42:19] - |A| - [1854] - C:\Users\cecile\AppData\Roaming\GhostObjGAFix.xml [17/09/2010 12:29:04] - |D| - [126970] - C:\Users\cecile\AppData\Roaming\Hewlett-Packard [22/09/2010 10:49:51] - |D| - [155882] - C:\Users\cecile\AppData\Roaming\HP [21/09/2010 11:30:44] - |D| - [360] - C:\Users\cecile\AppData\Roaming\HP Support Assistant [21/09/2010 11:35:52] - |D| - [549076] - C:\Users\cecile\AppData\Roaming\hpqLog [17/09/2010 13:29:41] - |D| - [1325] - C:\Users\cecile\AppData\Roaming\HpUpdate [17/09/2010 12:45:18] - |D| - [0] - C:\Users\cecile\AppData\Roaming\Identities [27/02/2016 17:54:49] - |D| - [1502720] - C:\Users\cecile\AppData\Roaming\LockAP [17/09/2010 14:35:39] - |D| - [87637] - C:\Users\cecile\AppData\Roaming\Macromedia [17/09/2010 12:27:42] - |D| - [0] - C:\Users\cecile\AppData\Roaming\Media Center Programs [17/09/2010 12:27:42] - |SD| - [22917076] - C:\Users\cecile\AppData\Roaming\Microsoft [19/09/2010 18:11:40] - |D| - [429488343] - C:\Users\cecile\AppData\Roaming\Mozilla [11/09/2012 11:46:00] - |D| - [109604157] - C:\Users\cecile\AppData\Roaming\Oodrive [04/09/2016 18:43:04] - |D| - [894] - C:\Users\cecile\AppData\Roaming\PDF Architect 2 [17/09/2010 14:23:11] - |D| - [50383] - C:\Users\cecile\AppData\Roaming\QuickScan [13/10/2010 13:55:02] - |D| - [207872] - C:\Users\cecile\AppData\Roaming\Raccourcis applicatifs [19/09/2010 18:22:23] - |D| - [98820207] - C:\Users\cecile\AppData\Roaming\Skype [17/09/2010 16:25:52] - |D| - [12531144] - C:\Users\cecile\AppData\Roaming\SoftGrid Client [14/09/2012 15:05:30] - |D| - [79388] - C:\Users\cecile\AppData\Roaming\TeamViewer [13/09/2014 10:05:22] - |D| - [13824] - C:\Users\cecile\AppData\Roaming\Template [17/09/2010 16:23:19] - |D| - [0] - C:\Users\cecile\AppData\Roaming\TP [29/08/2013 17:19:53] - |D| - [8031411] - C:\Users\cecile\AppData\Roaming\U3 [11/11/2010 18:50:30] - |D| - [1275482] - C:\Users\cecile\AppData\Roaming\vlc [14/11/2010 15:50:41] - |D| - [295] - C:\Users\cecile\AppData\Roaming\Windows Live Writer [13/09/2014 10:05:20] - |A| - [35836] - C:\Users\cecile\AppData\Roaming\wklnhst.dat [22/09/2010 10:45:01] - |D| - [0] - C:\Users\cecile\AppData\Roaming\Yahoo! [20/09/2010 15:44:43] - |D| - [8624] - C:\Users\cecile\AppData\Roaming\_MDLogs [18/06/2014 08:59:18] - |D| - [20042848] - C:\Users\cecile\AppData\Local\Adobe [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\AppData\Local\Application Data [19/09/2010 18:07:00] - |D| - [1228115] - C:\Users\cecile\AppData\Local\Apps [17/09/2010 12:46:44] - |D| - [60249] - C:\Users\cecile\AppData\Local\ATI [04/09/2016 18:27:05] - |D| - [0] - C:\Users\cecile\AppData\Local\CEF [19/09/2010 18:25:39] - |D| - [4071] - C:\Users\cecile\AppData\Local\CyberLink [04/02/2011 15:02:01] - |A| - [22528] - C:\Users\cecile\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [19/09/2010 18:07:00] - |D| - [0] - C:\Users\cecile\AppData\Local\Deployment [17/09/2010 16:46:18] - |D| - [0] - C:\Users\cecile\AppData\Local\Diagnostics [16/06/2015 19:59:13] - |D| - [82529894] - C:\Users\cecile\AppData\Local\Dropbox [05/11/2010 16:14:27] - |D| - [0] - C:\Users\cecile\AppData\Local\ElevatedDiagnostics [26/01/2015 19:30:42] - |SHD| - [0] - C:\Users\cecile\AppData\Local\EmieBrowserModeList [14/06/2014 15:04:01] - |SHD| - [0] - C:\Users\cecile\AppData\Local\EmieSiteList [14/06/2014 15:04:01] - |SHD| - [0] - C:\Users\cecile\AppData\Local\EmieUserList [17/09/2010 12:39:03] - |A| - [87280] - C:\Users\cecile\AppData\Local\GDIPFONTCACHEV1.DAT [19/09/2010 18:07:17] - |D| - [1637162866] - C:\Users\cecile\AppData\Local\Google [02/06/2015 05:47:08] - |D| - [71] - C:\Users\cecile\AppData\Local\GWX [17/09/2010 12:44:50] - |D| - [13545] - C:\Users\cecile\AppData\Local\Hewlett-Packard [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\AppData\Local\Historique [22/09/2010 10:49:59] - |D| - [49778] - C:\Users\cecile\AppData\Local\HP [20/12/2016 18:23:57] - |AH| - [1583804] - C:\Users\cecile\AppData\Local\IconCache.db [04/10/2010 14:41:17] - |D| - [2010] - C:\Users\cecile\AppData\Local\IsolatedStorage [14/09/2012 15:46:33] - |D| - [0] - C:\Users\cecile\AppData\Local\Macromedia [17/09/2010 12:27:42] - |D| - [10342439550] - C:\Users\cecile\AppData\Local\Microsoft [17/09/2010 21:06:03] - |D| - [146808] - C:\Users\cecile\AppData\Local\Microsoft Help [08/11/2013 17:24:01] - |D| - [3239] - C:\Users\cecile\AppData\Local\monAlbumPhoto [19/09/2010 18:11:40] - |D| - [440524025] - C:\Users\cecile\AppData\Local\Mozilla [11/09/2012 10:49:14] - |D| - [8661] - C:\Users\cecile\AppData\Local\Nexway [20/12/2016 10:19:44] - |D| - [0] - C:\Users\cecile\AppData\Local\PDFCreator [05/08/2014 08:56:08] - |D| - [0] - C:\Users\cecile\AppData\Local\Programs [02/03/2014 14:44:22] - |D| - [0] - C:\Users\cecile\AppData\Local\Skype [17/09/2010 16:26:36] - |D| - [49152] - C:\Users\cecile\AppData\Local\SoftGrid Client [17/09/2010 12:27:42] - |D| - [1201389507] - C:\Users\cecile\AppData\Local\Temp [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\AppData\Local\Temporary Internet Files [04/09/2016 18:27:05] - |D| - [31073346] - C:\Users\cecile\AppData\Local\tkdata [17/09/2010 12:45:15] - |D| - [1475584] - C:\Users\cecile\AppData\Local\VirtualStore [21/12/2010 10:01:11] - |D| - [3443] - C:\Users\cecile\AppData\Local\Western Digital [26/10/2010 16:54:21] - |D| - [86016] - C:\Users\cecile\AppData\Local\Windows Live [14/11/2010 15:50:41] - |D| - [648363] - C:\Users\cecile\AppData\Local\Windows Live Writer [04/02/2011 12:35:27] - |D| - [0] - C:\Users\cecile\AppData\Local\WMTools Downloaded Files [26/09/2016 08:18:38] - |D| - [0] - C:\Users\cecile\AppData\Local\{04ECD9FE-682D-4C79-9A50-6CA30BE192FB} [16/09/2015 09:22:07] - |D| - [0] - C:\Users\cecile\AppData\Local\{0D778E2B-9F13-45BC-9ED5-E2A6E498725F} [14/09/2012 15:13:03] - |D| - [0] - C:\Users\cecile\AppData\Local\{12671AD7-C044-41B5-92F0-8CE381E999A9} [12/11/2013 16:57:46] - |D| - [0] - C:\Users\cecile\AppData\Local\{1AB3984D-22FE-4AE5-BB1C-F1B7F11BA515} [06/12/2015 20:26:06] - |D| - [0] - C:\Users\cecile\AppData\Local\{1BC79139-8D2F-47B1-9796-10A02085A8EE} [09/06/2011 12:11:41] - |D| - [0] - C:\Users\cecile\AppData\Local\{1BD96430-F792-44EA-A75B-4615654801BB} [07/01/2013 13:45:59] - |D| - [0] - C:\Users\cecile\AppData\Local\{1FEE9209-28BF-4B41-99FE-D8DF7BB4E8B9} [29/06/2013 13:14:18] - |D| - [0] - C:\Users\cecile\AppData\Local\{245AE4E6-A3BC-467E-8108-FE753616D8DA} [29/08/2011 13:42:14] - |D| - [0] - C:\Users\cecile\AppData\Local\{26938639-A9C5-4D36-BBF9-E17B2154FF22} [24/04/2016 09:45:46] - |D| - [0] - C:\Users\cecile\AppData\Local\{2AB50688-A102-4185-9123-38DE26EB96C1} [28/03/2012 20:32:16] - |D| - [0] - C:\Users\cecile\AppData\Local\{3210AF14-B563-4349-A861-A7A7ED89D933} [24/08/2012 11:19:23] - |D| - [0] - C:\Users\cecile\AppData\Local\{3265E0DD-266A-47F4-8A9F-BBCABAB9C26A} [15/05/2012 14:13:24] - |D| - [0] - C:\Users\cecile\AppData\Local\{3AD4EABF-A59E-451C-8DEB-43616A642F7B} [28/02/2013 06:55:20] - |D| - [0] - C:\Users\cecile\AppData\Local\{3BF20ABD-BBC8-4DCE-94E2-8C77548508C1} [12/05/2016 11:32:17] - |D| - [0] - C:\Users\cecile\AppData\Local\{3C99B6FB-B3FF-418C-BEBF-A2CF035CB3B3} [26/01/2012 20:14:45] - |D| - [0] - C:\Users\cecile\AppData\Local\{407A5749-8386-44E5-B4CA-D000616E5944} [11/01/2016 13:32:45] - |D| - [0] - C:\Users\cecile\AppData\Local\{421435AC-45BF-4816-A957-37B5189DD6EE} [19/07/2016 13:20:45] - |D| - [0] - C:\Users\cecile\AppData\Local\{4344C5FB-1DDD-4C17-A402-D9ADFB5A369D} [21/05/2011 11:55:33] - |D| - [0] - C:\Users\cecile\AppData\Local\{44909461-3173-45EB-99F6-C6D60AEC2839} [08/04/2014 16:58:31] - |D| - [0] - C:\Users\cecile\AppData\Local\{4640E68E-29AB-4E63-B1C7-44776490D438} [28/05/2016 12:22:43] - |D| - [0] - C:\Users\cecile\AppData\Local\{47F638CF-1129-4A03-BB84-1536BD2B4D28} [14/11/2013 14:30:55] - |D| - [0] - C:\Users\cecile\AppData\Local\{4A156C25-68A6-4326-8B15-15F523E48EB3} [13/02/2013 18:12:04] - |D| - [0] - C:\Users\cecile\AppData\Local\{4B4197A6-9176-4A42-9FEB-53D2BEEDEC30} [22/03/2012 10:29:59] - |D| - [0] - C:\Users\cecile\AppData\Local\{4B81763B-AB68-4318-95E9-A63135290320} [28/02/2016 16:51:46] - |D| - [0] - C:\Users\cecile\AppData\Local\{4F2369AB-ADC7-4AF1-9E67-412A02589F70} [02/02/2012 13:37:51] - |D| - [0] - C:\Users\cecile\AppData\Local\{5525D284-A536-42F6-BBC3-45C6D2D95906} [16/04/2012 19:49:30] - |D| - [0] - C:\Users\cecile\AppData\Local\{5864AADD-9AEB-428C-A522-BE18FF9F144C} [15/03/2012 19:12:40] - |D| - [0] - C:\Users\cecile\AppData\Local\{5A6E484B-D3F4-43BD-9626-AE7BEBCEBCB0} [02/05/2016 10:37:04] - |D| - [0] - C:\Users\cecile\AppData\Local\{5B13040A-C78C-4875-B5B9-9CD36CC612E7} [11/12/2013 17:53:17] - |D| - [0] - C:\Users\cecile\AppData\Local\{6394ACFB-E481-4864-B32B-ADB6E744F274} [06/11/2014 11:42:25] - |D| - [0] - C:\Users\cecile\AppData\Local\{67ED96A1-192E-4564-B58F-29773F84FB88} [05/01/2016 21:04:21] - |D| - [0] - C:\Users\cecile\AppData\Local\{6B016C2D-FD90-4A78-B383-EA27FC614112} [28/05/2016 12:25:40] - |D| - [0] - C:\Users\cecile\AppData\Local\{6D32B661-0C6A-4D40-A8CD-53BCCBA70757} [01/06/2015 18:38:48] - |D| - [0] - C:\Users\cecile\AppData\Local\{6D4C64C5-343C-491A-828C-A53D72BAF0B0} [18/09/2014 20:00:58] - |D| - [0] - C:\Users\cecile\AppData\Local\{72342E42-D706-49D1-8459-4A8A2958E7E1} [27/06/2011 13:25:27] - |D| - [0] - C:\Users\cecile\AppData\Local\{77E08A58-5816-46B7-A2CA-7DC0FE570272} [10/06/2012 09:54:02] - |D| - [0] - C:\Users\cecile\AppData\Local\{77E7B8B0-8836-40DC-9542-7D524197D797} [08/07/2011 12:45:32] - |D| - [0] - C:\Users\cecile\AppData\Local\{78E47718-B65A-4EAA-B8B5-873CAD89248E} [24/05/2016 08:27:40] - |D| - [0] - C:\Users\cecile\AppData\Local\{7CA9F8B2-548D-4949-ABD1-25A425C28D8A} [10/06/2012 09:54:27] - |D| - [0] - C:\Users\cecile\AppData\Local\{83176290-D83B-4A42-B444-3B24CC0B65F6} [08/03/2015 16:24:36] - |D| - [0] - C:\Users\cecile\AppData\Local\{839B627E-2C8E-4C08-B71A-E57310F8ED31} [16/09/2016 16:54:00] - |D| - [0] - C:\Users\cecile\AppData\Local\{87BFF442-82E1-45D9-993D-AD44797769DD} [26/01/2012 20:14:58] - |D| - [0] - C:\Users\cecile\AppData\Local\{91EDE693-FE34-4A77-9822-CFF0A1402A4E} [16/10/2014 12:05:35] - |D| - [0] - C:\Users\cecile\AppData\Local\{9648B89B-93B6-4042-BEAF-FB475F997296} [25/04/2014 12:40:49] - |D| - [0] - C:\Users\cecile\AppData\Local\{96E1A8A5-ED99-47B7-AA8B-DEA757C8D510} [31/12/2013 09:05:27] - |D| - [0] - C:\Users\cecile\AppData\Local\{A2D9861B-B98B-4659-B26D-D29A541EA2FA} [27/09/2016 13:14:07] - |D| - [0] - C:\Users\cecile\AppData\Local\{A2F2242B-8CEC-4A16-90A6-50DB0D37472B} [13/03/2012 06:40:06] - |D| - [0] - C:\Users\cecile\AppData\Local\{A4F0B3C9-FE8E-4080-B266-5E9F062CCAD0} [20/01/2016 22:19:38] - |D| - [0] - C:\Users\cecile\AppData\Local\{A53F961B-6DEC-4117-AD33-F6215689EF29} [27/07/2012 12:55:42] - |D| - [0] - C:\Users\cecile\AppData\Local\{A6739FD7-347F-4D6D-80F7-0B1FD697873C} [21/01/2012 19:13:46] - |D| - [0] - C:\Users\cecile\AppData\Local\{A6B20ADF-DF11-4713-B094-758C88C1B83D} [16/02/2016 14:20:35] - |D| - [0] - C:\Users\cecile\AppData\Local\{A9A4C156-762F-4E52-844E-0E5CB3EACF2A} [04/01/2015 15:00:20] - |D| - [0] - C:\Users\cecile\AppData\Local\{B0B4D8E0-7D88-4457-B00F-7831789D736D} [16/11/2015 20:42:34] - |D| - [0] - C:\Users\cecile\AppData\Local\{B1854575-0C24-4164-AE40-7598CAAEBF43} [11/11/2015 14:00:31] - |D| - [0] - C:\Users\cecile\AppData\Local\{B1DFBDB1-A20A-4484-BCE9-36C5EB659AB0} [25/02/2016 16:00:46] - |D| - [0] - C:\Users\cecile\AppData\Local\{B238ACF5-AB6B-400B-B976-585498DC7C49} [27/01/2012 19:17:08] - |D| - [0] - C:\Users\cecile\AppData\Local\{B58093EE-E820-4EF1-B8EE-1B43594089CD} [27/12/2011 17:14:24] - |D| - [0] - C:\Users\cecile\AppData\Local\{B7BE43AF-E942-4D08-9B93-1B6801751949} [15/05/2012 14:12:13] - |D| - [0] - C:\Users\cecile\AppData\Local\{B8FC4D23-C49B-4518-BCCE-DFC3E3F2F406} [15/03/2012 19:12:18] - |D| - [0] - C:\Users\cecile\AppData\Local\{B9B4A132-F3CB-4391-9F50-D89C9A947202} [30/05/2015 08:59:24] - |D| - [0] - C:\Users\cecile\AppData\Local\{BA0950E9-A1F9-4416-9E4B-85698D2225B0} [13/03/2012 06:39:53] - |D| - [0] - C:\Users\cecile\AppData\Local\{BD91C116-513B-4835-88B5-830F807CBE11} [17/11/2015 12:38:40] - |D| - [0] - C:\Users\cecile\AppData\Local\{BFC7A803-7979-45BE-B110-196CF018302B} [08/12/2013 18:01:07] - |D| - [0] - C:\Users\cecile\AppData\Local\{BFF789C3-55BD-44D0-85B1-2258B45BF08E} [05/09/2011 17:04:01] - |D| - [0] - C:\Users\cecile\AppData\Local\{C369A447-6161-4E9E-8B5D-780E9C6073F2} [20/12/2012 10:55:10] - |D| - [0] - C:\Users\cecile\AppData\Local\{C387AE2F-51F0-47B4-A99D-A34985696922} [18/04/2011 14:02:55] - |D| - [0] - C:\Users\cecile\AppData\Local\{C3A6BF4F-DD3F-42CC-9146-9ADB6E84E25E} [24/08/2012 11:22:57] - |D| - [0] - C:\Users\cecile\AppData\Local\{C5C55C5B-0995-470B-A8DD-19692D09C097} [21/04/2011 07:29:55] - |D| - [0] - C:\Users\cecile\AppData\Local\{CE6D342F-3CB4-4FF9-9BD3-77146EA205E9} [05/12/2011 19:04:01] - |D| - [0] - C:\Users\cecile\AppData\Local\{D1CCC857-BDE4-44A3-9B52-B197BCA53153} [24/06/2011 09:16:57] - |D| - [0] - C:\Users\cecile\AppData\Local\{D3A8CE5C-4BFB-4389-BB6F-F65D545E38DD} [15/04/2016 12:40:39] - |D| - [0] - C:\Users\cecile\AppData\Local\{D45BC186-1C20-4B73-88D4-DDD75B9BD28B} [28/05/2016 12:26:15] - |D| - [0] - C:\Users\cecile\AppData\Local\{D4A2A14F-695A-4F20-B948-80EF0AAB2538} [08/03/2015 16:20:10] - |D| - [0] - C:\Users\cecile\AppData\Local\{D59AC1F8-E0F0-47DD-8B5C-D935BF95C211} [30/09/2015 12:42:43] - |D| - [0] - C:\Users\cecile\AppData\Local\{D6B2E2F4-683E-47B4-B3BA-6B10E6FADF2C} [18/10/2011 14:28:22] - |D| - [0] - C:\Users\cecile\AppData\Local\{D8398D20-2904-42A6-8145-9DE4916FEECC} [06/02/2014 20:44:43] - |D| - [0] - C:\Users\cecile\AppData\Local\{D8763B33-4C59-4EEE-9FB7-DB54EA5EE605} [24/02/2016 14:19:09] - |D| - [0] - C:\Users\cecile\AppData\Local\{DAEB2658-18D4-411E-BB39-48D40DC33DA3} [03/01/2014 21:53:23] - |D| - [0] - C:\Users\cecile\AppData\Local\{DD3B006B-33FF-49C4-9E1C-28BB17981020} [26/11/2015 13:42:21] - |D| - [0] - C:\Users\cecile\AppData\Local\{E38DEDCB-ED3E-4C5F-865B-3AD20212F49E} [08/08/2015 20:52:43] - |D| - [0] - C:\Users\cecile\AppData\Local\{E53A1771-58A5-4FC1-A418-7F1F7AC4CC35} [02/02/2012 13:38:04] - |D| - [0] - C:\Users\cecile\AppData\Local\{E6776BB0-CA7D-4489-8006-301F2647EA91} [01/09/2014 19:45:39] - |D| - [0] - C:\Users\cecile\AppData\Local\{E732F0E7-D4CB-4E65-99EB-E43258CB677A} [15/03/2016 13:48:36] - |D| - [0] - C:\Users\cecile\AppData\Local\{E8996FEB-CB87-4E73-92C9-1FFC38C639DB} [14/02/2016 10:17:08] - |D| - [0] - C:\Users\cecile\AppData\Local\{EB73C1BF-C249-4577-BEFB-794FC725D18A} [02/01/2014 13:55:22] - |D| - [0] - C:\Users\cecile\AppData\Local\{EDD32944-31FD-4097-9197-DEA7AD6AFCD6} [24/11/2013 16:47:17] - |D| - [0] - C:\Users\cecile\AppData\Local\{F1D2E87C-C0BE-474E-A6ED-FA005D408F07} [28/05/2016 12:25:02] - |D| - [0] - C:\Users\cecile\AppData\Local\{F32903C4-43C9-46A7-AC2D-598A6BC71E6D} [10/08/2015 09:43:02] - |D| - [0] - C:\Users\cecile\AppData\Local\{F401DB58-EDA1-49A6-9300-3DFDC196313B} [15/05/2012 14:12:43] - |D| - [0] - C:\Users\cecile\AppData\Local\{F927019F-4D57-4095-8927-69A32940826F} [03/06/2016 08:43:05] - |D| - [0] - C:\Users\cecile\AppData\Local\{FBAB5A71-BDF3-48F3-A7CB-8E38DC372937} [27/01/2013 10:12:21] - |D| - [0] - C:\Users\cecile\AppData\Local\{FEAABA21-F2C9-4120-BE7C-F27143B02106} [27/12/2011 17:14:10] - |D| - [0] - C:\Users\cecile\AppData\Local\{FF1606D4-23F7-4BF5-AD87-1A26D665A377} [17/09/2010 17:17:00] - |ASH| - [174] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [17/09/2010 12:27:42] - |SHD| - [0] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [17/09/2010 12:27:42] - |RD| - [25470] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [11/09/2012 11:43:52] - |A| - [2094] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Tableau de Bord Pack Fnac 2013.LNK [17/09/2010 12:27:42] - |D| - [14643] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [17/09/2010 17:17:00] - |RD| - [174] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/09/2010 17:17:00] - |ASH| - [476] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [16/12/2016 09:35:01] - |D| - [1066] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [11/09/2012 11:46:03] - |D| - [3579] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FNAC [19/09/2010 18:08:19] - |A| - [2380] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [13/10/2010 14:04:19] - |A| - [1433] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [17/09/2010 12:27:42] - |D| - [580] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [17/09/2010 17:17:00] - |RD| - [1139] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [07/08/2015 07:27:05] - |A| - [1139] - C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ---------- | [Public] [22/12/2010 22:39:21] - |D| - [81] - C:\Users\Public\CyberLink [14/07/2009 04:20:08] - |RHD| - [12505] - C:\Users\Public\Desktop [14/07/2009 05:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 04:20:08] - |RD| - [278] - C:\Users\Public\Documents [14/07/2009 04:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 04:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 04:20:08] - |RHD| - [3970] - C:\Users\Public\Libraries [14/07/2009 04:20:08] - |RD| - [380] - C:\Users\Public\Music [14/07/2009 04:20:08] - |RD| - [380] - C:\Users\Public\Pictures [26/06/2010 07:59:35] - |RD| - [9699328] - C:\Users\Public\Recorded TV [17/09/2010 12:29:07] - |D| - [26] - C:\Users\Public\Symantec [14/07/2009 04:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ---------- | [systemprofile] [07/07/2014 08:54:50] - |D| - [511] - C:\Users\systemprofile\AppData ---------- | C:\ProgramData [11/09/2012 11:54:51] - |A| - [441546] - C:\ProgramData\1347360478.bdinstall.bin [20/12/2016 21:07:22] - |A| - [205728] - C:\ProgramData\1482264300.bdinstall.bin [12/05/2010 18:47:37] - |D| - [216821634] - C:\ProgramData\Adobe [02/07/2013 17:40:51] - |D| - [92117190] - C:\ProgramData\albumphoto [14/07/2009 06:08:56] - |SHD| - [53742626406] - C:\ProgramData\Application Data [25/06/2010 22:39:16] - |D| - [188] - C:\ProgramData\ATI [20/12/2016 12:35:42] - |D| - [28256340] - C:\ProgramData\AVAST Software [23/10/2012 07:49:54] - |D| - [72] - C:\ProgramData\bdch [17/09/2010 13:54:31] - |A| - [246392] - C:\ProgramData\bdinstall.bin [11/09/2012 11:52:55] - |D| - [2134958] - C:\ProgramData\BDLogging [26/01/2012 20:14:19] - |D| - [12] - C:\ProgramData\boost_interprocess [17/09/2010 12:27:31] - |SHD| - [12505] - C:\ProgramData\Bureau [12/05/2010 19:08:30] - |D| - [74184] - C:\ProgramData\CyberLink [04/08/2014 08:36:30] - |D| - [8924] - C:\ProgramData\Datamngr [14/07/2009 06:08:56] - |SHD| - [12505] - C:\ProgramData\Desktop [14/07/2009 06:08:56] - |SHD| - [278] - C:\ProgramData\Documents [16/06/2015 19:59:13] - |D| - [8494030] - C:\ProgramData\Dropbox [17/09/2010 12:27:31] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [21/09/2010 13:24:52] - |D| - [12722] - C:\ProgramData\Google [12/05/2010 18:15:51] - |D| - [136836570] - C:\ProgramData\Hewlett-Packard [22/09/2010 10:35:01] - |D| - [74317703] - C:\ProgramData\HP [19/11/2010 10:23:38] - |D| - [8988] - C:\ProgramData\HP Product Assistant [22/09/2010 10:35:40] - |A| - [46416] - C:\ProgramData\hpzinstall.log [29/03/2013 15:16:26] - |D| - [2272634] - C:\ProgramData\McAfee [17/09/2010 12:27:31] - |SHD| - [316322] - C:\ProgramData\Menu Démarrer [14/07/2009 04:20:08] - |SD| - [1753070155] - C:\ProgramData\Microsoft [12/05/2010 18:02:49] - |D| - [350156] - C:\ProgramData\Microsoft Help [17/09/2010 12:27:31] - |SHD| - [0] - C:\ProgramData\Modèles [26/10/2012 17:44:11] - |D| - [38137] - C:\ProgramData\Mozilla [25/06/2010 22:26:07] - |D| - [6727199] - C:\ProgramData\Norton [25/06/2010 22:25:38] - |D| - [15337649] - C:\ProgramData\NortonInstaller [11/09/2012 11:46:00] - |D| - [1477100] - C:\ProgramData\Oodrive [04/09/2016 18:24:11] - |D| - [7371590] - C:\ProgramData\Package Cache [02/09/2014 13:00:57] - |D| - [0] - C:\ProgramData\PDF Architect 2 [08/11/2010 17:32:57] - |D| - [20913] - C:\ProgramData\Recovery [19/09/2010 18:22:06] - |D| - [257526960] - C:\ProgramData\Skype [14/07/2009 06:08:56] - |SHD| - [316322] - C:\ProgramData\Start Menu [12/05/2010 18:15:41] - |D| - [577962] - C:\ProgramData\Temp [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Templates [04/09/2016 18:25:58] - |D| - [8228] - C:\ProgramData\TrueKey [13/11/2012 17:56:10] - |D| - [8520727] - C:\ProgramData\Virtualized Applications [19/09/2010 12:38:56] - |D| - [0] - C:\ProgramData\VirtualizedApplications [22/09/2010 10:54:42] - |D| - [219] - C:\ProgramData\WEBREG [12/05/2010 17:25:34] - |D| - [1958563612] - C:\ProgramData\WildTangent [25/06/2010 22:22:02] - |A| - [32] - C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [14/02/2014 11:31:24] - |D| - [45529590] - C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} [12/05/2010 19:13:35] - |A| - [109] - C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [25/06/2010 22:21:36] - |A| - [32] - C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [12/05/2010 19:09:04] - |A| - [105] - C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [25/06/2010 22:21:05] - |A| - [32] - C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [25/06/2010 22:21:52] - |A| - [32] - C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [12/05/2010 19:08:38] - |A| - [107] - C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [12/05/2010 19:09:56] - |A| - [110] - C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [25/06/2010 22:22:07] - |A| - [105] - C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [19/11/2010 10:23:35] - |A| - [1415] - C:\ProgramData\Microsoft\Windows\Start Menu\Centre de solutions HP.lnk [14/07/2009 06:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 05:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [17/09/2010 12:27:31] - |SHD| - [311917] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 04:20:08] - |RD| - [311917] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] - |RD| - [39698] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [12/05/2010 18:48:16] - |A| - [1009] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk [14/07/2009 06:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/03/2013 15:16:02] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [20/12/2016 13:04:10] - |A| - [1043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [20/12/2016 12:53:37] - |D| - [1940] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [25/06/2010 22:15:28] - |D| - [10428] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [13/11/2012 17:44:25] - |D| - [1525] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [12/05/2010 19:08:57] - |RD| - [5574] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite [25/06/2010 22:25:31] - |RD| - [4012] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 [25/06/2010 22:24:05] - |D| - [2025] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [14/07/2009 05:54:23] - |A| - [1748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/07/2009 06:32:38] - |RD| - [74668] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [12/05/2010 19:50:28] - |D| - [34605] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [14/02/2014 11:37:59] - |D| - [2239] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [25/06/2010 22:11:52] - |D| - [1196] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager [12/05/2010 17:41:37] - |A| - [1183] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lanceur de tâches Microsoft Works.lnk [25/06/2010 22:18:47] - |RD| - [9269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling [12/05/2010 19:24:52] - |A| - [1962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Desktop.lnk [14/07/2009 04:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [25/06/2010 22:06:02] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [25/06/2010 22:19:52] - |A| - [1380] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk [13/11/2012 18:32:44] - |D| - [22261] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Student (Français) [13/03/2013 10:22:32] - |D| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [16/12/2010 10:04:42] - |D| - [2627] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works [02/07/2013 17:41:07] - |D| - [5287] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonAlbumPhoto [26/10/2012 17:44:12] - |A| - [1139] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [17/09/2010 12:28:53] - |A| - [2173] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk [29/05/2011 12:02:22] - |D| - [3600] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPDFConverter [12/05/2010 18:36:06] - |RD| - [4389] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services [20/12/2016 10:19:20] - |D| - [7615] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [01/09/2014 19:37:13] - |D| - [3468] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [12/05/2010 18:15:52] - |RD| - [4538] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager [14/07/2009 05:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [01/01/2016 09:29:19] - |D| - [2137] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [14/07/2009 04:20:08] - |RD| - [2099] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [04/09/2016 18:25:48] - |A| - [1190] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk [18/07/2011 14:34:15] - |D| - [7958] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [14/07/2009 05:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [25/06/2010 22:05:58] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 05:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [26/10/2010 16:58:24] - |RD| - [2473] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [26/10/2010 16:57:53] - |A| - [1478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [26/10/2010 16:58:22] - |A| - [1305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [26/10/2010 16:58:09] - |A| - [1374] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [14/07/2009 05:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [04/02/2011 12:31:57] - |A| - [2507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk [14/07/2009 05:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [19/11/2010 10:23:09] - |A| - [2099] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ---------- | C:\Program Files (x86) [12/05/2010 18:47:26] - |D| - [187918033] - C:\Program Files (x86)\Adobe [25/06/2010 22:13:55] - |D| - [90133449] - C:\Program Files (x86)\ATI Technologies [14/07/2009 04:20:08] - |D| - [582116633] - C:\Program Files (x86)\Common Files [12/05/2010 19:08:32] - |D| - [1730078208] - C:\Program Files (x86)\CyberLink [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [12/05/2010 19:24:27] - |D| - [104341555] - C:\Program Files (x86)\EasyBits For Kids [17/09/2010 13:52:09] - |D| - [17241608] - C:\Program Files (x86)\Fnac [21/09/2010 13:24:52] - |D| - [92123254] - C:\Program Files (x86)\Google [29/05/2011 12:02:26] - |D| - [8075602] - C:\Program Files (x86)\GPLGS [12/05/2010 16:56:30] - |D| - [416380982] - C:\Program Files (x86)\Hewlett-Packard [12/05/2010 20:13:27] - |D| - [192598001] - C:\Program Files (x86)\Hp [12/05/2010 17:25:34] - |D| - [292345513] - C:\Program Files (x86)\HP Games [12/05/2010 16:58:54] - |HD| - [182707988] - C:\Program Files (x86)\InstallShield Installation Information [25/06/2010 22:11:14] - |D| - [78488041] - C:\Program Files (x86)\Intel [14/07/2009 04:20:08] - |D| - [10534684] - C:\Program Files (x86)\Internet Explorer [12/05/2010 19:35:24] - |D| - [90971413] - C:\Program Files (x86)\Java [04/09/2016 18:23:19] - |D| - [0] - C:\Program Files (x86)\McAfee [12/05/2010 17:01:23] - |D| - [20625377] - C:\Program Files (x86)\Microsoft [17/09/2010 16:24:41] - |D| - [12039888] - C:\Program Files (x86)\Microsoft Application Virtualization Client [12/05/2010 17:41:54] - |D| - [44620513] - C:\Program Files (x86)\Microsoft Office [12/05/2010 18:05:15] - |D| - [7791803] - C:\Program Files (x86)\Microsoft Office Suite Activation Assistant [13/03/2013 10:21:17] - |D| - [42884494] - C:\Program Files (x86)\Microsoft Silverlight [12/05/2010 17:02:12] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [12/05/2010 17:41:26] - |D| - [144677054] - C:\Program Files (x86)\Microsoft Works [12/05/2010 18:04:42] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [02/07/2013 17:40:51] - |D| - [144866002] - C:\Program Files (x86)\MonAlbumPhoto [04/02/2011 12:31:57] - |D| - [9336778] - C:\Program Files (x86)\Movie Maker 2.6 [18/11/2016 08:06:04] - |D| - [97600351] - C:\Program Files (x86)\Mozilla Firefox [26/10/2012 17:44:11] - |D| - [323666] - C:\Program Files (x86)\Mozilla Maintenance Service [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [25/06/2010 22:19:06] - |D| - [1161160] - C:\Program Files (x86)\MSN Toolbar Installer [23/09/2010 09:17:18] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [07/07/2014 08:54:34] - |D| - [7070720] - C:\Program Files (x86)\Music Toolbar [29/05/2011 12:02:21] - |D| - [11785270] - C:\Program Files (x86)\MyPDFConverter [25/06/2010 22:26:07] - |D| - [69104682] - C:\Program Files (x86)\Norton Internet Security [25/06/2010 22:25:38] - |D| - [1836696] - C:\Program Files (x86)\NortonInstaller [12/05/2010 17:25:34] - |RD| - [20839701] - C:\Program Files (x86)\Online Services [17/09/2010 19:09:25] - |D| - [0] - C:\Program Files (x86)\Oodrive [25/06/2010 22:10:36] - |D| - [15729141] - C:\Program Files (x86)\Realtek [14/07/2009 06:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [19/09/2010 18:22:18] - |RD| - [85152973] - C:\Program Files (x86)\Skype [25/06/2010 22:13:02] - |HD| - [0] - C:\Program Files (x86)\Temp [14/07/2009 05:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [11/11/2010 18:47:33] - |D| - [188477662] - C:\Program Files (x86)\VideoLAN [14/07/2009 06:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [12/05/2010 17:00:50] - |D| - [146221717] - C:\Program Files (x86)\Windows Live [14/07/2009 04:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 06:32:38] - |D| - [5336849] - C:\Program Files (x86)\Windows Media Player [14/07/2009 04:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 06:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [6352982] - C:\Program Files (x86)\Windows Sidebar [22/09/2010 10:45:00] - |D| - [84204] - C:\Program Files (x86)\Yahoo! ---------- | C:\Program Files [25/06/2010 22:13:56] - |D| - [23099903] - C:\Program Files\ATI [20/12/2016 12:37:21] - |D| - [973472188] - C:\Program Files\AVAST Software [11/09/2012 11:48:10] - |D| - [0] - C:\Program Files\Bitdefender [25/06/2010 22:08:50] - |D| - [12600020] - C:\Program Files\Broadcom [13/11/2012 17:44:21] - |D| - [10533552] - C:\Program Files\CCleaner [14/07/2009 04:20:08] - |D| - [65111672] - C:\Program Files\Common Files [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 06:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker [17/09/2010 12:27:31] - |SHD| - [65111672] - C:\Program Files\Fichiers communs [27/08/2012 08:10:27] - |D| - [2275544] - C:\Program Files\Google [12/05/2010 16:56:28] - |D| - [7762513] - C:\Program Files\Hewlett-Packard [04/09/2016 18:25:21] - |D| - [22612] - C:\Program Files\Intel [04/09/2016 18:25:00] - |D| - [128578616] - C:\Program Files\Intel Security [14/07/2009 04:20:08] - |D| - [30570892] - C:\Program Files\Internet Explorer [12/05/2010 19:35:33] - |D| - [79722645] - C:\Program Files\Java [14/07/2009 06:32:38] - |D| - [149237810] - C:\Program Files\Microsoft Games [12/05/2010 18:03:05] - |D| - [1612463] - C:\Program Files\Microsoft Office [13/03/2013 10:21:17] - |D| - [55714702] - C:\Program Files\Microsoft Silverlight [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files\MSBuild [20/12/2016 10:19:14] - |D| - [38751239] - C:\Program Files\PDFCreator [25/06/2010 22:13:10] - |D| - [25382016] - C:\Program Files\Realtek [14/07/2009 06:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies [25/06/2010 22:10:25] - |D| - [76708876] - C:\Program Files\Synaptics [04/09/2016 18:12:02] - |D| - [122779236] - C:\Program Files\TrueKey [14/07/2009 06:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [14/07/2009 06:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [26/10/2010 16:56:48] - |D| - [43896] - C:\Program Files\Windows Live [14/07/2009 04:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 06:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 04:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 06:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [12155040] - C:\Program Files\Windows Sidebar ---------- | C:\Program Files (x86)\Common Files [12/05/2010 18:47:26] - |D| - [10844451] - C:\Program Files (x86)\Common Files\Adobe [12/05/2010 18:48:10] - |D| - [31787256] - C:\Program Files (x86)\Common Files\Adobe AIR [20/12/2016 12:51:16] - |D| - [886088] - C:\Program Files (x86)\Common Files\AV [25/06/2010 22:25:25] - |D| - [138024] - C:\Program Files (x86)\Common Files\CyberLink [15/05/2014 19:37:07] - |D| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER [22/09/2010 10:41:46] - |D| - [997653] - C:\Program Files (x86)\Common Files\Hewlett-Packard [19/11/2010 10:22:50] - |D| - [1408164] - C:\Program Files (x86)\Common Files\HP [12/05/2010 16:58:51] - |D| - [3990558] - C:\Program Files (x86)\Common Files\InstallShield [25/06/2010 22:18:47] - |D| - [36075526] - C:\Program Files (x86)\Common Files\LightScribe [04/09/2016 18:23:18] - |D| - [1844304] - C:\Program Files (x86)\Common Files\McAfee [14/07/2009 04:20:08] - |D| - [101908252] - C:\Program Files (x86)\Common Files\microsoft shared [25/06/2010 22:11:20] - |D| - [166332] - C:\Program Files (x86)\Common Files\postureAgent [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/11/2016 05:30:16] - |D| - [2581120] - C:\Program Files (x86)\Common Files\Skype [14/07/2009 04:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [14/07/2009 04:20:08] - |D| - [16572555] - C:\Program Files (x86)\Common Files\System [12/05/2010 16:59:48] - |D| - [331709873] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [04/09/2016 18:23:20] - |D| - [4235856] - C:\Program Files\Common files\AV [17/09/2010 13:54:35] - |D| - [0] - C:\Program Files\Common files\BitDefender [06/09/2016 10:35:28] - |D| - [6713800] - C:\Program Files\Common files\Intel [04/09/2016 18:23:19] - |D| - [4426758] - C:\Program Files\Common files\McAfee [14/07/2009 04:20:08] - |D| - [36933593] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 04:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 04:20:08] - |D| - [12190195] - C:\Program Files\Common files\System ---------- | Tasks [MD5.0781381A4D2E56A0A1A26FFAF8A61004] - [02/04/2012 13:33:29] - |A| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.8B3D235BF0B3F5217C314A02B6816F74] - [16/06/2015 19:59:13] - |A| - [1148] - C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000Core.job [MD5.0B631B1931D50739C9FC1ABD4E3FDF24] - [16/06/2015 19:59:14] - |A| - [1200] - C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000UA.job [MD5.8F743155115748D77535B0ACB1ABE38B] - [27/08/2012 08:10:13] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.37765F0E807A7729D3CA863D5DF4C6A0] - [27/08/2012 08:10:14] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.1D2AD6D4BF104533E06819ED4D9718A2] - [19/09/2010 18:07:21] - |A| - [1030] - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000Core.job [MD5.3DF84BCC45ACE4CF974C0EB4F6013FCE] - [19/09/2010 18:07:22] - |A| - [1082] - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000UA.job [MD5.047C643453B7E3B30426F9BE49B123DD] - [20/12/2016 12:11:16] - |A| - [336] - C:\Windows\Tasks\HPCeeScheduleForcecile.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 06:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.1DB9067C54B28B17A1668F91F2133A62] - [14/07/2009 06:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.95D2F4DD5F0970D49CCABFE8B0D3156C] - [25/12/2014 09:50:08] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.0127D28237FC0403631E7DDE49D56E62] - [02/04/2012 13:33:30] - |A| - [4050] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.3CF82558085F9E79549468CAB4628F4D] - [20/12/2016 12:51:05] - |A| - [3922] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.CCF4A48F04CA545B6FB75770E9AB54A0] - [13/11/2012 17:44:26] - |A| - [2774] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.452AC54E184D295E6687E00654FCABF1] - [19/09/2010 09:46:34] - |A| - [3650] - C:\Windows\System32\Tasks\CreateChoiceProcessTask : C:\Windows\System32\browserchoice.exe [MD5.DDE63123DE4B8DA28F87FB67D9D6A90E] - [16/06/2015 19:59:14] - |A| - [3776] - C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000Core : C:\Users\cecile\AppData\Local\Dropbox\Update\DropboxUpdate.exe [MD5.9B414C580C938A00CB934625BDA3BBD3] - [16/06/2015 19:59:14] - |A| - [4172] - C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000UA : C:\Users\cecile\AppData\Local\Dropbox\Update\DropboxUpdate.exe [MD5.E4B37D3E8959EE69409E9E26E97A75DB] - [27/08/2012 08:10:13] - |A| - [3924] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.51587A0F23077E02B841322D815A2B03] - [29/07/2016 06:59:54] - |A| - [3372] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e95e6db67ffc : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.7A90D9544837FAAB347FEDAF3F38BA03] - [27/08/2012 08:10:14] - |A| - [4176] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.64B72A32425C00D091B0EFDCCB9E9A5B] - [29/07/2016 06:59:55] - |A| - [3500] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e95e6de44768 : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.07CA2E35881041A2BED61C21F1AA95EA] - [19/09/2010 18:07:21] - |A| - [3768] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000Core : C:\Users\cecile\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.E1B16D36E3D29B9116E63616F8D1D46C] - [29/07/2016 06:59:38] - |A| - [3408] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000Core1d1e95e6401c4ea : C:\Users\cecile\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.18B423044B1D393D4DD573BF837731F8] - [19/09/2010 18:07:22] - |A| - [4164] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000UA : C:\Users\cecile\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.DD1A4A8A5B90ED3AF4F0595A1F90C404] - [29/07/2016 06:59:39] - |A| - [3680] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1971661368-2378366175-2141996692-1000UA1d1e95e647b3c72 : C:\Users\cecile\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [12/05/2010 20:01:26] - |D| - [21036] - C:\Windows\System32\Tasks\Hewlett-Packard [MD5.F1CFB65A1D3D02D2DFF754445A0C07BB] - [20/12/2016 12:11:17] - |A| - [3188] - C:\Windows\System32\Tasks\HPCeeScheduleForcecile : C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:13] - |D| - [280636] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [17/09/2010 20:55:16] - |D| - [4502] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.6DB50821E49A141A13C13A2B76953DD7] - [20/12/2016 13:04:22] - |A| - [3918] - C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1482235396 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.9772B74403057B7EAA1701C101D29AB1] - [17/09/2010 17:16:42] - |A| - [3560] - C:\Windows\System32\Tasks\ServicePlan : "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" [MD5.E22D4D7E904B6A5CADE6FFC5080BF8D4] - [19/09/2010 09:29:04] - |A| - [4054] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{D4C17B2D-1D1E-4F8C-9C0D-9995E88DD85C} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [14/07/2009 06:09:57] - |D| - [4482] - C:\Windows\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{656A8AD7-87A5-4C93-B79A-2DC2CD80FD69}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200|Edge=TRUE| "{A2B8AEBA-0C66-49BA-A4FC-FDE335C3AE59}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Windows Live Messenger (UPnP-In)|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200| "{7CC6CB72-C5ED-4732-BA26-38120665A25F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=svchost.exe|Svc=ssdpsrv|Name=Windows Live Messenger (SSDP-In)|EmbedCtxt=@C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll,-4200| "{1B6FEDD6-DD17-420D-8B78-D4F0C7AFE65A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe|Name=Windows Live FolderShare| "{4D167B6C-4D2D-4BD0-9141-DD6F0D4B3F34}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe|Name=My First Browser| "{F91A7046-9E06-4F28-8FC6-946679685CA0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe|Name=My First Browser| "{5E1D6ED9-F4DD-465C-AC71-BFEC5E70E848}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE|Name=CyberLink PowerDVD 9.0|Desc=CyberLink PowerDVD 9.0| "{0657F2F8-A9BB-46F0-A3D8-70282ED66753}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "{0697BD3E-A585-4856-936A-3C227CA011E2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=427|RPort=427|App=C:\Windows\system32\svchost.exe|Svc=HPSLPSVC|Name=SLP_Service|Desc=SLP_Service| "{5A1AC730-176A-466F-A007-32F1BB1F3E16}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe|Name=hpqtra08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe| "{46905EC2-4DCB-4BB0-87BA-896FA428A773}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe|Name=hpqste08.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe| "{5EDEFB0B-4041-40D3-A5A6-A67B6E238872}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe|Name=hposid01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe| "{FD9657A0-B484-4CD0-93B1-E2DCE22B98E6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe|Name=hpqkygrp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe| "{64FBDB93-C1AE-4197-837C-743F65D08734}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe|Name=hpfccopy.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe| "{921CB617-4223-4B21-8A22-E9B726028A43}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe|Name=hpoews01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe| "{A51B4A06-B347-40C7-A234-351C57F9C524}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe|Name=hpiscnapp.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe| "{D0DE326D-F06F-47F0-B8FA-8E3A6E12D35B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe|Name=hpqgplgtupl.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe| "{844A8124-B79E-421E-B756-B8FE3A091757}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe|Name=hpqgpc01.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe| "{B9538981-31EF-41EE-85D4-BF48AE89A4C5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe|Name=hpqusgm.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe| "{F2619A8F-2A89-459A-9C4B-1A7FEF43E235}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe|Name=hpqusgh.exe|Desc=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe| "{9ED79AC4-24A9-4EE7-A54F-642F8BFBC524}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\hp software update\hpwucli.exe|Name=hpwucli.exe|Desc=C:\Program Files (x86)\HP\hp software update\hpwucli.exe| "{6D7D8A1C-87AA-4286-A6A2-A450589C7090}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe|Name=smartwebprintexe.exe|Desc=C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe| "{166CB843-16BE-4DB0-ABAF-7094744B1EBF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{AB420D83-8476-433C-A1B0-A9D253A3E78E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{46B5FD3A-602F-4650-BE43-030212847DF0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "TCP Query User{C9873A69-981F-441D-8019-DB744050D5F5}C:\program files (x86)\internet explorer\iexplore.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\internet explorer\iexplore.exe|Name=Internet Explorer|Desc=Internet Explorer| "UDP Query User{F3836E85-8066-4C3C-99C0-E1AC62599C9C}C:\program files (x86)\internet explorer\iexplore.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\internet explorer\iexplore.exe|Name=Internet Explorer|Desc=Internet Explorer| "{D6B00DB5-4E92-4CDE-934F-28BFF74B6C3F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\cecile\AppData\Local\Temp\7zS332E\setup\hpznui40.exe|Name=hpznui40.exe|Desc=C:\Users\cecile\AppData\Local\Temp\7zS332E\setup\hpznui40.exe| "{CB4667E3-9B63-4064-A9B2-D8ABF8CE5B5D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe|Name=DTX broker| "{CB67BC78-94C9-4FBC-854D-E188F1278318}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe|Name=DTX broker| "{86400DB3-45EA-400B-A648-D60FF01657A7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\cecile\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{A9A2504B-3ED3-44DE-B52C-E930AA0623F4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\cecile\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{FA1C0264-1B2E-407B-B2DA-34051FA65B52}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{E1070AD6-A451-43B6-AED9-FE99946AD17B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{9CFB1008-BC0F-4920-BE55-4452C8E89592}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{B031A3DA-B0EA-4DED-B726-017172E57C96}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{894A8865-5A06-452F-8CA4-D845BDE06C42}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{E87DD188-03A6-4E3E-80A6-2E393CCE6A24}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~3\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{67660E9E-2E9C-4C78-B872-13F8A24EEEF4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~3\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{62051823-3D92-47FC-85E3-2F13FE8AFD71}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~4\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{D03007BD-5D8F-4992-ACB6-86C67CC45B06}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~4\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{12BBBD53-DCA3-48B3-9AFA-A692CDD87E48}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~1\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{87ADBEBF-81D4-4621-BE23-A89282950D13}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~1\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{FFD162E2-D51F-4BCA-AF44-04C4AAEF1300}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~2\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{EA78B615-0BF1-4FBB-A5A9-89F201EC4E97}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~2\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{7E5AB6B2-7E8D-4673-A054-CE0D6901AF4A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~3\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{A5628BE8-C964-4CF2-A487-9A90757BDC80}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~3\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{7170AA87-5689-4A43-B9E7-951CFDF1DB64}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~4\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{263D3AA3-45E9-401D-AD68-8C40AD5EB57A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~4\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{66B60AF1-8B5D-40E2-8CE3-BD5187FE20A2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~5\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{1F28793B-394C-47F4-BE49-7D13C0F9DB02}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~5\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{934F2F81-8DC9-4777-87E7-9CBD2A216DA1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~6\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{C0255ED7-57A7-4B90-B555-5C49D39376F2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~6\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{46365DAE-CF27-4A88-8C82-891E14BF9ACD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~7\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{F25F186F-22BE-4151-A9C3-04BE767A11E2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~7\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{CCD37DDE-90D6-4DDB-B74B-3ACCF2807368}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~8\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{F852163D-D8E7-467E-AE75-DA1465EAB627}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~8\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{96118AC6-80E7-48C6-9144-B58B2495836B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~9\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{1F85B023-661B-4E63-A1FD-EA367C4E4E06}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE8~9\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{E8D03F44-B8D9-421F-AABE-C32F98A5541E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~10\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{E53A534E-93E5-4F08-8164-C1B90836E19B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~10\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{3401F3FE-1C40-4C13-A3E1-5E035BB9529D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~11\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{ABD6ADEE-FDCE-47DD-9B3C-C07CA102AAE5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~11\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{3031A050-C2C8-439C-9778-F728DCDB7DA6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~12\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{653ABB3E-2F9A-431A-BBAE-70E4CB7083FA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~12\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{72324675-DBF6-4B30-A174-A445836A7AB6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~13\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{B6F22288-D8B3-482E-96A1-390B7BABDE9F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~13\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{EE356E6B-B9F7-4EF7-AEF0-FB9FFE5C28A4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~14\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{9FBF35D1-FBA2-44DA-82C0-38E256F6D357}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~14\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{B9536286-8F22-40D7-8CC4-017D75F1459D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~15\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{A2517858-5A34-46DC-83B3-49DBFA7A119F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~15\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{A67FA509-FA24-4548-9674-E12FA6AF10FE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~16\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{32CC4E45-E7BC-4A9E-A059-B173929FF6AA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~16\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{C0D7D620-2092-4242-9326-E6509D97127D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~17\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{9B9534F2-2907-4022-A8EB-E27F81FFC76B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~17\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{B70BFBFE-23E9-464E-80CA-EF652AA8A3C6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~18\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{D8763877-E80F-4013-B515-F69D20C773E5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~18\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{DDCE3AA6-A16A-4509-87F1-B09256F1363E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~19\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{6E71EC31-F526-423B-A77B-6FE33F4D5565}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~19\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{04CCFCE7-0234-4216-B1B6-0A59187A2719}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~20\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{4A5A2718-A816-407A-ADA1-C9E670882603}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~20\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{24C31C44-A9CA-4F53-9CDE-D633F4209B57}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~21\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{E709F2FC-CD9F-414E-8A8A-499007036EE4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~21\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{5BD82BAB-82E4-48C3-B623-E053489F8754}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~22\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{892A514D-0766-45B6-BF66-C59CD4C7F1DC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~22\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{F1CF85DD-96EE-4928-96E8-7460848B91C0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~23\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{43D6ECA7-4F82-466E-893D-21F741AAF847}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~23\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{85EFF9A1-591E-4520-A2A8-C6EBF452B7F5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~24\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{7CEDBCDC-12DA-41A8-8894-6FA59724C8BF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~24\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{A61F941F-EADE-495F-8C2A-73DEF4C08053}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~25\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{14415F0E-F735-4942-A5FA-80233C2E37EB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~25\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{2F237EDF-C6F5-4AA6-8F9E-06BD1AE5CDED}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~26\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{AA229EC7-7D00-449D-AE60-687B033D8870}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~26\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{A3DDA09C-9529-40D0-95D0-7FE7A5D2FC3F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~27\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{EA0199C8-B06A-4E0B-ABDB-C2BC18344859}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~27\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{04ED099C-FB7A-4A1A-B916-766B882E51CB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~28\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{50AD6207-D92D-4D53-93C5-F603BC34A7E4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~28\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{889D59D4-B924-4AA0-9A94-DB0AFA7F4CBC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~29\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{FAF5363D-A4C9-4A3A-B226-799B7CB5C237}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~29\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{56852A5F-905B-4783-8222-F962D776CB21}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~30\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{52CB1C20-DD4C-4433-949C-877487E678A6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~30\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{15EB6667-DBB9-4722-BC3D-9CBEDBCAAFC9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~31\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{96AF00B5-4FB2-495C-A9EA-2563EBC163C0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~31\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{F501707C-BA0E-4B60-A814-D05A0F726060}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~32\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{BE552EA4-46EA-42AC-A2F2-7B91B71F2CFD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~32\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{478F773E-E59E-4C53-A735-7B419F85AB5D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~33\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{E7BDF11E-83D7-443A-B975-1EC8227C1A34}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~33\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{A8CE8CDC-C6BC-4063-9656-2170DE586AE5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~34\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{235694EE-F4A6-43D4-9F5E-6D5CCDA0D60C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~34\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{C5395E29-44E5-438B-AC62-D734EBA3CBAE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~35\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{D04C6BB5-5FC8-4933-9025-A15017588AB0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~35\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{C1E50F7F-B810-41A3-B181-1D896E5B5B18}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~36\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{3E757DDD-0978-44CA-ADAA-26C2DFA78AA7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~36\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{AE8E14B6-6710-4F73-887C-E62082EEBDE8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~37\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{36CD1F1E-0EBE-4E7E-9EDC-F8CD6563EB36}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~37\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{FCCE498A-2EFB-4A45-A519-3767A8A149EF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~38\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{D401A3AB-8E3E-4191-B9D5-EDECD5352E4F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~38\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{842ECF67-14C7-476F-876D-89B7922BB433}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~39\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{FE6AC240-B967-4C33-9F9D-596BD73E9B2F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~39\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{72B233B0-27DA-4C97-A51E-480BA197D707}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~40\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{1E22B5E7-744E-46C2-ABA0-97EB04AACF7F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Music Toolbar\Datamngr\SR0DE~40\IE\dtUser.exe|Name=Music Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker| "{C10E0046-359B-461D-8431-17A948D93F8A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\cecile\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{A2654D43-4649-4F2C-A864-79D6DC051AD1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\cecile\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{C46EB574-844B-4054-8899-65C5638C608B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{9EE91788-0155-44AB-BAFF-56789AD0EA3A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{834D6D65-68C6-474D-B9D9-1E11B9A89AE6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{1ED6A28D-F203-4BF3-B1BF-B584DE907159}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{48414179-100F-4568-A535-4AEB6132EF38}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe|Name=HP Device Detection| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{46A67E6F-EDE7-4912-B18A-EEC09DF6695B}] : (InitioComboClass) [] -> @oem20.inf,%INI_DEVCLASS%;Initio Combo Device Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5A46010E-C74B-4CB1-A041-D22759FE9F9C}] : (Sftplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496E87E-C0A1-4102-9D8D-BD9A9B8B07A9}] : (WDC_SAM) [] -> @oem25.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C30ECEA0-11EF-4EF9-B02E-6AF81E6E65C0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;Fournisseur d’impression WSD [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [14/10/2011 03:37:44] - (15.3.29.0) - (Synaptics Incorporated - Synaptics Touchpad Driver) - C:\Windows\system32\DRIVERS\SynTP.sys [10/03/2016 11:08:05] - (5.1.2.247) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - aswRvrt (avast! Revert) -> (?) R0 - aswVmm (avast! VM Monitor) -> (?) R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Compbatt (Pilote de batterie composite Microsoft) -> system32\DRIVERS\compbatt.sys R0 - Disk (Pilote de disque) -> system32\drivers\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStor (Intel AHCI Controller) -> system32\DRIVERS\iaStor.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msahci () -> system32\drivers\msahci.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - spldr (Security Processor Loader Driver) -> (?) R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wd (Pilote du Minuteur de surveillance Microsoft) -> system32\DRIVERS\wd.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> \SystemRoot\system32\DRIVERS\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - Msfs () -> (?) R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - AERTFilters (Andrea RT Filters Service) -> C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe R2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys R2 - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - cvhsvc (Client Virtualization Handler) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - ezSharedSvc (Easybits Services for Windows) -> C:\Windows\System32\ezSharedSvcHost.exe R2 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - HP Support Assistant Service (HP Support Assistant Service) -> "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" R2 - HP Wireless Assistant Service (HP Wireless Assistant Service) -> "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe" R2 - hpqddsvc (Service HP CUE DeviceDiscovery) -> %SystemRoot%\system32\svchost.exe -k hpdevmgmt R2 - HPSLPSVC (HP Network Devices Support) -> %SystemRoot%\system32\svchost.exe -k HPService R2 - HPWMISVC (HPWMISVC) -> C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe R2 - IAANTMON (Intel(R) Matrix Storage Event Monitor) -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - InstallerService (Service Installer TrueKey) -> C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - LightScribeService (LightScribeService Direct Disc Labeling Service) -> "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - LMS (Intel(R) Management and Security Application Local Management Service) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys R2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork S2 - msiserver (@%SystemRoot%\system32\msimsg.dll,-27) -> %systemroot%\system32\msiexec.exe /V R2 - Net Driver HPZ12 () -> %SystemRoot%\System32\svchost.exe -k HPZ12 R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Pml Driver HPZ12 () -> %SystemRoot%\System32\svchost.exe -k HPZ12 R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SeaPort (SeaPort) -> "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - sftlist (Application Virtualization Client) -> "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - TrueKey (Intel Security True Key) -> "C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe" R2 - TrueKeyScheduler (Intel Security True Key Scheduler) -> "C:\Program Files\TrueKey\McTkSchedulerService.exe" R2 - UNS (Intel(R) Management & Security Application User Notification Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Wlansvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wlidsvc (Windows Live ID Sign-in Assistant) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs ---------- | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 21:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 22:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 22:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.98022774D9930ECBB292E70DB7601DF6] - [10/06/2009 22:01:06] - (.Copyright © LSI Corp 2005-2008 - SoftModem Device Driver.) - [1120 Ko] - (2.2.89.2) - C:\Windows\System32\Drivers\agrsm64.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 00:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 00:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [07/05/2011 11:57:18] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 21:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [07/05/2011 11:57:14] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 22:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 22:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.9B480B472D6826E7257C90E2D0EE2954] - [20/12/2016 12:50:34] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswHwid.sys [MD5.06362BBA1347CBA0996F4B39BB1D8353] - [20/12/2016 13:01:06] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswKbd.sys [MD5.1BB00571CC2C78463ABD7E9C32970758] - [20/12/2016 12:50:35] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [106.27 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswMonFlt.sys [MD5.7010B57D708DA5C9686A5923EE621776] - [20/12/2016 12:50:30] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswRdr2.sys [MD5.937885085BFE5BD08EC1BC0245DD203B] - [20/12/2016 12:50:35] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswRvrt.sys [MD5.0B6352251C5D84130DF4252D33D266C2] - [20/12/2016 12:50:26] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [946.47 Ko] - (12.3.3154.8) - C:\Windows\System32\Drivers\aswsnx.sys [MD5.28213B34725B18387CC1B8C3D73858A1] - [20/12/2016 12:50:35] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [501.59 Ko] - (12.3.3154.8) - C:\Windows\System32\Drivers\aswsp.sys [MD5.9C58B6E9663D0A76D00D83E43C765BDF] - [20/12/2016 12:50:36] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [159.59 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswStm.sys [MD5.D60D9201739400F0FBDB9E36A3212D91] - [20/12/2016 12:50:36] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [286.48 Ko] - (12.3.3154.16) - C:\Windows\System32\Drivers\aswvmm.sys [MD5.77C149E6D702737B2E372DEE166FAEF8] - [28/01/2010 18:33:38] - (.Copyright (c) 2004-2010 ATI Technologies Inc. - ATI High Definition Audio Function Driver.) - [114 Ko] - (7.11.0.7703) - C:\Windows\System32\Drivers\AtiHdmi.sys [MD5.D1D06810BF7E21F5763EB06CB7E7262B] - [03/03/2010 08:23:12] - (.Copyright (C) 1998-2006 ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - [6252.5 Ko] - (8.1.1.1010) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.6BA71D6616B56816E57394D77DD1BB6F] - [03/03/2010 07:07:34] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [184.5 Ko] - (8.14.1.6099) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.D1D06810BF7E21F5763EB06CB7E7262B] - [03/03/2010 08:23:12] - (.Copyright (C) 1998-2006 ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - [6252.5 Ko] - (8.1.1.1010) - C:\Windows\System32\Drivers\atipmdag.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 21:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.35756E37D5FDEE22FBF27090A14FE608] - [25/06/2010 22:08:50] - (.1998-2010, Broadcom Corp. All Rights Rsvd - Broadcom 802.11 Network Adapter wireless driver.) - [2986.49 Ko] - (5.60.48.35) - C:\Windows\System32\Drivers\BCMWL664.SYS [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 02:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 02:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 02:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 02:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 02:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 02:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 21:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 00:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 21:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 21:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [13/07/2009 23:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.B6AC71AAA2B10848F57FC49D55A651AF] - [17/09/2009 22:54:54] - (.Copyright © 2006-2009, Intel Corporation. - Intel(R) Management Engine Interface.) - [55.02 Ko] - (6.0.0.1179) - C:\Windows\System32\Drivers\HECIx64.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [22/06/2011 08:52:04] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.BE7D72FCF442C26975942007E0831241] - [25/06/2010 22:11:38] - (.Copyright(C) Intel Corporation 1994-2009 - Intel Matrix Storage Manager driver - x64.) - [400.02 Ko] - (8.9.4.1004) - C:\Windows\System32\Drivers\iaStor.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [07/05/2011 11:57:13] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.90AFAB2B5962B1CD5BB23320675D6174] - [03/03/2010 07:08:12] - (.Copyright (c) 1998-2006 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [7659.22 Ko] - (8.15.10.2082) - C:\Windows\System32\Drivers\igdkmd64.sys [MD5.90AFAB2B5962B1CD5BB23320675D6174] - [03/03/2010 07:08:12] - (.Copyright (c) 1998-2006 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [7659.22 Ko] - (8.15.10.2082) - C:\Windows\System32\Drivers\igdpmd64.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 22:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.4B6363CD4610BB848531BB260B15DFCC] - [11/02/2010 00:02:00] - (.Copyright(C) 2008 Intel Corporation - Intel(R) Turbo Boost Technology Driver.) - [155 Ko] - (1.1.1.1007) - C:\Windows\System32\Drivers\Impcd.sys [MD5.2F9F76349BB8C578873A58C840BA0589] - [10/03/2010 08:16:36] - (.Initio Corporation. - Initio Default Vendor Specific Device Driver.) - [29.02 Ko] - (2.13.2009.128) - C:\Windows\System32\Drivers\ivusb.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 22:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 22:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 22:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 22:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 21:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 22:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.64428DFDAF6E88366CB51F45A79C5F69] - [10/06/2009 21:35:28] - (.Copyright © Intel Corporation 2009 - Intel® Wireless WiFi Link Driver.) - [5307 Ko] - (12.4.1.4) - C:\Windows\System32\Drivers\netw5v64.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 22:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [07/05/2011 11:57:18] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [07/05/2011 11:57:18] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 21:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 22:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.777FC2C418465404E3D8A290DC247D24] - [25/06/2010 22:10:39] - (.Copyright (C) 2009 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [288.5 Ko] - (7.11.1127.2009) - C:\Windows\System32\Drivers\Rt64win7.sys [MD5.E76FDFFF07F8A2FA81FF250DDA0F6BBA] - [25/06/2010 22:13:03] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [2237.91 Ko] - (6.0.1.6066) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.483DF0B58CA532E5240E59DC41F30AA2] - [25/06/2010 22:12:52] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [220 Ko] - (6.1.7600.30105) - C:\Windows\System32\Drivers\RtsUStor.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 03:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - [14/07/2009 01:00:40] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 21:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 22:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.1D8F61346A123CC5CDE7E2AABB7DFEE0] - [20/12/2016 12:51:39] - (.-.) - [43.9 Ko] - (8.0.4624.2183) - C:\Windows\System32\Drivers\staport.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 22:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.AC3CC98B1BDB6540021D3FFB105AC2B9] - [14/10/2011 03:37:44] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics Touchpad Driver.) - [387.55 Ko] - (15.3.29.0) - C:\Windows\System32\Drivers\SynTP.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 00:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 21:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.0C4540311E11664B245A263E1154CEF8] - [13/07/2009 23:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_HWAZL WDM driver.) - [286 Ko] - (7.80.2.0) - C:\Windows\System32\Drivers\VSTAZL6.SYS [MD5.18E40C245DBFAF36FD0134A7EF2DF396] - [13/07/2009 23:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_CNXT driver.) - [723.5 Ko] - (7.80.2.0) - C:\Windows\System32\Drivers\VSTCNXT6.SYS [MD5.02071D207A9858FBE3A48CBFD59C4A04] - [13/07/2009 23:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_DP driver.) - [1450.5 Ko] - (7.80.2.0) - C:\Windows\System32\Drivers\VSTDPV6.SYS [MD5.D0335A55E5C3F812548E18300C2ACB62] - [29/04/2015 23:01:06] - (.(C) 2006-2008 Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) - [22.66 Ko] - (1.0.7.2) - C:\Windows\System32\Drivers\wdcsam64.sys [MD5.B3EEACF62445E24FBB2CD4B0FB4DB026] - [10/06/2009 21:35:33] - (.©Copyright 2002-2008 Marvell®. - Miniport Driver for Marvell Yukon Ethernet Controller..) - [380 Ko] - (11.0.5.3) - C:\Windows\System32\Drivers\yk62x64.sys [MD5.483DF0B58CA532E5240E59DC41F30AA2] - [25/06/2010 22:12:53] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [220 Ko] - (6.1.7600.30105) - C:\Windows\Syswow64\Drivers\RtsUStor.sys ---------- | Uninstall [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Users\cecile\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe" /InstallType:USER [HKU\S-1-5-21-1971661368-2378366175-2141996692-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Users\cecile\AppData\Local\Google\Chrome\Application\55.0.2883.87\Installer\setup.exe" --uninstall --multi-install --chrome [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Broadcom 802.11 Wireless LAN Adapter] : (Broadcom 802.11 Wireless LAN Adapter.-.Broadcom Corporation) -> "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Imaging Device Functions] : (HP Imaging Device Functions 14.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Smart Web Printing] : (HP Smart Web Printing 4.60.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools] : (HP Solution Center 14.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HPExtendedCapabilities] : (HP Customer Participation Program 14.0.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Shop for HP Supplies] : (Shop for HP Supplies.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SynTPDeinstKey] : (Synaptics Pointing Device Driver.-.Synaptics Incorporated) -> rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TrueKey] : (Intel Security True Key.-.Intel Security) -> C:\Program Files\TrueKey\Mcafee.TrueKey.Uninstaller.Exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.pdfforge GmbH) -> C:\Program Files\PDFCreator\unins000.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{10F539B1-31AF-43BF-9F0C-0EB66E918922}] : (HP Quick Launch.-.Hewlett-Packard) -> MsiExec.exe /I{10F539B1-31AF-43BF-9F0C-0EB66E918922} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416017FF}] : (Java(TM) 6 Update 17 (64-bit).-.Sun Microsystems, Inc.) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416017FF} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{37D41A97-6B02-4C30-8753-85107BE1D674}] : (Intel® RealSense™ SDK 2014 Runtime (x64): Core.-.Intel Corporation) -> MsiExec.exe /X{37D41A97-6B02-4C30-8753-85107BE1D674} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{48C0866E-57EB-444C-8371-8E4321066BC3}] : (Network64.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55A4978B-CC3A-E5C2-5567-95B70A1D1432}] : (ccc-utility64.-.ATI) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}] : (Intel® Matrix Storage Manager.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{955B5283-24A6-42E6-B81D-C6854EBBE041}] : (HP Wireless Assistant.-.Hewlett-Packard) -> MsiExec.exe /X{955B5283-24A6-42E6-B81D-C6854EBBE041} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BE930E38-7BB3-45B6-85B2-5251F374F844}] : (64 Bit HP CIO Components Installer.-.Hewlett-Packard) -> MsiExec.exe /I{BE930E38-7BB3-45B6-85B2-5251F374F844} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9083B9D-9092-FF22-DDCC-9776E69BE816}] : (ATI Catalyst Install Manager.-.ATI Technologies, Inc.) -> msiexec /q/x{C9083B9D-9092-FF22-DDCC-9776E69BE816} REBOOT=ReallySuppress [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}] : (HP Photosmart Premium C309g-m All-in-One Driver Software 14.0 Rel. 6.-.HP) -> C:\Program Files (x86)\HP\Digital Imaging\{CCD42CCF-9AFF-4BC5-862A-38CCD3C8E8F8}\setup\hpzscr40.exe -datfile hposcr41.dat -onestop -forcereboot [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Inc.) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 24 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 24 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FnacSynchro] : (FnacSynchro.-.FNAC) -> C:\Program Files (x86)\FNAC\FnacSynchro\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HP Smart Web Printing] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}] : (CyberLink YouCam.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] : (CyberLink DVD Suite.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}] : (Power2Go.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}] : (CyberLink PowerDVD 9.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (LabelPrint.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}] : (PowerDirector.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}] : (PhotoNow!.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\monAlbumPhoto_is1] : (monAlbumPhoto.-.monAlbumPhoto) -> "C:\Program Files (x86)\MonAlbumPhoto\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 50.1.0 (x86 fr)] : (Mozilla Firefox 50.1.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\My HP Game Console] : (HP Game Console.-.WildTangent) -> "C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Picasa 3] : (Picasa 3.-.Google, Inc.) -> "C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PROHYBRID2R] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PROHYBRIDR] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.51.2220.62] : (SafeZone Stable 1.51.2220.62.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SMALLBUSINESSR] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Tableau de Bord Pack Fnac 2013] : (Tableau de Bord Pack Fnac 2013.-.) -> "C:\Windows\EP_UNINSTALL.EXE" "C:\Program Files (x86)\Fnac\TBPackFnac2013\UNINSTALL.INI" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent hp Master Uninstall] : (HP Games.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-clubpenguin] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-runescape] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - RuneScape HD\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-worldofwarcraft] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - World of Warcraft\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082124] : (Blasterball 3.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082141] : (FATE.-.WildTangent) -> "C:\Program Files (x86)\HP Games\FATE\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082168] : (Penguins!.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082172] : (Polar Bowler.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082192] : (Bejeweled 2 Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082200] : (Chuzzle Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082222] : (Insaniquarium Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082241] : (Virtual Villagers - The Secret City.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082246] : (Zuma Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082396] : (Diner Dash 2 Restaurant Rescue.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082409] : (Mahjongg Artifacts.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Mahjongg Artifacts\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082422] : (Wedding Dash.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082427] : (Slingo Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT082439] : (Bus Driver.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Bus Driver\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT083492] : (Agatha Christie - Death on the Nile.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT083510] : (Jewel Quest Solitaire.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT083514] : (Jewel Quest II.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Jewel Quest II\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT083521] : (Dream Chronicles.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Dream Chronicles\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT083529] : (Gem Shop.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Gem Shop\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{00FF3F93-F2CE-BFBE-347E-C49F3A1780D9}] : (CCC Help Dutch.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}] : (CyberLink YouCam.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{06A1D88C-E102-4527-AF70-29FFD7AF215A}] : (Scan.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}] : (DeviceDiscovery.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}] : (HPProductAssistant.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}] : (MyPDFConverter.-.Aedge Performance BCN SL) -> MsiExec.exe /X{1D76557F-04F5-4CF9-AB20-6A621B0D52D7} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] : (CyberLink DVD Suite.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{223B6018-B8A2-7090-7BA9-4E2002DCAB86}] : (Catalyst Control Center InstallProxy.-.ATI Technologies, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> "C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8B0481A9A34D47CD.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216017FF}] : (Java(TM) 6 Update 21.-.Sun Microsystems, Inc.) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216021FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{287ECFA4-719A-2143-A09B-D6A12DE54E40}] : (Acrobat.com.-.Adobe Systems Incorporated) -> MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{292F0F52-B62D-4E71-921B-89A682402201}] : (Toolbox.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FB9EA69-51D4-4913-9AD5-762C034DE811}] : (Status.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3877C901-7B90-4727-A639-B6ED2DD59D43}] : (ESU for Microsoft Windows 7.-.Hewlett-Packard) -> MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3ECBC47D-7913-8D9D-8703-DC1969CB252A}] : (CCC Help Danish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}] : (Power2Go.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}] : (HP Advisor.-.Hewlett-Packard) -> MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43861B2A-0548-46B7-56E3-F2AB01311C7E}] : (CCC Help Greek.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] : (Recovery Manager.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4EDCB0CC-305A-2D52-E9A5-E6CA59DFF2F7}] : (CCC Help Turkish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4F80ACED-DE98-ECF3-0559-098936A13994}] : (Catalyst Control Center Graphics Full New.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51343725-98F7-D613-E46D-3C2198DF0162}] : (Catalyst Control Center Core Implementation.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5D335F5D-4185-4AD8-8E6D-64D8D4AB80D7}] : (HP Software Framework.-.Hewlett-Packard Company) -> MsiExec.exe /X{5D335F5D-4185-4AD8-8E6D-64D8D4AB80D7} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}] : (SolutionCenter.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{621E909B-9AD0-8E66-336F-5B0284145719}] : (CCC Help Japanese.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63CE9AEA-F3F7-C1DC-EC4E-27A0DF0B9261}] : (Catalyst Control Center Graphics Previews Common.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}] : (LightScribe System Software.-.LightScribe) -> MsiExec.exe /X{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6B78BA3C-795D-C47D-5DD3-BEA98FF7CD6C}] : (CCC Help Norwegian.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.2.2.3.-.Hewlett-Packard Company) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F4B5D6B-6FA4-ACDE-F89C-BF437D2302AF}] : (Catalyst Control Center Graphics Light.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{74DC0593-6BC6-4001-AD5F-D810AFB68D86} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{76E108BF-C1B2-A945-9EFC-FFA030D20E1E}] : (CCC Help Russian.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8354E8D3-B6FF-079F-E82F-73128A84A354}] : (CCC Help Hungarian.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver For Windows 7.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8EE94FD8-5F52-4463-A340-185D16328158}] : (WebReg.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}] : (SmartWebPrinting.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{934B3B9F-8B5F-AA7F-770E-117C9B7B4DCA}] : (CCC Help Czech.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911}] : (Realtek USB 2.0 Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{97F3767E-8A52-4AA6-9304-BEEFBAC04575}] : (HP User Guides 0217.-.Hewlett-Packard) -> MsiExec.exe /X{97F3767E-8A52-4AA6-9304-BEEFBAC04575} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{99CFB83D-D10A-F740-2EE5-02BB86F79BBB}] : (CCC Help Chinese Standard.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9B90C530-7A5F-7997-6275-A66AB973148B}] : (CCC Help Italian.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A2BCA9F1-566C-4805-97D1-7FDC93386723}] : (Adobe AIR.-.Adobe Systems Inc.) -> MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}] : (CyberLink PowerDVD 9.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AAC22E56-5466-8E1E-4533-81E0AC51120B}] : (CCC Help Spanish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB4CE98A-220A-1F05-A513-6CA5C9F34A8A}] : (Catalyst Control Center Graphics Previews Vista.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}] : (HPSSupply.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824205020}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824205020} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AB0000000001}] : (Adobe Reader XI (11.0.18) - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AB0000000001} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB3447F6-9553-4AA9-960E-0DB5310C5779}] : (GPBaseService2.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}] : (Destinations.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1A0D5F7-02F3-4D95-872A-0E56CF968DC6}] : (Catalyst Control Center - Branding.-.ATI) -> MsiExec.exe /I{C1A0D5F7-02F3-4D95-872A-0E56CF968DC6} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C2483D27-D725-95FD-6EBF-8AAE23A8342C}] : (CCC Help Portuguese.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C388F68C-5AA9-ECE2-6FD7-73EB09FD5130}] : (CCC Help Korean.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (LabelPrint.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C829AA7D-3113-0942-06D1-1A2CFA850920}] : (CCC Help French.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CAE4213F-F797-439D-BD9E-79B71D115BE3}] : (HPPhotoGadget.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}] : (HP Product Detection.-.Hewlett-Packard Company) -> MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}] : (PowerDirector.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CC639DE4-356A-B032-BE59-52ED46879591}] : (CCC Help Thai.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}] : (TrayApp.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3058349-D2ED-4A3B-651B-9882B3BD7F8D}] : (Catalyst Control Center Localization All.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D360FA88-17C8-4F14-B67F-13AAF9607B12}] : (MarketResearch.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D36DD326-7280-11D8-97C8-000129760CBE}] : (PhotoNow!.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3E9CA09-20E8-F218-15F3-3E1CA0EEFB4D}] : (PX Profile Update.-.AMD) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}] : (Intel(R) Turbo Boost Technology Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Turbo Boost Technology Driver\Uninstall\setup.exe -uninstall -iips [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D895ACBB-697F-1C12-6E3F-3A6229D19857}] : (CCC Help German.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}] : (Adobe Shockwave Player.-.Adobe Systems, Inc.) -> MsiExec.exe /X{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D9ABACA0-5C8B-6D8E-6881-65EF2F13B987}] : (CCC Help Polish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DE22695F-CB6A-B64F-8477-275C1FCF3001}] : (Catalyst Control Center Graphics Full Existing.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E10AD9B8-1A7C-87E9-2ABE-8F852A89A369}] : (CCC Help English.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E2831862-F131-4327-B9CC-FA30F587EB6C}] : (HP Setup.-.Hewlett-Packard) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E2831862-F131-4327-B9CC-FA30F587EB6C}\setup.exe" -l0x9 -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E517094C-06B6-419F-8FFD-EF4F57972130}] : (QuickTransfer.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E6319C60-D4DF-4D4D-A077-9F46D656E4FB}] : (C309g-m.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E92D47A1-D27D-430A-8368-0BAFD956507D}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EAA941D9-93E7-2C0B-0754-0806755CD5F3}] : (ccc-core-static.-.Nom de votre société) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE177519-70E3-4A94-B8DB-FD0B78D1A47E}] : (PS_AIO_06_C309g-m_SW_Min.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF0970F3-19FE-CDA9-837B-C9EA53D5DBED}] : (CCC Help Finnish.-.ATI) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F580D6C2-140E-143A-1013-3C3A4FCCB3A1}] : (CCC Help Chinese Traditional.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F9842DD1-81B6-AF2C-72C2-F28B56A5B6DF}] : (CCC Help Swedish.-.ATI) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}] : (BufferChm.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skype™ 7.30.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6} ---------- | Installer [HKCR\Installer\Products\035C09B9F5A7799726576AA69B3741B8] : CCC Help Italian -> C:\Windows\Installer\{9B90C530-7A5F-7997-6275-A66AB973148B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0694AF70830BBE9498B1F95939A05A44] : HP Customer Experience Enhancements -> C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\06C9136EFD4DD4D40A77F9646D654EBF] : C309g-m [HKCR\Installer\Products\098990BCF5D15D11E99A0005AB3E711E] : PowerDirector -> C:\Windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0ACABA9DB8C5E8D6861856FEF2319B78] : CCC Help Polish -> C:\Windows\Installer\{D9ABACA0-5C8B-6D8E-6881-65EF2F13B987}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1026B0516E9EBFD469E0CCDB35BFDDDE] : HPProductAssistant [HKCR\Installer\Products\18555481990E8AB4CBB63FB4F26006C0] : Google Toolbar for Internet Explorer [HKCR\Installer\Products\1B935F01FA13FB34F9C0E06BE6199822] : HP Quick Launch -> C:\Windows\Installer\{10F539B1-31AF-43BF-9F0C-0EB66E918922}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\1DD2489F6B18C2FA272C2FB8655A6BFD] : CCC Help Swedish -> C:\Windows\Installer\{F9842DD1-81B6-AF2C-72C2-F28B56A5B6DF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1F9ACB2AC6655084791DF7CD39837632] : Adobe AIR [HKCR\Installer\Products\25F0F292D26B17E429B1986A28042210] : Toolbox [HKCR\Installer\Products\286FF0AF07CC75C439DC2E673F7E35E7] : BufferChm [HKCR\Installer\Products\2C6D085FE041A3410131C3A3F4CC3B1A] : CCC Help Chinese Traditional -> C:\Windows\Installer\{F580D6C2-140E-143A-1013-3C3A4FCCB3A1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\31B3A53EDC877694A88CAAF9AD96E3ED] : HP Support Assistant -> C:\Windows\Installer\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3825B5596A426E248BD16C58E4BB0E14] : HP Wireless Assistant -> C:\Windows\Installer\{955B5283-24A6-42E6-B81D-C6854EBBE041}\WA_tray_32_on.exe [HKCR\Installer\Products\38E1FB04BE028D11795C00905C206085] : Power2Go -> C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3950CD476CB61004DAF58D01FA6BD868] : HP Update [HKCR\Installer\Products\39F3FF00EC2FEBFB43E74CF9A371089D] : CCC Help Dutch -> C:\Windows\Installer\{00FF3F93-F2CE-BFBE-347E-C49F3A1780D9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3D8E4538FF6BF9708EF23721A8483A45] : CCC Help Hungarian -> C:\Windows\Installer\{8354E8D3-B6FF-079F-E82F-73128A84A354}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3F0790FEEF919ADC38B79CAE355DBDDE] : CCC Help Finnish -> C:\Windows\Installer\{EF0970F3-19FE-CDA9-837B-C9EA53D5DBED}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42C6FBF1DF1C10144AB2C065F4E9E897] : PowerStarter -> C:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4AFCE782A91734120AB96D1AD25EE404] : Acrobat.com [HKCR\Installer\Products\4EA42A62D9304AC4784BF238120671FF] : Java(TM) 6 Update 21 [HKCR\Installer\Products\4EA42A62D9304AC4784BF268140671FF] : Java(TM) 6 Update 17 (64-bit) [HKCR\Installer\Products\4ED936CCA653230BEB9525DE64785919] : CCC Help Thai -> C:\Windows\Installer\{CC639DE4-356A-B032-BE59-52ED46879591}\ARPPRODUCTICON.exe [HKCR\Installer\Products\527343157F89316D4ED6C31289FD1026] : Catalyst Control Center Core Implementation -> C:\Windows\Installer\{51343725-98F7-D613-E46D-3C2198DF0162}\ARPPRODUCTICON.exe [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\588A53CAF8F075847BADE6D8BF346E3B] : HPSSupply [HKCR\Installer\Products\623DD63D08278D11798C00109267C0EB] : PhotoNow -> C:\Windows\Installer\{D36DD326-7280-11D8-97C8-000129760CBE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\65E22CAA6645E1E85433180ECA1521B0] : CCC Help Spanish -> C:\Windows\Installer\{AAC22E56-5466-8E1E-4533-81E0AC51120B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA408033019195008142020502] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824205020}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744BA0000000010] : Adobe Reader XI (11.0.18) - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\6F7443BB35599AA469E0D05B13C07597] : GPBaseService2 [HKCR\Installer\Products\701043F6AA9F6C745BC43C1AF91155F3] : Hewlett-Packard ACLM.NET v1.2.2.3 -> C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\72D3842C527DDF59E6FBA8EA328A43C2] : CCC Help Portuguese -> C:\Windows\Installer\{C2483D27-D725-95FD-6EBF-8AAE23A8342C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skype™ 7.30 -> C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe [HKCR\Installer\Products\79A14D7320B603C478355801B71E6D47] : Intel® RealSense™ SDK 2014 Runtime (x64): Core -> C:\Windows\Installer\{37D41A97-6B02-4C30-8753-85107BE1D674}\arp.ico [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E] : Junk Mail filter update [HKCR\Installer\Products\7F5D0A1C3F2059D478A2E065FC69D86C] : Catalyst Control Center - Branding -> C:\Windows\Installer\{C1A0D5F7-02F3-4D95-872A-0E56CF968DC6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\83E039EB3BB76B54582B25153F478F44] : 64 Bit HP CIO Components Installer [HKCR\Installer\Products\87BB85415CD10CB49B3AB246F4A51850] : DeviceDiscovery [HKCR\Installer\Products\88AF063D8C7141F46BF731AA9F06B721] : MarketResearch [HKCR\Installer\Products\8994BF104C33134458DE70E9E3FE7ED5] : YouCam -> C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8B9DA01EC7A19E78A2EBF858A2983A96] : CCC Help English -> C:\Windows\Installer\{E10AD9B8-1A7C-87E9-2ABE-8F852A89A369}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8DF49EE825F536443A0481D561231885] : WebReg [HKCR\Installer\Products\915771EE3E0749A48BBDDFB0871D4AE7] : PS_AIO_06_C309g-m_SW_Min [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\9438503DDE2DB3A456B189283BDBF7D8] : Catalyst Control Center Localization All -> C:\Windows\Installer\{D3058349-D2ED-4A3B-651B-9882B3BD7F8D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\96AE9BF24D153194A95D67C230D48E11] : Status [HKCR\Installer\Products\9CA6158A1FAA9F747966302E4DDCCB8F] : PowerDVD -> C:\Windows\Installer\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9D149AAE7E39B0C27045806057C55D3F] : ccc-core-static -> C:\Windows\Installer\{EAA941D9-93E7-2C0B-0754-0806755CD5F3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A2B1683484507B64653E2FBA1013C1E7] : CCC Help Greek -> C:\Windows\Installer\{43861B2A-0548-46B7-56E3-F2AB01311C7E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A89EC4BAA02250F15A31C65A9C3FA4A8] : Catalyst Control Center Graphics Previews Vista -> C:\Windows\Installer\{AB4CE98A-220A-1F05-A513-6CA5C9F34A8A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AB4027DB46DDE994B955A682C2FDF44A] : Destinations [HKCR\Installer\Products\AC5F6FF803E4B3E49B1502C4AA2A17A6] : SmartWebPrinting [HKCR\Installer\Products\AEA9EC367F3FCD1CCEE4720AFDB02916] : Catalyst Control Center Graphics Previews Common -> C:\Windows\Installer\{63CE9AEA-F3F7-C1DC-EC4E-27A0DF0B9261}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B4E0FCD5AE8F92240ADBC56A4DFA7B94] : SolutionCenter [HKCR\Installer\Products\B6D5B4F64AF6EDCA8FC9FB34D73220FA] : Catalyst Control Center Graphics Light -> C:\Windows\Installer\{6F4B5D6B-6FA4-ACDE-F89C-BF437D2302AF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B8794A55A3CC2C5E5576597BA0D14123] : ccc-utility64 -> C:\Windows\Installer\{55A4978B-CC3A-E5C2-5567-95B70A1D1432}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B909E1260DA966E833F6B52048417591] : CCC Help Japanese -> C:\Windows\Installer\{621E909B-9AD0-8E66-336F-5B0284145719}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BA0A2B44E214C8F40B851D8EEACCFD5F] : PowerRecover -> C:\Windows\Installer\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BBCA598DF79621C1E6F3A326921D8975] : CCC Help German -> C:\Windows\Installer\{D895ACBB-697F-1C12-6E3F-3A6229D19857}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C3AB87B6D597D74CD53DEB9AF87FDCC6] : CCC Help Norwegian -> C:\Windows\Installer\{6B78BA3C-795D-C47D-5DD3-BEA98FF7CD6C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C490715E6B60F914F8DFFEF475791203] : QuickTransfer [HKCR\Installer\Products\C7D8BF048FF62FA4CBB8B0D13BA20FB4] : HP Advisor -> C:\Windows\Installer\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C86F883C9AA52ECEF67D37BE90DF1503] : CCC Help Korean -> C:\Windows\Installer\{C388F68C-5AA9-ECE2-6FD7-73EB09FD5130}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C88D1A60201E7254FA0792FF7DFA12A5] : Scan [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC0BCDE4A50325D29E5A6EAC95FD2F7F] : CCC Help Turkish -> C:\Windows\Installer\{4EDCB0CC-305A-2D52-E9A5-E6CA59DFF2F7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D36E13DCDF74C1941871FC02D1A0AF5B] : TrayApp [HKCR\Installer\Products\D38BFC99A01D047FE25E20BB687FB9BB] : CCC Help Chinese Standard -> C:\Windows\Installer\{99CFB83D-D10A-F740-2EE5-02BB86F79BBB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D5F533D558148DA4E8D6468D4DBA087D] : HP Software Framework -> C:\Windows\Installer\{5D335F5D-4185-4AD8-8E6D-64D8D4AB80D7}\app_1.exe [HKCR\Installer\Products\D74CBCE33197D9D87830CD9196BC52A2] : CCC Help Danish -> C:\Windows\Installer\{3ECBC47D-7913-8D9D-8703-DC1969CB252A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D7AA928C31132490601DA1C2AF589002] : CCC Help French -> C:\Windows\Installer\{C829AA7D-3113-0942-06D1-1A2CFA850920}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D9B3809C290922FFDDCC79676EB98E61] : ATI Catalyst Install Manager -> C:\Windows\Installer\{C9083B9D-9092-FF22-DDCC-9776E69BE816}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\DECA08F489ED3FCE50959098631A9349] : Catalyst Control Center Graphics Full New -> C:\Windows\Installer\{4F80ACED-DE98-ECF3-0559-098936A13994}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E17A8F77515323848B2BF2E1BD2D0E1F] : Bing Bar -> C:\Windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico [HKCR\Installer\Products\E6680C84BE75C4443817E8341260B63C] : Network64 [HKCR\Installer\Products\E7673F7925A86AA43940EBFEAB0C5457] : HP User Guides 0217 [HKCR\Installer\Products\EB3EDFA610CB4A54D960BB5FDA023731] : LightScribe System Software -> C:\Windows\Installer\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3124EAC797FD934DBE9977BD111B53E] : HPPhotoGadget [HKCR\Installer\Products\F45FAD3B52BD6854E91F692DB41B0488] : Windows Movie Maker 2.6 [HKCR\Installer\Products\F59622EDA6BCF46B487772C5F1FC0310] : Catalyst Control Center Graphics Full Existing -> C:\Windows\Installer\{DE22695F-CB6A-B64F-8477-275C1FCF3001}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F75567D15F409FC4BA02A626B1D0257D] : MyPDFConverter -> C:\Windows\Installer\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F9B3B439F5B8F7AA77E011C7B9B7D4AC] : CCC Help Czech -> C:\Windows\Installer\{934B3B9F-8B5F-AA7F-770E-117C9B7B4DCA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FB801E672B1C549AE9CFFF0A032DE0E1] : CCC Help Russian -> C:\Windows\Installer\{76E108BF-C1B2-A945-9EFC-FFA030D20E1E}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=477G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 199M Yes No 2,048 407,552 1 1 07-NTFS 462G No No 409,600 946,894,848 2 2 07-NTFS 14G No No 947,304,448 29,255,680 3 3 0C-FAT32X 103M No No 976,560,128 210,992 ---------- | MBR Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: Hewlett-Packard System Manufacturer: Hewlett-Packard System Product Name: HP G72 Notebook PC Logical Drives Mask: 0x0001003c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog {hap=15:app=Microsoft Word 2010 90140061040C0000:tid=15F8:usr=cecile} Le client n'a pas pu se connecter à un serveur Application Virtualization Server (rc 16D1160A-0000E028) ------------ {hap=15:app=Microsoft Word 2010 90140061040C0000:tid=15F8:usr=cecile} Le client Application Virtualization n'a pas pu se connecter pour diffuser l'URL « http://c2r.microsoft.com/HomeStudentC2R/fr-fr/14.0.4763.1000/HomeStudentC2R.fr-fr_14.0.7177.5000.sft » (rc 16D1160A-0000E028, original rc 16D1160A-0000E028). ------------ Échec de l’initialisation de la restauration du système (Removed PDF Architect 2 View Module). ------------ Échec de l’initialisation de la restauration du système (Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501). ------------ La création du contexte d’activation a échoué pour « C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll ». Assembly dépendant Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ Le programme CCleaner64.exe version 3.24.0.1850 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 524 Heure de début : 01d25ab204c98b9f Heure de fin : 10631 Chemin d’accès de l’application : C:\Program Files\CCleaner\CCleaner64.exe ID de rapport : 345ebd71-c6a6-11e6-98a5-cef4e3fd8b23 ------------ Le programme CCleaner64.exe version 3.24.0.1850 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1184 Heure de début : 01d25ab1f96ebb7f Heure de fin : 10186 Chemin d’accès de l’application : C:\Program Files\CCleaner\CCleaner64.exe ID de rapport : 28a7e948-c6a6-11e6-98a5-cef4e3fd8b23 ------------ Le programme CCleaner64.exe version 3.24.0.1850 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1df0 Heure de début : 01d25ab1c512571a Heure de fin : 16948 Chemin d’accès de l’application : C:\Program Files\CCleaner\CCleaner64.exe ID de rapport : 81c74460-c6a5-11e6-98a5-cef4e3fd8b23 ------------ Nom de l’application défaillante atieclxx.exe, version : 6.14.11.1051, horodatage : 0x4b8de1c4 Nom du module défaillant : atiadlxx.dll, version : 6.14.10.1054, horodatage : 0x4b8dd29f Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001e858 ID du processus défaillant : 0x630 Heure de début de l’application défaillante : 0x01d25a30934e1892 Chemin d’accès de l’application défaillante : C:\Windows\system32\atieclxx.exe Chemin d’accès du module défaillant: C:\Windows\system32\atiadlxx.dll ID de rapport : 1f61b707-c64b-11e6-bf32-db223c0fa626 ------------ Nom de l’application défaillante atieclxx.exe, version : 6.14.11.1051, horodatage : 0x4b8de1c4 Nom du module défaillant : atiadlxx.dll, version : 6.14.10.1054, horodatage : 0x4b8dd29f Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001e858 ID du processus défaillant : 0x670 Heure de début de l’application défaillante : 0x01d253c45c747b10 Chemin d’accès de l’application défaillante : C:\Windows\system32\atieclxx.exe Chemin d’accès du module défaillant: C:\Windows\system32\atiadlxx.dll ID de rapport : a23ed488-bfb7-11e6-92e5-eafb44a62e20 ------------ Nom de l’application défaillante atieclxx.exe, version : 6.14.11.1051, horodatage : 0x4b8de1c4 Nom du module défaillant : atiadlxx.dll, version : 6.14.10.1054, horodatage : 0x4b8dd29f Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001e858 ID du processus défaillant : 0x5cc Heure de début de l’application défaillante : 0x01d251ecd6a61ed9 Chemin d’accès de l’application défaillante : C:\Windows\system32\atieclxx.exe Chemin d’accès du module défaillant: C:\Windows\system32\atiadlxx.dll ID de rapport : 5da1549f-bdfb-11e6-bd05-ab430adb0913 ------------ Nom de l’application défaillante atieclxx.exe, version : 6.14.11.1051, horodatage : 0x4b8de1c4 Nom du module défaillant : atiadlxx.dll, version : 6.14.10.1054, horodatage : 0x4b8dd29f Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000001e858 ID du processus défaillant : 0x5a0 Heure de début de l’application défaillante : 0x01d25077a6f0943e Chemin d’accès de l’application défaillante : C:\Windows\system32\atieclxx.exe Chemin d’accès du module défaillant: C:\Windows\system32\atiadlxx.dll ID de rapport : 953fd60e-bc92-11e6-b748-c149fef71226 ------------ ------------ Nom de l’application défaillante cvh.exe, version : 14.0.7147.5000, horodatage : 0x5509d64e Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x65637275 ID du processus défaillant : 0x614 Heure de début de l’application défaillante : 0x01d25099ee4b2e86 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe Chemin d’accès du module défaillant: unknown ID de rapport : 471c0b92-bc8d-11e6-b748-c149fef71226 ------------ ------------ Pour information uniquement. (Patch task for {90140011-0061-040C-0000-0000000FF1CE}): DownloadLatest Failed: Il n’existe actuellement aucune connexion réseau active. Le service de transfert intelligent d’arrière plan (BITS) recommencera plus tard, lorsqu’une carte sera connectée. ------------ Pour information uniquement. (Patch task for {90140011-0061-040C-0000-0000000FF1CE}): DownloadLatest Failed: Il n’existe actuellement aucune connexion réseau active. Le service de transfert intelligent d’arrière plan (BITS) recommencera plus tard, lorsqu’une carte sera connectée. ------------ Pour information uniquement. (Patch task for {90140011-0061-040C-0000-0000000FF1CE}): DownloadLatest Failed: La date de ce certificat n’est pas valide ou a expiré ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Données non valides. . ------------ ----------( EOF)---------- - 3824 | 21:44:34