--------------- QuickDiag | g3n-h@ckm@n | V5_01.11.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 02/12/2019 18:04:40 Updated 01/11/2019 | 14:35 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Afrique centrale - Ouest [Yacine (Administrator)] - [YACINE-HP] (S-1-5-21-2610684070-2999462588-3123469859-1000) System: Microsoft Windows 7 Édition Familiale Basique - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> () System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Basique |C:\Windows|\Device\Harddisk0\Partition2 Boot : Normal boot PC: HP Pavilion g6 Notebook PC - Hewlett-Packard - IdNumber: CNF1105D2N - UUID: 31464E43-3031-4435-324E-984BE1B64137 Processor : X64 - 2128 Mhz - Intel(R) Pentium(R) CPU P6200 @ 2.13GHz Default System BIOS - - Hewlett-Packard - S/N: CNF1105D2N - F.04 - HPQOEM - 1 CoreTemp : 75 Celsius ----------| Extended ---------- | SoundDevice IDT High Definition Audio CODEC - Status: OK - Manufacturer: IDT - PNPDeviceID: HDAUDIO\FUNC_01&VEN_111D&DEV_7605&SUBSYS_103C1668&REV_1001\4&228EC977&0&0001 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2804&SUBSYS_80860101&REV_1000\4&228EC977&0&0301 Audio Bluetooth - Status: OK - Manufacturer: Broadcom - PNPDeviceID: BTHENUM\{24DF01A9-3E4F-4C9F-9F66-5AA8AB14F8F4}_LOCALMFG&0000\8&25E64045&0&000000000000_00000000 ---------- | Video Intel(R) HD Graphics - Resolution: 1366x768 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0046&SUBSYS_1668103C&REV_02\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1303306240 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics - DriverVersion: 8.15.10.2509 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | Memory Pagefile = Total (MB) : 6007 | Free (MB) : 3055 Virtual = Total (MB) : 4194 | Free (MB) : 3969 Physical Memory (MB) -------------------- Total: 2933 Available: 680 Cached: 372 Free: 279 Kernel Memory (MB) ------------------ Paged: 190 Nonpaged: 89 System ------ Handles: 30595 Processes: 109 Threads: 1209 ---------- | SID Users Administrateur : [S-1-5-21-2610684070-2999462588-3123469859-500] Invité : [S-1-5-21-2610684070-2999462588-3123469859-501] Yacine : [S-1-5-21-2610684070-2999462588-3123469859-1000] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | Drives C:\ -> [Fixed] | [] | Total : 283.26 Go | Free : 162.22 Go -> NTFS [ATA] D:\ -> [Fixed] | [RECOVERY] | Total : 14.54 Go | Free : 1.46 Go -> NTFS [ATA] G:\ -> [Fixed] | [] | Total : 136.62 Go | Free : 113.51 Go -> NTFS [USB] H:\ -> [Fixed] | [Réservé au système] | Total : 0.1 Go | Free : 0.08 Go -> NTFS [USB] I:\ -> [Fixed] | [] | Total : 161.37 Go | Free : 74.04 Go -> NTFS [USB] Drive: 0 Cylinders: 38913 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 320072933376 bytes Drive: 1 Cylinders: 146884 Tracks per Cylinder: 224 Sectors per Track: 19 Bytes per Sector: 512 Total Space: 320072932352 bytes ---------- | Windows updates - Activation - License W.A.T : :) Last detection : 2019-12-02 16:28:44 Downloaded last ones : 2019-12-02 16:29:14 Installed last ones : 2019-12-02 16:30:05 Next search : 2019-12-03 13:25:48 Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.9600.19541 (© Microsoft Corporation. Tous droits réservés.) GC : 78.0.3904.108 (Copyright 2019 Google LLC.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "" ---------- | FlashPlayer ---------- | Security AV : avast! Antivirus Disabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 320 | [Owner : Système | Parent : 4(System) | 0.45 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.24535) = C:\Windows\System32\smss.exe [13/11/2019 16:01:13] CPU Usage:0 % 444 | [Owner : Système | Parent : 412() | 2.63 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 00:19:49] CPU Usage:0 % 520 | [Owner : Système | Parent : 412() | 1.48 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 00:52:37] CPU Usage:0 % 532 | [Owner : Système | Parent : 512() | 18.02 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 00:19:49] CPU Usage:0 % 568 | [Owner : Système | Parent : 520(wininit.exe) | 6.29 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [10/10/2019 21:25:12] CPU Usage:0 % 596 | [Owner : Système | Parent : 520(wininit.exe) | 8.38 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.24535) = C:\Windows\System32\lsass.exe [13/11/2019 16:01:03] CPU Usage:0 % 604 | [Owner : Système | Parent : 520(wininit.exe) | 3.13 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [09/10/2019 18:20:16] CPU Usage:0 % 664 | [Owner : Système | Parent : 512() | 4.86 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.24514) = C:\Windows\System32\winlogon.exe [12/10/2019 16:01:18] CPU Usage:0 % 756 | [Owner : Système | Parent : 568(services.exe) | 5.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 852 | [Owner : SERVICE RÉSEAU | Parent : 568(services.exe) | 6.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 896 | [Owner : SERVICE LOCAL | Parent : 568(services.exe) | 15.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1012 | [Owner : Système | Parent : 568(services.exe) | 66.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 368 | [Owner : SERVICE LOCAL | Parent : 568(services.exe) | 15.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 460 | [Owner : Système | Parent : 568(services.exe) | 32.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 584 | [Owner : Système | Parent : 568(services.exe) | 4.33 Mo] - (.IDT, Inc. - IDT PC Audio.) - (1.0.6315.0) = C:\Program Files\IDT\WDM\stacsv64.exe [20/02/2011 01:33:18] CPU Usage:0 % 1204 | [Owner : SERVICE RÉSEAU | Parent : 568(services.exe) | 16.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1372 | [Owner : Système | Parent : 1012(svchost.exe) | 2.53 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe [14/07/2009 01:07:15] CPU Usage:0 % 1380 | [Owner : Système | Parent : 568(services.exe) | 72.59 Mo] - (.ALWIL Software - avast! Service.) - (5.0.507.0) = C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [07/10/2019 22:34:18] CPU Usage:0 % 1388 | [Owner : Système | Parent : 444(csrss.exe) | 1 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.24535) = C:\Windows\System32\conhost.exe [13/11/2019 16:01:05] CPU Usage:0 % 1772 | [Owner : Système | Parent : 568(services.exe) | 6.78 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.24000) = C:\Windows\System32\spoolsv.exe [12/10/2019 16:02:27] CPU Usage:0 % 1800 | [Owner : SERVICE LOCAL | Parent : 568(services.exe) | 10.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1904 | [Owner : Système | Parent : 568(services.exe) | 4.59 Mo] - (.Broadcom Corporation. - Bluetooth Support Server.) - (6.3.0.6300) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [29/07/2010 19:39:24] CPU Usage:0 % 1940 | [Owner : Système | Parent : 568(services.exe) | 5.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1980 | [Owner : Système | Parent : 568(services.exe) | 2.07 Mo] - (.EasyBits Software AS - Shared EasyBits services for Windows.) - (5.0.0.101) = C:\Windows\SysWOW64\ezSharedSvcHost.exe [06/01/2011 14:27:09] CPU Usage:0 % 1076 | [Owner : SERVICE LOCAL | Parent : 568(services.exe) | 6.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 1164 | [Owner : Système | Parent : 568(services.exe) | 3.19 Mo] - (.Hewlett-Packard Company - HP Client Services.) - (1.0.12656.3472) = C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [05/08/2010 19:51:08] CPU Usage:0 % 1552 | [Owner : Système | Parent : 568(services.exe) | 1.48 Mo] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) - (4.0.80.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [03/11/2010 16:12:54] CPU Usage:0 % 1580 | [Owner : Système | Parent : 568(services.exe) | 5.37 Mo] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - (2.3.1.0) = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [09/11/2010 15:20:34] CPU Usage:0 % 108 | [Owner : Système | Parent : 568(services.exe) | 1.76 Mo] - (.Hewlett-Packard Company - LightScribe Service.) - (1.18.20.1) = C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [22/11/2010 14:27:00] CPU Usage:0 % 1844 | [Owner : Système | Parent : 568(services.exe) | 2.2 Mo] - (.Intel Corporation - Local Manageability Service.) - (6.0.40.1213) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [20/02/2011 01:32:23] CPU Usage:0 % 2056 | [Owner : Système | Parent : 568(services.exe) | 3.03 Mo] - (.Microsoft Corporation - Microsoft SeaPort Search Enhancement Broker.) - (3.0.131.0) = C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [27/07/2010 14:46:08] CPU Usage:0 % 2160 | [Owner : Système | Parent : 568(services.exe) | 12.78 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [21/09/2010 14:49:00] CPU Usage:0 % 2232 | [Owner : Système | Parent : 2160(WLIDSVC.EXE) | 1.36 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [21/09/2010 14:49:00] CPU Usage:0 % 2640 | [Owner : SERVICE LOCAL | Parent : 568(services.exe) | 2.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 2668 | [Owner : SERVICE RÉSEAU | Parent : 568(services.exe) | 1.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 2052 | [Owner : Système | Parent : 568(services.exe) | 6.33 Mo] - (.Hewlett-Packard Company - HP Support Assistant.) - (5.1.11.1) = C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe [01/12/2010 09:17:42] CPU Usage:0 % 2040 | [Owner : Système | Parent : 244() | 0.39 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.35.341) = C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe [05/11/2019 20:14:48] CPU Usage:0 % 1524 | [Owner : Système | Parent : 244() | 0.43 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.35.341) = C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe [05/11/2019 20:14:48] CPU Usage:0 % 2368 | [Owner : Système | Parent : 568(services.exe) | 24.38 Mo] - (.Hewlett-Packard Company - HPPA_Service.) - (1.0.10.0) = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [21/07/2010 14:33:00] CPU Usage:0 % 692 | [Owner : Système | Parent : 568(services.exe) | 10.59 Mo] - (.Intel Corporation - IAStorDataSvc.) - (10.0.0.1046) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [20/02/2011 01:32:02] CPU Usage:0 % 2548 | [Owner : Système | Parent : 756(svchost.exe) | 23.9 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [09/10/2019 18:20:35] CPU Usage:0 % 2764 | [Owner : Système | Parent : 568(services.exe) | 3.69 Mo] - (.Hewlett-Packard Company - hpqwmiex Module.) - (4.0.80.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [03/11/2010 16:07:10] CPU Usage:0 % 2904 | [Owner : SERVICE RÉSEAU | Parent : 756(svchost.exe) | 9.76 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [09/10/2019 18:20:35] CPU Usage:0 % 576 | [Owner : Système | Parent : 568(services.exe) | 5.26 Mo] - (.Intel Corporation - User Notification Service.) - (6.0.40.1213) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/02/2011 01:32:24] CPU Usage:0 % 2508 | [Owner : Système | Parent : 568(services.exe) | 50.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 836 | [Owner : Système | Parent : 568(services.exe) | 13.34 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.24275) = C:\Windows\System32\SearchIndexer.exe [12/10/2019 16:02:52] CPU Usage:0 % 2880 | [Owner : Yacine | Parent : 568(services.exe) | 12.62 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [10/10/2019 20:54:00] CPU Usage:0 % 2252 | [Owner : Yacine | Parent : 460(svchost.exe) | 6.96 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [09/10/2019 18:20:28] CPU Usage:0 % 3744 | [Owner : Yacine | Parent : 1012(svchost.exe) | 51.53 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 00:37:38] CPU Usage:0 % 4004 | [Owner : Yacine | Parent : 736() | 59.28 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [10/10/2019 20:59:49] CPU Usage:0 % 2748 | [Owner : Yacine | Parent : 4004(explorer.exe) | 12.58 Mo] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.3.27.1) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [17/12/2010 03:26:04] CPU Usage:0 % 2168 | [Owner : Yacine | Parent : 4004(explorer.exe) | 19.32 Mo] - (.IDT, Inc. - IDT PC Audio.) - (1.0.6315.0) = C:\Program Files\IDT\WDM\sttray64.exe [20/02/2011 01:33:18] CPU Usage:0 % 3692 | [Owner : Yacine | Parent : 4004(explorer.exe) | 6.79 Mo] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2509) = C:\Windows\System32\hkcmd.exe [31/08/2011 20:08:34] CPU Usage:0 % 3500 | [Owner : Yacine | Parent : 4004(explorer.exe) | 9.63 Mo] - (.Intel Corporation - persistence Module.) - (8.15.10.2509) = C:\Windows\System32\igfxpers.exe [31/08/2011 20:08:44] CPU Usage:0 % 1184 | [Owner : Yacine | Parent : 4004(explorer.exe) | 11.07 Mo] - (.Hewlett-Packard Company -.) - (1.18.20.1) = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [22/11/2010 14:20:48] CPU Usage:0 % 3788 | [Owner : Yacine | Parent : 4004(explorer.exe) | 22.83 Mo] - (.Tonec Inc. - Internet Download Manager (IDM).) - (6.32.10.2) = C:\Program Files (x86)\Internet Download Manager\IDMan.exe [19/04/2019 21:59:58] CPU Usage:0 % 3224 | [Owner : Yacine | Parent : 4004(explorer.exe) | 186.65 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 3828 | [Owner : Yacine | Parent : 2172() | 3.55 Mo] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.3.27.1) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [01/10/2011 01:14:16] CPU Usage:0 % 980 | [Owner : Yacine | Parent : 3224(chrome.exe) | 5.72 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 2492 | [Owner : Yacine | Parent : 3224(chrome.exe) | 6.39 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 2784 | [Owner : Yacine | Parent : 3224(chrome.exe) | 122.39 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 3444 | [Owner : Yacine | Parent : 3224(chrome.exe) | 37.2 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 3548 | [Owner : Yacine | Parent : 3336() | 21.96 Mo] - (.Intel Corporation - IAStorIcon.) - (10.0.0.1046) = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [20/02/2011 01:32:02] CPU Usage:0 % 1284 | [Owner : Yacine | Parent : 3336() | 7.93 Mo] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) - (2.3.6.0) = C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [09/11/2010 15:20:36] CPU Usage:0 % 4100 | [Owner : Yacine | Parent : 4004(explorer.exe) | 14.25 Mo] - (.Broadcom Corporation. - Bluetooth Tray Application.) - (6.3.0.6300) = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [29/07/2010 19:39:24] CPU Usage:0 % 4196 | [Owner : Yacine | Parent : 3224(chrome.exe) | 43.2 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4204 | [Owner : Yacine | Parent : 3224(chrome.exe) | 49.41 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4248 | [Owner : Yacine | Parent : 3224(chrome.exe) | 46.66 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4256 | [Owner : Yacine | Parent : 3224(chrome.exe) | 59.4 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4264 | [Owner : Yacine | Parent : 3224(chrome.exe) | 62.66 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4276 | [Owner : Yacine | Parent : 3224(chrome.exe) | 52.88 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4284 | [Owner : Yacine | Parent : 3224(chrome.exe) | 51.88 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4296 | [Owner : Yacine | Parent : 3336() | 12.13 Mo] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) - (1.0.6.0) = C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [13/12/2010 12:48:18] CPU Usage:0 % 4356 | [Owner : Yacine | Parent : 4004(explorer.exe) | 14.46 Mo] - (.Hewlett-Packard Company - PictureMover Application.) - (3.5.0.0) = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe [18/11/2010 12:57:28] CPU Usage:0 % 4732 | [Owner : Yacine | Parent : 3336() | 20.37 Mo] - (.Easybits - Software update notification.) - (9.0.1.12) = C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [07/10/2019 22:31:27] CPU Usage:0 % 4740 | [Owner : Yacine | Parent : 3336() | 9.1 Mo] - (.ALWIL Software - avast! Antivirus.) - (5.0.507.0) = C:\Program Files\Alwil Software\Avast5\AvastUI.exe [07/10/2019 22:34:18] CPU Usage:0 % 4892 | [Owner : Yacine | Parent : 3336() | 8.73 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.221.11) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [04/07/2019 07:37:02] CPU Usage:0 % 3656 | [Owner : Yacine | Parent : 4628() | 7.97 Mo] - (.Piriform Ltd - CCleaner.) - (5.63.0.7540) = C:\Program Files\CCleaner\CCleaner64.exe [14/10/2019 21:32:58] CPU Usage:0 % 3672 | [Owner : Yacine | Parent : 2252(taskeng.exe) | 0.72 Mo] - (.CyberLink - YouCam Mirage.) - (1.0.0.602) = C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [10/12/2010 23:02:24] CPU Usage:0 % 3592 | [Owner : Yacine | Parent : 3336() | 5.03 Mo] - (.Adobe Systems Inc. - AcroTray.) - (10.1.1.33) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [28/09/2011 14:35:28] CPU Usage:0 % 5216 | [Owner : SERVICE RÉSEAU | Parent : 568(services.exe) | 4.5 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [09/10/2019 18:20:40] CPU Usage:0 % 5340 | [Owner : Yacine | Parent : 3224(chrome.exe) | 21.76 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5352 | [Owner : Yacine | Parent : 3788(IDMan.exe) | 6.56 Mo] - (.Tonec Inc. - Internet Download Manager agent for click monitoring in IE-based browsers.) - (6.22.1.1) = C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [19/04/2019 21:59:53] CPU Usage:0 % 5512 | [Owner : Yacine | Parent : 4000() | 27.14 Mo] - (.Intel Corporation - Intel(R) Management and Security Status.) - (6.0.40.1213) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [20/02/2011 01:32:22] CPU Usage:0 % 5564 | [Owner : Yacine | Parent : 4100(BTTray.exe) | 5.16 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7601.23755) = C:\Windows\SysWOW64\rundll32.exe [10/10/2019 21:19:23] CPU Usage:0 % 5704 | [Owner : Yacine | Parent : 756(svchost.exe) | 19.35 Mo] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) - (6.3.0.6300) = C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe [29/07/2010 19:39:24] CPU Usage:0 % 5112 | [Owner : Yacine | Parent : 756(svchost.exe) | 6.14 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe [14/07/2009 00:47:12] CPU Usage:0 % 3644 | [Owner : Yacine | Parent : 5704(BTStackServer.exe) | 3.79 Mo] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) - (6.3.0.6300) = C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [29/07/2010 19:39:24] CPU Usage:0 % 5040 | [Owner : Yacine | Parent : 3940() | 51.34 Mo] - (.Hewlett-Packard Company - HP Wireless Assistant.) - (4.0.10.0) = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [21/07/2010 14:33:00] CPU Usage:0 % 5144 | [Owner : Yacine | Parent : 3224(chrome.exe) | 175.71 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5728 | [Owner : Yacine | Parent : 3224(chrome.exe) | 66.84 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5840 | [Owner : SERVICE LOCAL | Parent : 568(services.exe) | 6.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 00:31:13] CPU Usage:0 % 5388 | [Owner : Yacine | Parent : 3224(chrome.exe) | 53.82 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4056 | [Owner : Yacine | Parent : 5040(HPWA_Main.exe) | 12.25 Mo] - (.Hewlett-Packard Development Company L.P. - hpCaslNotification.) - (4.0.80.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe [03/11/2010 16:10:50] CPU Usage:0 % 4220 | [Owner : Yacine | Parent : 3224(chrome.exe) | 52.14 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5852 | [Owner : Yacine | Parent : 3224(chrome.exe) | 12.53 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5644 | [Owner : Yacine | Parent : 3224(chrome.exe) | 213.86 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5948 | [Owner : Yacine | Parent : 3224(chrome.exe) | 54.14 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 5928 | [Owner : Yacine | Parent : 3224(chrome.exe) | 45.79 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 6128 | [Owner : Yacine | Parent : 3224(chrome.exe) | 34.2 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 3104 | [Owner : Yacine | Parent : 3224(chrome.exe) | 60.16 Mo] - (.Google LLC - Google Chrome.) - (78.0.3904.108) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [07/10/2019 22:40:32] CPU Usage:0 % 4216 | [Owner : Yacine | Parent : 4892(jusched.exe) | 13.46 Mo] - (.Oracle Corporation - Java Update Checker.) - (2.8.221.11) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [04/07/2019 07:36:34] CPU Usage:0 % 5676 | [Owner : Yacine | Parent : 756(svchost.exe) | 29.52 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [10/10/2019 20:59:49] CPU Usage:0 % 2480 | [Owner : SERVICE LOCAL | Parent : 896(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.24523) = C:\Windows\System32\audiodg.exe [12/10/2019 16:03:14] CPU Usage:0 % 3676 | [Owner : Yacine | Parent : 4004(explorer.exe) | 54.89 Mo] - (.SosVirus - QuickDiag.) - (1.11.19.1) = C:\Users\Yacine\Desktop\QuickDiag.exe [02/12/2019 18:03:33] CPU Usage:4 % 2424 | [Owner : SERVICE RÉSEAU | Parent : 756(svchost.exe) | 7.44 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [09/10/2019 18:19:59] CPU Usage:0 % 6092 | [Owner : SERVICE RÉSEAU | Parent : 568(services.exe) | 12.4 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [09/10/2019 18:18:12] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.Tonec Inc..-.Internet Download Manager module.) - (6.30.9.22) -- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (.Versionate Inc..-.ShellExt Dynamic Link Library.) - (0.9.1.0) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll (.Tonec Inc..-.Internet Download Manager Network Monitor.) - (6.32.10.175) -- C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.DLL (.Broadcom Corporation..-.BTNCopy Module.) - (6.3.0.6300) -- C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll (.Tonec Inc..-.Internet Download Manager Panel.) - (6.32.10.67) -- C:\Program Files (x86)\Internet Download Manager\IDMBRBTN64.DLL (.Broadcom Corporation..-.Multimedia Keys Hook DLL.) - (6.3.0.6300) -- C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll (.Intel Corporation.-.igfxpph Module.) - (8.15.10.2509) -- C:\Windows\system32\igfxpph.dll (.Intel Corporation.-.hccutils Module.) - (8.15.10.2509) -- C:\Windows\system32\hccutils.DLL (.Intel Corporation.-.igfxres Module.) - (8.15.10.2509) -- C:\Windows\system32\igfxrFRA.lrc (.Intel Corporation.-.igfxsrvc Module.) - (8.15.10.2509) -- C:\Windows\system32\igfxsrvc.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.50.0.0) -- C:\Program Files\WinRAR\rarext.dll (..-..) - (0.0.0.0) -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll (.ALWIL Software.-.avast! Shell Extension.) - (5.0.507.0) -- C:\Program Files\Alwil Software\Avast5\ashShA64.dll (.Adobe Systems Inc..-.Adobe Acrobat Context Menu.) - (10.1.1.33) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll (.Adobe Systems Inc..-.Adobe Acrobat Context Menu.) - (10.1.1.33) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Acrobat Elements\ContextMenu64.fra ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU LightScribe Control Panel - (C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\...\Run]) - User: Yacine-HP\Yacine AdobeBridge - ( [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\...\Run]) - User: Yacine-HP\Yacine IDMan - (C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\...\Run]) - User: Yacine-HP\Yacine GoogleChromeAutoLaunch_305E5D73D2DDB0DB3A800F1EE0090D31 - ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\...\Run]) - User: Yacine-HP\Yacine CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\...\Run]) - User: Yacine-HP\Yacine Bluetooth - (C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [Common Startup]) - User: Public Snapfish PictureMover - (C:\PROGRA~2\PICTUR~1\Bin\PICTUR~1.EXE -det [Common Startup]) - User: Public SynTPEnh - (%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [HKLM\SOFTWARE\...\Run]) - User: Public SysTrayApp - (C:\Program Files\IDT\WDM\sttray64.exe [HKLM\SOFTWARE\...\Run]) - User: Public HPWirelessAssistant - (C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [HKLM\SOFTWARE\...\Run]) - User: Public IgfxTray - (C:\Windows\system32\igfxtray.exe [HKLM\SOFTWARE\...\Run]) - User: Public HotKeysCmds - (C:\Windows\system32\hkcmd.exe [HKLM\SOFTWARE\...\Run]) - User: Public Persistence - (C:\Windows\system32\igfxpers.exe [HKLM\SOFTWARE\...\Run]) - User: Public AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden "AdobeBridge"= "IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot "GoogleChromeAutoLaunch_305E5D73D2DDB0DB3A800F1EE0090D31"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Adobe PDF,winspool,Ne02: "UserSelectedDefault"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [20/02/2011 01:33:18] "HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden "IgfxTray"=C:\Windows\system32\igfxtray.exe [31/08/2011 20:08:50] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [31/08/2011 20:08:34] "Persistence"=C:\Windows\system32\igfxpers.exe [31/08/2011 20:08:44] "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [20/02/2011 01:32:02] "IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [09/11/2010 15:20:36] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [13/12/2010 12:00:00] "HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [13/12/2010 12:48:18] "Magic Desktop for HP notification"="C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" "avast5"="C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37:14] "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin ""= "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List avast! Emergency Update CCleaner Update CCleanerSkipUAC GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA HPCeeScheduleForYACINE-HP$ MirageAgent {9A7CAD2D-C362-4F3A-A2FE-2B1B69F729CF} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=2000 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=596 "SecureBoot"=1 "ProductType"=2 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=1f1fbe8d-7363-4e9c-9d49-3240dc1 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 ---------- | .LNK with Arguments c:\hp\hpqware\dtshortcuts\de_at\ebay.at.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=de_at&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=de_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de_de\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=de_de&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_au\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_au&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_be\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_ca\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_ca&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_gb\visit ebay.co.uk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_gb&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_hk\ebay.com.hk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_hk&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_ie\ebay.ie.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_ie&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_in\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_in&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_my\ebay.com.my.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_my&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_nl\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_nl&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_ph\ebay.ph.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_ph&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_sg\ebay.com.sg.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_sg&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_th\ebay.co.th.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_th&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_us\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=en_us&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\es_es\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=es_es&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_be\visitez ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=fr_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_ca\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=fr_ca&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=fr_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_fr\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=fr_fr&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\hi_in\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=hi_in&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=it_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it_it\ebay italia.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=it_it&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nl_be\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=nl_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nl_nl\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=nl_nl&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\zh-hk\all\?????ebay!.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=zh_hk&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\da_dk\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=da_dk&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_at\ebay.at.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=de_at&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_at\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=de_at&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=de_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_ch\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=de_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_de\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=de_de&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_de\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=de_de&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_au\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_au&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_au\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_au&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_be\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ca\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_ca&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ca\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_ca&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_gb\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_gb&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_gb\visit ebay.co.uk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_gb&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_hk\ebay.com.hk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_hk&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ie\ebay.ie.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_ie&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ie\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_ie&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_in\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_in&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_in\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_in&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_my\ebay.com.my.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_my&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_nl\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_nl&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_nz\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_nz&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ph\ebay.ph.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_ph&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_sg\ebay.com.sg.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_sg&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_sg\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_sg&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_th\ebay.co.th.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_th&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_us\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=en_us&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_us\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=en_us&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\es_es\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=es_es&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\es_es\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=es_es&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_be\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=fr_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_be\visitez ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=fr_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_ca\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=fr_ca&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_ca\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=fr_ca&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=fr_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_ch\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=fr_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_fr\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=fr_fr&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_fr\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=fr_fr&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\hi_in\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=hi_in&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it_ch\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=it_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it_ch\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=it_ch&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it_it\ebay italia.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=it_it&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it_it\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=it_it&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\ja_jp\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=ja_jp&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nb_no\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=nb_no&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl_be\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=nl_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl_be\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=nl_be&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl_nl\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=nl_nl&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl_nl\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=nl_nl&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\pt_pt\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=pt_pt&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\sv_se\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=sv_se&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\zh-hk\all\?????ebay!.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=zh_hk&bd=all&c=104) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\zh_cn\?????.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=zh_cn&bd=all&c=104) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cnnb&locale=fr_fr&bd=all&c=104) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=snapfish&pf=cnnb&locale=fr_fr&bd=all&c=104) - Hidden: False - Status: OK c:\users\public\desktop\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=fr_fr&bd=all&c=104) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [07/10/2019 22:31:04] "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=347 "Browse For Folder Height"=288 "link"=0x15000000 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 ""=0 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=23 ""= [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=38 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "AutoAdminLogon"=0 "DefaultUserName"=Yacine [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [13/11/2019 16:01:22] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [13/11/2019 16:01:22] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=1DA1111C antivirus\avast5.0\setup_av_free_fre.exe"=1 "I:\111\Outils Reskin\Android Studio\android-studio-ide-191.5791312-windows.exe"=1 "C:\Users\Yacine\Downloads\NDP47-KB3186497-x86-x64-AllOS-ENU.exe"=1 "I:\111\Outils Reskin\genymotion-3.0.2-vbox.exe"=1 "I:\Compressed\SEO PowerSuite\_Getintopc.com_SEO_PowerSuite\SEO_PowerSuite\SEO Power Suite.exe"=1 "I:\Compressed\NaturalReader.Pro.16.1.1\_Getintopc.com_NaturalReader_Professional_v14\NaturalReader_Professional_v14\Setup.exe"=1 "C:\Users\Yacine\Downloads\002.IDM\002.IDM\idman632build11.exe"=1 "C:\Users\Yacine\Downloads\Compressed\Pinflux 2 Agency v3.7 Full Activated - WwW.Dr-FarFar.CoM\Setup\Pinflux 2 Agency.exe"=1 "G:\Logiciels & Programmes\Camtasia_Setup\Camtasia_Setup.exe"=1 "C:\Users\Yacine\Downloads\Compressed\_igetintopc.com_PDF_to_MP_Setup\_igetintopc.com_PDF_to_MP_Setup\setup.exe"=1 "C:\Users\Yacine\Downloads\Compressed\Video Spin Blaster Pro Plus v2.32 Full Activated - WwW.Dr-FarFar.CoM\Setup\Video Spin Blaster Pro Plus.exe"=1 "C:\Users\Yacine\Downloads\Compressed\Vidscribe AI PRO v2.2 Full Activated - WwW.Dr-FarFar.CoM\Setup\Vidscribe AI PRO.exe"=1 "SIGN.MEDIA=7DC00004 Adobe CS6.part001.exe"=1 "C:\Users\Yacine\Downloads\Programs\inkscape-0.92.4-x64.exe"=1 "I:\111\Yacine\A graver\Programmes & Applications\MovAvi Screen Capture Studio 5.0.0\MovaviScreenCaptureSetup.exe"=1 "C:\Users\Yacine\Downloads\Programs\Firefox Installer.exe"=1 "C:\Users\Yacine\Downloads\Compressed\Ccleaner\ccsetup563_pro.exe"=1 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x9A12C79595D0CB01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 65.52.240.48 127.0.0.1 activation.cloud.techsmith.com ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.198.78] avec 32 octets de donn?es?: R?ponse de 216.58.198.78?: octets=32 temps=42 ms TTL=55 R?ponse de 216.58.198.78?: octets=32 temps=42 ms TTL=55 R?ponse de 216.58.198.78?: octets=32 temps=46 ms TTL=55 R?ponse de 216.58.198.78?: octets=32 temps=41 ms TTL=55 Statistiques Ping pour 216.58.198.78: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 41ms, Maximum = 46ms, Moyenne = 42ms ---------- | @ [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Enable Browser Extensions"=yes "Start Page"=http://g.uk.msn.com/HPNOT/3 "Default_Page_URL"=http://g.uk.msn.com/HPNOT/3 "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Play_Background_Sounds"=yes "Play_Animations"=yes "CompatibilityFlags"=0 "IE8TourNoShow"=1 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27000000270000007C0300007F020000 "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0x1D0FEC4A577DD501 "NotifyDownloadComplete"=yes "DisableScriptDebuggerIE"=yes "OperationalData"=5 "ImageStoreRandomFolder"=pqtopgm "SearchBandRestoreBarCount"=3 "SearchBandMigrationVersion"=1 "Start Page_TIMESTAMP"=0x60DC3A1CF6A6D501 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xA3A66E268592D501 "IE10TourShown"=1 "IE10TourShownTime"=0x5D93E8268592D501 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x4F74409E5B80D501 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D} -- C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [19/04/2019 21:59:53] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00Zecter] - {D25B32FE-CB96-491A-98FF-AD59DA382D69} -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll [09/11/2010 23:16:22] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\01Zecter] - {EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5} -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll [09/11/2010 23:16:22] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\02Zecter] - {B3C78E40-6B64-47C3-AE34-60B770881EB8} -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll [09/11/2010 23:16:22] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\03Zecter] - {622AFE52-33F6-4D9F-9966-E0BC52D7D69D} -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll [09/11/2010 23:16:22] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\04Zecter] - {855156F0-2A0F-11DE-8C30-0800200C9A66} -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll [09/11/2010 23:16:22] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=EasyBits Security Shield Hook - prevents launching insecure programs by kids ---------- | Toolbar [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=0xE3EFEB7F196B494398D2FFB09D4B49CA013A050000 "ITBar7Layout"=0x13000000000000000000000030000000100003003E00000001000000000700005E010000060000004101000000000000070000000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E3EFEB7F196B494398D2FFB09D4B49CA0071CB8D86DF844388428FA844297B3F00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=62 [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={ec29edf6-ad3c-4e1c-a087-d6cb81400c43} "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={ec29edf6-ad3c-4e1c-a087-d6cb81400c43} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{8dcb7100-df86-4384-8842-8fa844297b3f}"=0x00 "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={ec29edf6-ad3c-4e1c-a087-d6cb81400c43} ---------- | Extensions [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}] : (@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}] : (Envoyer au périphérique &Bluetooth...) - [] ---------- | SearchScopes [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}] - (Ask.com) - http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}] - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}] - (Wikipedia) - http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] - (eBay) - http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}] - (Ask.com) - http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}] - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}] - (Wikipedia) - http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] - (eBay) - http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}] - (Ask.com) - http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}] - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}] - (Wikipedia) - http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] - (eBay) - http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox : ---------- | ElevationPolicy [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B}] - (C:\Program Files (x86)\Internet Download Manager) - idmBroker.exe : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A}] - (C:\Program Files (x86)\Internet Download Manager) - IEMonitor.exe : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4}] - (C:\Program Files (x86)\Internet Download Manager) - IDMan.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9}] - (C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37) - symerr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\System32) - msdt.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1753B788-C64C-4D57-B6BC-95C48992C4A7}] - (C:\Windows\System32) - msspellcheckingfacility.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1}] - (C:\Program Files\Java\jre6\bin) - unpack200.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files\Java\jre1.8.0_221\bin) - jp2launcher.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Windows\system32) - javaws.exe : C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\system32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] - (%SystemRoot%\System32) - wisptis.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files\Java\jre1.8.0_221\bin) - ssvagent.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\) - Silverlight.Configuration.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08E8D305-8D6D-49fe-8603-03A926E46AE0}] - (C:\Program Files (x86)\Common Files\Adobe\Updater6) - Adobe_Updater.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9}] - (C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37) - symerr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\SysWOW64) - msdt.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] - (C:\Program Files (x86)\Adobe\Reader 9.0\Reader\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1753B788-C64C-4D57-B6BC-95C48992C4A7}] - (C:\Windows\SysWOW64) - msspellcheckingfacility.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191DA03B-FBE7-4579-B64D-273DC8358F1B}] - (C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat) - Acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\) - agcp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FAAC277-7F72-4204-9C4A-86A8F00926E8}] - (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager) - DefMgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] - (C:\Program Files (x86)\Adobe\Reader 9.0\Reader) - AcroRd32Info.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{380689D0-AFAA-47E6-B80E-A33436FE314B}] - (C:\Program Files (x86)\Windows Live\Contacts\) - wlcomm.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A895E9-93DD-4ffa-A4A3-2C14608B5B61}] - (C:\Windows\SysWOW64\Adobe\Shockwave 11) - SwHelper_1158612.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1}] - (C:\Program Files (x86)\Java\jre6\bin) - unpack200.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43ABBB95-C0E9-497B-8BB9-B5FA08861705}] - (C:\Program Files (x86)\Windows Live\Mail\) - wlmail.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files (x86)\Java\jre6\bin) - jp2launcher.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Program Files (x86)\Java\jre6\bin) - javaws.exe : C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68934FDE-CDB1-42CC-A38B-A44B43B0785C}] - (C:\Windows\SysWOW64\Adobe\Director) - SWDNLD.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84F5ADD1-2DF7-4e71-AAD3-0E181DA5338B}] - (C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89322207-5E2E-40CE-90ED-5957180E3B2C}] - (C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] - (C:\Program Files (x86)\Adobe\Reader 9.0\Reader) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F3CF3F7-A40F-43ed-A3D5-9C176D07B58A}] - (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\) - SCServer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9019d14b-638d-4383-bb95-441b7f57eafb}] - (C:\Program Files (x86)\Windows Live\Installer\) - wlstartup.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{907131E3-3ECF-4027-B0EB-3324883441D1}] - (C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat) - AcrobatInfo.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] - (C:\Program Files (x86)\Adobe\Reader 9.0\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0A2BA1-1E09-4A59-BE36-AA32DC25931B}] - (C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.35.342) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.35.342) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files (x86)\Java\jre6\bin) - ssvagent.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cef4638f-1e1d-4520-9e59-49b169ceb4df}] - (C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0) - mswinext.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D133B285-8A43-4EC7-93BE-9B909C2370F5}] - (C:\Program Files (x86)\Windows Live\Messenger\) - msnmsgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5}] - (C:\Program Files (x86)\Windows Live\Writer\) - WindowsLiveWriter.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB9524B3-24F4-48fa-91C5-B8EEF1C0A14F}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4}] - (C:\Program Files (x86)\Internet Download Manager) - IDMan.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil10l_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}] : : C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{47833539-D0C5-4125-9FA8-0819E2EAAC93}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}] : : C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}] : : C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6}] : : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE7CD045-E861-484F-8273-0445EE161910}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] : : C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ---------- | Ext\Stats [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}] : : C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}] : : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{47833539-D0C5-4125-9FA8-0819E2EAAC93}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}] : : C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}] : : C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6}] : : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE7CD045-E861-484F-8273-0445EE161910}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCA281CA-C863-46EF-9331-5C8D4460577F}] : : [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash10l.ocx [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] : : C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] : : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] : : C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] : : C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] -> (IDM integration (IDMIEHlprObj Class)) : C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [19/04/2019 21:59:52] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live ID) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010 14:08:38] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [06/01/2011 14:28:52] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] -> (IDM integration (IDMIEHlprObj Class)) : C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [19/04/2019 21:59:52] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] -> (Adobe PDF Link Helper) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [28/09/2011 14:35:32] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] -> (Search Helper) : C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [27/07/2010 14:46:08] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live ID) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010 14:08:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] -> (Adobe PDF Conversion Toolbar Helper) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [28/09/2011 14:35:34] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] -> (Bing Bar BHO) : C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [13/08/2010 15:19:04] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [06/01/2011 14:28:52] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] -> (SmartSelect Class) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [28/09/2011 14:35:34] ---------- | Chrome C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\aailiojlhjbichheofhdpcongebcgcgm = : Heartbeat Chrome Extension by Freedom! Labs - __MSG_chrome_extension_name__ - permissions:[identityidentity.emailtabsstorage\u003Call_urls>contextMenuscookiesnotificationswebRequestwebRequestBlockingclipboardWriteunlimitedStorage] - 519680141770-8f29pmh3fptropinlq890sllgv4t3vp7.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\akdgnmcogleenhbclghghlkkdndkjdjc = : __MSG_extDescription__ - short_name: SEOquake - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\bacakpdjpomjaelpkpkabmedhkoongbi = : __MSG_desc__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\bppamachkoflopbagkdoflbgfjflfnfl = : Disable WebRTC and prevent IP leak. - WebRTC Leak Shield - permissions:[privacystoragemanagementwebRequestwebRequestBlocking\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\cknebhggccemgcnbidipinkifmmegdel = : The Official Alexa Traffic Rank Extension providing Alexa Traffic Rank and site Information when clicked. - Alexa Traffic Rank - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\ddlhmpomfloaidpdleeoegmpikjdchjf = : Filter tweets by keyword Sort Twitter timeline by popularity (retweets likes users) & more ... - HackyBird - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\dipfggodcibdmflidbceoaanadclgomm = : Searching Facebook - Intelligence Search - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\efcdeldmbdedbimoojfmlmiifkpfjcba = : Search by Utilitool - The best way to search - short_name: Utilitool - alternate_urls:[] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\gidoepdbdhacpopcmepkflghaalfapmk = : Google & co - http://www.qrcode-monkey.com/ - short_name: QRCode Monkey - [http://www.qrcode-monkey.com/] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\gkbhgdhhefdphpikedbinecandoigdel = : Easily schedule and publish content to Pinterest and Instagram. - Tailwind Publisher - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\gmpiiinlandbgcfejoeaodgpfkdjnolm = : __MSG_extension_description__ - short_name: __MSG_extension_name_short__ - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic = : __MSG_extDescription__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\hjbfbllnfhppnhjdhhbmjabikmkfekgf = : Shopify Inspector - Inspect Shopify Shops - version_name: 1.43 - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\hmanipjnbjnhoicdnooapcnfonebefel = : Import and sync products from AliExpress to your Shopify store - Oberlo - Aliexpress.com Product Importer - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\jmfikkaogpplgnfjmbjdpalkhclendgd = : Save things you want to come back to later. - Save to Facebook - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen = : Write your best with Grammarly for Chrome. - Grammarly for Chrome - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\kefmekfmfacbdefimlancoccpocmgmpb = - Commerce Inspector - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\lfmanfkmmgfigbnjibfemdnnfjboficn = : A feature-rich extension to mass follow and unfollow on Twitter. - Mass follow for Twitter - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\mhkhmbddkmdggbhaaaodilponhnccicb = : YouTube video optimization (video SEO) and YouTube channel management built for YouTube creators and businesses. - short_name: TubeBuddy - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\nbcojefnccbanplpoffopkoepjmhgdgh = : Hoxx VPN Proxy service to unblock blocked websites and encrypt your connection. Completely free. - short_name: Hoxx VPN - permissions:[proxystoragewebRequestwebRequestBlockingnotifications\u003Call_urls>tabsmanagement] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\nffaoalbilbmmfgbnbgppjihopabppdk = : Speed up slow down advance and rewind any HTML5 video with quick shortcuts. - short_name: videospeed - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\ngpampappnmepgilojfohadhhmbhlaek = : Download files with Internet Download Manager - IDM Integration Module - permissions:[\u003Call_urls>tabscookiescontextMenuswebNavigationwebRequestwebRequestBlockingdownloadsdownloads.shelfmanagementstorageproxynativeMessaging] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\oglpeeejikbcgohgemnalccgdnihljll = : BigSpy-The easiest way to hunt ads for your preference. Extension to monitor Ads and gather intelligence on your competitor's ads. - Tracking Ads - BigSpy - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\ojkcdipcgfaekbeaelaapakgnjflfglf = : Check My Links is a link checker that crawls through your webpage and looks for broken links. - Check My Links - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\pachckjkecffpdphbpmfolblodfkgbhl = : Uncover the secrets to success behind your favorite YouTube videos. - vidIQ Vision for YouTube - permissions:[cookies\u003Call_urls>clipboardWritestoragebackground] - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\pbjikboenpfhbbejgkoklgkhjpfogcam = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\piflakgeopoaocnncajchgcgmomjaggp = : Shorten the long link using http://fas.st/ engine. - Shrink the Link - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\pmncileebcgjlaigmolmknmnnfpfcckj = : - https://www.pinterest.fr/?utm_source=homescreen_icon - Pinterest C:\Users\Yacine\AppData\Local\Google\Chrome\User Data\Default\extensions\pnmjaflneibolacpepklokkjnakmikmg = : Majestic backlink analysis straight into your browser. - Majestic Backlink Analyzer - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek] ---------- | Opera ---------- | Firefox [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\mozilla\Firefox\Extensions] "mozilla_cc3@internetdownloadmanager.com"=C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "msntoolbar@msn.com"=C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox "{27182e60-b5f3-411c-b545-b44205977502}"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ "{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ "web2pdfextension@web2pdf.adobedotcom"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.221.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.221.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0] - (Bing Bar) : C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Acrobat] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll C:\Users\Yacine\AppData\Roaming\Mozilla\Firefox\Profiles\jwn3a42k.default-release\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20191030021342"); user_pref("browser.startup.homepage_override.mstone", "70.0.1"); user_pref("extensions.activeThemeID", "default-theme@mozilla.org"); user_pref("extensions.blocklist.lastModified", "Fri, 29 Nov 2019 15:32:56 GMT"); user_pref("extensions.blocklist.pingCountTotal", 2); user_pref("extensions.blocklist.pingCountVersion", 2); user_pref("extensions.databaseSchema", 31); user_pref("extensions.getAddons.cache.lastUpdate", 1575060439); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20191030021342"); user_pref("extensions.lastAppVersion", "70.0.1"); user_pref("extensions.lastPlatformVersion", "70.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.privatebrowsing.notification", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"e423898a-5f7f-4d29-a475-a7fd17b1a516\",\"screenshots@mozilla.org\":\"ccf88687-4c60-48fe-b3a1-c593b9fbb9ca\",\"webcompat-reporter@mozilla.org\":\"d50f4818-40ce-4e4e-8b96-d0c7ba8e1925\",\"webcompat@mozilla.org\":\"ef03cd8d-ce06-449a-951b-3cfa1b563a75\",\"default-theme@mozilla.org\":\"b65e048d-22ab-4ea1-a5a7-a112c8c98e3f\",\"google@search.mozilla.org\":\"cd2659e6-d2a2-4e3a-853b-8546f12a23d0\",\"bing@search.mozilla.org\":\"da550329-92f3-4743-b53c-d8ef2f53cc7e\",\"amazon@search.mozilla.org\":\"1adb3eba-2b50-4336-8d7e-410c1eb15043\",\"ddg@search.mozilla.org\":\"1691b983-1398-4cc5-9936-4a1607151ae9\",\"ebay@search.mozilla.org\":\"1f7a4686-8f32-4014-88b2-b3ecf1c500d0\",\"qwant@search.mozilla.org\":\"96c3c27e-4996-4e6b-a72e-1748659b0703\",\"wikipedia@search.mozilla.org\":\"791d7e3f-1bc3-497f-b03a-41d7f485bba6\",\"mozilla_cc3@internetdownloadmanager.com\":\"10c83f62-5267-44d5-a72f-64a28f696538\"}"); C:\Users\Yacine\AppData\Roaming\Mozilla\Firefox\Profiles\35tkujwh.default C:\Users\Yacine\AppData\Roaming\Mozilla\Firefox\Profiles\jwn3a42k.default-release [Profile0] - Name=default-release -> Profiles/jwn3a42k.default-release ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{BB9C603A-1D92-4925-A920-692A7EE9DDC7}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{BB9C603A-1D92-4925-A920-692A7EE9DDC7}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BB9C603A-1D92-4925-A920-692A7EE9DDC7}] "DhcpNameServer"=192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{66C64F22-FC60-4E6C-A6B5-F0D580E680CE}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D715857-A67C-4C2F-A929-038448584D63}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] - (Java (Sun)) - -> C:\Program Files\Java\jre6\bin\regutils.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{16735AF7-1D8D-3681-94A5-C578A61EC832}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{66C64F22-FC60-4E6C-A6B5-F0D580E680CE}] - (Enable TLS1.1 and 1.2) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -EnableTLS [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D715857-A67C-4C2F-A929-038448584D63}] - (Disable SSL3) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -DisableSSL3 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U shell32.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] - (Java (Sun)) - -> C:\Program Files (x86)\Java\jre6\bin\regutils.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] - (LightScribe Control Panel) - -> "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}] - (Macromedia Shockwave Director 10.1) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{16735AF7-1D8D-3681-94A5-C578A61EC832}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}] - (Adobe Shockwave Director 10.4) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}] - (Macromedia Shockwave Director 10.1) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U shell32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}] - (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab | C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}] - (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab | C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}] - (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab | C:\Program Files (x86)\Java\jre6\bin\npjpi160_22.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}] - (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab | C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}] - (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab | C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}] - (Java Plug-in 1.6.0_22) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab | C:\Program Files (x86)\Java\jre6\bin\npjpi160_22.dll ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\Acrobat.exe] : "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\Illustrator.exe] : "C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Acrobat.exe] : "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Illustrator.exe] : "C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: hpqwmiex - AppID: {0018752E-7735-4B30-9DA9-4A01F024F270} Name: WPD Association LUA Virtual Factory - AppID: {00393519-3A67-4507-A2B8-85146167ACA7} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: Virtual Factory for Biometrics - AppID: {0142e4d1-fb7a-11dc-ba4a-000ffe7ab428} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: WPDBusEnum - AppID: {03f25b41-e981-4675-a256-27d1393e7488} Name: Device Display Object Function Discovery Provider - AppID: {04626806-2243-4354-ab44-4ade718d09df} Name: IDBHO - AppID: {062C56BD-B2FF-4405-88D9-93154F27D785} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: PhotoAcqDropTargetEventHandler - AppID: {06A2568A-CED6-4187-BB20-400B8C02BE5A} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: LSCAPI - AppID: {0858A72C-164C-4056-8311-9DF3CA316007} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: QuickTimeShellExt - AppID: {0A18A436-2A7A-49F3-A488-30538A2F6323} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: CamrecShellExt - AppID: {0DE69E95-29A8-4A7B-B10C-78EF7E2AA5B4} Name: IDM Elevated FS Assistant - AppID: {0F947660-8606-420A-BAC6-51B84DD22A47} Name: Vista Elevated Windows Update Web Control - AppID: {11c058e0-9f3e-4c90-a459-2553f2f9e011} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: wpcao.dll - AppID: {1E5300BE-0762-4527-8140-C0FF22DDFC56} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: Sensors Sensor Configuration Helper - AppID: {2331D136-E39D-4019-92D6-7CE5579962FB} Name: TabBtnEx - AppID: {25351F98-BEC9-4BA0-A1F7-D9D69225E52F} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: Windows Live Photo Gallery Autoplay Drop Target - AppID: {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AcroDistX - AppID: {317DA882-ECC5-11D1-B976-00600802DB86} Name: BtwHtmlRenderer - AppID: {31FD10BC-77F2-46CC-909B-EA4070218D42} Name: IPBusEnum - AppID: {344ED43D-D086-4961-86A6-1106F4ACAD9B} Name: CContactDb - AppID: {380689D0-AFAA-47E6-B80E-A33436FE314B} Name: DevicePairingHandler.dll - AppID: {383b69fa-5486-49da-91f5-d63c24c8e9d0} Name: LivePhotoAcqHWEventHandler - AppID: {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} Name: idmBroker - AppID: {3C085E26-7DF6-4A34-ADA6-877D06BAE9A8} Name: igfxcfg - AppID: {3D62E9A1-D243-11D2-B561-00A0C92E6848} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: MSTTS DecObj Class Surrogate - AppID: {3F6B5E16-092A-41ED-930B-0B4125D91D4E} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Health Key and Certificate Management - AppID: {46298684-0fd3-47f3-94b3-65650c65b36a} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: Dispatch - AppID: {4FD99A9E-08CB-4319-84C5-BE677B9943FA} Name: WLRemoteEnableAdmin - AppID: {5032734C-9867-41BF-ABDD-24513D68E613} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: UNS - AppID: {545C8D56-7A88-492D-B38D-559657A3DD4C} Name: STAPODll - AppID: {5534E918-4467-405a-8002-8C30E1463157} Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA} Name: WindowsLiveWriter.exe - AppID: {5564D5FC-DB2D-4658-8DB9-86B822815961} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Watson subscriber for SENS Network Events - AppID: {58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Video Capture Wizard - AppID: {5AB7566D-F75B-4A53-9615-115B6CB1D59B} Name: Virtual Factory for Display CPL - AppID: {5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2} Name: WLXMP4ParserThumbnailProvider - AppID: {5D6E8BC8-01F3-41CC-BF7D-D7EEF436896E} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: Adobe.AcroScanBroker - AppID: {63A34CB0-ED22-4c3d-9A6A-3F986F4EFF70} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Sensors CPL Change Device Permission LUA Helper - AppID: {6CE51F75-0448-438e-B9CA-69C352A248A7} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: WindowsLiveWriterFilter - AppID: {7054B371-09E3-4BC8-8A61-02D7799EA98A} Name: SeaPort - AppID: {718EDB37-DDC6-4130-AF85-A8F44E5B2496} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: Sensors CPL Change Description LUA Helper - AppID: {76AE5F57-B7C9-421f-B55E-FB25144317B6} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: AcroIEHelperShim - AppID: {77AB4812-5411-4EA9-8437-77AD0F230302} Name: WAMobCtr - AppID: {79C2927D-4AC7-4E43-9C64-6388E9240B61} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: hputils - AppID: {8195693E-0C55-4BE2-A2DB-32376ABC24C4} Name: WlanConn - AppID: {825FC848-87F7-4F26-9EF6-43964094FF98} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: SynTPEnh - AppID: {885FA81C-9048-4D32-B62D-C88E84CB57D9} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: Virtual Factory for Action Center CPL - AppID: {8D26D9AA-5DA8-4b95-949A-B74954A229A6} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WTInstallHelper - AppID: {8D997094-0854-4EF4-ACF9-DCC3B831BAEB} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Dispatch - AppID: {90CD3D71-096C-4850-AEA6-60519B5D41EB} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: WMPDMCCore - AppID: {92C2A9B3-4228-438E-8A7B-EF110987764C} Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410} Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: Default Location CPL Data Handler LUA Helper - AppID: {9A630456-078D-43d3-9F1D-DF7A5BC0FA44} Name: WLXAutoPlayMgr - AppID: {9B5CDBB0-6D57-4816-BD04-CA9E68DF5610} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: Live Remote Client ActiveX - AppID: {A0CEBC38-C926-4324-A373-ACCA224B549D} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: Windows Parental Controls - AppID: {A2D8CFE7-7BA4-4bad-B86B-851376B59134} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: PDFShellInfo - AppID: {A5090E95-F1E2-41C8-BDA1-5AEB6C321FDE} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: IA3DUtility - AppID: {A7D71146-EBCD-4E6C-916C-E77865BCC53B} Name: Windows Media Player Encoder Helper Class - AppID: {A9D431C2-6D56-4727-9690-ADBE66B9184A} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: IDMan - AppID: {AC746233-E9D3-49CD-862F-068F7B7CCCA4} Name: Windows Live Social Object Extractor Engine - AppID: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C} Name: SwHelper_1158612 - AppID: {AF551664-D2DF-4E34-85DE-46320B13A0B4} Name: NAP Agent Service - AppID: {B292921D-AF50-400c-9B75-0C57A7F29BA1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: WwanAdvui - AppID: {b70cc729-28ae-11dd-9676-000000000000} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: WLX Thumbnail Cache Out of Proc Server - AppID: {B8A2E14E-290D-4122-B092-1A7D86198CCE} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: FormDesigner - AppID: {BFA20799-B4F3-4720-99A0-1027B2A9A587} Name: BTStackServer - AppID: {C05A68C7-580B-11D4-98D0-006008BF430C} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: SCServer - AppID: {C5A302F8-E729-41A3-B2E9-E16A387189AD} Name: Nap Elevated COM class - AppID: {c5bbbd35-e321-468a-9884-6708aa083f83} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: LocationDisp - AppID: {CBDC4B31-CBE4-4A5B-BECF-64B29E47D2AD} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: SharedAccess - AppID: {ce166e40-1e72-45b9-94c9-3b2050e8f180} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: WMEncodingHelper - AppID: {CFF08EC7-A1D8-46fa-B43E-FB3DCF52FEB8} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: %systemroot%\system32\colorui.dll - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: ghost - AppID: {D58F39FF-953E-4F45-898F-59F243B9A523} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: Bluewire unpairing elevation surrogate - AppID: {D88EC52B-8D57-49e1-9EB3-4D267D68A2AE} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Sensors PropertyPage Host - AppID: {E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45e1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: SWDNLD - AppID: {ED372EB0-5B14-484F-A27C-05FF89B6DF25} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Windows Update Agent User Interface - AppID: {f62fdd2e-66d2-423b-9a04-f71ea00f892a} Name: btwdins - AppID: {F6B856DA-AB94-4355-A42F-EC493BEA79DE} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: Microsoft.Aspnet.Snapin.AspNetManagementUtility.4 - AppID: {F75B6772-91E4-4D2F-9D44-61A447109C2B} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: BtwNamespaceExt - AppID: {FC30068F-18DF-4885-9FFA-B84D390EAE81} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{04626806-2243-4354-ab44-4ade718d09df}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{04626806-2243-4354-ab44-4ade718d09df}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{04626806-2243-4354-ab44-4ade718d09df}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1E5300BE-0762-4527-8140-C0FF22DDFC56}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1E5300BE-0762-4527-8140-C0FF22DDFC56}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1E5300BE-0762-4527-8140-C0FF22DDFC56}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2331D136-E39D-4019-92D6-7CE5579962FB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2331D136-E39D-4019-92D6-7CE5579962FB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2331D136-E39D-4019-92D6-7CE5579962FB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{383b69fa-5486-49da-91f5-d63c24c8e9d0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{383b69fa-5486-49da-91f5-d63c24c8e9d0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{383b69fa-5486-49da-91f5-d63c24c8e9d0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{44C39C96-0167-478F-B68D-783294A2545D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{44C39C96-0167-478F-B68D-783294A2545D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{44C39C96-0167-478F-B68D-783294A2545D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4FD99A9E-08CB-4319-84C5-BE677B9943FA}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FD99A9E-08CB-4319-84C5-BE677B9943FA}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5032734C-9867-41BF-ABDD-24513D68E613}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5032734C-9867-41BF-ABDD-24513D68E613}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5032734C-9867-41BF-ABDD-24513D68E613}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{718EDB37-DDC6-4130-AF85-A8F44E5B2496}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76AE5F57-B7C9-421f-B55E-FB25144317B6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{76AE5F57-B7C9-421f-B55E-FB25144317B6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76AE5F57-B7C9-421f-B55E-FB25144317B6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{825FC848-87F7-4F26-9EF6-43964094FF98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{825FC848-87F7-4F26-9EF6-43964094FF98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{825FC848-87F7-4F26-9EF6-43964094FF98}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D26D9AA-5DA8-4b95-949A-B74954A229A6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D26D9AA-5DA8-4b95-949A-B74954A229A6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D26D9AA-5DA8-4b95-949A-B74954A229A6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{90CD3D71-096C-4850-AEA6-60519B5D41EB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{90CD3D71-096C-4850-AEA6-60519B5D41EB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9A630456-078D-43d3-9F1D-DF7A5BC0FA44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9A630456-078D-43d3-9F1D-DF7A5BC0FA44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9A630456-078D-43d3-9F1D-DF7A5BC0FA44}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D88EC52B-8D57-49e1-9EB3-4D267D68A2AE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D88EC52B-8D57-49e1-9EB3-4D267D68A2AE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{D88EC52B-8D57-49e1-9EB3-4D267D68A2AE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Adobe] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\ALWIL Software] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\AppDataLow] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Clients] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\DownloadManager] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\EurekaLab] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Genymobile] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Google] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Hewlett-Packard] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Intel] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\JavaSoft] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\LightScribe] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\MainConcept] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\MOVAVI] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Mozilla] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Netscape] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\NextUpTech] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Norton] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\PACE Anti-Piracy] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Pencil] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Piriform] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Policies] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\QtProject] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Synaptics] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\TechSmith] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Trolltech] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Widcomm] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\WinRAR] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\WinRAR SFX] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Wow6432Node] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\{1B35BF95-EC1C-7C92-0C35-0C9B7C3B82B7}] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\{B2C51259-F5DC-A998-91DA-88F2BFFDC98C}] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\{F31040C6-E33F-DB33-9222-96DEF098CA96}] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Calc] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Command Processor] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Direct3D] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\GDIPlus] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\IAM] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Ieak] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\IMEJP] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\MPEG2Demultiplexer] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\MSN] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Protected Storage System Provider] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\RAS AutoDial] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Search Enhancement Pack] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\SideShow] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Silverlight] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Live] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Live Mail] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Mail] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Photo Viewer] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Windows Sidebar] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\SOFTWARE\Microsoft\RestartManager] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2610684070-2999462588-3123469859-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Adobe] [HKLM\Software\Android Studio] [HKLM\Software\ATI Technologies] [HKLM\Software\Broadcom] [HKLM\Software\Clients] [HKLM\Software\CXT] [HKLM\Software\Cyberlink] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HPQ] [HKLM\Software\IDT] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Internet Download Manager] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Microsoft] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\NextUpTech] [HKLM\Software\ODBC] [HKLM\Software\Oracle] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Synaptics] [HKLM\Software\TechSmith] [HKLM\Software\Widcomm] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\Zecter] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\Code Store Database] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataFactory] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\Direct3D] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FlashConfig] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\GPUPipeline] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\MigWiz] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MobilePC] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MSSQLServer] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\NapServer] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\NetworkAccessProtection] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\PCHealth] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayReady] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\scrunch] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\SideShow] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TIP Shared] [HKLM\SOFTWARE\Microsoft\TMM] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\Updates] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\Visio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\WBEM] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Win7RtmToSp1] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Live] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\Wlansvc] [HKLM\SOFTWARE\Microsoft\Workspaces] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\Software\Microsoft\Windows\Current Version] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\ALWIL Software] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\EasyBits] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\IDT] [HKLM\Software\WOW6432Node\Insyde] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Internet Download Manager] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\LightScribe] [HKLM\Software\WOW6432Node\Link-Assistant.Com] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAXSOFT-OCRON] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MOVAVI] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\P2G_Upgrade] [HKLM\Software\WOW6432Node\Product_Upgrade] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Sparkol] [HKLM\Software\WOW6432Node\TechSmith] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Win32 Services] [HKLM\Software\WOW6432Node\Zecter] [HKLM\Software\WOW6432Node\ZumoDrive] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\Code Store Database] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DataFactory] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FlashConfig] [HKLM\Software\WOW6432Node\Microsoft\FTH] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\Live Mesh] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SQL Server Compact Edition] [HKLM\Software\WOW6432Node\Microsoft\Migwiz] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\Mobile] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NapServer] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\NetworkAccessProtection] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\PCHealth] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\Reliability Analysis] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Search Enhancement Pack] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\SideShow] [HKLM\Software\WOW6432Node\Microsoft\Silverlight] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\Speech] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TIP Shared] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\Visio] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Live] [HKLM\Software\WOW6432Node\Microsoft\Windows Live Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Live Writer] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Workspaces] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | FeatureControl [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "WindowsAnytimeUpgradeUI.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8000" "CamtasiaStudio.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] "iexplore.exe"="1" "*"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGuiIT.exe"="0" "SAPGUI.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES] "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MEMPROTECT_MODE] "*"="3" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "winmail.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8000" "sllauncher.exe"="8000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation] "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] "iexplore.exe"="1" "*"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGuiIT.exe"="0" "SAPGUI.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "sllauncher.exe"="0" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES] "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "sllauncher.exe"="1" "wlmail.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" "sllauncher.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" "sllauncher.exe"="6" "msnmsgr.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MEMPROTECT_MODE] "*"="3" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "winmail.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "sllauncher.exe"="1" "wlmail.exe"="1" "WindowsLiveWriter.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "sllauncher.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.AC849B99E032F4017BB1CE37934DD4AF] - [01/12/2019 17:22:09] - |A| - [112] - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/12/2019 17:22:09] - |A| - [0] - C:\Windows\setuperr.log ---------- | Drives D: [20/02/2011 11:16:49] - |RASH| - (.-.) - [67] - (0.0.0.0) - D:\Desktop.ini G: [19/08/2019 21:48:21] - |A| - (.Mozilla - Firefox.) - [43638144] - (18.5.0.0) - G:\Firefox Setup 65.0.exe [19/08/2019 21:46:50] - |A| - (.-.) - [2314000] - (0.0.0.0) - G:\winrar-x64-550fr.exe H: I: [04/10/2019 14:23:59] - |A| - (.© 1999-2019. Tonec, Inc. - Internet Download Manager installer.) - [8014976] - (6.35.5.1) - I:\idman635build5.exe ---------- | C: [14/07/2009 04:18:56] - |SHD| - [387] - C:\$Recycle.Bin [09/10/2019 20:16:54] - |D| - [0] - C:\4926f7d891a73516065c [03/11/2019 17:27:42] - |D| - [10611367985] - C:\AdobeCS6_install [07/09/2009 02:57:12] - |SHD| - [14637044] - C:\boot [MD5.D6AE2D5521DD93AEBC90D411D099FA36] - [07/09/2009 02:57:12] - |RASH| - (.-.) - [383562] - (0.0.0.0) - C:\bootmgr [14/07/2009 06:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/10/2019 20:28:56] - |ASH| - (.-.) - [2307280896] - (0.0.0.0) - C:\hiberfil.sys [23/11/2010 00:35:34] - |HD| - [48014925] - C:\HP [20/02/2011 01:30:43] - |D| - [57694] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/10/2019 20:29:02] - |ASH| - (.-.) - [3076374528] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 04:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 04:20:08] - |RD| - [7834727633] - C:\Program Files [14/07/2009 04:20:08] - |RD| - [7701604967] - C:\Program Files (x86) [14/07/2009 04:20:08] - |HD| - [5946461145] - C:\ProgramData [02/12/2019 18:04:09] - |D| - [68686] - C:\QuickDiag [MD5.E03BDD44D12CABD1243231BCB61E44DB] - [02/12/2019 18:04:40] - |A| - (.-.) - [281363] - (0.0.0.0) - C:\QuickDiag.txt [07/09/2009 02:02:59] - |SHD| - [0] - C:\Recovery [07/09/2009 01:40:40] - |D| - [2572589202] - C:\SwSetup [07/10/2019 20:29:02] - |SHD| - [0] - C:\System Volume Information [07/09/2009 01:40:40] - |HD| - [54487908] - C:\SYSTEM.SAV [14/07/2009 04:20:08] - |RD| - [54733544570] - C:\Users [14/07/2009 04:20:08] - |D| - [28557104990] - C:\Windows ---------- | C:\Windows [14/07/2009 06:32:38] - |D| - [802] - C:\Windows\addins [14/07/2009 04:20:08] - |D| - [11384988] - C:\Windows\AppCompat [14/07/2009 04:20:08] - |D| - [10991332] - C:\Windows\AppPatch [14/07/2009 04:20:08] - |RSD| - [1406878732] - C:\Windows\assembly [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [09/10/2019 18:14:32] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 04:20:09] - |D| - [29235208] - C:\Windows\Boot [MD5.948006B70E45C71B61BBF371D192F7CD] - [14/07/2009 06:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 04:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.87F7277043ECD2BE1A3AA6CA8D7A0FBD] - [06/01/2011 22:17:29] - |A| - (.-.) - [12] - (0.0.0.0) - C:\Windows\CSUP.txt [14/07/2009 04:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 05:45:54] - |D| - [3891] - C:\Windows\debug [14/07/2009 06:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [14/07/2009 06:37:46] - |D| - [0] - C:\Windows\en-US [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [10/10/2019 20:59:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 04:20:09] - |RSD| - [578878211] - C:\Windows\Fonts [06/01/2011 14:21:35] - |D| - [107376] - C:\Windows\fr [06/01/2011 22:22:02] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 00:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 04:20:09] - |D| - [34181371] - C:\Windows\Globalization [14/07/2009 04:20:09] - |D| - [72619836] - C:\Windows\Help [MD5.A66E522F3CBFB8709EA37844922A002E] - [10/10/2019 21:19:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7601.23834) - C:\Windows\HelpPane.exe [20/02/2011 01:38:17] - |D| - [5312824] - C:\Windows\Hewlett-Packard [MD5.12589371C087A76B6E8E152939E59E98] - [12/10/2019 16:00:26] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7601.24134) - C:\Windows\hh.exe [MD5.0D776C3A36F2B6E657939BB96096E070] - [14/07/2009 08:44:57] - |A| - (.-.) - [48223] - (0.0.0.0) - C:\Windows\HomeBasic.xml [MD5.A9EC7E065F5E86C62596B5B8AB2BB94E] - [24/09/2010 15:41:34] - |A| - (.-.) - [7736] - (0.0.0.0) - C:\Windows\hpDSTRES.DLL [14/07/2009 04:20:09] - |D| - [143541252] - C:\Windows\IME [14/07/2009 04:20:10] - |D| - [156272140] - C:\Windows\inf [06/01/2011 14:10:52] - |SHD| - [2034901696] - C:\Windows\Installer [14/07/2009 04:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 04:20:10] - |D| - [40983011] - C:\Windows\Logs [14/07/2009 04:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 01:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 04:20:10] - |D| - [992965454] - C:\Windows\Microsoft.NET [08/10/2019 23:34:31] - |D| - [4859] - C:\Windows\Migration [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [10/10/2019 21:07:14] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [14/07/2009 06:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [07/09/2009 02:57:26] - |D| - [715491] - C:\Windows\Panther [06/01/2011 14:19:23] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 06:32:38] - |D| - [62102428] - C:\Windows\Performance [MD5.96F5B18533C0973C75AC421ED67CA853] - [20/02/2011 01:39:02] - |A| - (.-.) - [324408] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 04:20:10] - |D| - [1124149] - C:\Windows\PLA [14/07/2009 04:20:10] - |D| - [2967886] - C:\Windows\PolicyDefinitions [20/02/2011 01:26:47] - |D| - [36312137] - C:\Windows\Prefetch [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 00:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 04:20:10] - |D| - [22588] - C:\Windows\Registration [14/07/2009 04:20:10] - |D| - [10467540] - C:\Windows\rescache [14/07/2009 04:20:10] - |D| - [1664676] - C:\Windows\Resources [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 04:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 04:20:10] - |D| - [6053888] - C:\Windows\security [14/07/2009 05:45:47] - |D| - [47591014] - C:\Windows\ServiceProfiles [14/07/2009 04:20:10] - |D| - [127112581] - C:\Windows\servicing [14/07/2009 05:45:50] - |D| - [15250] - C:\Windows\Setup [MD5.AC849B99E032F4017BB1CE37934DD4AF] - [01/12/2019 17:22:09] - |A| - (.-.) - [112] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/12/2019 17:22:09] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [20/02/2011 01:34:07] - |D| - [1521431599] - C:\Windows\SoftwareDistribution [14/07/2009 04:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [09/10/2019 18:19:29] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 06:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [MD5.287F22918F320D9409C60D6DC85D0DFE] - [20/02/2011 01:33:50] - |A| - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [524800] - (1.0.6315.0) - C:\Windows\sttray64.exe [14/07/2009 04:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 03:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 04:20:10] - |D| - [3798957678] - C:\Windows\System32 [14/07/2009 04:20:14] - |D| - [1219988631] - C:\Windows\SysWOW64 [14/07/2009 04:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 04:20:14] - |D| - [30336] - C:\Windows\Tasks [14/07/2009 04:20:14] - |D| - [532564] - C:\Windows\Temp [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 22:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 06:32:38] - |D| - [6144] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [09/10/2019 18:15:06] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 23:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 01:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [14/07/2009 04:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 04:20:14] - |D| - [16896181] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 03:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 05:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.2BDF603B915C5619E24E21C79B132EF2] - [20/02/2011 01:34:06] - |A| - (.-.) - [1642320] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 01:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 04:20:14] - |D| - [16083961355] - C:\Windows\winsxs [MD5.74908820C298AD4768EFA5E27AC4FC20] - [10/11/2010 02:28:46] - |A| - (.© 2010 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [301936] - (15.4.3508.1109) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 21:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 00:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [05/11/2019 20:13:00] - C:\Windows\Installer\184c17.msi : (Google Update Helper - Google LLC) [Header ok : D0CF11E0A1B11AE10000000000000000] [20/02/2011 01:40:49] - C:\Windows\Installer\1d8a8.msi : (LS_HSI - Hewlett-Packard Company) [Header ok : D0CF11E0A1B11AE10000000000000000] [20/02/2011 01:41:38] - C:\Windows\Installer\1d8b5.msi : (Blank Project Template - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/10/2009 02:27:10] - C:\Windows\Installer\1d8bb.msi : ( - Hewlett-Packard Development Compay, L.P.) [Header ok : D0CF11E0A1B11AE10000000000000000] [29/10/2010 03:17:28] - C:\Windows\Installer\1d8c1.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [26/11/2010 06:08:06] - C:\Windows\Installer\1da82.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [26/11/2010 06:08:32] - C:\Windows\Installer\1da88.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [26/11/2010 06:09:00] - C:\Windows\Installer\1db2f.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [11/12/2010 08:52:52] - C:\Windows\Installer\1db41.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [20/02/2011 01:45:15] - C:\Windows\Installer\1db48.msi : (Blank Project Template - Hewlett-Packard Company) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/12/2010 23:40:00] - C:\Windows\Installer\1db51.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/08/2010 00:12:02] - C:\Windows\Installer\1db64.msi : ( - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/01/2019 17:55:12] - C:\Windows\Installer\22ebe7.msi : (Sparkol VideoScribe - Sparkol) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/10/2019 22:42:49] - C:\Windows\Installer\3c06dc.msi : (Java SE Development Kit 8 Update 221 (64-bit) - Oracle Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/10/2019 22:48:38] - C:\Windows\Installer\3c06e5.msi : (Java SE Runtime Environment 8 Update 221 - Oracle Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/10/2019 22:50:28] - C:\Windows\Installer\3c06fb.msi : (Java Auto Updater - Oracle Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [30/07/2010 20:04:00] - C:\Windows\Installer\57384.msi : (WIDCOMM Bluetooth Profile Pack - Broadcom Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [09/11/2010 23:23:04] - C:\Windows\Installer\8385.msi : ( - © 2008-2010 Hewlett-Packard Development Compay, L.P.) [Header ok : D0CF11E0A1B11AE10000000000000000] [04/11/2010 14:16:58] - C:\Windows\Installer\838a.msi : (HP Software Framework - Hewlett-Packard Company) [Header ok : D0CF11E0A1B11AE10000000000000000] [03/12/2010 18:25:02] - C:\Windows\Installer\838f.msi : ( - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/09/2010 23:38:12] - C:\Windows\Installer\83f1.msi : (Adobe Shockwave Player 11.5 - Adobe Systems, Inc) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/02/2009 05:58:08] - C:\Windows\Installer\8690.msi : (ADOBER~1.0|Adobe Reader 9 - Adobe Systems Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:23:49] - C:\Windows\Installer\8698.msi : (Blank Project Template - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [29/10/2010 03:22:28] - C:\Windows\Installer\869d.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [26/11/2010 06:03:58] - C:\Windows\Installer\86a2.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [26/11/2010 06:08:12] - C:\Windows\Installer\86a7.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [26/11/2010 06:10:28] - C:\Windows\Installer\86b1.msi : (Blank Project Template - CyberLink Corp.) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:26:44] - C:\Windows\Installer\86bb.msi : (HP Auto - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:27:56] - C:\Windows\Installer\86c4.msi : (Blank Project Template - InstallShield) [Header ok : D0CF11E0A1B11AE10000000000000000] [03/12/2010 14:24:38] - C:\Windows\Installer\86c9.msi : (HP Documentation - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [13/12/2010 20:49:42] - C:\Windows\Installer\86ce.msi : ( - © 2008-2010 Hewlett-Packard Development Compay, L.P.) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:28:50] - C:\Windows\Installer\86d4.msi : (Java(TM) SE Runtime Environment 6.0 - Oracle) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:28:59] - C:\Windows\Installer\86e0.msi : (Java(TM) SE Runtime Environment 6.0 - Oracle) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:29:34] - C:\Windows\Installer\86e5.msi : (HP Support Assistant - Hewlett-Packard Company) [Header ok : D0CF11E0A1B11AE10000000000000000] [23/09/2009 09:23:42] - C:\Windows\Installer\86ea.msi : (Hewlett-Packard Asset Agent - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/02/2010 14:01:50] - C:\Windows\Installer\86ef.msi : (HP ActiveCheck Local Mode - Hewlett-Packard) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/04/2012 05:39:36] - C:\Windows\Installer\87f0ef.msi : (Blank Project Template - Adobe) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/04/2012 05:39:36] - C:\Windows\Installer\87f0f8.msi : (Blank Project Template - Adobe) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/04/2012 05:39:00] - C:\Windows\Installer\89c42b.msi : (PDF Settings CS6 - Adobe Systems Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/04/2012 05:36:06] - C:\Windows\Installer\89c66b.msi : (Installers - Adobe Systems Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/01/2011 14:33:15] - C:\Windows\Installer\dbd7.msi : (HP Wireless Assistant - Hewlett-Packard Company) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/07/2019 09:34:08] - [34856960] - (.().-. - ()) - C:\Windows\Installer\1499ae1.msp [08/08/2019 05:10:46] - [33751040] - (.().-. - ()) - C:\Windows\Installer\1663ff3.msp [20/02/2011 01:48:37] - [5224448] - (.().-. - ()) - C:\Windows\Installer\1db70.msp [08/10/2010 23:31:02] - [101888] - (.().-. - ()) - C:\Windows\Installer\83ec.msp [06/01/2011 14:18:50] - [20240896] - (.().-. - ()) - C:\Windows\Installer\83fc.msp [06/01/2011 14:18:07] - [39936] - (.().-. - ()) - C:\Windows\Installer\8415.msp [06/01/2011 14:18:11] - [4427776] - (.().-. - ()) - C:\Windows\Installer\8434.msp [06/01/2011 14:18:13] - [2932736] - (.().-. - ()) - C:\Windows\Installer\844c.msp [06/01/2011 14:18:15] - [136704] - (.().-. - ()) - C:\Windows\Installer\8461.msp [06/01/2011 14:18:16] - [1139712] - (.().-. - ()) - C:\Windows\Installer\8471.msp [06/01/2011 14:18:19] - [3314688] - (.().-. - ()) - C:\Windows\Installer\8495.msp [06/01/2011 14:18:23] - [5514240] - (.().-. - ()) - C:\Windows\Installer\84ad.msp [06/01/2011 14:18:29] - [5870080] - (.().-. - ()) - C:\Windows\Installer\84d1.msp [06/01/2011 14:18:31] - [2958336] - (.().-. - ()) - C:\Windows\Installer\84ef.msp [06/01/2011 14:18:36] - [14617088] - (.().-. - ()) - C:\Windows\Installer\8523.msp [06/01/2011 14:18:40] - [3733504] - (.().-. - ()) - C:\Windows\Installer\8531.msp [06/01/2011 14:18:42] - [205312] - (.().-. - ()) - C:\Windows\Installer\853f.msp [06/01/2011 14:18:45] - [113664] - (.().-. - ()) - C:\Windows\Installer\8580.msp [06/01/2011 14:18:46] - [630784] - (.().-. - ()) - C:\Windows\Installer\8595.msp [06/01/2011 14:18:47] - [469504] - (.().-. - ()) - C:\Windows\Installer\85a3.msp [06/01/2011 14:18:50] - [5128192] - (.().-. - ()) - C:\Windows\Installer\85b2.msp [06/01/2011 14:18:50] - [665600] - (.().-. - ()) - C:\Windows\Installer\85bd.msp [06/01/2011 14:18:52] - [515584] - (.().-. - ()) - C:\Windows\Installer\85c6.msp [06/01/2011 14:18:53] - [2148864] - (.().-. - ()) - C:\Windows\Installer\85d6.msp [06/01/2011 14:18:54] - [61440] - (.().-. - ()) - C:\Windows\Installer\85e0.msp [06/01/2011 14:18:55] - [23552] - (.().-. - ()) - C:\Windows\Installer\85ea.msp [03/08/2010 23:53:44] - [8040960] - (.().-. - ()) - C:\Windows\Installer\8691.msp [03/08/2010 23:54:04] - [11850240] - (.().-. - ()) - C:\Windows\Installer\8692.msp [05/01/2010 02:44:28] - [27012608] - (.().-. - ()) - C:\Windows\Installer\8693.msp [15/04/2012 05:36:06] - [85368832] - (.().-. - ()) - C:\Windows\Installer\89c66c.msp [20/02/2011 01:45:06] - [79085] - C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe () - () [20/02/2011 01:43:39] - [67008] - C:\Windows\Installer\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}\ARPPRODUCTICON.exe () - () [06/01/2011 14:23:52] - [10134] - C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe () - () [03/11/2019 17:52:53] - [10134] - C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe () - () [06/01/2011 14:28:27] - [132754] - C:\Windows\Installer\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}\_853F67D554F05449430E7E.exe () - () [06/01/2011 14:26:13] - [79591] - C:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe () - () [20/02/2011 01:43:03] - [77142] - C:\Windows\Installer\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}\ARPPRODUCTICON.exe () - () [20/02/2011 01:45:18] - [65536] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:45:18] - [81920] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\NewShortcut11_8E1539E158E641C6A2D83333BEA9DBE3.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:45:18] - [81920] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\NewShortcut1_85712A12045C4AB28B260026AFF2CA7D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:45:18] - [81920] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\NewShortcut2_3108B7959E5148BE94AB411B2FC42CC9.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:45:18] - [81920] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\NewShortcut3_0434F83F217D481681BD929809008BD3.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:45:18] - [81920] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\NewShortcut4_0E8DA2367F55498093973425BC7F14EB.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:45:18] - [81920] - C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\NewShortcut6_FEAC4A4DA61C48ECB6C9E74B0CCB2ED5.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [06/01/2011 14:27:58] - [53248] - C:\Windows\Installer\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [06/01/2011 14:17:36] - [61440] - C:\Windows\Installer\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}\ARPPRODUCTICON.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [06/01/2011 14:25:25] - [77142] - C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe () - () [20/02/2011 01:36:19] - [46284] - C:\Windows\Installer\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}\ARPPRODUCTICON.exe () - () [06/01/2011 14:33:24] - [25214] - C:\Windows\Installer\{48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}\HPWA_Main.exe () - () [06/01/2011 14:33:24] - [25214] - C:\Windows\Installer\{48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}\WA_tray_32_on.exe () - () [20/02/2011 01:42:49] - [79345] - C:\Windows\Installer\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}\ARPPRODUCTICON.exe () - () [06/01/2011 14:28:19] - [287038] - C:\Windows\Installer\{53CD60C7-12F9-420D-A9BF-EC8D815475A9}\NotebookDocs.exe () - () [29/10/2019 19:49:31] - [669696] - C:\Windows\Installer\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}\CamtasiaIcons.exe () - () [06/01/2011 14:24:09] - [10134] - C:\Windows\Installer\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\ARPPRODUCTICON.exe () - () [06/01/2011 14:16:01] - [90022] - C:\Windows\Installer\{84BC5389-E836-47CA-AE96-57DE17622F54}\app_1.exe () - () [03/11/2019 17:53:01] - [10134] - C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe () - () [06/01/2011 14:30:13] - [409600] - C:\Windows\Installer\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [06/01/2011 14:30:13] - [409600] - C:\Windows\Installer\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}\HPSF.exe1_6155E73FD92E470C8558A19434529225.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [06/01/2011 14:30:13] - [409600] - C:\Windows\Installer\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}\HPSF.exe_EF7870CF457E4A21A116232D3E46ED1E.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:46:26] - [75497] - C:\Windows\Installer\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\ARPPRODUCTICON.exe () - () [03/11/2019 18:04:29] - [335872] - C:\Windows\Installer\{AC76BA86-1037-0000-7760-000000000005}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:41:52] - [86016] - C:\Windows\Installer\{AE856388-AFAD-4753-81DF-D96B19D0A17C}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:41:52] - [94208] - C:\Windows\Installer\{AE856388-AFAD-4753-81DF-D96B19D0A17C}\hpDST_D9DC8CBE9F454412B02CE9167A3B0B7E.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:41:52] - [86016] - C:\Windows\Installer\{AE856388-AFAD-4753-81DF-D96B19D0A17C}\NewShortcut5_52C60A88DCC44773893759562A87A4C1.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/02/2011 01:48:06] - [132754] - C:\Windows\Installer\{AF306BD8-F9D1-4627-89B9-246E59074A05}\_853F67D554F05449430E7E.exe () - () [20/02/2011 01:48:06] - [132754] - C:\Windows\Installer\{AF306BD8-F9D1-4627-89B9-246E59074A05}\_D8491F591E3A8FA67CE067.exe () - () [20/02/2011 01:42:15] - [300318] - C:\Windows\Installer\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}\_5F3DB48AC10992E0547963.exe () - () [20/02/2011 01:42:15] - [300318] - C:\Windows\Installer\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}\_6FEFF9B68218417F98F549.exe () - () [20/02/2011 01:42:15] - [300318] - C:\Windows\Installer\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}\_FA5007C6DF56413F6D252E.exe () - () [21/10/2019 19:10:35] - [139062] - C:\Windows\Installer\{C2390EB4-E871-4FE7-9818-349E43ACD4F1}\VSIcon.exe () - () [06/01/2011 14:24:36] - [79345] - C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe () - () [06/01/2011 14:16:18] - [66164] - C:\Windows\Installer\{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}\_6FEFF9B68218417F98F549.exe () - () [06/01/2011 14:16:18] - [66164] - C:\Windows\Installer\{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}\_808D01B4FA983C9832642C.exe () - () [06/01/2011 14:16:18] - [66164] - C:\Windows\Installer\{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}\_B63C28FAB788DBE05FFF28.exe () - () [06/01/2011 14:26:45] - [94208] - C:\Windows\Installer\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [06/01/2011 14:20:14] - [80395] - C:\Windows\Installer\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}\MsblIco.Exe () - () [06/01/2011 14:10:56] - [132754] - C:\Windows\Installer\{EB58480C-0721-483C-B354-9D35A147999F}\_853F67D554F05449430E7E.exe () - () [20/02/2011 01:41:17] - [281894] - C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\ARPPRODUCTICON.exe () - () [20/02/2011 01:41:17] - [131072] - C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\LightScribeWebsite_9607541794D946E89D5752F753E35CC4.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) [20/02/2011 01:41:17] - [323584] - C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\NewShortcut1_C673DF680CDE41FC9DFBF63D31DE4F28.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) [20/02/2011 01:41:17] - [339968] - C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\NewShortcut1_FE82206EF6124B479F4EDD27A1E056A4.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) [20/02/2011 01:41:17] - [323584] - C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) [20/02/2011 01:41:17] - [131072] - C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\QuickDemoUrl_E9752251A5AD4678977047FD65566D18.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) ---------- | %System%\*.in* [14/07/2009 05:57:09] - [73] - C:\Windows\System32\desktop.ini [06/01/2011 14:33:25] - [188] - C:\Windows\System32\HPWA.ini [11/10/2019 03:22:30] - [16303] - C:\Windows\System32\ieuinit.inf [20/02/2011 01:35:51] - [1049314] - C:\Windows\System32\oem14.inf [14/07/2009 06:13:15] - [1643324] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 22:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [06/01/2011 14:33:25] - [211] - C:\Windows\Syswow64\HPWA.ini [11/10/2019 03:22:33] - [16303] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 05:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [09/10/2019 18:41:43] - [1643324] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.6712E83EA2BF4FB46A316EEEF51E8101] - |A| - [12/10/2019 16:01:30] - (.-.) - [124.99 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [02/12/2019 17:29:48] - [0 Ko] - C:\Windows\Temp\A421D363-AABD-4D35-BECB-3610D7C450E8-Sigs [MD5.43E859E3D0D3860D24FE6C07292FB162] - |A| - [30/11/2019 22:11:35] - (.-.) - [1.66 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.DF7717F5906A32284452B630CA9145D5] - |A| - [02/12/2019 17:29:48] - (.-.) - [6.42 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [07/10/2019 22:34:56] - [0 Ko] - C:\Windows\Temp\_avast5_ [MD5.00000000000000000000000000000000] - |D| - [01/12/2019 17:22:28] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 22:22:00] - [0 Ko] - C:\Windows\System32\040C [MD5.DCBADE1C40D65EFC7B95890825402221] - |A| - [20/02/2011 01:33:50] - (.-.) - [3.69 Ko] - (0.0.0.0) - C:\Windows\System32\2hps.ico [MD5.8DF55A299A3DEC29C63FBB29A58E8053] - |AH| - [14/07/2009 05:45:49] - (.-.) - [13.8 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.8DF55A299A3DEC29C63FBB29A58E8053] - |AH| - [14/07/2009 05:45:49] - (.-.) - [13.8 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.C58E9319DBD71A5332B228641C3943AC] - |A| - [20/02/2011 01:38:06] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\Windows\System32\APP_LOG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [203.5 Ko] - C:\Windows\System32\ar-SA [MD5.D213E3D37CC5BFCE8BC02B704036EDB3] - |A| - [20/02/2011 01:35:13] - (.-.) - [6.5 Ko] - (0.0.0.0) - C:\Windows\System32\bcmwlrc.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [175 Ko] - C:\Windows\System32\bg-BG [MD5.4DB832701EA2D47F325ED11F012F7338] - |A| - [20/02/2011 01:33:50] - (.-.) - [3.69 Ko] - (0.0.0.0) - C:\Windows\System32\bltinmic.ico [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [2591.09 Ko] - C:\Windows\System32\Boot [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 02:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 01:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 00:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [89515.5 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [32755.55 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [9711.51 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |SD| - [13/10/2019 13:56:54] - [5028.19 Ko] - C:\Windows\System32\CompatTel [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [326823.73 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [434 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [429.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [459.5 Ko] - C:\Windows\System32\de-DE [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 05:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.581588D510D238277746FC14258D7B8E] - |A| - [31/08/2011 20:08:22] - (.-.) - [175.77 Ko] - (0.0.0.0) - C:\Windows\System32\difx64.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [5328 Ko] - C:\Windows\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:10] - [72202.69 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [1250185.44 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [13/10/2019 19:43:19] - [0 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [459 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [3296.16 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [450 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [162.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [09/10/2019 19:35:44] - [154.5 Ko] - C:\Windows\System32\EventProviders [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [432 Ko] - C:\Windows\System32\fi-FI [MD5.5D8D7E8C3DE2C93DC1519213561F9606] - |A| - [14/07/2009 05:45:34] - (.-.) - [4785.47 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 22:22:00] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [41694.69 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 21:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.006A92923CD13903B4E6A7F0FB988F64] - |A| - [31/08/2011 19:22:36] - (.-.) - [152.53 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ar-SA.resources [MD5.1BF8539321E40DF68CE7E95068AEE299] - |A| - [31/08/2011 19:22:38] - (.-.) - [130.25 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.cs-CZ.resources [MD5.4C8C120C4090618823F0E7AA350795C7] - |A| - [31/08/2011 19:22:40] - (.-.) - [125.53 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.da-DK.resources [MD5.2058A06BF6D8B180BB1CE8E7E1E67FCD] - |A| - [31/08/2011 19:22:40] - (.-.) - [134.61 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.de-DE.resources [MD5.0CDA4CC5359FE58298815E114DBEC7BC] - |A| - [31/08/2011 19:22:42] - (.-.) - [193.4 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.el-GR.resources [MD5.7C2377580FFBD49D836C40DE2160BEA9] - |A| - [31/08/2011 19:22:18] - (.-.) - [121.15 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.en-US.resources [MD5.0D3E1BC8F8959FA83CA3CF9E5EB5A408] - |A| - [31/08/2011 19:22:44] - (.-.) - [134.42 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.es-ES.resources [MD5.4B0168C32F07B66856749BC5468B27EE] - |A| - [31/08/2011 19:22:44] - (.-.) - [129.77 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.fi-FI.resources [MD5.4C82CD02DA7D0AE8D573BF3BE47C6215] - |A| - [31/08/2011 19:22:46] - (.-.) - [132.47 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.fr-FR.resources [MD5.7219A7C9A43736282FBD1DBB74E8E32A] - |A| - [31/08/2011 19:22:48] - (.-.) - [145.49 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.he-IL.resources [MD5.379F9A38A59254237F74DE99037E382B] - |A| - [31/08/2011 19:23:12] - (.-.) - [128.75 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.hr-HR.resources [MD5.5DC8DAFF86804EF2402474FD38905DDF] - |A| - [31/08/2011 19:22:48] - (.-.) - [131.22 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.hu-HU.resources [MD5.10F21BD2B037BF0AD291DDEF4FE63C42] - |A| - [31/08/2011 19:22:50] - (.-.) - [136.93 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.it-IT.resources [MD5.1D95F2F89BD1CC4E6DF5CEFF49654684] - |A| - [31/08/2011 19:22:52] - (.-.) - [149.54 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ja-JP.resources [MD5.D1F884B41FD504F075780AA407EFBB23] - |A| - [31/08/2011 19:22:52] - (.-.) - [135.46 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ko-KR.resources [MD5.36FA39C4E74D54DBA8484E15B39B3851] - |A| - [31/08/2011 19:22:54] - (.-.) - [125.78 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.nb-NO.resources [MD5.1368EBEF4A112AF1B5588EC05EE7F97E] - |A| - [31/08/2011 19:22:56] - (.-.) - [131.26 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.nl-NL.resources [MD5.6A9D9F1BF4CC18FB11D9A5A58FB48E66] - |A| - [31/08/2011 19:22:56] - (.-.) - [130.03 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pl-PL.resources [MD5.3940936D7AFC26057A0F850F8D5CD1DA] - |A| - [31/08/2011 19:22:58] - (.-.) - [131.66 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pt-BR.resources [MD5.F07F374E30091305E799E9479129F901] - |A| - [31/08/2011 19:23:00] - (.-.) - [130.55 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.pt-PT.resources [MD5.9FFF6501525597FC4F3DC46AD3F3E571] - |A| - [31/08/2011 19:23:12] - (.-.) - [133.38 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ro-RO.resources [MD5.2E2FC0658B55D634878EB7AE3A0CE0CF] - |A| - [31/08/2011 19:23:00] - (.-.) - [178.37 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.ru-RU.resources [MD5.094F96C5A8A6F34EC01BB72DD16C3997] - |A| - [31/08/2011 19:23:02] - (.-.) - [129.67 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sk-SK.resources [MD5.83CFF35C3D63905E34C974F697D8746A] - |A| - [31/08/2011 19:23:04] - (.-.) - [125.97 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sl-SI.resources [MD5.D14664E5C8513D39AE5B676CC656D0B6] - |A| - [31/08/2011 19:23:04] - (.-.) - [130.7 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.sv-SE.resources [MD5.B24D5AD8778456B4E4B182585CF2AD9A] - |A| - [31/08/2011 19:23:06] - (.-.) - [206.27 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.th-TH.resources [MD5.7B7F6DCA232DF6E54BF151AA473AE992] - |A| - [31/08/2011 19:23:08] - (.-.) - [132.18 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.tr-TR.resources [MD5.640437927797ADD2CB167B648961B7EE] - |A| - [31/08/2011 19:23:08] - (.-.) - [113.64 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.zh-CN.resources [MD5.9EC4BCF645875DA7BBABE27640EAAB3D] - |A| - [31/08/2011 19:23:10] - (.-.) - [114.9 Ko] - (0.0.0.0) - C:\Windows\System32\Gfxres.zh-TW.resources [MD5.FFB49EE58EF3E271AA25F847D3299047] - |A| - [08/12/2010 19:55:00] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\GfxUI.exe.config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.BCD6FDA35086982E0EA1F68FD7772F55] - |A| - [06/01/2011 14:33:25] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\Windows\System32\HPWA.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [170 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [436.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.105CFE016CCB20175BEACEC146F175AB] - |A| - [08/12/2010 19:55:00] - (.-.) - [92 Ko] - (0.0.0.0) - C:\Windows\System32\IccLibDll_x64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.6CE9319932479C10647280E6E85DEE46] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [551 Ko] - (1.0.6315.0) - C:\Windows\System32\idt64mp1.exe [MD5.AA1F7233BF9F1B048148260BC934181A] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [428.5 Ko] - (1.0.6315.0) - C:\Windows\System32\IDTNC64.cpl [MD5.49471C808E2ADB5672EE12329BCDDA0E] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [5762 Ko] - (1.0.6315.0) - C:\Windows\System32\IDTNGUI.exe [MD5.F6A2CFBFE19DECACDCFCFA2A7709E3A9] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [2998 Ko] - (1.0.6315.0) - C:\Windows\System32\IDTNHP.dll [MD5.30CF3E56750FF729F1523E85425B809C] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [207 Ko] - (1.0.6315.0) - C:\Windows\System32\IDTNJ.exe [MD5.2B250C2D2AD8EB984BA8EC149DA604A6] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [945.5 Ko] - (1.0.6315.0) - C:\Windows\System32\IDTNX.dll [MD5.28973ADB97A53607B099E27FE3FCDF73] - |A| - [08/12/2010 19:55:02] - (.-.) - [125.2 Ko] - (0.0.0.0) - C:\Windows\System32\igcompkrng575.bin [MD5.63012FCBAE00DEB11E5E2F136AAD09B5] - |A| - [31/08/2011 19:51:16] - (.-.) - [103.13 Ko] - (0.0.0.0) - C:\Windows\System32\igfcg575m.bin [MD5.28A5952B98BAC347AD00BFD35690D204] - |A| - [31/08/2011 19:13:52] - (.Copyright (C) 2010 - CM Runtime Dynamic Link Library.) - [137 Ko] - (1.0.0.1011) - C:\Windows\System32\igfxcmrt64.dll [MD5.459B870B2CE80AB3230EB5A749EA308D] - |A| - [08/12/2010 19:55:10] - (.Copyright (C) 2009 - Intel(R) Graphics Media Accelerator Driver Coinstaller.) - [88 Ko] - (1.2.30.0) - C:\Windows\System32\igfxCoIn_v2253.dll [MD5.09D8D5A52E0FB9A5F3873123C2E2B77F] - |A| - [31/08/2011 19:58:50] - (.Copyright (C) 2009 - Intel(R) Graphics Media Accelerator Driver Coinstaller.) - [88 Ko] - (1.2.30.0) - C:\Windows\System32\igfxCoIn_v2509.dll [MD5.3E3F927404C46F397AA68F2960D7B345] - |A| - [31/08/2011 19:20:50] - (.-.) - [4 Ko] - (1.0.0.0) - C:\Windows\System32\IGFXDEVLib.dll [MD5.53E9EF8E0A657E83609D69AE9D76BFB9] - |A| - [13/07/2009 22:59:36] - (.-.) - [1463.44 Ko] - (0.0.0.0) - C:\Windows\System32\igkrng400.bin [MD5.6BB6B4D9538A8C828DA90FA1EFD81B43] - |A| - [31/08/2011 19:51:16] - (.-.) - [846.7 Ko] - (0.0.0.0) - C:\Windows\System32\igkrng575.bin [MD5.40DFD4CFB98AB5E4666B0F607CB64921] - |A| - [31/08/2011 19:13:52] - (.-.) - [1935.25 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.cpa [MD5.828C46F74BB7248FF401471D072BB751] - |A| - [31/08/2011 19:13:52] - (.-.) - [1.05 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.vp [MD5.585CBA361053B0703C5682DFB86141FD] - |A| - [31/08/2011 19:13:52] - (.-.) - [57.68 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64.vp [MD5.E0B85045105247B03B4C25F8421B1F84] - |A| - [31/08/2011 19:13:52] - (.-.) - [57.79 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64.vp [MD5.5C4EA9837E5E5CB27C3C74D46AA7BC43] - |A| - [31/08/2011 19:13:52] - (.-.) - [57.85 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64.vp [MD5.16CC894CF47F141878428AF0424CFF7F] - |A| - [31/08/2011 20:22:50] - (.-.) - [17.03 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs64.vp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [36875.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.8F443F9726349802839C7C0D1C8C904F] - |A| - [06/01/2011 14:29:05] - (.Copyright © 2010 - Java(TM) Platform SE binary.) - [167.78 Ko] - (6.0.220.4) - C:\Windows\System32\java.exe [MD5.A27AD8C3D4F0518F3E59CA1C9C5C0D18] - |A| - [06/01/2011 14:29:05] - (.Copyright © 2010 - Java(TM) Platform SE binary.) - [167.78 Ko] - (6.0.220.4) - C:\Windows\System32\javaw.exe [MD5.47E0BEDC36A30141133728B604A8F11D] - |A| - [06/01/2011 14:29:05] - (.Copyright © 2010 - Java(TM) Web Start Launcher.) - [184.78 Ko] - (6.0.220.4) - C:\Windows\System32\javaws.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [362 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 03:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [2784.95 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [167 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [168 Ko] - C:\Windows\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [03/11/2019 18:06:37] - [0 Ko] - C:\Windows\System32\Macromed [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 21:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 05:45:42] - [5.1 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [3465.93 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [37856.93 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 05:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [09/10/2019 19:41:51] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [24.48 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [424.5 Ko] - C:\Windows\System32\nb-NO [MD5.2B2ACEEAA42B3AFA1BA86587F0191D90] - |A| - [20/02/2011 01:33:50] - (.-.) - [17.04 Ko] - (0.0.0.0) - C:\Windows\System32\nbspkrs.ico [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [13/07/2009 23:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [68 Ko] - C:\Windows\System32\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [445.5 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 03:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.D3BB05DE81B814D016E2314938C146BB] - |A| - [20/02/2011 01:35:51] - (.-.) - [1024.72 Ko] - (0.0.0.0) - C:\Windows\System32\oem14.inf [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 21:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [13278.34 Ko] - C:\Windows\System32\oobe [MD5.F699516F1CD014F35CFE773F32344AC8] - |A| - [14/07/2009 03:36:59] - (.-.) - [119.15 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.5874A23E8DBFF0BE30064A86ABAAD70F] - |A| - [06/01/2011 22:22:24] - (.-.) - [146.54 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 21:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 03:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [06/01/2011 22:22:24] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.0415335BB4948F518454012C353E3CEE] - |A| - [14/07/2009 03:36:59] - (.-.) - [638.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.066C88E7199DE52F1F5FE55CC5BECE17] - |A| - [06/01/2011 22:22:24] - (.-.) - [730.05 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.54F217FDB08DB5A012FBF7C0ACDEBF1F] - |A| - [14/07/2009 06:13:15] - (.-.) - [1604.81 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [441 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:45] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [438 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [440.5 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [164444.97 Ko] - C:\Windows\System32\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0.07 Ko] - C:\Windows\System32\restore [MD5.A9A53CB35F50E5E218A7956BBFB15354] - |A| - [20/02/2011 01:39:55] - (.-.) - [15.57 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [171 Ko] - C:\Windows\System32\ro-RO [MD5.92C704590FCEDDA971B7A77945DCCDA4] - |A| - [10/06/2011 06:34:52] - (.- About Page.) - [72.53 Ko] - (1.2.0.3) - C:\Windows\System32\RtNicProp64.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [09/10/2019 18:11:44] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [171.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [168 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:46] - [42.67 Ko] - C:\Windows\System32\slmgr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [16130.02 Ko] - C:\Windows\System32\SMI [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 22:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [17378 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [41158.61 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [2092.43 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [09/10/2019 19:35:57] - [1775.5 Ko] - C:\Windows\System32\SPReview [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [20/02/2011 01:33:49] - [703.5 Ko] - C:\Windows\System32\SRSLabs [MD5.87C8C4C5A6060C033D37238F38751F4B] - |A| - [20/02/2011 01:33:19] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [215 Ko] - (1.0.6315.0) - C:\Windows\System32\staco64.dll [MD5.708A15CC5C52B4269C73767C53B67762] - |A| - [20/02/2011 01:33:18] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [636 Ko] - (1.0.6315.0) - C:\Windows\System32\stapi64.dll [MD5.998AA17F348FFB89C8BC48C31F300950] - |A| - [20/02/2011 01:33:18] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [1462 Ko] - (1.0.6315.0) - C:\Windows\System32\stapo64.dll [MD5.FB9E2AD7124CC9AA8FE7CF3848C2E8D7] - |A| - [20/02/2011 01:33:18] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [421.5 Ko] - (1.0.6315.0) - C:\Windows\System32\stcplx64.dll [MD5.06CEEC87EA7A1DA1368BEE4FFADAD981] - |A| - [20/02/2011 01:33:50] - (.Copyright © 2004 - 2009 IDT, Inc. - IDT PC Audio.) - [4486.5 Ko] - (1.0.6315.0) - C:\Windows\System32\stlang64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [428.5 Ko] - C:\Windows\System32\sv-SE [MD5.DD123C8B48335B668F5ED17A3FCEE973] - |A| - [17/12/2010 03:26:08] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCOM.) - [405.79 Ko] - (15.3.27.1) - C:\Windows\System32\SynCOM.dll [MD5.6115AC4E39F106E065D6ED5963306176] - |A| - [01/10/2011 01:14:22] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCtrl.) - [270.29 Ko] - (15.3.27.1) - C:\Windows\System32\SynCtrl.dll [MD5.2111EFF8E2DFD04C0E25041DD6392E4F] - |A| - [15/09/2011 01:11:16] - (.-.) - [1024 Ko] - (0.0.0.0) - C:\Windows\System32\syndata.bin [MD5.60B097BBC1907688F77D30BAA59B722F] - |A| - [01/10/2011 01:14:26] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynTPAPI.) - [221.29 Ko] - (15.3.27.1) - C:\Windows\System32\SynTPAPI.dll [MD5.24C9E850C7180673122E300D47E3957C] - |A| - [17/12/2010 03:26:16] - (.Copyright (C) Synaptics Incorporated 1996-2010 - Synaptics Pointing Device Driver Co-Installer.) - [145.29 Ko] - (15.2.4.4) - C:\Windows\System32\SynTPCo5.dll [MD5.AD940A29D1B5B198D49A65F658722718] - |A| - [01/10/2011 01:14:26] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics Pointing Device Driver Co-Installer.) - [144.79 Ko] - (15.3.27.1) - C:\Windows\System32\SynTPCo9.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [453.51 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [09/10/2019 18:20:55] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [222.81 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 22:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [159 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [426 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.B0D8E26D3CC725F0CC6D33FDBEA061F7] - |A| - [14/07/2009 05:45:37] - (.-.) - [21 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.E2090ABBDE0128166584C1534810D334] - |A| - [14/07/2009 05:45:37] - (.-.) - [9 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [53467.68 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:45] - [47.61 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [38098.64 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 22:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [16 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.92042E1EA3CDB08B077C7CE788D2816D] - |A| - [07/10/2019 22:49:54] - (.Copyright © 2019 - Java(TM) Platform SE binary.) - [107.48 Ko] - (8.0.2210.11) - C:\Windows\System32\WindowsAccessBridge-64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [9124.89 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [33048 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:46] - [106.26 Ko] - C:\Windows\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [338.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [260.5 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [339 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 22:22:01] - [0 Ko] - C:\Windows\SysWOW64\040C [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 14:17:35] - [20630.75 Ko] - C:\Windows\SysWOW64\Adobe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |SHD| - [21/10/2019 19:10:36] - [0 Ko] - C:\Windows\SysWOW64\AI_RecycleBin [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.96D4272206C09E87DD043E6339BAFA21] - |A| - [07/10/2019 22:34:18] - (.Copyright (c) 2010 ALWIL Software - avast! start-up scanner.) - [149.59 Ko] - (5.0.507.0) - C:\Windows\SysWOW64\aswBoot.exe [MD5.C3A7AC3D7C71DF622E2828A35ECB84A5] - |A| - [07/10/2019 22:34:18] - (.Copyright (c) 2009 ALWIL Software - avast! Screen Saver stub.) - [37.94 Ko] - (5.0.159.0) - C:\Windows\SysWOW64\avastSS.scr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [8496.86 Ko] - C:\Windows\SysWOW64\config [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/10/2019 22:34:30] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\config.nt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.B9A550873AB27DB299AEA3D9DE5489D4] - |A| - [20/02/2011 01:32:43] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.2.0.1015) - C:\Windows\SysWOW64\CSVer.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE [MD5.27CADAE7E69FEEE773EA55108A8F9F47] - |A| - [06/01/2011 14:28:55] - (.Copyright © 2010 - Java(TM) Platform SE binary.) - [461.73 Ko] - (6.0.220.4) - C:\Windows\SysWOW64\deployJava1.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [4162.5 Ko] - C:\Windows\SysWOW64\Dism [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [3482.71 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [1.09 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [451.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [3264.16 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [443 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.94435601D0646B381530DC2EED4D928D] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Book Service.) - [1380.18 Ko] - (3.0.0.5) - C:\Windows\SysWOW64\ezBook7.dll [MD5.03C0560DAC4D016027A00BA820EA9DBF] - |A| - [06/01/2011 14:27:07] - (.-.) - [9.54 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ezdigsgn.dat [MD5.2C8914A388AA3923E30764A4533CAAAE] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Magic Mail MAPI Client.) - [423.68 Ko] - (3.0.0.4) - C:\Windows\SysWOW64\ezEMail7.dll [MD5.3AF56F66214A075E247D5082A7015E16] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS -.) - [158.18 Ko] - (3.0.0.4) - C:\Windows\SysWOW64\ezFileImport7.dll [MD5.75DBBFAA7784A4ECB753C80EC789FD33] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Desktop Hints Service.) - [262.18 Ko] - (3.0.0.3) - C:\Windows\SysWOW64\ezHints7.dll [MD5.321E8DE95353C0F716A8ADF631BCCC80] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS -.) - [171.68 Ko] - (3.0.0.11) - C:\Windows\SysWOW64\ezLicPrompt7.dll [MD5.5DC675E8F962A2D1902B2DA9E5A50CE1] - |A| - [06/01/2011 14:27:06] - (.EasyBits Software AS - EasyBits Windows MAPI Helper.) - [19.18 Ko] - (3.0.0.4) - C:\Windows\SysWOW64\ezMAPIHelper.exe [MD5.190D8E177C49F56DB3DD6A16012213F9] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS -.) - [220.68 Ko] - (3.0.0.7) - C:\Windows\SysWOW64\ezMDUninstall.exe [MD5.6097A6C4AD7FB9758D402D422B43F7E4] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Desktop Menu Service.) - [552.68 Ko] - (3.0.0.1) - C:\Windows\SysWOW64\ezMenu7.dll [MD5.19C1DF2894319C2D57D417B21E0C7967] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Print Service.) - [884.68 Ko] - (3.0.0.1) - C:\Windows\SysWOW64\ezPrint7.dll [MD5.D38DFB89EEB5F3029A8FDD53F55E4F2D] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Dial-Up service.) - [60.68 Ko] - (3.0.0.1) - C:\Windows\SysWOW64\ezRas7.dll [MD5.C65B7DF2DFE30C0F561E4A3571C5BE87] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Score Service.) - [621.18 Ko] - (3.0.0.2) - C:\Windows\SysWOW64\ezScore7.dll [MD5.41C97AD5258741B9A03EF8E674E8393F] - |A| - [13/12/2010 12:00:00] - (.Copyright © EasyBits Software AS 2009 - Magic Desktop Screen Saver.) - [446.18 Ko] - (3.0.0.0) - C:\Windows\SysWOW64\ezScrSvr.scr [MD5.93318E8FC37680202753002835EE5C1A] - |A| - [06/01/2011 14:27:06] - (.EasyBits Software AS - EasyBits SEngine for Windows.) - [319.18 Ko] - (7.0.0.474) - C:\Windows\SysWOW64\ezseng.exe [MD5.3A76C89D20E72CBC15E25F42DE03502E] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS -.) - [87.68 Ko] - (3.0.0.3) - C:\Windows\SysWOW64\ezSetupMgr.exe [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - |A| - [06/01/2011 14:27:09] - (.EasyBits Software AS - Shared EasyBits services for Windows.) - [502.18 Ko] - (5.0.0.101) - C:\Windows\SysWOW64\ezSharedSvcHost.exe [MD5.D1E6FA24DEDCA392325BE82B22230745] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Desktop Shell.) - [539.68 Ko] - (3.0.0.41) - C:\Windows\SysWOW64\ezShell7.dll [MD5.6A6AECDB39401B512CE9FDA1406EFE58] - |A| - [06/01/2011 14:27:06] - (.EasyBits Software AS -.) - [115.68 Ko] - (3.0.0.16) - C:\Windows\SysWOW64\ezShellStart.exe [MD5.76CEB4F462707E702AC58AD75AF86F26] - |AH| - [20/02/2011 01:28:16] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ezsidmv.dat [MD5.B9A9CB3E7A7E1FF07876DC4D7879F6ED] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Subscriptions Service.) - [112.18 Ko] - (3.0.0.7) - C:\Windows\SysWOW64\ezSubs7.dll [MD5.63B85A580D21AF9BC788FE69854FABD7] - |A| - [06/01/2011 14:27:09] - (.EasyBits Software AS - EasyBits services for Windows.) - [574.68 Ko] - (4.2.2.66) - C:\Windows\SysWOW64\ezsvc7x.dll [MD5.EA651AA7C6B97F1DD64638BE9EDC0564] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Shared Utilities.) - [711.68 Ko] - (3.0.0.10) - C:\Windows\SysWOW64\ezUtils7.dll [MD5.92189F3087EA297D23C6F3BD3F8D4BD0] - |A| - [13/12/2010 12:00:00] - (.EasyBits Software AS - EasyBits Wizard Service.) - [475.18 Ko] - (3.0.0.6) - C:\Windows\SysWOW64\ezWizard7.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [425 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 22:22:01] - [1680 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [38063.98 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.78AB371C5306F33508367BD0F8CEC6E0] - |A| - [06/01/2011 14:33:25] - (.-.) - [0.21 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HPWA.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [429 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.28973ADB97A53607B099E27FE3FCDF73] - |A| - [08/12/2010 19:55:02] - (.-.) - [125.2 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igcompkrng575.bin [MD5.63012FCBAE00DEB11E5E2F136AAD09B5] - |A| - [31/08/2011 19:51:16] - (.-.) - [103.13 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igfcg575m.bin [MD5.53E9EF8E0A657E83609D69AE9D76BFB9] - |A| - [13/07/2009 22:59:36] - (.-.) - [1463.44 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igkrng400.bin [MD5.6BB6B4D9538A8C828DA90FA1EFD81B43] - |A| - [31/08/2011 19:51:16] - (.-.) - [846.7 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igkrng575.bin [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [34097.44 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.51A850830CB841FBE5B90142BCC6B854] - |A| - [06/01/2011 14:28:55] - (.Copyright © 2010 - Java(TM) Platform SE binary.) - [141.78 Ko] - (6.0.220.4) - C:\Windows\SysWOW64\java.exe [MD5.87893167C98FCEF5D14077511F219B75] - |A| - [06/01/2011 14:28:55] - (.Copyright © 2010 - Java(TM) Platform SE binary.) - [141.78 Ko] - (6.0.220.4) - C:\Windows\SysWOW64\javaw.exe [MD5.42278A946AB729CB746AA47D48F5FCC0] - |A| - [06/01/2011 14:28:55] - (.Copyright © 2010 - Java(TM) Web Start Launcher.) - [149.78 Ko] - (6.0.220.4) - C:\Windows\SysWOW64\javaws.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [356.5 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 03:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/02/2011 01:32:33] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 14:11:04] - [16605.51 Ko] - C:\Windows\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 05:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [3178.93 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [32763.45 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 03:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.C998E69D8884F49D0A6316DF96BA3DF2] - |A| - [12/03/2010 10:14:04] - (.Copyright (C) Matsushita Electric 1998 - DV Video for Windows Driver.) - [259.57 Ko] - (2.64.1119.1600) - C:\Windows\SysWOW64\pdvcodec.dll [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.54F217FDB08DB5A012FBF7C0ACDEBF1F] - |A| - [09/10/2019 18:41:43] - (.-.) - [1604.81 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:46] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.AEB4FFE8DF527FFF96950694F10F19BC] - |A| - [01/10/2011 01:14:20] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCOM.) - [173.29 Ko] - (15.3.27.1) - C:\Windows\SysWOW64\SynCOM.dll [MD5.7CB45B78126B902A66FB8AA33DB13738] - |A| - [01/10/2011 01:14:22] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCtrl.) - [217.29 Ko] - (15.3.27.1) - C:\Windows\SysWOW64\SynCtrl.dll [MD5.7DF13DEED15B454A096402665E7DBCBE] - |A| - [01/10/2011 01:14:28] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics TouchPad Interfaces.) - [105.29 Ko] - (15.3.27.1) - C:\Windows\SysWOW64\SynTPCOM.dll [MD5.913D17FDBCFEA1AA3297A54B79A04390] - |A| - [01/10/2011 01:14:32] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics Proxy Server.) - [65.29 Ko] - (15.3.27.1) - C:\Windows\SysWOW64\SynTPEnhPS.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:46] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 03:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [9055.43 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:46] - [47.61 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [101.23 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:32:38] - [9079.89 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 06:37:46] - [106.26 Ko] - C:\Windows\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [06/01/2011 22:22:01] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | [Public] [14/07/2009 04:20:08] - |RHD| - [22070] - C:\Users\Public\Desktop [14/07/2009 05:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 04:20:08] - |RD| - [278] - C:\Users\Public\Documents [14/07/2009 04:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 04:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 04:20:08] - |RHD| - [964] - C:\Users\Public\Libraries [14/07/2009 04:20:08] - |RD| - [17440884] - C:\Users\Public\Music [14/07/2009 04:20:08] - |RD| - [5838651] - C:\Users\Public\Pictures [07/10/2019 22:34:14] - |D| - [3798] - C:\Users\Public\Symantec [14/07/2009 04:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ---------- | [Yacine] [07/10/2019 22:57:13] - |D| - [547917018] - C:\Users\Yacine\.android [07/10/2019 22:57:23] - |D| - [573202965] - C:\Users\Yacine\.AndroidStudio3.5 [09/10/2019 22:03:53] - |D| - [2686761209] - C:\Users\Yacine\.gradle [18/10/2019 19:40:07] - |A| - [459764] - C:\Users\Yacine\.linkassistant.properties [18/10/2019 19:39:29] - |A| - [387000] - C:\Users\Yacine\.ranktracker.properties [18/10/2019 19:40:39] - |A| - [474934] - C:\Users\Yacine\.spyglass.properties [13/10/2019 19:45:15] - |D| - [158077] - C:\Users\Yacine\.VirtualBox [18/10/2019 19:39:47] - |A| - [1939209] - C:\Users\Yacine\.websiteauditor.properties [09/10/2019 21:54:45] - |D| - [315346] - C:\Users\Yacine\AndroidStudioProjects [09/10/2019 20:54:47] - |D| - [93963369] - C:\Users\Yacine\ApkProjects [07/10/2019 22:32:11] - |HD| - [37557555348] - C:\Users\Yacine\AppData [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Application Data [07/10/2019 22:31:05] - |RD| - [45009] - C:\Users\Yacine\Contacts [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Cookies [07/10/2019 22:32:11] - |RD| - [5771685] - C:\Users\Yacine\Desktop [07/10/2019 22:32:11] - |RD| - [1709802842] - C:\Users\Yacine\Documents [07/10/2019 22:32:11] - |RD| - [10540635492] - C:\Users\Yacine\Downloads [07/10/2019 22:32:11] - |RD| - [3588] - C:\Users\Yacine\Favorites [09/10/2019 21:34:30] - |D| - [946953305] - C:\Users\Yacine\gradle-5.6.2-all [19/10/2019 22:26:50] - |D| - [2266] - C:\Users\Yacine\KeyStore2019 [07/10/2019 22:32:11] - |RD| - [2298] - C:\Users\Yacine\Links [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Local Settings [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Menu Démarrer [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Mes documents [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Modèles [07/10/2019 22:32:11] - |RD| - [504] - C:\Users\Yacine\Music [07/10/2019 22:32:11] - |ASH| - [2359296] - C:\Users\Yacine\NTUSER.DAT [07/10/2019 22:32:12] - |ASH| - [262144] - C:\Users\Yacine\ntuser.dat.LOG1 [07/10/2019 22:32:12] - |ASH| - [0] - C:\Users\Yacine\ntuser.dat.LOG2 [07/10/2019 22:32:13] - |ASH| - [65536] - C:\Users\Yacine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [07/10/2019 22:32:13] - |ASH| - [524288] - C:\Users\Yacine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [07/10/2019 22:32:13] - |ASH| - [524288] - C:\Users\Yacine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [07/10/2019 22:32:13] - |SH| - [20] - C:\Users\Yacine\ntuser.ini [07/10/2019 22:32:11] - |RD| - [504] - C:\Users\Yacine\Pictures [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Recent [07/10/2019 22:32:11] - |RD| - [282] - C:\Users\Yacine\Saved Games [19/10/2019 22:31:11] - |D| - [12251984] - C:\Users\Yacine\SD [07/10/2019 22:31:14] - |RD| - [1020] - C:\Users\Yacine\Searches [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\SendTo [07/10/2019 22:32:11] - |RD| - [504] - C:\Users\Yacine\Videos [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Voisinage d'impression [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\Voisinage réseau [07/10/2019 22:32:11] - |AD| - [36787692126] - C:\Users\Yacine\AppData\Local [07/10/2019 22:32:13] - |D| - [223399261] - C:\Users\Yacine\AppData\LocalLow [07/10/2019 22:32:11] - |D| - [546463960] - C:\Users\Yacine\AppData\Roaming [12/10/2019 22:33:40] - |D| - [419053] - C:\Users\Yacine\AppData\Local\Adobe [07/10/2019 22:59:11] - |D| - [33614336758] - C:\Users\Yacine\AppData\Local\Android [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\AppData\Local\Application Data [07/10/2019 22:31:39] - |D| - [0] - C:\Users\Yacine\AppData\Local\Broadcom [22/10/2019 23:37:18] - |D| - [52118016] - C:\Users\Yacine\AppData\Local\Downloaded Installations [27/10/2019 23:20:44] - |D| - [1849] - C:\Users\Yacine\AppData\Local\Dr.FarFar [05/11/2019 22:08:17] - |D| - [1761932] - C:\Users\Yacine\AppData\Local\fontconfig [07/10/2019 22:30:17] - |A| - [61296] - C:\Users\Yacine\AppData\Local\GDIPFONTCACHEV1.DAT [13/10/2019 19:45:27] - |D| - [1927766406] - C:\Users\Yacine\AppData\Local\Genymobile [07/10/2019 22:37:54] - |D| - [1006975151] - C:\Users\Yacine\AppData\Local\Google [07/10/2019 22:34:06] - |D| - [725] - C:\Users\Yacine\AppData\Local\Hewlett-Packard [07/10/2019 22:33:50] - |D| - [2080] - C:\Users\Yacine\AppData\Local\Hewlett-Packard_Company [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\AppData\Local\Historique [08/10/2019 00:03:29] - |AH| - [3789644] - C:\Users\Yacine\AppData\Local\IconCache.db [07/10/2019 22:32:11] - |D| - [154904977] - C:\Users\Yacine\AppData\Local\Microsoft [17/11/2019 16:32:14] - |D| - [284] - C:\Users\Yacine\AppData\Local\Movavi [29/11/2019 20:42:06] - |D| - [22635595] - C:\Users\Yacine\AppData\Local\Mozilla [18/10/2019 19:39:13] - |D| - [0] - C:\Users\Yacine\AppData\Local\MozSwing [27/10/2019 21:07:46] - |D| - [30557] - C:\Users\Yacine\AppData\Local\NextUp [03/11/2019 20:42:04] - |D| - [0] - C:\Users\Yacine\AppData\Local\PACE Anti-Piracy [13/10/2019 19:40:08] - |D| - [0] - C:\Users\Yacine\AppData\Local\Programs [08/11/2019 22:27:33] - |A| - [1908] - C:\Users\Yacine\AppData\Local\recently-used.xbel [07/10/2019 22:30:50] - |D| - [373] - C:\Users\Yacine\AppData\Local\RemEngine [30/10/2019 22:24:15] - |D| - [6897] - C:\Users\Yacine\AppData\Local\TechSmith [07/10/2019 22:32:11] - |D| - [2230189] - C:\Users\Yacine\AppData\Local\Temp [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\AppData\Local\Temporary Internet Files [07/10/2019 21:40:11] - |D| - [73] - C:\Users\Yacine\AppData\Local\VirtualStore [17/11/2019 18:51:21] - |D| - [648363] - C:\Users\Yacine\AppData\Local\Windows Live Writer [16/11/2019 00:02:01] - |D| - [0] - C:\Users\Yacine\AppData\Local\{4C062650-7DC5-4DAC-A090-236F3074B752} [17/11/2019 18:51:47] - |D| - [0] - C:\Users\Yacine\AppData\Local\{6A107508-324C-4FCF-9212-3535F33C1EB4} [26/11/2019 22:51:43] - |D| - [0] - C:\Users\Yacine\AppData\Local\{9A543409-8D8D-4C5A-AE25-63B5F21B57ED} [03/11/2019 18:48:00] - |D| - [0] - C:\Users\Yacine\AppData\LocalLow\Adobe [07/10/2019 22:32:38] - |SD| - [258664] - C:\Users\Yacine\AppData\LocalLow\Microsoft [29/11/2019 20:42:19] - |D| - [0] - C:\Users\Yacine\AppData\LocalLow\Mozilla [07/10/2019 22:42:45] - |D| - [223123656] - C:\Users\Yacine\AppData\LocalLow\Oracle [07/10/2019 22:37:20] - |D| - [16941] - C:\Users\Yacine\AppData\LocalLow\Sun [07/10/2019 22:36:36] - |D| - [229475337] - C:\Users\Yacine\AppData\Roaming\Adobe [07/11/2019 15:35:20] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\DMCache [07/10/2019 22:58:08] - |D| - [40] - C:\Users\Yacine\AppData\Roaming\Google [07/10/2019 22:34:11] - |D| - [46255] - C:\Users\Yacine\AppData\Roaming\Hewlett-Packard [07/10/2019 22:31:28] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\hpqLog [07/10/2019 22:31:07] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\Identities [07/11/2019 15:35:21] - |D| - [5462515] - C:\Users\Yacine\AppData\Roaming\IDM [05/11/2019 22:07:51] - |D| - [23730] - C:\Users\Yacine\AppData\Roaming\inkscape [07/10/2019 22:31:30] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\Intel Corporation [21/10/2019 19:14:43] - |D| - [402] - C:\Users\Yacine\AppData\Roaming\Macromedia [07/10/2019 22:32:11] - |SD| - [675236] - C:\Users\Yacine\AppData\Roaming\Microsoft [17/11/2019 16:32:14] - |D| - [1114] - C:\Users\Yacine\AppData\Roaming\MOVAVI [18/10/2019 19:39:13] - |D| - [19890313] - C:\Users\Yacine\AppData\Roaming\Mozilla [22/10/2019 23:30:56] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\NaturalReader 16 [22/10/2019 23:30:56] - |D| - [5820113] - C:\Users\Yacine\AppData\Roaming\naturalreader-personal [27/10/2019 21:07:42] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\Neos Eureka S.r.l [03/11/2019 20:42:04] - |D| - [2183] - C:\Users\Yacine\AppData\Roaming\PACE Anti-Piracy [07/10/2019 22:32:28] - |D| - [14424286] - C:\Users\Yacine\AppData\Roaming\PictureMover [03/11/2019 20:04:17] - |A| - [132] - C:\Users\Yacine\AppData\Roaming\Préfs Format PNG Adobe CS6 [07/10/2019 22:50:15] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\Sun [07/10/2019 22:31:26] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\Synaptics [30/10/2019 22:20:07] - |D| - [1821] - C:\Users\Yacine\AppData\Roaming\TechSmith [27/10/2019 21:42:30] - |D| - [135286812] - C:\Users\Yacine\AppData\Roaming\teknikforce [21/10/2019 19:13:09] - |D| - [135353659] - C:\Users\Yacine\AppData\Roaming\VideoScribeDesktop [17/11/2019 18:51:21] - |D| - [0] - C:\Users\Yacine\AppData\Roaming\Windows Live Writer [07/10/2019 23:01:33] - |D| - [12] - C:\Users\Yacine\AppData\Roaming\WinRAR [07/10/2019 22:31:14] - |SH| - [174] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [07/10/2019 22:32:13] - |SHD| - [0] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [07/10/2019 22:32:11] - |RD| - [30611] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [07/10/2019 22:32:11] - |RD| - [14643] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [07/10/2019 22:31:14] - |RD| - [174] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [03/11/2019 23:38:35] - |D| - [2672] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [07/10/2019 22:31:14] - |SH| - [476] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/11/2019 15:35:04] - |D| - [6342] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager [07/10/2019 22:31:15] - |A| - [1433] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [07/10/2019 22:32:11] - |RD| - [580] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [07/10/2019 22:31:14] - |RD| - [174] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [07/10/2019 22:39:29] - |D| - [4117] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [07/10/2019 22:31:14] - |SH| - [174] - C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\ProgramData [06/01/2011 14:22:54] - |D| - [272903820] - C:\ProgramData\Adobe [03/11/2019 18:06:26] - |D| - [0] - C:\ProgramData\ALM [07/10/2019 22:34:17] - |D| - [16644023] - C:\ProgramData\Alwil Software [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Application Data [07/10/2019 22:31:49] - |SHD| - [0] - C:\ProgramData\Bureau [21/10/2019 19:10:34] - |D| - [1477] - C:\ProgramData\com.sparkol.VideoScribeDesktop [06/01/2011 14:24:07] - |D| - [34543] - C:\ProgramData\CyberLink [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Desktop [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Documents [07/10/2019 22:31:27] - |D| - [1648154] - C:\ProgramData\Easybits Magic Desktop for HP [07/10/2019 22:31:49] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [06/01/2011 14:23:52] - |D| - [871115] - C:\ProgramData\Hewlett-Packard [07/11/2019 15:35:21] - |D| - [0] - C:\ProgramData\IDM [20/02/2011 01:56:38] - |D| - [960] - C:\ProgramData\Intel [07/10/2019 22:31:49] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [14/07/2009 04:20:08] - |SD| - [2626652776] - C:\ProgramData\Microsoft [07/10/2019 22:31:49] - |SHD| - [0] - C:\ProgramData\Modèles [17/11/2019 16:32:13] - |D| - [174] - C:\ProgramData\Movavi Video Suite 12 [29/11/2019 20:41:26] - |D| - [24] - C:\ProgramData\Mozilla [20/02/2011 01:47:17] - |D| - [12117] - C:\ProgramData\Norton [20/02/2011 01:46:51] - |D| - [10008284] - C:\ProgramData\NortonInstaller [07/10/2019 22:49:18] - |D| - [82551976] - C:\ProgramData\Oracle [03/11/2019 20:42:04] - |D| - [2305] - C:\ProgramData\PACE Anti-Piracy [29/10/2019 19:46:26] - |D| - [288458280] - C:\ProgramData\Package Cache [20/02/2011 01:45:17] - |D| - [58118] - C:\ProgramData\PictureMover [03/11/2019 18:11:18] - |D| - [1708] - C:\ProgramData\regid.1986-12.com.adobe [06/01/2011 14:15:48] - |D| - [425261] - C:\ProgramData\Stardock [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Start Menu [06/01/2011 14:28:58] - |D| - [119] - C:\ProgramData\Sun [09/10/2019 20:15:15] - |D| - [1878] - C:\ProgramData\Synaptics [29/10/2019 19:48:30] - |D| - [423896880] - C:\ProgramData\TechSmith [06/01/2011 14:24:07] - |D| - [414051] - C:\ProgramData\Temp [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Templates [13/10/2019 19:45:15] - |D| - [20827] - C:\ProgramData\VirtualBox [06/01/2011 14:11:18] - |D| - [2186591852] - C:\ProgramData\WildTangent [20/02/2011 01:43:40] - |A| - [32] - C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [06/01/2011 14:25:44] - |A| - [109] - C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [20/02/2011 01:43:24] - |A| - [32] - C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [06/01/2011 14:24:46] - |A| - [105] - C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [20/02/2011 01:42:52] - |A| - [32] - C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [06/01/2011 14:29:34] - |D| - [35271670] - C:\ProgramData\{7A89BFAF-D4AA-434A-B652-6F880DD86278} [06/01/2011 14:24:15] - |A| - [107] - C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 06:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 05:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [07/10/2019 22:31:49] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 04:20:08] - |RD| - [289974] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] - |RD| - [34864] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/07/2009 06:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [03/11/2019 18:04:31] - |A| - [2465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [03/11/2019 18:04:31] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [03/11/2019 18:04:32] - |D| - [2182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [03/11/2019 17:55:55] - |D| - [12316] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [06/01/2011 14:23:22] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [07/10/2019 22:57:12] - |D| - [1132] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio [07/10/2019 22:34:32] - |D| - [1870] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [30/11/2019 22:00:45] - |D| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [06/01/2011 14:24:37] - |RD| - [4165] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite [20/02/2011 01:46:32] - |RD| - [1407] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 [20/02/2011 01:45:07] - |RD| - [1377] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam [14/07/2009 05:54:23] - |SH| - [1504] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/10/2019 22:33:55] - |A| - [2208] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk [20/02/2011 01:42:15] - |D| - [2635] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star [29/11/2019 20:41:35] - |A| - [936] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [14/07/2009 06:32:38] - |RD| - [74040] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [07/10/2019 22:40:34] - |A| - [2222] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [06/01/2011 14:28:10] - |RD| - [15512] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [05/11/2019 22:00:42] - |A| - [824] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk [20/02/2011 01:31:26] - |RD| - [4999] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [07/11/2019 15:35:04] - |D| - [6234] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager [07/10/2019 22:49:53] - |D| - [6521] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [07/10/2019 22:44:13] - |D| - [2269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit [20/02/2011 01:41:16] - |RD| - [9269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling [06/01/2011 14:27:06] - |A| - [1962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Desktop.lnk [14/07/2009 04:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [20/02/2011 01:49:27] - |A| - [1380] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk [06/01/2011 14:17:19] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [06/01/2011 14:19:06] - |D| - [2267] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [17/11/2019 16:30:34] - |D| - [5704] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5 [07/10/2019 22:33:56] - |A| - [2187] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk [06/01/2011 14:17:43] - |RD| - [4410] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services [27/10/2019 21:41:58] - |D| - [2489] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinflux 2 Agency [06/01/2011 14:16:18] - |D| - [4306] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager [18/10/2019 19:37:40] - |D| - [4096] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEO PowerSuite [14/07/2009 05:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [20/02/2011 01:45:18] - |A| - [2043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish PictureMover.lnk [07/10/2019 22:33:57] - |A| - [2196] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk [21/10/2019 19:10:34] - |D| - [1127] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sparkol VideoScribe [14/07/2009 04:20:08] - |RD| - [3039] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/10/2019 19:49:31] - |D| - [5098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [03/11/2010 19:15:14] - |D| - [270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theft Protection [29/10/2019 20:40:57] - |D| - [2405] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Spin Blaster Pro Plus [21/10/2019 19:10:34] - |D| - [1127] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoScribe [14/07/2009 05:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [14/07/2009 05:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [06/01/2011 14:21:00] - |RD| - [4580] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [06/01/2011 14:20:22] - |A| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [06/01/2011 14:20:10] - |A| - [2486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [06/01/2011 14:20:51] - |A| - [1305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [06/01/2011 14:20:41] - |A| - [1374] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [14/07/2009 05:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [07/10/2019 22:39:29] - |D| - [4045] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [14/07/2009 05:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [20/02/2011 01:36:19] - |A| - [836] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [14/07/2009 05:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [20/02/2011 01:45:18] - |A| - [2029] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk ---------- | C:\Program Files (x86) [06/01/2011 14:22:37] - |D| - [2960472689] - C:\Program Files (x86)\Adobe [20/02/2011 01:48:36] - |D| - [998000] - C:\Program Files (x86)\Bing Bar Installer [14/07/2009 04:20:08] - |D| - [1238450099] - C:\Program Files (x86)\Common Files [06/01/2011 14:24:09] - |D| - [777298426] - C:\Program Files (x86)\CyberLink [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [06/01/2011 14:27:03] - |D| - [113625559] - C:\Program Files (x86)\EasyBits For Kids [07/10/2019 22:37:57] - |D| - [481483739] - C:\Program Files (x86)\Google [06/01/2011 14:09:38] - |D| - [559296214] - C:\Program Files (x86)\Hewlett-Packard [06/01/2011 14:11:21] - |D| - [341169525] - C:\Program Files (x86)\HP Games [06/01/2011 14:24:37] - |HD| - [131044099] - C:\Program Files (x86)\InstallShield Installation Information [20/02/2011 01:31:23] - |D| - [48101844] - C:\Program Files (x86)\Intel [07/11/2019 15:34:59] - |D| - [16755596] - C:\Program Files (x86)\Internet Download Manager [14/07/2009 04:20:08] - |D| - [10541716] - C:\Program Files (x86)\Internet Explorer [06/01/2011 14:28:52] - |D| - [90682383] - C:\Program Files (x86)\Java [20/02/2011 01:48:54] - |D| - [4165406] - C:\Program Files (x86)\Microsoft [06/01/2011 14:17:19] - |D| - [6411814] - C:\Program Files (x86)\Microsoft Office [06/01/2011 14:18:52] - |D| - [38271979] - C:\Program Files (x86)\Microsoft Silverlight [06/01/2011 14:20:35] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [09/10/2019 20:25:23] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [17/11/2019 16:30:53] - |D| - [52638677] - C:\Program Files (x86)\Movavi Core 5.1.0 [17/11/2019 16:28:00] - |D| - [380560387] - C:\Program Files (x86)\Movavi Screen Capture Studio 5 [29/11/2019 20:41:30] - |D| - [335101] - C:\Program Files (x86)\Mozilla Maintenance Service [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [20/02/2011 01:48:54] - |D| - [6744082] - C:\Program Files (x86)\MSN Toolbar [22/10/2019 23:29:57] - |D| - [1463364] - C:\Program Files (x86)\Naturalsoft [07/10/2019 22:46:00] - |D| - [0] - C:\Program Files (x86)\Nouveau dossier [06/01/2011 14:11:17] - |RD| - [21928912] - C:\Program Files (x86)\Online Services [29/10/2019 20:11:11] - |D| - [4593612] - C:\Program Files (x86)\PDF To MP3 Converter Software [20/02/2011 01:45:17] - |D| - [64428121] - C:\Program Files (x86)\PictureMover [20/02/2011 01:33:06] - |D| - [12753586] - C:\Program Files (x86)\Realtek [14/07/2009 06:32:38] - |D| - [39195905] - C:\Program Files (x86)\Reference Assemblies [18/10/2019 19:37:35] - |D| - [0] - C:\Program Files (x86)\SEO PowerSuite [27/10/2019 21:41:51] - |D| - [28772620] - C:\Program Files (x86)\Teknikforce [14/07/2009 05:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [29/10/2019 20:40:52] - |D| - [58616467] - C:\Program Files (x86)\Video Spin Blaster Pro Plus [14/07/2009 06:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [06/01/2011 14:19:35] - |D| - [174082291] - C:\Program Files (x86)\Windows Live [14/07/2009 04:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 06:32:38] - |D| - [5336849] - C:\Program Files (x86)\Windows Media Player [14/07/2009 04:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 06:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [5994678] - C:\Program Files (x86)\Windows Sidebar ---------- | C:\Program Files [03/11/2019 17:55:21] - |D| - [3236702473] - C:\Program Files\Adobe [07/10/2019 22:34:17] - |D| - [665218793] - C:\Program Files\Alwil Software [07/10/2019 22:55:25] - |D| - [1355678175] - C:\Program Files\Android [20/02/2011 01:35:12] - |D| - [12642155] - C:\Program Files\Broadcom [30/11/2019 22:00:31] - |D| - [49931720] - C:\Program Files\CCleaner [14/07/2009 04:20:08] - |D| - [421644127] - C:\Program Files\Common Files [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 06:32:38] - |D| - [4891318] - C:\Program Files\DVD Maker [07/10/2019 22:31:49] - |SHD| - [0] - C:\Program Files\Fichiers communs [03/12/2010 02:30:42] - |D| - [4391703] - C:\Program Files\Hewlett-Packard [20/02/2011 01:33:14] - |D| - [56833846] - C:\Program Files\IDT [05/11/2019 21:58:29] - |D| - [288617360] - C:\Program Files\Inkscape [14/07/2009 04:20:08] - |D| - [30628055] - C:\Program Files\Internet Explorer [06/01/2011 14:29:01] - |D| - [690897002] - C:\Program Files\Java [14/07/2009 06:32:38] - |D| - [47721271] - C:\Program Files\Microsoft Games [29/11/2019 20:40:41] - |D| - [208364945] - C:\Program Files\Mozilla Firefox [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files\MSBuild [14/10/2019 19:16:12] - |D| - [90721464] - C:\Program Files\Oracle [14/07/2009 06:32:38] - |D| - [36859049] - C:\Program Files\Reference Assemblies [21/10/2019 19:10:34] - |D| - [116777403] - C:\Program Files\Sparkol [20/02/2011 01:31:45] - |D| - [77173664] - C:\Program Files\Synaptics [29/10/2019 19:48:30] - |D| - [192522742] - C:\Program Files\TechSmith [14/07/2009 06:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [20/02/2011 01:36:10] - |D| - [184921240] - C:\Program Files\WIDCOMM [14/07/2009 06:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [06/01/2011 14:19:19] - |D| - [7755583] - C:\Program Files\Windows Live [14/07/2009 04:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 06:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 04:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 06:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [10685450] - C:\Program Files\Windows Sidebar [07/10/2019 22:39:21] - |D| - [6339195] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [06/01/2011 14:22:37] - |D| - [842546684] - C:\Program Files (x86)\Common Files\Adobe [20/02/2011 01:46:29] - |D| - [0] - C:\Program Files (x86)\Common Files\CyberLink [06/01/2011 14:27:32] - |D| - [2075653] - C:\Program Files (x86)\Common Files\InstallShield [20/02/2011 01:31:24] - |D| - [13307838] - C:\Program Files (x86)\Common Files\Intel [07/10/2019 22:50:32] - |D| - [2034520] - C:\Program Files (x86)\Common Files\Java [20/02/2011 01:41:16] - |D| - [37888965] - C:\Program Files (x86)\Common Files\LightScribe [14/07/2009 04:20:08] - |D| - [11910090] - C:\Program Files (x86)\Common Files\microsoft shared [07/10/2019 22:49:54] - |D| - [1534880] - C:\Program Files (x86)\Common Files\Oracle [20/02/2011 01:32:22] - |D| - [166332] - C:\Program Files (x86)\Common Files\postureAgent [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/07/2009 04:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [14/07/2009 04:20:08] - |D| - [10241523] - C:\Program Files (x86)\Common Files\System [06/01/2011 14:17:58] - |D| - [275637129] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [03/11/2019 17:54:31] - |D| - [368122408] - C:\Program Files\Common files\Adobe [20/02/2011 01:31:24] - |D| - [16626961] - C:\Program Files\Common files\Intel [14/07/2009 04:20:08] - |D| - [24093093] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 04:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 04:20:08] - |D| - [12190195] - C:\Program Files\Common files\System ---------- | Tasks [MD5.7D64A984A7B726566CA62735EF2974D2] - [08/10/2019 17:45:48] - |A| - [346] - C:\Windows\Tasks\HPCeeScheduleForYACINE-HP$.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 06:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.BF809F95845DD4B8D25BF6AE7657492F] - [14/07/2009 06:08:49] - |A| - [29984] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.2C5E7BE57C35F2B7CA66EB1CA55A16FD] - [07/10/2019 22:49:59] - |A| - [4184] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [MD5.D913C1622CC1B42922016E9BD5988B28] - [30/11/2019 22:00:55] - |A| - [3870] - C:\Windows\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.E6C0EB4E313B22D98ED41AB8F208FFED] - [30/11/2019 22:01:00] - |A| - [2812] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.10C2526A764835FFE174F422ED5D64ED] - [07/10/2019 22:37:58] - |A| - [3376] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.BF2B58D0D7FEAB02ADA46EB30C95B8DC] - [07/10/2019 22:37:58] - |A| - [3504] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [06/01/2011 14:30:36] - |D| - [3962] - C:\Windows\System32\Tasks\Hewlett-Packard [MD5.83E65B6EB1D2B63715D046F45221D79B] - [08/10/2019 17:45:48] - |A| - [3204] - C:\Windows\System32\Tasks\HPCeeScheduleForYACINE-HP$ : C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:13] - |D| - [192440] - C:\Windows\System32\Tasks\Microsoft [MD5.94DDD9224C8B8DAF35DCF5AA314B40CD] - [20/02/2011 01:45:09] - |A| - [3148] - C:\Windows\System32\Tasks\MirageAgent : C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [MD5.00000000000000000000000000000000] - [14/07/2009 06:09:57] - |D| - [4482] - C:\Windows\System32\Tasks\WPD [MD5.11FBB5E1CDACA76A9B22743ECA0EC947] - [14/10/2019 19:18:03] - |A| - [3172] - C:\Windows\System32\Tasks\{9A7CAD2D-C362-4F3A-A2FE-2B1B69F729CF} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{8E56E7EF-4DCE-4059-9CDD-5D4581F47DE3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{C6006C9C-CC9D-4E8B-B37B-D66DF461F9D7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{4FE3E413-87CF-4333-AC71-20B2BB71DEF7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{D1A06AF6-6BC7-4083-B2B7-B63EE22F2775}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE| "{C4E0AE7A-430A-43C3-848E-E4BD2A172EFA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Mesh\MOE.exe|Name=Windows Live Mesh|Edge=TRUE| "{C0DA59AC-6A12-4524-A9FC-885417558285}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Windows\system32\ezSharedSvcHost.exe|Name=EasyBits Magic Desktop Services|Edge=TRUE|Defer=App| "{68DACA08-BABB-468C-98DD-71FCFC57EEEC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe|Name=EasyBits Magic Desktop|Edge=TRUE|Defer=App| "{8A4AACEC-EA68-4A71-B9CE-73EFC550A20F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe|Name=HP CloudDrive Inbound|EmbedCtxt=HP CloudDrive| "{A7EBA296-0C32-4E5E-A051-FF5576C23594}"=v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe|Name=HP CloudDrive Outbound|EmbedCtxt=HP CloudDrive| "{EF702D83-ECCA-4240-B83B-EAED64E45AC0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE|Name=CyberLink PowerDVD 9.0|Desc=CyberLink PowerDVD 9.0| "{AF277132-9A29-4D6A-A32E-B92F5EEFAEA0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "TCP Query User{04FFB12A-C801-43BB-A23F-EEAF9692E866}C:\program files\android\android studio\jre\bin\java.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\android\android studio\jre\bin\java.exe|Name=OpenJDK Platform binary|Desc=OpenJDK Platform binary|Defer=User| "UDP Query User{95C58E8E-1F42-46A3-A9AD-56DA77E0F94D}C:\program files\android\android studio\jre\bin\java.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\android\android studio\jre\bin\java.exe|Name=OpenJDK Platform binary|Desc=OpenJDK Platform binary|Defer=User| "{3785981F-2295-4943-85D9-170F0E7F9C34}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8318|Name=TechSmith Camtasia 9| "{962D4AFF-C8C6-4C1B-813F-358F39427C2D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{56EBD688-B772-4181-9610-8633FCEE988D}] : (SymIRON) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C7C038AD-1F2D-44D4-B2FE-D912BE20E6D5}] : (BluetoothVirtual) [] -> @oem18.inf,%BluetoothVirtualName%;Bluetooth Virtual Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [07/10/2019 22:34:31] - (5.0.507.0) - (ALWIL Software - avast! TDI Filter Driver) - C:\Windows\System32\Drivers\aswTdi.SYS [07/10/2019 22:34:31] - (5.0.507.0) - (ALWIL Software - avast! TDI RDR Driver) - C:\Windows\System32\Drivers\aswRdr.SYS [07/10/2019 22:34:31] - (5.0.507.0) - (ALWIL Software - avast! self protection module) - C:\Windows\System32\Drivers\aswSP.SYS [01/10/2011 01:16:50] - (15.3.27.1) - (Synaptics Incorporated - Synaptics Touchpad Driver) - C:\Windows\system32\DRIVERS\SynTP.sys [10/12/2010 23:03:46] - (1.0.0.0) - (CyberLink Corporation - CyberLink WebCam Virtual Driver) - C:\Windows\system32\DRIVERS\clwvd.sys [20/02/2011 01:33:18] - (6.10.6315.0) - (IDT, Inc. - IDT PC Audio) - C:\Windows\system32\DRIVERS\stwrt64.sys [13/11/2019 16:01:26] - (5.1.2.254) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [07/10/2019 22:34:30] - (5.0.507.0) - (ALWIL Software - avast! File System Minifilter for Windows 2003/Vista) - C:\Windows\system32\drivers\aswMonFlt.sys [07/10/2019 22:34:32] - (5.0.507.0) - (ALWIL Software - avast! File System Access Blocking Driver) - C:\Windows\System32\Drivers\aswFsBlk.SYS [19/04/2019 21:59:53] - (6.32.3.80) - (Tonec Inc. - Internet Download Manager WFP Driver) - C:\Windows\system32\DRIVERS\idmwfp.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 71 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioSrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Antivirus" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Mail Scanner" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Web Scanner" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="Event Log" - Service.Name="eventlog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adp94xx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adpahci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adpu320" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="agp440" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="aliide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="amdide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="arc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="aswFsBlk" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="aswMonFlt" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswRdr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswTdi" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="base" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="b57nd60a" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BCM43XX" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="extended base" - SystemDriver.Name="BrFiltLo" LoadOrderGroup.Name="extended base" - SystemDriver.Name="BrFiltUp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="btwampfl" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="btwl2cap" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cmdide" LoadOrderGroup.Name="Base" - SystemDriver.Name="CNG" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Compbatt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Pnp Filter" - SystemDriver.Name="crcdisk" LoadOrderGroup.Name="Network" - SystemDriver.Name="DfsC" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="base" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="elxstor" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="Filter" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gagp30kx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hcw85cir" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HECIx64" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iirsp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="AudioGroup" - Service.Name="STacSV" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="UIGroup" - Service.Name="UxSms" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="kbdclass" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="kbdhid" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_FC" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SCSI" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="MegaSR" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="Pointer Class" - SystemDriver.Name="mouclass" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="mouhid" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="mpio" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="msahci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="msdsm" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NDProxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="netw5v64" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nfrd960" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="Wlansvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="nv_agp" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="Base" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ql2300" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ql40xx" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="RDPCDD" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="RDPENCDD" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="RDPREFMP" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="RTL8167" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Smb" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="SynTP" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="base" - SystemDriver.Name="TsUsbFlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uagp35" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uliagpkx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="VBoxNetAdp" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="Video" - SystemDriver.Name="vga" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="VgaSave" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="viaide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="WfpLwf" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="yukonw7" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Compbatt (Pilote de batterie composite Microsoft) -> system32\DRIVERS\compbatt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iaStor (Intel AHCI Controller) -> system32\DRIVERS\iaStor.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswSP (aswSP) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswTdi (avast! Network Shield Support) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> \SystemRoot\system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> \SystemRoot\system32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswFsBlk (aswFsBlk) -> (?) - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \??\C:\Windows\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - IDMWFP (IDMWFP) -> system32\DRIVERS\idmwfp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (Contrôleur d’hôte compatible OHCI 1394) -> \SystemRoot\system32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiPmi (Jauge d’alimentation ACPI) -> \SystemRoot\system32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - adp94xx () -> \SystemRoot\system32\DRIVERS\adp94xx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - adpahci () -> \SystemRoot\system32\DRIVERS\adpahci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - adpu320 () -> \SystemRoot\system32\DRIVERS\adpu320.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - agp440 (Filtre de bus AGP Intel) -> \SystemRoot\system32\drivers\agp440.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - aliide () -> \SystemRoot\system32\drivers\aliide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdide () -> \SystemRoot\system32\drivers\amdide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (Pilote de processeur AMD K8) -> \SystemRoot\system32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdPPM (Pilote de processeur AMD) -> \SystemRoot\system32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdsata () -> \SystemRoot\system32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdsbs () -> \SystemRoot\system32\DRIVERS\amdsbs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\appidsvc.dll,-102) -> \SystemRoot\system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - arc () -> \SystemRoot\system32\DRIVERS\arc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - arcsas () -> \SystemRoot\system32\DRIVERS\arcsas.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\rascfg.dll,-32000) -> system32\DRIVERS\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - b06bdrv (Broadcom NetXtreme II VBD) -> \SystemRoot\system32\DRIVERS\bxvbda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - b57nd60a (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0) -> system32\DRIVERS\b57nd60a.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BCM43XX (Pilote pour carte réseau Broadcom 802.11) -> system32\DRIVERS\bcmwl664.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BrFiltLo (Pilote de filtre inférieur de stockage de masse Brother USB) -> \SystemRoot\system32\DRIVERS\BrFiltLo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrFiltUp (Pilote de filtre supérieur de stockage de masse Brother USB) -> \SystemRoot\system32\DRIVERS\BrFiltUp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Brserid (Pilote d’interface de port série Brother MFC (WDM)) -> \SystemRoot\System32\Drivers\Brserid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrSerWdm (Pilote série WDM Brother) -> \SystemRoot\System32\Drivers\BrSerWdm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrUsbMdm (Brother MFC USB modem télécopieur uniquement) -> \SystemRoot\System32\Drivers\BrUsbMdm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrUsbSer (Pilote WDM Brother MFC USB Série) -> \SystemRoot\System32\Drivers\BrUsbSer.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthEnum (Pilote de bloc de demande Bluetooth) -> \SystemRoot\system32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHMODEM (Pilote de communication série Bluetooth) -> \SystemRoot\system32\DRIVERS\bthmodem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthPan (Périphérique Bluetooth (réseau personnel)) -> \SystemRoot\system32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHPORT (Pilote de port Bluetooth) -> \SystemRoot\System32\Drivers\BTHport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BTHUSB (Pilote USB radio Bluetooth) -> \SystemRoot\System32\Drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - btwampfl (Bluetooth AMP USB Filter) -> system32\drivers\btwampfl.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - btwaudio (Périphérique audio Bluetooth) -> system32\drivers\btwaudio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - btwavdt (Bluetooth AVDT) -> system32\drivers\btwavdt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - btwl2cap (Bluetooth L2CAP Service) -> system32\DRIVERS\btwl2cap.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - btwrchid () -> system32\DRIVERS\btwrchid.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - circlass (Périphériques IR grand public) -> \SystemRoot\system32\DRIVERS\circlass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - clwvd (CyberLink WebCam Virtual Driver) -> system32\DRIVERS\clwvd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CmBatt (Pilote pour Batterie à méthode de contrôle ACPI Microsoft) -> \SystemRoot\system32\DRIVERS\CmBatt.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - cmdide () -> \SystemRoot\system32\drivers\cmdide.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CompositeBus (Pilote de l’énumérateur de bus composite) -> \SystemRoot\system32\drivers\CompositeBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - drmkaud (Pilotes audio approuvés par Microsoft) -> \SystemRoot\system32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ebdrv (Broadcom NetXtreme II 10 GigE VBD) -> \SystemRoot\system32\DRIVERS\evbda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - elxstor () -> \SystemRoot\system32\DRIVERS\elxstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ErrDev (Pilote de périphérique d’erreur matérielle Microsoft) -> \SystemRoot\system32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (Pilote de contrôleur de lecteur de disquettes) -> \SystemRoot\system32\DRIVERS\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (Pilote de lecteur de disquettes) -> \SystemRoot\system32\DRIVERS\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gagp30kx (Filtre AGP version 3.0 générique Microsoft pour plates-formes à base de processeur K8) -> \SystemRoot\system32\DRIVERS\gagp30kx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hcw85cir (Hauppauge Consumer Infrared Receiver) -> \SystemRoot\system32\drivers\hcw85cir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HdAudAddService (Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio) -> \SystemRoot\system32\drivers\HdAudio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HDAudBus (Pilote de bus UAA Microsoft pour High Definition Audio) -> \SystemRoot\system32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HECIx64 (Intel(R) Management Engine Interface) -> system32\DRIVERS\HECIx64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HidBatt (Pilote de batterie onduleur HID) -> \SystemRoot\system32\DRIVERS\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (Miniport HID Microsoft Bluetooth) -> \SystemRoot\system32\DRIVERS\hidbth.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (Pilote HID infrarouge Microsoft) -> \SystemRoot\system32\DRIVERS\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (Pilote de classe HID Microsoft) -> system32\DRIVERS\hidusb.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HpSAMD () -> \SystemRoot\system32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - i8042prt (Pilote pour clavier i8042 et souris sur port PS/2) -> \SystemRoot\system32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iaStorV (Contrôleur RAID Intel Windows 7) -> \SystemRoot\system32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - igfx () -> system32\DRIVERS\igdkmd64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iirsp () -> \SystemRoot\system32\DRIVERS\iirsp.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Impcd () -> system32\DRIVERS\Impcd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcDAud (Son Intel(R) pour écrans) -> system32\DRIVERS\IntcDAud.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - intelide () -> \SystemRoot\system32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - intelppm (Pilote de processeur Intel) -> \SystemRoot\system32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\system32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - isapnp () -> \SystemRoot\system32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (Pilote iScsiPort) -> \SystemRoot\system32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (Pilote de la classe Clavier) -> \SystemRoot\system32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - kbdhid (Pilote HID de clavier) -> \SystemRoot\system32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - LSI_FC () -> \SystemRoot\system32\DRIVERS\lsi_fc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LSI_SAS () -> \SystemRoot\system32\DRIVERS\lsi_sas.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LSI_SAS2 () -> \SystemRoot\system32\DRIVERS\lsi_sas2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LSI_SCSI () -> \SystemRoot\system32\DRIVERS\lsi_scsi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - megasas () -> \SystemRoot\system32\DRIVERS\megasas.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MegaSR () -> \SystemRoot\system32\DRIVERS\MegaSR.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (Service Pilote de fonction de classe Moniteur Microsoft) -> \SystemRoot\system32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (Pilote de la classe Souris) -> system32\DRIVERS\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (Pilote HID de souris) -> system32\DRIVERS\mouhid.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mpio (Pilote de bus à chemins d’accès multiples Microsoft) -> \SystemRoot\system32\drivers\mpio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\FirewallAPI.dll,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - msdsm (Module spécifique de périphériques à chemins d’accès multiples Microsoft) -> \SystemRoot\system32\drivers\msdsm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (Proxy de service de répartition Microsoft) -> system32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (Proxy d'horloge de répartition Microsoft) -> system32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (Proxy de gestion de qualité de répartition Microsoft) -> system32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (Convertisseur en T/site-à-site de répartition Microsoft) -> system32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MTConfig (Microsoft Input Configuration Driver) -> \SystemRoot\system32\DRIVERS\MTConfig.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NativeWifiP (NativeWiFi Filter) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NdisCap (NDIS Capture LightWeight Filter) -> system32\DRIVERS\ndiscap.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> system32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\DRIVERS\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> system32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NDProxy (NDIS Proxy) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - netw5v64 (Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit) -> system32\DRIVERS\netw5v64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - nfrd960 () -> \SystemRoot\system32\DRIVERS\nfrd960.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nvraid () -> \SystemRoot\system32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - nvstor () -> \SystemRoot\system32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - nv_agp (Filtre de bus NVIDIA nForce AGP) -> \SystemRoot\system32\drivers\nv_agp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ohci1394 (Contrôleur d’hôte compatible OHCI 1394 (hérité)) -> \SystemRoot\system32\drivers\ohci1394.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Parport (Pilote de port parallèle) -> \SystemRoot\system32\DRIVERS\parport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pciide () -> \SystemRoot\system32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pcmcia () -> \SystemRoot\system32\DRIVERS\pcmcia.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\rascfg.dll,-32006) -> system32\DRIVERS\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (Pilote processeur) -> \SystemRoot\system32\drivers\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ql2300 () -> \SystemRoot\system32\DRIVERS\ql2300.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ql40xx () -> \SystemRoot\system32\DRIVERS\ql40xx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (WAN Miniport (IKEv2)) -> system32\DRIVERS\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\rascfg.dll,-32005) -> system32\DRIVERS\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> system32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> system32\DRIVERS\rassstp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rdpbus (Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\system32\DRIVERS\rdpbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RDPWD (RDP Winstation Driver) -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RFCOMM (Périphérique Bluetooth (TDI protocole RFCOMM)) -> system32\DRIVERS\rfcomm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RSPCIESTOR (Realtek PCIE CardReader Driver) -> system32\DRIVERS\RtsPStor.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RTL8167 (Realtek 8167 NT Driver) -> system32\DRIVERS\Rt64win7.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> \SystemRoot\system32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\system32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (Pilote de filtre Serenum) -> \SystemRoot\system32\DRIVERS\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial () -> \SystemRoot\system32\DRIVERS\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (Pilote pour souris sur port série) -> \SystemRoot\system32\DRIVERS\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sffdisk (Pilote de classe de stockage SFF) -> \SystemRoot\system32\drivers\sffdisk.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sffp_mmc (Pilote de protocole de stockage SFF pour MMC) -> \SystemRoot\system32\drivers\sffp_mmc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sffp_sd (Pilote de protocole de stockage SFF pour SDBus) -> \SystemRoot\system32\drivers\sffp_sd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (Lecteur de disquettes haute densité) -> \SystemRoot\system32\DRIVERS\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SiSRaid2 () -> \SystemRoot\system32\DRIVERS\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SiSRaid4 () -> \SystemRoot\system32\DRIVERS\sisraid4.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Smb (@%SystemRoot%\system32\tcpipcfg.dll,-50005) -> system32\DRIVERS\smb.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - SrvHsfHDA () -> system32\DRIVERS\VSTAZL6.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SrvHsfV92 () -> system32\DRIVERS\VSTDPV6.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SrvHsfWinac () -> system32\DRIVERS\VSTCNXT6.SYS - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - stexstor () -> \SystemRoot\system32\DRIVERS\stexstor.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - STHDA (@%SystemRoot%\system32\stlang64.dll,-10306) -> system32\DRIVERS\stwrt64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - swenum (Pilote de bus logiciel) -> \SystemRoot\system32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - SynTP (Synaptics TouchPad Driver) -> system32\DRIVERS\SynTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - TCPIP6 (Microsoft IPv6 Protocol Driver) -> system32\DRIVERS\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TDPIPE (TDPIPE) -> system32\drivers\tdpipe.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TDTCP (TDTCP) -> system32\drivers\tdtcp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tssecsrv (@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101) -> System32\DRIVERS\tssecsrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbFlt () -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - tunnel (Pilote de carte miniport Microsoft Tunnel) -> system32\DRIVERS\tunnel.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - uagp35 (Filtre AGP version 3.5 Microsoft) -> \SystemRoot\system32\DRIVERS\uagp35.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - uliagpkx (Filtre de bus AGP Uli) -> \SystemRoot\system32\drivers\uliagpkx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (Pilote d’énumérateur UMBus) -> \SystemRoot\system32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (Pilote Microsoft UMPass) -> \SystemRoot\system32\DRIVERS\umpass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (Pilote parent générique USB Microsoft) -> \SystemRoot\system32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (Récepteur infrarouge eHome (USBCIR)) -> \SystemRoot\system32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbehci (Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0) -> \SystemRoot\system32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbhub (Pilote de concentrateur standard USB Microsoft) -> \SystemRoot\system32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (Pilote miniport de contrôleur hôte ouvert USB Microsoft) -> \SystemRoot\system32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (Classe d’imprimantes USB Microsoft) -> \SystemRoot\system32\DRIVERS\usbprint.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (Pilote de stockage de masse USB) -> \SystemRoot\system32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (Pilote miniport de contrôleur hôte universel USB Microsoft) -> \SystemRoot\system32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbvideo (Périphérique vidéo USB (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VBoxNetAdp (VirtualBox NDIS 6.0 Miniport Service) -> system32\DRIVERS\VBoxNetAdp6.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vga () -> system32\DRIVERS\vgapnp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\system32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - viaide () -> \SystemRoot\system32\drivers\viaide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vsmraid () -> \SystemRoot\system32\DRIVERS\vsmraid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - vwifibus (Pilote de bus WiFi virtuel) -> system32\DRIVERS\vwifibus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WacomPen (Pilote de tablette Wacom à stylet série) -> \SystemRoot\system32\DRIVERS\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WANARP (@%systemroot%\system32\rascfg.dll,-32011) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Wd () -> \SystemRoot\system32\DRIVERS\wd.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (WIMMount) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinUsb (WinUsb) -> system32\DRIVERS\WinUsb.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (Microsoft Windows Management Interface for ACPI) -> \SystemRoot\system32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WUDFRd () -> system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - yukonw7 (NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller) -> system32\DRIVERS\yk62x64.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - crcdisk (Pilote de filtre Crcdisk) -> \SystemRoot\system32\DRIVERS\crcdisk.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180221F0}] : (Java 8 Update 221 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180221F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416022FF}] : (Java(TM) 6 Update 22 (64-bit).-.Oracle) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416022FF} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}] : (HP Client Services.-.Hewlett-Packard) -> MsiExec.exe /I{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}] : (Broadcom 2070 Bluetooth 3.0.-.Broadcom Corporation) -> MsiExec.exe /X{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}] : (HP Wireless Assistant.-.Hewlett-Packard) -> MsiExec.exe /X{48EE0E00-86DE-47A5-8D00-B5D72A70BCCD} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}] : (Camtasia 9.-.TechSmith Corporation) -> MsiExec.exe /I{5B345FC0-9E6D-4D22-9718-682DB0CF2414} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0180221}] : (Java SE Development Kit 8 Update 221 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{64A3A4F4-B792-11D6-A78A-00B0D0180221} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C2390EB4-E871-4FE7-9818-349E43ACD4F1}] : (Sparkol VideoScribe.-.Sparkol) -> MsiExec.exe /I{C2390EB4-E871-4FE7-9818-349E43ACD4F1} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}] : (HP Auto.-.Hewlett-Packard Company) -> MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EasyBits Magic Desktop] : (Magic Desktop.-.EasyBits Software AS) -> C:\Windows\system32\ezMDUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sparkol VideoScribe 3.2.1006] : (Sparkol VideoScribe.-.Sparkol) -> msiexec.exe /x {C2390EB4-E871-4FE7-9818-349E43ACD4F1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] : (Microsoft_VC90_CRT_x86.-.Adobe) -> MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}] : (HP On Screen Display.-.Hewlett-Packard Company) -> MsiExec.exe /I{124DB96E-CBF5-44FB-AB59-7D2444DEC777} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{254C37AA-6B72-4300-84F6-98A82419187E}] : (ActiveCheck component for HP Active Support Library.-.Hewlett-Packard) -> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{264FE20A-757B-492a-B0C3-4009E2997D8A}] : (PictureMover.-.Hewlett-Packard Company) -> MsiExec.exe /X{264FE20A-757B-492a-B0C3-4009E2997D8A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216022FF}] : (Java(TM) 6 Update 22.-.Oracle) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3877C901-7B90-4727-A639-B6ED2DD59D43}] : (ESU for Microsoft Windows 7.-.Hewlett-Packard) -> MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}] : (Adobe Shockwave Player 11.5.-.Adobe Systems, Inc) -> MsiExec.exe /X{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{53CD60C7-12F9-420D-A9BF-EC8D815475A9}] : (HP Documentation.-.Hewlett-Packard) -> MsiExec.exe /X{53CD60C7-12F9-420D-A9BF-EC8D815475A9} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{669D4A35-146B-4314-89F1-1AC3D7B88367}] : (HPAsset component for HP Active Support Library.-.Hewlett-Packard) -> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84BC5389-E836-47CA-AE96-57DE17622F54}] : (HP Software Framework.-.Hewlett-Packard Company) -> MsiExec.exe /X{84BC5389-E836-47CA-AE96-57DE17622F54} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] : (Microsoft_VC80_CRT_x86.-.Adobe) -> MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{98687C2C-5F08-4415-9D2D-67DEC6C2F381}_is1] : (Video Spin Blaster Pro Plus v2.32 [ ViP ].-.Dr.FarFar) -> "C:\Program Files (x86)\Video Spin Blaster Pro Plus\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-1037-0000-7760-000000000005}] : (Adobe Acrobat X Professional - Arabic, Hebrew, French, Greek.-.Adobe Systems) -> MsiExec.exe /I{AC76BA86-1037-0000-7760-000000000005} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-A91000000001}] : (Adobe Reader 9.3.3 MUI.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AE856388-AFAD-4753-81DF-D96B19D0A17C}] : (HP Setup Manager.-.Hewlett-Packard Company) -> MsiExec.exe /I{AE856388-AFAD-4753-81DF-D96B19D0A17C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF306BD8-F9D1-4627-89B9-246E59074A05}] : (HP Power Manager.-.Hewlett-Packard Company) -> MsiExec.exe /I{AF306BD8-F9D1-4627-89B9-246E59074A05} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}] : (Energy Star Digital Logo.-.Hewlett-Packard) -> MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}] : (PDF Settings CS6.-.Adobe Systems Incorporated) -> MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}] : (Recovery Manager.-.Hewlett-Packard) -> MsiExec.exe /I{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E769AC33-A081-49A0-A895-200AB1CAD9E5}_is1] : (Pinflux 2 Agency v3.7 [ ViP ].-.Dr.FarFar) -> "C:\Program Files (x86)\Teknikforce\Pinflux2 AGENCY\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EB58480C-0721-483C-B354-9D35A147999F}] : (HP Quick Launch.-.Hewlett-Packard Company) -> MsiExec.exe /I{EB58480C-0721-483C-B354-9D35A147999F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}] : (LightScribe System Software.-.LightScribe) -> MsiExec.exe /X{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8} ---------- | Ports ---------- | Microsoft Specifications CheckID: Options_Files_320{5B345FC0-9E6D-4D22-9718-682DB0CF2414} - NOT VersionNT64 -> Options_Files_32 CheckID: AI64BitFiles0{C2390EB4-E871-4FE7-9818-349E43ACD4F1} - NOT VersionNT64 -> AI64BitFiles CheckID: IE0{26A24AE4-039D-4CA4-87B4-2F83216022FF} - (MOZILLA=1 And Not Installed) Or (Installed And REMOVE<>"ALL" And VersionNT>=500) -> IE CheckID: IE0{26A24AE4-039D-4CA4-87B4-2F86416022FF} - (MOZILLA=1 And Not Installed) Or (Installed And REMOVE<>"ALL" And VersionNT>=500) -> IE CheckID: PublicjreFeature0{64A3A4F4-B792-11D6-A78A-00B0D0180221} - (JREINSTALLED<>"0") Or (Installed And REMOVE<>"ALL" And VersionNT>=500) -> PublicjreFeature CheckID: Help0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_HELP="YES" -> Help CheckID: PDFMaker0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_PDFMAKER="YES" -> PDFMaker CheckID: AcrobatBrowserIntegration0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_BROWSER_INTEGRATION="YES" -> AcrobatBrowserIntegration CheckID: Distiller0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_DISTILLER="YES" -> Distiller CheckID: AcrobatElements0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_ELEMENTS="YES" -> AcrobatElements CheckID: ProgramAsianLanguageSupport0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_ASIAN_FONTS="YES" -> ProgramAsianLanguageSupport CheckID: FormsDesigner0{AC76BA86-1037-0000-7760-000000000005} - (Not (REMOVE="ALL" Or REMOVE><"FormsDesigner")) And (AS_DESIGNER_ORIGIN><"SAI" Or AS_DESIGNER_ORIGIN><"SAP") And Not(UT_AP8 Or UT_AP7 Or UT_A3D8) -> FormsDesigner CheckID: AcrobatPDFIntegration0{AC76BA86-1037-0000-7760-000000000005} - SETUP_PDF_INTEGRATION="NO" -> AcrobatPDFIntegration CheckID: InstallCache0{AC76BA86-1037-0000-7760-000000000005} - (DISABLE_CACHE) Or Not(ENABLE_CACHE_FILES="YES") -> InstallCache CheckID: ChineseSLanguageSupport0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_ASIAN_FONTS="YES" -> ChineseSLanguageSupport CheckID: ChineseTLanguageSupport0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_ASIAN_FONTS="YES" -> ChineseTLanguageSupport CheckID: KoreanLanguageSupport0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_ASIAN_FONTS="YES" -> KoreanLanguageSupport CheckID: JapaneseLanguageSupport0{AC76BA86-1037-0000-7760-000000000005} - DISABLE_ASIAN_FONTS="YES" -> JapaneseLanguageSupport CheckID: SearchAndIndex0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - DISABLE_SEARCH5="YES" -> SearchAndIndex CheckID: MultimediaPlugin0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - DISABLE_MULTIMEDIA="YES" -> MultimediaPlugin CheckID: ReaderBrowserIntegration0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - DISABLE_BROWSER_INTEGRATION="YES" -> ReaderBrowserIntegration CheckID: ReaderPDFIntegration0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - SETUP_PDF_INTEGRATION="NO" -> ReaderPDFIntegration CheckID: Accessibility_Plugins0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - DISABLE_ACCESSIBILITY="YES" -> Accessibility_Plugins CheckID: Atmosphere_3D0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - DISABLE_3D="YES" -> Atmosphere_3D CheckID: AdobeCommonLinguistics_Big0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - DISABLE_LINGUISTICS="YES" -> AdobeCommonLinguistics_Big CheckID: AUM__zh_TW0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"CHT" -> AUM__zh_TW CheckID: AUM__zh_CN0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"CHS" -> AUM__zh_CN CheckID: AUM__sv_SE0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"SVE" -> AUM__sv_SE CheckID: AUM__pt_BR0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"PTB" -> AUM__pt_BR CheckID: AUM__nl_NL0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"NLD" -> AUM__nl_NL CheckID: AUM__nb_NO0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"NOR" -> AUM__nb_NO CheckID: AUM__ko_KR0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"KOR" -> AUM__ko_KR CheckID: AUM__ja_JP0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"JPN" -> AUM__ja_JP CheckID: AUM__it_IT0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"ITA" -> AUM__it_IT CheckID: AUM__fr_FR0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"FRA" -> AUM__fr_FR CheckID: AUM__fi_FI0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"SUO" -> AUM__fi_FI CheckID: AUM__es_ES0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"ESP" -> AUM__es_ES CheckID: AUM__de_DE0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"DEU" -> AUM__de_DE CheckID: AUM__da_DK0{AC76BA86-7AD7-FFFF-7B44-A91000000001} - ProductCode><"7AD7-FFFF" AND NOT LANG_LIST><"DAN" -> AUM__da_DK CheckID: LightScribeMUI100{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8} - ENABLE_MUI=1 -> LightScribeMUI CheckID: AI32BitFiles1{84BC5389-E836-47CA-AE96-57DE17622F54} - VersionNT64 -> AI32BitFiles ---------- | CLSID (Whitelist) [HKCR\CLSID\{09C8D515-5C6A-434D-AD92-FEF7EB153310}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{09EFD651-5884-4B26-AE57-2A0691A8CE50}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{0A9FA806-6F90-4AF3-9316-1469717E7E3C}] - (.EasyBits Software AS -.) - C:\PROGRA~2\EASYBI~1\Programs\EASYLE~1\ELPROG~1.OCX [11/09/2010 12:00:00] [HKCR\CLSID\{13790E6F-92B6-4671-9613-6B2A0FBF80A8}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{137E3C66-1382-4064-B065-E1D64940731C}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{152F8114-8B53-4E85-89CD-9E98329570AC}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{1BBF3C3C-5F01-4193-8D11-74B91D6ECB05}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{29DB1167-9C0C-4990-ACAF-627C58E2C7A1}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{2ADA6289-B516-410D-A748-A498B850C5BA}] - (.(c) 2006 CyberLink Corp. - Cyberlink Tzan Filter.) - C:\Program Files (x86)\CyberLink\PowerDVD9\VideoFilter\CLTzan.ax [06/12/2010 15:21:08] [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{3037B4CD-A40B-401B-B676-2017EE8FAFF4}] - (.-.) - "C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll" [HKCR\CLSID\{32714800-2E5F-11d0-8B85-00AA0044F941}] - (.-.) - %ProgramFiles(x86)%\Windows Mail\wabfind.dll [HKCR\CLSID\{343D770D-7788-47c2-B62A-B7C4CED925CB}] - (.-.) - C:\Windows\SysWOW64\wpcmig.dll [HKCR\CLSID\{34c219bd-85c1-4338-95e8-788a36901dc2}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{365EA527-D26D-4E8F-A262-4C58C6D2BDB6}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{417BAB8B-9D22-4A88-9DA0-98C4AB6745D5}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{43FEE0C8-5DBA-4B41-9E78-0EB36A1C755E}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{44D0A5F0-A4B1-43CB-AAA6-FD7025A2D910}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{44D985D8-E0AF-44EB-959E-C50FB8C479DA}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{48FFD1BF-3A9D-4B25-BC2E-F43E00DBB56F}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{4AC310B9-F8DF-45E5-97B9-52003F19A9FD}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{4DC73097-5D99-4A8D-A5AB-E6B1FF9FAFF3}] - (.CyberLink developed Filter. - MPEG-2 Dempltiplexer.) - C:\Program Files (x86)\CyberLink\PowerDVD9\UPnP\CLDemuxer.ax [27/04/2009 18:25:20] [HKCR\CLSID\{4DE33F57-EE93-42C0-84B6-F8CD14B27818}] - (.CyberLink Corp. 2001 - CyberLink MPEG Splitter.) - C:\Program Files (x86)\CyberLink\PowerDVD9\UPnP\CLSplter.ax [27/04/2009 18:25:32] [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4F74386B-B340-4BDC-AC8F-8DC574440065}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{5015127E-5A65-49FF-B3FD-0CC1136A350A}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{504F9E47-A6CC-4D6B-8104-44670E7FA411}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{53763D01-7EB8-4C71-ADF4-66ECB1275109}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{543B5471-51AE-4D83-A96A-4359B43B6F04}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{563A68F5-4DE9-4B4E-8389-BBD9D77745F8}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{5A27BEF8-8A82-4C0E-A4C5-611016DF6E3A}] - (.(c)1998-2008 Codejock Software, - Xtreme SkinFramework ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sbls.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{6047F837-D527-467E-9DC1-6D51F92D9E45}] - (.-.) - "C:\Program Files (x86)\Windows NT\Accessories\WordpadFilter.dll" [HKCR\CLSID\{624E9E8F-415B-4D52-8BE3-E68ACBD124F8}] - (.CyberLink developed Filter. - MPEG-2 Dempltiplexer.) - C:\Program Files (x86)\CyberLink\PowerDVD9\UPnP\CLDemuxer.ax [27/04/2009 18:25:20] [HKCR\CLSID\{6263C176-0876-4B04-8DE0-44AB74489D72}] - (.CyberLink Corp. 2001 - CyberLink MPEG Splitter.) - C:\Program Files (x86)\Cyberlink\Power2Go\P2Gm2spliter.ax [02/11/2009 14:22:42] [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{669F39F0-33C6-404F-A7AE-2F2215CF81E7}] - (.EasyBits Software AS -.) - C:\PROGRA~2\EASYBI~1\ezDeskAX.ocx [13/12/2010 12:00:00] [HKCR\CLSID\{68AD8A8C-492F-4741-AE86-42AF85CDFF1E}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{70061822-CF33-46CD-BE75-9D8FCC1D6FD6}] - (.EasyBits Software AS -.) - C:\PROGRA~2\EASYBI~1\Programs\EASYLE~1\ELCOUR~1.OCX [11/09/2010 12:00:00] [HKCR\CLSID\{72CF80D0-E149-4BE7-B0F5-778A3402C6B4}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{73F4E344-4EC8-4239-8281-DDDACC76BBED}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{773EB7C3-5E6E-455D-B6B8-6052BA5704ED}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{77C2D56C-9981-45FB-97A2-4DCB60F0E559}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{7D9070AB-371A-4614-A964-D21BDFE1030B}] - (.CyberLink Corp. 2001 - CyberLink MPEG Splitter.) - C:\Program Files (x86)\Cyberlink\Power2Go\P2Gm1spliter.ax [02/11/2009 14:22:40] [HKCR\CLSID\{7E8DDC8B-606C-40A3-B6A3-C5661F75BA89}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{7F855B4B-2201-4526-B914-94EC9D3FE1EF}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{7FB8FC36-A10B-4D31-9C9D-7109224F813F}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{80FBEEF1-8A26-4220-9D9D-1D4718DC71E2}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{8387AF8E-8EC0-4F4F-A4C3-434CBF7FAA9B}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{87F7D976-F12A-42BE-B25A-45CDC82BE13E}] - (.(c)1998-2008 Codejock Software, - Xtreme SkinFramework ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sbls.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{8988BBC5-47C7-4222-BA99-F645AC0938FA}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{8A90343C-B07A-45B6-A3F5-6B6498B90C55}] - (.EasyBits Software AS -.) - C:\PROGRA~2\EASYBI~1\EZCTRL~1.OCX [13/12/2010 12:00:00] [HKCR\CLSID\{8BA45B9B-CB1A-42CE-B185-A1A236A41A33}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{90D929DC-DF71-4834-B7B9-94CC2F4F4D57}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{97D48B32-AFD8-4923-BA97-F4F3B99BF293}] - (.CyberLink Corp. 2004 - CyberLink MPEG-4 Splitter.) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\clm4splt.ax [06/12/2010 15:21:08] [HKCR\CLSID\{A32CF69C-EBD6-43CB-994E-65A7D67F102A}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A71AEF55-C9D4-458B-8EBE-1FFDC794DB42}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{B29B123F-D82A-4D1D-A6FB-E5CCD11EDD1C}] - (.CyberLink developed Filter. - MPEG-2 Dempltiplexer.) - C:\Program Files (x86)\CyberLink\PowerDVD9\UPnP\CLDemuxer.ax [27/04/2009 18:25:20] [HKCR\CLSID\{B61DA107-0EA9-45ED-94B1-22A1BA8F6CE8}] - (.MPEG Video Encoder Filter developed by CyberLink Corp. - CyberLink MPEG Video Encoder .) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GVidEnc.ax [02/11/2009 14:23:14] [HKCR\CLSID\{C004B65A-C283-4723-879C-19C940B59030}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{C250D435-ABA9-4FEE-9AD8-F8D9479E5C79}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{C8F68254-D1E5-4BEA-836E-F12EF87C0A20}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{CABAFF81-DCD7-4404-9167-FF58307B632E}] - (.EasyBits Software AS -.) - C:\PROGRA~2\EASYBI~1\Programs\Gamepad\EZGAME~1.OCX [30/09/2010 12:00:00] [HKCR\CLSID\{CAE5A94F-59EC-4CFF-B0F7-643ADFD7D31E}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{CDCFDBB0-6518-4239-8085-A16AD63488AE}] - (.CyberLink Corp. 2001 - CyberLink MPEG Splitter.) - C:\Program Files (x86)\Cyberlink\Power2Go\P2GTLMSplter.ax [02/11/2009 14:23:10] [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D38B118A-2511-4BC7-9099-2B55019E24FD}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{D696C90D-2836-4CEA-A1A5-F9C7ADCA5BF2}] - (.(c)1998-2008 Codejock Software, - Xtreme CommandBars ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblcb.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{D71DBF51-EE47-44B1-9A26-63B551377857}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{D73D05A6-07E5-4B70-8198-6F556D46F6BE}] - (.EasyBits Software AS -.) - C:\PROGRA~2\EASYBI~1\Programs\EASYLE~1\ELARIT~1.OCX [11/09/2010 12:00:00] [HKCR\CLSID\{DAA92564-78C8-40A3-96D2-9115A76B8F29}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{DF9CC46F-60BE-4856-95AB-6C749976D850}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{DFA14C43-F385-4170-99CC-1B7765FA0E4A}] - (.-.) - C:\Windows\SysWOW64\wpcumi.dll [HKCR\CLSID\{E0017898-1493-48E2-8F6C-0BB86C4CC6C9}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{E0AC9C9D-C2B3-411A-8D25-E4F178B381E1}] - (.CyberLink Corp. 2001 - CyberLink MPEG Splitter.) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\CLSplter.ax [06/12/2010 15:21:08] [HKCR\CLSID\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}] - (.-.) - %ProgramFiles(x86)%\Windows NT\TableTextService\TableTextService.dll [HKCR\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090}] - (.EasyBits Software Corp. - EasyBits Security Shield component.) - C:\Windows\SysWow64\EZUPBH~1.DLL [06/01/2011 14:27:06] [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{F6E610F0-66A2-46BC-B6FB-D35B770509AB}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{F98A6A66-65D2-4B53-A96A-220E0F60215F}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] [HKCR\CLSID\{FABD6EA5-AE10-4E7A-B83B-5F07ACC84214}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{FBD3694F-4F7A-4707-8CA4-2C9F7D6CFAE6}] - (.CyberLink developed Filter. - CyberLink Matroska Splitter.) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\CLMKVSplter.ax [06/12/2010 15:21:08] [HKCR\CLSID\{FBFC2581-B65D-4BFD-BF8D-F804BF7EA1E2}] - (.(c)1998-2008 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\PROGRA~2\PDFTOM~1\x\sblc.ocx [29/10/2019 20:11:12] ---------- | Installer [HKCR\Installer\Products\00E0EE84ED685A74D8005B7DA207CBDC] : HP Wireless Assistant -> C:\Windows\Installer\{48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}\WA_tray_32_on.exe [HKCR\Installer\Products\0694AF70830BBE9498B1F95939A05A44] : HP Customer Experience Enhancements -> C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0CF543B5D6E922D4798186D20BFC4241] : Camtasia 9 -> C:\Windows\Installer\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}\CamStudio.ico [HKCR\Installer\Products\2C1A65825C073CE4FA7F5E5BE155032A] : HP Client Services -> C:\Windows\Installer\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2C8AFEF9BE08A7B4DB0E0E779DC4634C] : HP Support Assistant -> C:\Windows\Installer\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\38E1FB04BE028D11795C00905C206085] : Power2Go -> C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42C6FBF1DF1C10144AB2C065F4E9E897] : PowerStarter -> C:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\45B438B3B4CE2E84FB6C30FFD50AF626] : Adobe Shockwave Player 11.5 -> C:\Windows\Installer\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4BE0932C178E7EF4898143E934CA4D1F] : Sparkol VideoScribe -> C:\Windows\Installer\{C2390EB4-E871-4FE7-9818-349E43ACD4F1}\VSIcon.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF238120622FF] : Java(TM) 6 Update 22 [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120120F] : Java 8 Update 221 (64-bit) -> C:\Program Files\Java\jre1.8.0_221\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF268140622FF] : Java(TM) 6 Update 22 (64-bit) [HKCR\Installer\Products\4F4A3A46297B6D117AA8000B0D812012] : Java SE Development Kit 8 Update 221 (64-bit) -> C:\Program Files\Java\jdk1.8.0_221\\bin\javaws.exe [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\53A4D966B6414134981FA13C7D8B3876] : HPAsset component for HP Active Support Library [HKCR\Installer\Products\6116D6C8427B0184F8D20D746E7B6DE8] : Mesh Runtime [HKCR\Installer\Products\68AB67CA730100007706000000000050] : Adobe Acrobat X Professional - Arabic, Hebrew, French, Greek -> C:\Windows\Installer\{AC76BA86-1037-0000-7760-000000000005}\_SC_Acrobat.ico [HKCR\Installer\Products\68AB67CA7DA7FFFFB7449A0100000010] : Adobe Reader 9.3.3 MUI -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico [HKCR\Installer\Products\77EAAEFBF7DB43542B68C9C54B96E71B] : PDF Settings CS6 [HKCR\Installer\Products\7B65D4CC81F6B0747843BADC57CB4F1F] : HP Auto -> C:\Windows\Installer\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7C06DC359F21D0249AFBCED81845579A] : HP Documentation -> C:\Windows\Installer\{53CD60C7-12F9-420D-A9BF-EC8D815475A9}\NotebookDocs.exe [HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E] : Junk Mail filter update [HKCR\Installer\Products\883658EADAFA357418FD9DB6910D1AC7] : HP Setup Manager -> C:\Windows\Installer\{AE856388-AFAD-4753-81DF-D96B19D0A17C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8994BF104C33134458DE70E9E3FE7ED5] : YouCam -> C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BD0F7DF69E046D4DAD4B9A539A62F8A] : LightScribe System Software -> C:\Windows\Installer\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8DB603FA1D9F7264989B42E69570A450] : HP Power Manager -> C:\Windows\Installer\{AF306BD8-F9D1-4627-89B9-246E59074A05}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\97B0E634BFC2F5E439081EC7B1520D5C] : Broadcom 2070 Bluetooth 3.0 -> C:\Windows\Installer\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9835CB48638EAC74EA6975ED7126F245] : HP Software Framework -> C:\Windows\Installer\{84BC5389-E836-47CA-AE96-57DE17622F54}\app_1.exe [HKCR\Installer\Products\9C43A1DB467497F4EAF111F2C8983D4D] : Energy Star Digital Logo -> C:\Windows\Installer\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\9CA6158A1FAA9F747966302E4DDCCB8F] : PowerDVD -> C:\Windows\Installer\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A02EF462B757a2940B3C04902E99D7A8] : PictureMover -> C:\Windows\Installer\{264FE20A-757B-492a-B0C3-4009E2997D8A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\AA73C45227B60034486F898A429181E7] : ActiveCheck component for HP Active Support Library [HKCR\Installer\Products\C0584C772953F2A46B25CA7BA7E17FC7] : Bing Bar Platform [HKCR\Installer\Products\C08485BE1270C3843B45D9531A7499F9] : HP Quick Launch -> C:\Windows\Installer\{EB58480C-0721-483C-B354-9D35A147999F}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\C7F1327C035656E4DA6AB593C25FEB1B] : Recovery Manager -> C:\Windows\Installer\{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E69BD4215FBCBF44BA95D74244ED7C77] : HP On Screen Display -> C:\Windows\Installer\{124DB96E-CBF5-44FB-AB59-7D2444DEC777}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater ---------- | ADS Detected : C:\Users\Yacine\AppData\Local:K7o5jnBVK3BFZ2TVwLIaKGdMO ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le serveur {51FA2736-5DEE-11D4-98E8-006008BF430C} ne s’est pas enregistré sur DCOM avant la fin du temps imparti. ------------ Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. ------------ Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. ------------ L’alerte fatale suivante a été reçue : 70. ------------ Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. ------------ Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. ------------ L’arrêt système précédant à 23:30:59 le ?30/?11/?2019 n’était pas prévu. ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:26.021342400Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:25.577317000Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:22.575145300Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:21.019056300Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:19.035942900Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:16.059772700Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le système a été mis en veille prolongée en raison d’un événement thermique critique. Heure de mise en veille prolongée = ?2019?-?11?-?30T22:30:16.016770200Z Zone thermique ACPI = ACPI\ThermalZone\TZ01 _HOT = 363K ------------ Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. ------------ Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2. ------------ ----------( EOF)---------- - 5615 | 18:25:32