Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2018.9.3.169 Par Nicolas Coolman (2018/09/03)
~ Démarré par Charaf (Administrator) (2018/09/06 00:01:18)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ Etat de la version: Version KO
~ Mode: Scanner
~ Rapport: C:\Users\Charaf\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Charaf\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Enterprise, 32-bit (Build 16299) =>.Microsoft Corporation
---\ NAVIGATEURS INTERNET (4) - 0s
~ GCIE: Google Chrome v68.0.3440.106
~ MFIE: Mozilla Firefox 61.0.2 (x86 fr)
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.371.16299.0
---\ INFORMATIONS SUR LES PRODUITS WINDOWS (7) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : 2YT43
~ Windows Remaining Initializations Number : 1000
Windows Automatic Updates : OK
---\ LOGICIELS DE PROTECTION (1) - 23s
Windows Defender W10 (Activate) (Protection)
---\ SURVEILLANCE LOGICIEL (1) - 23s
~ Adobe Flash Player 30 NPAPI (Surveillance)
---\ LOGICIELS D'OPTIMISATION (1) - 23s
~ Driver Booster 5 v5.0.3 (Optimisation)
---\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3135.34 MB (49% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 11 GB (11%) free of 96 GB : ATTENTION =>Warning Disk Space
---\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: DESKTOP-LA4896G
~ User Name: Charaf
~ Logged in as Administrator
---\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (2) - 0s
~ Drive C: has 11 GB free of 96 GB (System)
~ Drive D: has 3 GB free of 196 GB
---\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (24) - 6s
[MD5.E79CC4B9A9EAA1E5D801742C093043A9] - 10/02/2018 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [3485392] =>.Microsoft Windows®
[MD5.BFEF0511D30F8866AF6595FC21460856] - 29/09/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [63488] =>.Microsoft Corporation
[MD5.127B9C203C5A3D65783BB7E7A833FF47] - 29/09/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [269192] =>.Microsoft Windows Publisher®
[MD5.D412BF3EB6647A694F155B3E256C66FB] - 30/03/2018 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2869760] =>.Microsoft Corporation
[MD5.DCD4DD0EE276A3FA74B00C3E1680088C] - 30/03/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [613376] =>.Microsoft Corporation
[MD5.10204B5E7BFF059D87848F0BD0E0F0E9] - 10/02/2018 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [403968] =>.Microsoft Corporation
[MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.3B34C7B9D7E22AEF58DF0CFC4C7CC82D] - 30/09/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.5B20F475AB6C06D802C99C85C9F0CF98] - 30/03/2018 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\AFD.sys [506272] =>.Microsoft Windows®
[MD5.25E93AC838DBBA1757501C9F3B85DC74] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [22936] =>.Microsoft Windows®
[MD5.813041DC9CF434D539372C50F6B72F0E] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [73728] =>.Microsoft Corporation
[MD5.17CD2948AC64E0E17111566FF2D05A25] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [116736] =>.Microsoft Corporation
[MD5.51A13A4E8C1E645DD6E9AFAA4A442B45] - 30/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [111616] =>.Microsoft Corporation
[MD5.79FFBEEF3CEBCD265E865EF7BADB3BC1] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [68608] =>.Microsoft Corporation
[MD5.97B6AFF4BDDA95434490E82D48EDD028] - 29/09/2017 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [89600] =>.Microsoft Corporation
[MD5.CA3B20720265F619DAE5B5F563BC2BEC] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [185856] =>.Microsoft Corporation
[MD5.5F866C99CE1E65AC2E8C01E722B80B2F] - 10/02/2018 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\MRxSmb.sys [434072] =>.Microsoft Windows®
[MD5.4BE570A0B818741289058EA843114864] - 30/03/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [236544] =>.Microsoft Corporation
[MD5.2B50D226B72B463AABE18FA1D55E97E5] - 30/03/2018 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1995168] =>.Microsoft Windows®
[MD5.ADA500A1BF37FA0659AD08AC70EE9C0F] - 29/09/2017 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [81920] =>.Microsoft Corporation
[MD5.729ABF4C4A4624BF153B261675223508] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [79872] =>.Microsoft Corporation
[MD5.1B34DA6372F37CA2CE1847AE4A66B390] - 30/03/2018 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [131072] =>.Microsoft Corporation
[MD5.3DD72EB3805E41B3EB116FCAF44AC711] - 30/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [96160] =>.Microsoft Windows®
[MD5.134523B18C89C4E1E46C4AA5CA048F49] - 07/12/2017 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [353688] =>.Microsoft Windows®
---\ LISTE DES SERVICES (Non désactivés) (65) - 5s
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - C:\Program Files\netcut\services\aips.exe =>.arcai.com
O23 - Service: C:\Windows\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Générateur de points de terminaison du serv.) - C:\Windows\System32\AudioEndpointBuilder.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\audiosrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\BFE.DLL (BFE) . (.Microsoft Corporation - Moteur de filtrage de base.) - C:\Windows\System32\BFE.DLL =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Service d’infrastructure des tâches en arri.) - C:\Windows\System32\bisrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Composants utilisateur Microsoft (R) CDP.) - C:\Windows\System32\CDPUserSvc.dll =>.Microsoft Corporation
O23 - Service: Service pour utilisateur de plateforme d’appareils connecté (CDPUserSvc_3bde6) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft Windows®
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Services de chiffrement.) - C:\Windows\System32\cryptsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\das.dll (DeviceAssociationService) . (.Microsoft Corporation - Service d’association de périphérique.) - C:\Windows\System32\das.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - Service client DHCP.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\diagtrack.dll (DiagTrack) . (.Microsoft Corporation - Suivi des diagnostics Microsoft Windows.) - C:\Windows\System32\diagtrack.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - Service de résolution du cache DNS.) - C:\Windows\System32\dnsrslvr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dosvc.dll (DoSvc) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Service Consommation des données.) - C:\Windows\System32\dusmsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll =>.Microsoft Corporation
O23 - Service: FLService (FLService) . (.NewSoftwares.net - Service Application.) - C:\Windows\System32\WinFLService.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O23 - Service: C:\Windows\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Service de cache de police Windows.) - C:\Windows\System32\FntCache.dll =>.Microsoft Corporation
O23 - Service: Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated®
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) - C:\Windows\System32\gpsvc.dll =>.Microsoft Corporation
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: C:\Windows\System32\IKEEXT.DLL (IKEEXT) . (.Microsoft Corporation - Extension IKE.) - C:\Windows\System32\IKEEXT.DLL =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - C:\Windows\System32\iphlpsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - DLL du service Serveur.) - C:\Windows\System32\srvsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - DLL du service Station de travail.) - C:\Windows\System32\wkssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\lsm.dll (LSM) . (.Microsoft Corporation - Service du gestionnaire de session locale.) - C:\Windows\System32\lsm.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Gestionnaire des cartes téléchargées.) - C:\Windows\System32\moshost.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (MpsSvc) . (.Microsoft Corporation - Service de protection Microsoft.) - C:\Windows\System32\MPSSVC.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Connaissance des emplacements réseau 2.) - C:\Windows\System32\nlasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Serveur RPC de l’interface du magasin résea.) - C:\Windows\System32\nsisvc.dll =>.Microsoft Corporation
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation®
O23 - Service: C:\Windows\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\Windows\System32\APHostService.dll =>.Microsoft Corporation
O23 - Service: Hôte de synchronisation_3bde6 (OneSyncSvc_3bde6) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - Service d’alimentation en mode utilisateur.) - C:\Windows\System32\umpo.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll =>.Microsoft Corporation
O23 - Service: RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files\OSTotoHotspot\RaRegistry.exe =>.Mediatek Inc.®
O23 - Service: C:\Windows\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) - C:\Windows\System32\rasmans.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - Mappeur de point de terminaison RPC.) - C:\Windows\System32\RpcEpMap.dll =>.Microsoft Corporation
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) . (.Absolute Software Corp. - rpcnet.) - C:\Windows\System32\rpcnet.exe =>.Absolute Software Corp.®
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) - C:\Windows\System32\schedsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SecurityHealthAgent.dll (SecurityHealthService) . (.Microsoft Corporation - Windows Security Health Service.) - C:\Windows\System32\SecurityHealthService.exe =>.Microsoft Windows Publisher®
O23 - Service: Windows Remediation Service (sedsvc) . (.Microsoft Corporation - sedsvc.) - C:\Program Files\rempl\sedsvc.exe =>.Microsoft Windows®
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) - C:\Windows\System32\Sens.dll =>.Microsoft Corporation
O23 - Service: Microsoft Ms (Service1) . (...) - C:\Windows\system32\service.exe (.not file.)
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) - C:\Windows\System32\shsvcs.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Application sous-système spouleur.) - C:\Windows\System32\spoolsv.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Service de la plateforme de protection logi.) - C:\Windows\System32\sppsvc.exe =>.Microsoft Windows®
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
O23 - Service: C:\Windows\System32\wiaservc.dll (StiSvc) . (.Microsoft Corporation - Service de périphériques d’images fixes.) - C:\Windows\System32\wiaservc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - Hôte de service Superfetch.) - C:\Windows\System32\sysmain.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) - C:\Windows\System32\SystemEventsBrokerServer.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) - C:\Windows\System32\themeservice.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\Windows\System32\usermgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - DLL du service de gestion des connexions Wi.) - C:\Windows\System32\wcmsvc.dll =>.Microsoft Corporation
O23 - Service: DHCP Service (WifiSrv) . (. - DHCP Service.) - C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe =>.Microsoft Corporation®
O23 - Service: C:\Windows\System32\wbem\WMIsvc.dll (winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wlansvc.dll (Wlansvc) . (.Microsoft Corporation - DLL du service de configuration automatique.) - C:\Windows\System32\wlansvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) - C:\Windows\System32\WpnService.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Service utilisateur de notifications Push W.) - C:\Windows\System32\WpnUserService.dll =>.Microsoft Corporation
O23 - Service: Service utilisateur de notifications Push Windows_3bde6 (WpnUserService_3bde6) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Service Centre de sécurité de Windows.) - C:\Windows\System32\wscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - C:\Windows\System32\SearchIndexer.exe =>.Microsoft Corporation
---\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (13) - 7s
SS - Demand [05/09/2018] [ 335872] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [28/07/2011] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files\netcut\services\aips.exe =>.arcai.com
SR - Auto [22/02/2018] [ 94728] FLService (FLService) . (.NewSoftwares.net.) - C:\Windows\System32\WinFLService.exe =>.NewSoftwares.net, Inc SDN. BHD.®
SR - Auto [29/06/2017] [ 1659456] Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc..) - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated®
SR - Auto [12/04/2018] [ 153168] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [12/04/2018] [ 153168] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [05/09/2018] [ 177104] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [14/11/2016] [ 677312] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation®
SR - Auto [10/11/2016] [ 391472] RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\OSTotoHotspot\RaRegistry.exe =>.Mediatek Inc.®
SR - Auto [16/01/2018] [ 78032] Remote Procedure Call (RPC) Net (rpcnet) . (.Absolute Software Corp..) - C:\Windows\System32\rpcnet.exe =>.Absolute Software Corp.®
SR - Auto [14/11/2016] [ 426040] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
SS - Demand [11/09/2017] [ 33224] SHAREit Hotspot Service (uSHAREitSvc) . (.SHAREit Technologies Co.Ltd.) - C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe =>.SHAREit Technologies Co.Ltd®
SR - Auto [10/11/2016] [ 194216] DHCP Service (WifiSrv) . (...) - C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
---\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (12) - 9s
O38 - TASK: {3479E8F6-469F-4EDE-94F4-4DF041396DEE}[\Driver Booster SkipUAC (Charaf)] - (.IObit - Driver Booster.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe [5486880] =>.IObit
O38 - TASK: {65B221D3-B276-4280-9CB5-D41F0C95A179}[\GoogleUpdateTaskMachineUA] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {995A097D-50D1-43EC-9AB6-1D0B5AB299C4}[\GoogleUpdateTaskMachineCore] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {BA953E2F-EBC0-480B-96C9-668C68DB613F}[\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 30.0 r0.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [335872] =>.Adobe Systems Incorporated
O38 - TASK: {FD1B0449-85A9-42A6-9840-3EC4F903A308}[\GlaryInitialize 5] - (.Glarysoft Ltd - Glary Utilities Initialize.) -- C:\Program Files\Glary Utilities 5\Initialize.exe [135120] =>.Glarysoft Ltd
O38 - TASK: {FFC7EF5C-81F5-4513-80CE-A04BB96D41BE}[\Adobe Flash Player NPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [1449472] =>.Adobe Systems Incorporated
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Charaf) - (.IObit.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe [/skipuac] =>.IObit
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [/ua ./ua] =>.Google Inc.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [/c] =>.Google Inc.
C:\Windows\System32\Tasks\Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [] =>.Adobe Systems Incorporated
C:\Windows\System32\Tasks\GlaryInitialize 5 - (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities 5\Initialize.exe [] =>.Glarysoft Ltd
C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [-check plugin.-check] =>.Adobe Systems Incorporated
---\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (13) - 1s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [Ad Muncher] . (.Murray Hurps Software Pty Ltd - Ad Muncher.) -- C:\Program Files\Ad Muncher\AdMunch.exe =>.Murray Hurps Software Pty Ltd®
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE =>.Power Software Limited®
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe =>.Lanzhou Itanium Software Technology Co., Ltd.®
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKCU\..\Run: [FLBackup] . (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe =>.Glarysoft LTD®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4089965892-2185791453-417247309-1001\..\Run: [FLBackup] . (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O4 - HKUS\S-1-5-21-4089965892-2185791453-417247309-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\S-1-5-21-4089965892-2185791453-417247309-1001\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe =>.Glarysoft LTD®
---\ PROCESSUS LANCÉS (22) - 21s
[MD5.9910AA3A3CDD29AA542ABEE305F7A072] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) -- C:\Windows\System32\nvvsvc.exe [677312] [PID.1684] =>.NVIDIA Corporation®
[MD5.843F16D234D03756B9EB6054B5C62FAA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [426040] [PID.1692] =>.NVIDIA Corporation®
[MD5.89FAC2D528A321A52B5CDF04CCBA754E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [946112] [PID.1912] =>.NVIDIA Corporation®
[MD5.9910AA3A3CDD29AA542ABEE305F7A072] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) -- C:\Windows\System32\nvvsvc.exe [677312] [PID.1924] =>.NVIDIA Corporation®
[MD5.2870CE9BFD6BA66FB0FFC6D11C9E41A7] - (.Arcai.com - Arp Intelligent Protection Service.) -- C:\Program Files\netcut\services\aips.exe [262144] [PID.2136] =>.arcai.com
[MD5.81D73EEB3F63770EC5799BC1A175FD42] - (.NewSoftwares.net - Service Application.) -- C:\Windows\System32\WinFLService.exe [94728] [PID.2836] =>.NewSoftwares.net, Inc SDN. BHD.®
[MD5.D764AC84BD49569D61D841700B7E100D] - (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) -- C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456] [PID.2848] =>.Foxit Software Incorporated®
[MD5.E3D78F6FE54B27DE451E350AC908E8B4] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\OSTotoHotspot\RaRegistry.exe [391472] [PID.2880] =>.Mediatek Inc.®
[MD5.DC908AB53016010462F371BBFD3173F5] - (.Absolute Software Corp. - rpcnet.) -- C:\Windows\System32\rpcnet.exe [78032] [PID.2928] =>.Absolute Software Corp.®
[MD5.039D779604E3E86C79F8B65C790B9AA0] - (. - DHCP Service.) -- C:\Program Files\OSTotoHotspot\WifiService.exe [194216] [PID.2996] =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
[MD5.AA7950FEEB5B0D82E4C0B7CF32D900A2] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeHost.exe [75264] [PID.1284] =>.Skype Technologies
[MD5.EDD15222718345DEF9F12336BA2405D1] - (.Murray Hurps Software Pty Ltd - Ad Muncher.) -- C:\Program Files\Ad Muncher\AdMunch.exe [560760] [PID.5620] =>.Murray Hurps Software Pty Ltd®
[MD5.BAC15D03EFC8249216D1D610F3B1E67F] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [695528] [PID.5260] =>.Lanzhou Itanium Software Technology Co., Ltd.®
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.6160]
[MD5.757003A03326CD661AF978F0DDC45FB9] - (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe [277512] [PID.6328] =>.NewSoftwares.net, Inc SDN. BHD.®
[MD5.BFB2F48C7A72ADA3ED8C2673BB99583A] - (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe [1240072] [PID.6520] =>.NewSoftwares.net, Inc SDN. BHD.®
[MD5.9B9E18455568967E22711BDB5E0188BB] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3948600] [PID.6692] =>.Tonec Inc.
[MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [275512] [PID.7316] =>.Tonec Inc.®
[MD5.BB18BAD9445A75AECC4CCC1DC614D740] - (...) -- C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe [1287848] [PID.7752] =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
[MD5.3C2705F767DFE024DA8D89F3B574C9BB] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files\Glary Utilities 5\Integrator.exe [914896] [PID.9380] =>.Glarysoft LTD®
[MD5.B76F080C6E18F167FC5676CAB7700565] - (.Nicolas Coolman - ZHPCleaner.) -- C:\Users\Charaf\Downloads\Programs\ZHPCleaner.exe [3275136] [PID.7304] =>.Nicolas Coolman
[MD5.83DA6D7375F55F993D26B6722BEC3B49] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Charaf\Downloads\Programs\ZHPDiag3.exe [3164032] [PID.8400] =>.Nicolas Coolman
---\ CHROME, Démarrage, Recherche, Extensions (16) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://interceptedby.admuncher.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.arcai.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G2 - GCE: Preference [Charaf][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [Charaf][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [Charaf][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [Charaf][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Charaf][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [Charaf][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Charaf][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [Charaf][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (15) - 6s
M0 - MFSP: prefs.js [Charaf - 5cw32kks.default] http://www.google.com/ =>.Google Inc.
P2 - EXT FILE: (.uBlock Origin - .) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\uBlock0@raymondhill.net.xpi =>.uBlock Origin
P2 - EXT FILE: (.Ad-Blocker Pro - Ad-Blocker Pro is the best ad blocker .) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\{246C9D65-51E6-4B0C-9CCF-B081B7BF9242}.xpi
P2 - EXT FILE: (.Popup Blocker Ultimate - Popup Blocker Ultimate.) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi
P2 - EXT FILE: (...) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.webcompat.com.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi =>.webcompat.com
P2 - EXT FILE: (.webcompat.com.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.webcompat.com
P2 - EXT: (...) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\trash =>.Mozilla Corporation
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_30_0_0_154.dll =>.Adobe Systems Incorporated
---\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (8) - 0s
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.16299.371 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\ INTERNET EXPLORER, Site de confiance et site sensible (2) - 0s
~ IE Restricted Site Good: localhost
~ Microsoft Internet Explorer Restricted Site(s) Domains: 1(Good) / 0(Bad)
---\ INTERNET EXPLORER,Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\ ÉTUDE DU FICHIER HOSTS (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (30)
---\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (4) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_162\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: (no name) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} (.Orphan.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_162\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\ INTERNET EXPLORER, Barre d'outil (Toolbar) (1) - 0s
O3 - Toolbar: VIPRE Search Guard Toolbar - [HKLM]{A924C17A-5E94-4E02-BED5-49720BA6F7FA} . (...) -- (.not file.)
---\ RACCOURCIS GLOBAL STARTUP (133) - 29s
O4 - GS\Desktop [Administrateur]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Desktop [Administrateur]: Excel 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Desktop [Administrateur]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Desktop [Administrateur]: Media Player Classic.lnk . (...) C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe
O4 - GS\Desktop [Administrateur]: Movies+Videos+Séries.lnk . (...) D:\Movies+Videos+Séries
O4 - GS\Desktop [Administrateur]: MP3.lnk . (...) D:\MP3
O4 - GS\Desktop [Administrateur]: MPC-HC.lnk . (.MPC-HC Team - MPC-HC.) C:\Program Files\MPC-HC\mpc-hc.exe =>.Fotis Zafiropoulos®
O4 - GS\Desktop [Administrateur]: netcut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Desktop [Administrateur]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [Administrateur]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Desktop [Administrateur]: Photos+Images.lnk . (...) D:\Photos+Images
O4 - GS\Desktop [Administrateur]: PowerPoint 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: Programmes.lnk . (...) D:\Programmes
O4 - GS\Desktop [Administrateur]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\Desktop [Administrateur]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\Desktop [Administrateur]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Charaf\AppData\Local\WhatsApp\WhatsApp.exe =>.WhatsApp
O4 - GS\Desktop [Administrateur]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrateur]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Administrateur]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrateur]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrateur]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Quicklaunch [Administrateur]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Quicklaunch [Administrateur]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Startup [Administrateur]: rugjsavh.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start '' 'C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\rugjsavh\cegdbibf.exe' =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [Administrateur]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [Charaf]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Charaf]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Desktop [Charaf]: Excel 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Charaf]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Desktop [Charaf]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Desktop [Charaf]: Media Player Classic.lnk . (...) C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe
O4 - GS\Desktop [Charaf]: Movies+Videos+Séries.lnk . (...) D:\Movies+Videos+Séries
O4 - GS\Desktop [Charaf]: MP3.lnk . (...) D:\MP3
O4 - GS\Desktop [Charaf]: MPC-HC.lnk . (.MPC-HC Team - MPC-HC.) C:\Program Files\MPC-HC\mpc-hc.exe =>.Fotis Zafiropoulos®
O4 - GS\Desktop [Charaf]: netcut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Desktop [Charaf]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [Charaf]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Desktop [Charaf]: Photos+Images.lnk . (...) D:\Photos+Images
O4 - GS\Desktop [Charaf]: PowerPoint 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Charaf]: Programmes.lnk . (...) D:\Programmes
O4 - GS\Desktop [Charaf]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\Desktop [Charaf]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\Desktop [Charaf]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Charaf\AppData\Local\WhatsApp\WhatsApp.exe =>.WhatsApp
O4 - GS\Desktop [Charaf]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Charaf]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Charaf]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Quicklaunch [Charaf]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Charaf]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Quicklaunch [Charaf]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Charaf]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Quicklaunch [Charaf]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Quicklaunch [Charaf]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\sendTo [Charaf]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Charaf]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Charaf]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Charaf]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Startup [Charaf]: rugjsavh.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start '' 'C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\rugjsavh\cegdbibf.exe' =>.Microsoft Corporation
O4 - GS\Programs [Charaf]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [Charaf]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [WDAGUtilityAccount]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Desktop [WDAGUtilityAccount]: Excel 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Desktop [WDAGUtilityAccount]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Desktop [WDAGUtilityAccount]: Media Player Classic.lnk . (...) C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe
O4 - GS\Desktop [WDAGUtilityAccount]: Movies+Videos+Séries.lnk . (...) D:\Movies+Videos+Séries
O4 - GS\Desktop [WDAGUtilityAccount]: MP3.lnk . (...) D:\MP3
O4 - GS\Desktop [WDAGUtilityAccount]: MPC-HC.lnk . (.MPC-HC Team - MPC-HC.) C:\Program Files\MPC-HC\mpc-hc.exe =>.Fotis Zafiropoulos®
O4 - GS\Desktop [WDAGUtilityAccount]: netcut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Desktop [WDAGUtilityAccount]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [WDAGUtilityAccount]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Desktop [WDAGUtilityAccount]: Photos+Images.lnk . (...) D:\Photos+Images
O4 - GS\Desktop [WDAGUtilityAccount]: PowerPoint 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: Programmes.lnk . (...) D:\Programmes
O4 - GS\Desktop [WDAGUtilityAccount]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\Desktop [WDAGUtilityAccount]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\Desktop [WDAGUtilityAccount]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Charaf\AppData\Local\WhatsApp\WhatsApp.exe =>.WhatsApp
O4 - GS\Desktop [WDAGUtilityAccount]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [WDAGUtilityAccount]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Quicklaunch [WDAGUtilityAccount]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [WDAGUtilityAccount]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Startup [WDAGUtilityAccount]: rugjsavh.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start '' 'C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\rugjsavh\cegdbibf.exe' =>.Microsoft Corporation
O4 - GS\Programs [WDAGUtilityAccount]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [WDAGUtilityAccount]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\CommonDesktop [Public]: BQ Firmware Flash Tool.lnk . (.BQ - App for flashing the last firmware in BQ de.) C:\BQ\BQ_Firmware_Flash_Tool\bq_flash_tool.exe
O4 - GS\CommonDesktop [Public]: Driver Booster 5.lnk . (.IObit - Driver Booster.) C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe =>.IObit
O4 - GS\CommonDesktop [Public]: EaseUS Data Recovery Wizard.lnk . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Data Recovery Wizard.) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRW.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Folder Lock.lnk . (.NewSoftwares.net. - Folder Lock Application.) C:\Program Files\NewSoftware's\Folder Lock\Folder Lock.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Hide IP Easy.lnk . (.easy-hideip.com - Hide IP Easy.) C:\Program Files\HideIPEasy\HideIPEasy.exe
O4 - GS\CommonDesktop [Public]: Minimal ADB and Fastboot.lnk . (...) C:\Program Files\Minimal ADB and Fastboot\cmd-here.exe
O4 - GS\CommonDesktop [Public]: PowerISO.lnk . (.Power Software Ltd - PowerISO.) C:\Program Files\PowerISO\PowerISO.exe =>.Power Software Limited®
O4 - GS\CommonDesktop [Public]: RAR Password Unlocker.lnk . (.Password Unlocker, Inc. - Rar Password Unlocker.) C:\Program Files\RAR Password Unlocker\RAR Password Unlocker.exe =>.Password Unlocker, Inc.
O4 - GS\CommonDesktop [Public]: USB Disk Security.lnk . (.Zbshareware Lab - USB Disk Security.) C:\Program Files\USB Disk Security\USBGuard.exe =>.Lanzhou Itanium Software Technology Co., Ltd.®
O4 - GS\Programs [Public]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [Public]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\Windows\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: BQ Firmware Flash Tool.lnk . (.BQ - App for flashing the last firmware in BQ de.) C:\BQ\BQ_Firmware_Flash_Tool\bq_flash_tool.exe
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\Control.exe =>.Microsoft Corporation
---\ MODIFICATION DOMAINE/ADRESSES (DNS) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\..\{17865674-c589-4de1-8dce-dbacc33cb4b6}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{730d5cc8-6202-4e62-bf72-be0fb6cd0613}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{7c1e32b5-8cb7-4447-8573-ed87ff7598ae}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{ac2fb6c8-0107-4572-ad9b-a57797361313}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
---\ PROTOCOLE ADDITIONNEL (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®
---\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (5) - 1s
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe =>.Google Inc®
---\ LOGICIELS INSTALLÉS (217) - 45s
O42 - Logiciel: Ad Muncher v4.94.34121 (Free) - (..) [HKLM] -- Ad Muncher =>.Murray Hurps Software Pty Ltd®
O42 - Logiciel: Adobe Flash Player 30 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Assistant Mise à jour de Windows 10 - (.Microsoft Corporation.) [HKLM] -- {D5C69738-B486-402E-85AC-2456D98A64E4} =>.Microsoft Corporation®
O42 - Logiciel: BQ Firmware Flash Tool version 3.0.4 - (.Mundo Reader S.L..) [HKLM] -- {58946287-F553-4D93-AC53-8296836A500A}_is1
O42 - Logiciel: BQ Handset USB Driver 1.0 - (..) [HKLM] -- USB Driver_is1
O42 - Logiciel: Definition Update for Microsoft Office 2013 (KB3115404) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96903939-431D-4BD1-ADCD-B578900397D7} =>.Microsoft Corporation®
O42 - Logiciel: DLL Suite 9.0 - (.dllsuite.com.) [HKLM] -- {E557052E-9828-40E4-BFF6-311D3E89DB81}_is1 =>.dllsuite.com
O42 - Logiciel: Driver Booster 5 - (.IObit.) [HKLM] -- Driver Booster_is1 =>.IObit Information Technology®
O42 - Logiciel: EaseUS Data Recovery Wizard - (.EaseUS.) [HKLM] -- EaseUS Data Recovery Wizard_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.®
O42 - Logiciel: Folder Lock - (.New Softwares.net.) [HKLM] -- Folder Lock =>.NewSoftwares.net, Inc SDN. BHD.®
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Glary Utilities 5.102 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities 5 =>.Glarysoft LTD®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hard Disk Low Level Format Tool 4.40 - (.HDDGURU.) [HKLM] -- Hard Disk Low Level Format Tool_is1 =>.HDDGURU
O42 - Logiciel: Hide IP Easy - (..) [HKLM] -- HideIPEasy
O42 - Logiciel: Internet Download Manager - (.Tonek Inc..) [HKLM] -- Internet Download Manager =>.Tonek Inc.
O42 - Logiciel: Java 8 Update 162 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180162F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: K-Lite Codec Pack 14.0.0 Basic - (.KLCP.) [HKLM] -- KLiteCodecPack_is1 =>.KLCP
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Korrekturhilfen 2013 - Deutsch - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OSM MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00E1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OSM UX MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00E2-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professional Plus 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professionnel Plus 2013 - (.Microsoft Corporation.) [HKLM] -- Office15.PROPLUS =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Proofing (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-002C-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - English - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - Español - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - Nederlands - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - اللغة العربية - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM] -- {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM] -- {B175520C-86A2-35A7-8619-86DC379688B9} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM] -- {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 - (.Microsoft Corporation.) [HKLM] -- {61087a79-ac85-455c-934d-1fa22cc64f36} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 - (.Microsoft Corporation.) [HKLM] -- {7DAD0258-515C-3DD4-8964-BD714199E0F7} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 - (.Microsoft Corporation.) [HKLM] -- {E30D8B21-D82D-3211-82CC-0F0A5D1495E8} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 - (.Microsoft Corporation.) [HKLM] -- {cb7c3049-21de-415b-bd85-b65c14e547df} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25017 - (.Microsoft Corporation.) [HKLM] -- {68306422-7C57-373F-8860-D26CE4BA2A15} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25017 - (.Microsoft Corporation.) [HKLM] -- {582EA838-9199-3518-A05C-DB09462F68EC} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - (.Microsoft Corporation.) [HKLM] -- {4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual Studio 2010 Tools for Office Runtime (x86) =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - - (.Microsoft Corporation.) [HKLM] -- {EC1FEA55-73CC-3A5F-BF47-B340B842C058} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation
O42 - Logiciel: Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA =>.Microsoft Corporation®
O42 - Logiciel: Mozilla Firefox 61.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 61.0.2 (x86 fr) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MPC-HC 1.7.13 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 =>.Fotis Zafiropoulos®
O42 - Logiciel: NetCut 2.1.4 - (.arcai.com.) [HKLM] -- NetCut_is1 =>.arcai.com
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.17.0524 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote 3D Vision 342.01 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.30.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote graphique 342.01 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo =>.NVIDIA Corporation®
O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM] -- OpenAL =>.Creative Labs Inc®
O42 - Logiciel: OSTotoHotspot - (..) [HKLM] -- OSTotoHotspot =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O42 - Logiciel: Outils de vérification linguistique 2013 de Microsoft Office - Français - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Panneau de configuration NVIDIA 342.01 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: RAR Password Unlocker 4.2.0.0 - (.Password Unlocker Studio.) [HKLM] -- {B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1 =>.Password Unlocker Studio
O42 - Logiciel: RAR Repair Tool v.4.0 - (.ZRT Labs.) [HKLM] -- RAR Repair Tool_is1 =>.ZRT Labs
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AC01A2CB-2754-4F70-9645-50F516CC2F03} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}_Office15.PROPLUS_{AC01A2CB-2754-4F70-9645-50F516CC2F03} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft InfoPath 2013 (KB3162075) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{618C6154-0B5C-4448-B6AC-615942DDB39D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3039746) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB111BDB-315E-4D9B-A337-AAA7E4B20571} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3039794) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5C7851D1-B548-4BFE-A4FC-DF1967857A47} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3039798) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2113B49B-7A19-4592-863E-CD4124792AAE} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3213564) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{66B828E2-7C7D-46AF-93AB-5C2DAA285260} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022182) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{89285BEE-B2B3-43A8-A20D-294BAA218421} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022188) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{18D2E3B4-34A4-49A7-9E08-6A35049A7F89} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022188) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{18D2E3B4-34A4-49A7-9E08-6A35049A7F89} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022189) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1CFB07F8-17F2-4C42-8D83-4E65947141F0} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Outlook 2013 (KB4032240) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{461D59C1-8F3C-4DA7-BD92-BBE1343C67AA} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Outlook 2013 (KB4032240) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{461D59C1-8F3C-4DA7-BD92-BBE1343C67AA} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3191937) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{51ACADB4-830D-41A6-82C5-C7AE9437E349} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE}_Office15.PROPLUS_{351E3E84-CD58-401D-AEFD-147BDBBAA1C7} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{55A588B8-2D30-4B60-AB09-5DB57C592B81} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{1F79A96A-2A70-45B3-8A5C-79DA61952879} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{9BB6CB7C-80E3-4F73-8A82-E3D88A3721BE} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE}_Office15.PROPLUS_{33ADBDF0-040B-4375-8303-0634AB069C5E} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{64B94D95-B6EC-4E25-832F-D15B13ACFB0C} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-002C-040C-0000-0000000FF1CE}_Office15.PROPLUS_{D90F0B03-8B58-4E72-993E-4ECA65C04BA2} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{95678FB2-1310-429F-91FC-6FE9B5701E1E} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E2-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Setup - (.Microsoft.) [HKLM] -- {70373427-4870-4266-8432-9D042196A06B} =>.Microsoft
O42 - Logiciel: SHAREit - (.SHAREit Technologies Co.Ltd.) [HKLM] -- www.ushareit.com_is1 =>.SHAREit Technologies Co.Ltd
O42 - Logiciel: Switch Off - (.YaSoft.) [HKLM] -- SwitchOff =>.YaSoft
O42 - Logiciel: TeraCopy 2.27 - (.Code Sector.) [HKLM] -- TeraCopy_is1 =>.Code Sector®
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: Update for Microsoft InfoPath 2013 (KB3114946) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6120444C-EB75-452F-A0EA-1ADADC4B4B3F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft InfoPath 2013 (KB3114946) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}_Office15.PROPLUS_{6120444C-EB75-452F-A0EA-1ADADC4B4B3F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft InfoPath 2013 (KB3114946) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{6120444C-EB75-452F-A0EA-1ADADC4B4B3F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FFF87DE6-6602-4F65-BD75-D481E0539DCD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7A9AB1AE-98B5-4B45-86B8-33A7B946D7CA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2889863) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{52064DE8-AF91-4EAC-8B57-CECA10E8C1C0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{87F6726E-6F99-42F0-8E11-55D798E57DD5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3023049) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E4B6204A-AC54-477D-9AEF-3D420EF162A2} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3023052) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FC017EDD-645B-44D8-9D84-623DE069F1B9} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3023052) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{FC017EDD-645B-44D8-9D84-623DE069F1B9} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039701) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{83DE9B8F-E294-411F-977F-4707E6424BBB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-002C-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E2-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039756) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BF493817-CADD-4F13-BB51-598FBABB521A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039766) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B7382DD-C92C-4942-BFE6-9B892B915E5C} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039778) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8D1685F4-1C36-4AB5-ACC0-486A6BE71435} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039795) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{36AF42FA-AF90-4A4F-BC2D-2D4863818E65} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3054856) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF0A4C57-A2D2-4ACA-9DF5-23DB94A718A1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3055007) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BA623BBA-817A-4B29-94D7-6ACFB24DB409} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3085587) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AA8C16EA-D595-47E0-9F49-101C11B860E8} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3101503) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{07BE4996-5557-4A17-9B98-AD57883607EA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3114488) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5C568FE6-A269-4A88-8256-DC1A8B89E622} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3114499) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BB92A877-3443-4FAF-B4BB-470B9792AFBE} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3127916) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C90D79C2-2B75-493B-9850-E8677FD7B1E1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172443) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B0C449E5-4975-49B4-8FB4-66DBBB843905} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172471) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B61C3564-4E7B-49FE-9220-9836DBC49BB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172506) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2741B1B7-443F-4C06-BA38-DBFBF0448679} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE}_Office15.PROPLUS_{A4E2523D-FA3F-4F6D-9527-F356A8FFB040} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{D81CB2A0-F65E-4F2B-A902-86A7D6CF5676} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{1101EE52-BCE7-4682-8CC7-AB2875ECE9FD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{35811308-2CBE-4303-95A2-D2D46F3C99B6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE}_Office15.PROPLUS_{1991B6C7-A932-4A09-B370-B6E6375F76F7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{6DF45348-1D51-4AD5-9D63-63BA8A3BF9E8} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172523) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FDF6648B-BF62-4CC7-94D3-0944ACD4A07D} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172545) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{0D50B52F-AB5A-44B7-A67C-2DE4F61443D0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3191872) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{68AD8B09-DD14-4875-A4DB-E04F6FF7ECCB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3191872) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{68AD8B09-DD14-4875-A4DB-E04F6FF7ECCB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4011155) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7A41ACD-C1EA-4628-BCD2-8CA7AA8DDB29} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4018333) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB18969F-C317-48CF-AF5B-275D3B7650D1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4018333) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{FB18969F-C317-48CF-AF5B-275D3B7650D1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4018378) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2FDF7953-75A9-4341-A769-EC0CAA09FFF3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4022212) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FC519FD8-5B83-4761-B02C-13DF5B2D9598} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4022233) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ACD4ABA2-6B0F-4654-B981-D3A76C42AAFE} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4092469) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5E656E55-B9F4-4E55-A79D-84C6B15673D4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4092469) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{5E656E55-B9F4-4E55-A79D-84C6B15673D4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB4022226) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB83D80E-C78E-41B0-8D08-4FAD6889E867} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB4022226) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}_Office15.PROPLUS_{FB83D80E-C78E-41B0-8D08-4FAD6889E867} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2013 (KB4011281) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AF09D88A-0206-40F1-B7A0-AE15CCFAC61A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2013 (KB4011281) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{AF09D88A-0206-40F1-B7A0-AE15CCFAC61A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Outlook Social Connector 2013 (KB3054854) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3A2EB2A7-9F2D-4FA0-AE80-AD1A5A02A7AA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Outlook Social Connector 2013 (KB3054854) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{3A2EB2A7-9F2D-4FA0-AE80-AD1A5A02A7AA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2013 (KB4018374) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5EC6B66A-047B-4122-9EAE-7AC1CB75F7D5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2013 (KB4018374) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{5EC6B66A-047B-4122-9EAE-7AC1CB75F7D5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Publisher 2013 (KB3114329) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C4B41052-3F51-4B6A-80E3-DE0518506C13} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Publisher 2013 (KB3114329) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C4B41052-3F51-4B6A-80E3-DE0518506C13} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Word 2013 (KB3162081) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{42064CFD-BA0C-4FA7-BC6B-1192C2F6DDFD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB4092457) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB4092457) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Windows 10 (KB4023057) - (.Microsoft Corporation.) [HKLM] -- {8305B258-8F4B-4280-B5F4-DD15DC04E40A} =>.Microsoft Corporation
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1 =>.Zbshareware Lab
O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU] -- WhatsApp =>.WhatsApp
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH
---\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (133) - 45s
HKLM\SOFTWARE\AdMuncher
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\AMD =>.AMD
HKLM\SOFTWARE\Arcai =>.Arcai.com
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\aW5ub3ZhbmF0aGlua2xhYnMuY29t
HKLM\SOFTWARE\Babylon =>Adware.Babylon
HKLM\SOFTWARE\Code Sector =>.Code Sector
HKLM\SOFTWARE\DRWNewFree =>.Unknown
HKLM\SOFTWARE\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\FDT
HKLM\SOFTWARE\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\GlarySoft =>.GlarySoft
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HideIPEasy
HKLM\SOFTWARE\Icaros =>.Icaros
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\INextUUID
HKLM\SOFTWARE\innovanathinklabs.com
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\LphcmModem
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NewSoftware's =>.NewSoftware's
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\OpenAL =>.Open Audio Library
HKLM\SOFTWARE\Oracle =>.Oracle
HKLM\SOFTWARE\OSTotoHotspot =>.SUP.DriveTheLife
HKLM\SOFTWARE\PowerISO =>.PowerISO Computing
HKLM\SOFTWARE\Ralink =>.Ralink
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Schneider Electric =>.Schneider Electric
HKLM\SOFTWARE\SHAREit Technologies =>..SUP.SHAREit
HKLM\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\XinYi Network =>.XinYi Network
HKLM\SOFTWARE\YaSoft =>.YaSoft
HKLM\SOFTWARE\WOW6432Node\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKCU\SOFTWARE\All-Radio
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Arcai.com =>.Arcai.com
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\Code Sector =>.Code Sector
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\FLEXnet =>.FlexNet
HKCU\SOFTWARE\Foxit Software =>.Foxit Software
HKCU\SOFTWARE\Glarysoft =>.GlarySoft
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Icaros =>.Icaros
HKCU\SOFTWARE\innovanathinklabs.com
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NewSoftware's =>.NewSoftware's
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OSTotoHotspot =>.SUP.DriveTheLife
HKCU\SOFTWARE\PowerISO =>.PowerISO Computing
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\VIPRE
HKCU\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\XinYi Network =>.XinYi Network
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\ZRT Labs =>.ZRT Labs
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint =>.ThinPrint
HKU\.DEFAULT\SOFTWARE\AMD =>.AMD
HKU\.DEFAULT\SOFTWARE\Arcai.com =>.Arcai.com
HKU\.DEFAULT\SOFTWARE\ATI =>.ATI
HKU\.DEFAULT\SOFTWARE\FLEXnet =>.FlexNet
HKU\.DEFAULT\SOFTWARE\Foxit Software =>.Foxit Software
HKU\.DEFAULT\SOFTWARE\Google =>.Google
HKU\.DEFAULT\SOFTWARE\JavaSoft =>.JavaSoft
HKU\.DEFAULT\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\Schneider Electric =>.Schneider Electric
HKU\.DEFAULT\SOFTWARE\SetID =>.Bitdefender
HKU\.DEFAULT\SOFTWARE\WOT Services =>.WOT Services
HKU\.DEFAULT\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\WIFISTARTFLAG
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\All-Radio
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Arcai.com =>.Arcai.com
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ATI =>.ATI
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Code Sector =>.Code Sector
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\DownloadManager =>.DownloadManager
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\FLEXnet =>.FlexNet
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Foxit Software =>.Foxit Software
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Glarysoft =>.GlarySoft
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Google =>.Google
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Icaros =>.Icaros
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\innovanathinklabs.com
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\JavaSoft =>.JavaSoft
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Macromedia =>.Macromedia
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\MPC-HC =>.MPC-HC Team
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\NewSoftware's =>.NewSoftware's
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\OSTotoHotspot =>.SUP.DriveTheLife
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\PowerISO =>.PowerISO Computing
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\VIPRE
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\XinYi Network =>.XinYi Network
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ZHP =>.Nicolas Coolman
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ZRT Labs =>.ZRT Labs
---\ CONTENU DES DOSSIERS PROGRAMMES (247) - 20s
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Ad Muncher =>.Murray Hurps Software Pty Ltd®
O43 - CFD: 09/01/2018 - [] D -- C:\Program Files\AMD =>.AMD
O43 - CFD: 13/04/2018 - [] D -- C:\Program Files\arcai.com =>.Arcai.com
O43 - CFD: 26/11/2017 - [] D -- C:\Program Files\BQ Handset USB Driver
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\DLL Suite =>.DLL Suite
O43 - CFD: 01/08/2018 - [] D -- C:\Program Files\EaseUS =>.EaseUS Software
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation
O43 - CFD: 27/11/2017 - [] D -- C:\Program Files\Foxit Software =>.Foxit Software
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Glary Utilities 5 =>.GlarySoft
O43 - CFD: 13/04/2018 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 04/11/2017 - [] D -- C:\Program Files\HDDGURU LLF Tool
O43 - CFD: 15/01/2018 - [] D -- C:\Program Files\HideIPEasy
O43 - CFD: 30/10/2017 - [] HD -- C:\Program Files\InstallShield Installation Information =>.InstallShield
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/04/2018 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\IObit =>.IObit
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\iRoot =>.Shenzhen Xinyi Network Ltd
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\Java =>.Oracle
O43 - CFD: 22/02/2018 - [] D -- C:\Program Files\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Microsoft Toolkit Final =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft XNA =>.Microsoft Corporation
O43 - CFD: 24/07/2018 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 29/03/2018 - [] D -- C:\Program Files\Minimal ADB and Fastboot
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 16/01/2018 - [] D -- C:\Program Files\MPC-HC =>.MPC-HC Team
O43 - CFD: 02/12/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 14/04/2018 - [] D -- C:\Program Files\netcut =>.Arcai.com
O43 - CFD: 22/02/2018 - [] D -- C:\Program Files\NewSoftware's =>.NewSoftware's
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\OpenAL =>.Open Audio Library
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files\OSTotoHotspot =>.OSToto Co
O43 - CFD: 03/11/2017 - [] D -- C:\Program Files\PowerISO =>.PowerISO Computing
O43 - CFD: 05/07/2018 - [] D -- C:\Program Files\RAR Password Unlocker =>.DNSoft
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Rar Repair Tool
O43 - CFD: 10/11/2017 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 02/12/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files\rempl =>.Microsoft Windows®
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\SHAREit Technologies =>.SHAREit Technologies Co.Ltd®
O43 - CFD: 04/11/2017 - [] D -- C:\Program Files\Switch Off =>.YaSoft
O43 - CFD: 03/02/2018 - [] D -- C:\Program Files\TeraCopy =>.Code Sector Inc.
O43 - CFD: 27/10/2017 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files\Unlocker =>.Cedrick Collomb
O43 - CFD: 22/02/2018 - [] D -- C:\Program Files\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 13/04/2018 - [] D -- C:\Program Files\VIPRE =>.VIPRE
O43 - CFD: 12/04/2018 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 26/02/2018 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 26/02/2018 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Program Files\windows nt =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher
O43 - CFD: 26/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com =>.Arcai.com
O43 - CFD: 26/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BQ Handset USB Driver
O43 - CFD: 15/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Suite 9.0
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 =>.IObit
O43 - CFD: 01/08/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard =>.EaseUS Software
O43 - CFD: 23/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Lock
O43 - CFD: 27/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader =>.Foxit Corporation
O43 - CFD: 23/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 =>.GlarySoft
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
O43 - CFD: 15/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP Easy
O43 - CFD: 12/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 22/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 22/02/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft =>.Lavasoft
O43 - CFD: 29/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 16/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC =>.MPC-HC Team
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSTotoHotspot =>.OSToto Co
O43 - CFD: 03/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO =>.PowerISO Computing
O43 - CFD: 05/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker =>.DNSoft
O43 - CFD: 23/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rar Repair Tool
O43 - CFD: 12/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit =>.Lenovo Group Limited
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 26/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 03/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy =>.Code Sector Inc.
O43 - CFD: 22/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\160WIFI =>.OSToto Co
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Ad Muncher
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 05/07/2018 - [0] D -- C:\ProgramData\Babylon =>Adware.Babylon
O43 - CFD: 22/02/2018 - [0] D -- C:\ProgramData\BSD =>.Berkeley
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation
O43 - CFD: 29/08/2018 - [] D -- C:\ProgramData\CTES
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 03/12/2017 - [] D -- C:\ProgramData\FLEXnet =>.Flexera Software
O43 - CFD: 27/11/2017 - [] D -- C:\ProgramData\Foxit ContentPlatform =>.Foxit Corporation
O43 - CFD: 27/11/2017 - [] D -- C:\ProgramData\Foxit Software =>.Foxit Software
O43 - CFD: 01/08/2018 - [] D -- C:\ProgramData\GlarySoft =>.GlarySoft
O43 - CFD: 15/01/2018 - [] D -- C:\ProgramData\HideIPEasy
O43 - CFD: 23/07/2018 - [0] D -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 03/12/2017 - [] D -- C:\ProgramData\InstallShield =>.InstallShield
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation
O43 - CFD: 13/04/2018 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 25/02/2018 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [0] D -- C:\ProgramData\Ralink =>.Ralink
O43 - CFD: 01/08/2018 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 12/12/2017 - [] D -- C:\ProgramData\Schneider Electric =>.Schneider Electric
O43 - CFD: 29/09/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 29/10/2017 - [] D -- C:\ProgramData\VIPRE =>.VIPRE
O43 - CFD: 18/07/2018 - [] D -- C:\ProgramData\VMware =>.VMware
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 03/12/2017 - [] D -- C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\Common Files\Java =>.Oracle
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Common Files\system =>.Microsoft Corporation
O43 - CFD: 26/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\ADBDriverInstaller =>.Samsung Electronics
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Babylon =>Adware.Babylon
O43 - CFD: 23/07/2018 - [0] D -- C:\Users\Charaf\AppData\Roaming\DiskDefrag =>.Auslogics Software
O43 - CFD: 05/09/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 04/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\DtlWifi =>.OSToto Co
O43 - CFD: 03/12/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\FLEXnet =>.Flexera Software
O43 - CFD: 27/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Foxit AgentInformation =>.Foxit Corporation
O43 - CFD: 27/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 23/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\GlarySoft =>.GlarySoft
O43 - CFD: 15/01/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\HideIPEasy
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\IDM =>.IDM
O43 - CFD: 30/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\IObit =>.IObit
O43 - CFD: 15/01/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 03/12/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Macrovision =>.Macrovision
O43 - CFD: 12/04/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\mgyun =>.mgyun.com
O43 - CFD: 16/01/2018 - [] SD -- C:\Users\Charaf\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 03/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\PowerISO =>.PowerISO Computing
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\RAR_Password_Unlocker_4.2.0
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 18/07/2018 - [0] D -- C:\Users\Charaf\AppData\Roaming\Task Scheduler Host
O43 - CFD: 03/02/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\TeraCopy =>.Code Sector Inc.
O43 - CFD: 20/04/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Umeng
O43 - CFD: 18/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Viber =>.Viber
O43 - CFD: 18/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\VMware =>.VMware
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\WhatsApp =>.WhatsApp
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 22/02/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Zbshareware Lab =>.Zbshareware Lab
O43 - CFD: 06/09/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/09/2018 - [0] D -- C:\Users\Charaf\AppData\Local\Adobe =>.Adobe
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Charaf\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\Babylon =>Adware.Babylon
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\DBG =>.DBG
O43 - CFD: 18/07/2018 - [0] D -- C:\Users\Charaf\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 12/04/2018 - [] D -- C:\Users\Charaf\AppData\Local\Google =>.Google
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Charaf\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 16/01/2018 - [] D -- C:\Users\Charaf\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 09/08/2018 - [] D -- C:\Users\Charaf\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\mpress =>.MPress
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Local\PlaceholderTileLogoFolder =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 09/01/2018 - [] D -- C:\Users\Charaf\AppData\Local\RadeonInstaller
O43 - CFD: 12/04/2018 - [] D -- C:\Users\Charaf\AppData\Local\SHAREit Technologies
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 06/09/2018 - [] D -- C:\Users\Charaf\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Charaf\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\VIPRE =>.VIPRE
O43 - CFD: 26/11/2017 - [] D -- C:\Users\Charaf\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\VMware =>.VMware
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\WhatsApp =>.WhatsApp
O43 - CFD: 05/09/2018 - [] D -- C:\Users\Charaf\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 27/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Users\Charaf\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 16/01/2018 - [] SD -- C:\Users\Charaf\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [0] D -- C:\Users\Charaf\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 26/11/2017 - [] D -- C:\Users\Charaf\Desktop\bootloader_tools
O43 - CFD: 06/03/2018 - [] D -- C:\Users\Charaf\Desktop\idm.Patch.MyEgy
O43 - CFD: 22/02/2018 - [] D -- C:\Users\Charaf\Desktop\idman.Patch.MyEgy.EGYGO
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\Desktop\Re-Loader Activator v2.2
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 14/04/2018 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 23/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 29/09/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 04/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switch Off =>.YaSoft
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker =>.Cedrick Collomb
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp =>.WhatsApp
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 04/11/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\DataSharing =>.DataSharing
O43 - CFD: 29/10/2017 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\DBG =>.DBG
O43 - CFD: 18/07/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 03/07/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 09/01/2018 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 12/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\SHAREit Technologies
O43 - CFD: 12/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 29/10/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\TokenBroker
O43 - CFD: 27/10/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\VipreEdgeProtection
O43 - CFD: 27/10/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\WebProxy
O43 - CFD: 03/07/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 22/02/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 09/01/2018 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 20/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/07/2018 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\VMware =>.VMware
---\ DERNIERS FICHIERS CRÉÉS DANS WINDOWS Prefetcher (1) - 99s
O45 - LFCP:[MD5.ABAE03A85CDE5FA0B603964986DBEDDA] 01/08/2018 A -- C:\Windows\Prefetch\KMS SERVER SERVICE.EXE-79009524.pf =>HackTool.AutoKMS
---\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
---\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (42) - 5s
O108 - CMH1: EPP - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Extension Microsoft Security Client Shell.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH1: Foxit_ConvertToPDF_Reader - {A94757A0-0226-426F-B4F1-4DF381C630D3} . (.Foxit Software Inc. - ConvertToPDFShellExtension.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll =>.Foxit Software Incorporated®
O108 - CMH1: Glary Utilities - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Glarysoft Ltd - Context Menu Handler.) -- C:\Program Files\Glary Utilities 5\ContextHandler.dll =>.Glarysoft LTD®
O108 - CMH1: ITL Total Security - {EC6FBE09-5A2F-439F-89E5-F8356582FB3A} . (.Orphan.)
O108 - CMH1: ModernSharing - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} . (.Power Software Ltd - PowerISOShell DLL.) -- C:\Program Files\PowerISO\PWRISOSH.DLL =>.Power Software Limited®
O108 - CMH1: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH1: WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.Alexander Roshal
O108 - CMH1: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: OpenContainingFolderMenu - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH2: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH3: CopyAsPathMenu - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: UnlockerShellExtension - {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} . (...) -- C:\Program Files\Unlocker\UnlockerCOM.dll
O108 - CMH4: EPP - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Extension Microsoft Security Client Shell.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH4: Offline Files - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} . (.Power Software Ltd - PowerISOShell DLL.) -- C:\Program Files\PowerISO\PWRISOSH.DLL =>.Power Software Limited®
O108 - CMH4: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH4: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: New - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: NvCplDesktopContext - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\nvshext.dll =>.NVIDIA Corporation®
O108 - CMH5: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH5: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: Foxit_ConvertToPDF_Reader - {A94757A0-0226-426F-B4F1-4DF381C630D3} . (.Foxit Software Inc. - ConvertToPDFShellExtension.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll =>.Foxit Software Incorporated®
O108 - CMH6: Glary Utilities - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Glarysoft Ltd - Context Menu Handler.) -- C:\Program Files\Glary Utilities 5\ContextHandler.dll =>.Glarysoft LTD®
O108 - CMH6: ITL Total Security - {EC6FBE09-5A2F-439F-89E5-F8356582FB3A} . (.Orphan.)
O108 - CMH6: Library Location - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Programme de résolution d’applications.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH6: PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} . (.Power Software Ltd - PowerISOShell DLL.) -- C:\Program Files\PowerISO\PWRISOSH.DLL =>.Power Software Limited®
O108 - CMH6: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH6: UnlockerShellExtension - {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} . (...) -- C:\Program Files\Unlocker\UnlockerCOM.dll
O108 - CMH6: WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.Alexander Roshal
O108 - CMH7: EnhancedStorageShell - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Extension Microsoft Security Client Shell.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH7: Glary Utilities - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Glarysoft Ltd - Context Menu Handler.) -- C:\Program Files\Glary Utilities 5\ContextHandler.dll =>.Glarysoft LTD®
O108 - CMH7: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH7: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
---\ IMAGE FILE EXECUTION OPTIONS (IFEO) (21) - 22s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\drvinst.exe - (.Microsoft Corporation - Module d’installation de pilotes.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\FlashPlayerApp.exe - (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) [DisableExceptionChainValidation\\0] {330000006B78F7B7015C8B4A1300000000006B} =>.Adobe Systems Incorporated
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\MRT.exe - (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) [CFGOptions\\1] =>.Microsoft Corporation®
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\SppExtComObj.exe - (.Microsoft Corporation - KMS Connection Broker.) [Debugger\\KMS-R@1nHook.exe] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
---\ LISTE DES PILOTES DU SYSTÈME (437) - 31s
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) -- C:\Windows\System32\drivers\1394ohci.sys [169984] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [85912] =>.Microsoft Windows®
O58 - SDL:2018/03/01 07:37:36 A . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\Windows\System32\drivers\acpi.sys [508312] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - ACPI Devices Driver.) -- C:\Windows\System32\drivers\AcpiDev.sys [13312] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - ACPIEx Driver.) -- C:\Windows\System32\drivers\acpiex.sys [90520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) -- C:\Windows\System32\drivers\acpipagr.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\Windows\System32\drivers\acpipmi.sys [9728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ACPI Wake Alarm.) -- C:\Windows\System32\drivers\acpitime.sys [9728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [1037344] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:05:14 A . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\afd.sys [506272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - Gestionnaire d'appels RAS Agile Vpn Minipor.) -- C:\Windows\System32\drivers\agilevpn.sys [93696] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:46 A . (.Microsoft Corporation - 440 NT AGP Filter.) -- C:\Windows\System32\drivers\AGP440.sys [55648] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:20 A . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\Windows\System32\drivers\ahcache.sys [199168] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:46 A . (.Microsoft Corporation - AMD NT AGP Filter.) -- C:\Windows\System32\drivers\amdagp.sys [55648] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:22 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\amdk8.sys [148480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:22 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\amdppm.sys [146432] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [75160] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [215448] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22936] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:48 A . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\drivers\appid.sys [160160] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - Applocker Filter.) -- C:\Windows\System32\drivers\applockerfltr.sys [13312] =>.Microsoft Corporation
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Microsoft Application Virtualization Stream.) -- C:\Windows\System32\drivers\AppVStrm.sys [92056] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Microsoft Application Virtualization VE Man.) -- C:\Windows\System32\drivers\AppvVemgr.sys [116632] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Microsoft Application Virtualization VFS Fi.) -- C:\Windows\System32\drivers\AppvVfs.sys [109464] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [116632] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:15 A . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\Windows\System32\drivers\asyncmac.sys [20480] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [22936] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:50:32 A . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\drivers\ataport.sys [156056] =>.Microsoft Windows®
O58 - SDL:2018/07/18 17:14:52 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athw10.sys [3294600] =>.Qualcomm Atheros®
O58 - SDL:2017/09/29 12:49:05 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athwn.sys [3228672] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2015/01/13 16:40:18 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [10070016] =>.Advanced Micro Devices, Inc.
O58 - SDL:2015/01/13 15:20:36 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [290304] =>.Advanced Micro Devices, Inc.
O58 - SDL:2016/11/18 13:23:56 N . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\System32\drivers\avc3.sys [1285360] =>.Bitdefender SRL®
O58 - SDL:2016/11/18 13:23:56 N . (.BitDefender - Active Virus Control Kernel Filtering drive.) -- C:\Windows\System32\drivers\avckf.sys [718488] =>.Bitdefender SRL®
O58 - SDL:2016/10/14 07:52:20 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [126064] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/10/14 07:52:20 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [151784] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/10/14 07:52:20 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [44208] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2018/03/30 05:24:22 A . (.Microsoft Corporation - BAM Kernel Driver.) -- C:\Windows\System32\drivers\bam.sys [49568] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\drivers\BasicDisplay.sys [46592] =>.Microsoft Corporation
O58 - SDL:2018/03/01 07:02:05 A . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\drivers\BasicRender.sys [27648] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Battery Class Driver.) -- C:\Windows\System32\drivers\battc.sys [34712] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (. - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [8192] =>.Broadcom Corporation
O58 - SDL:2018/03/30 04:33:46 A . (.Microsoft Corporation - BEEP Driver.) -- C:\Windows\System32\drivers\beep.sys [7168] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:27 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Windows\System32\drivers\bowser.sys [78336] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:56 A . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\drivers\bridge.sys [95232] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) -- C:\Windows\System32\drivers\BtaMPM.sys [16896] =>.Microsoft Corporation
O58 - SDL:2018/02/22 17:50:38 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [519584] =>.Qualcomm Atheros®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Audio/Video Remote Control HID.) -- C:\Windows\System32\drivers\BthAvrcpTg.sys [34304] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Extension de bus Bluetooth.) -- C:\Windows\System32\drivers\bthenum.sys [87040] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) -- C:\Windows\System32\drivers\bthhfenum.sys [80384] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Hands-free HID Minidriver.) -- C:\Windows\System32\drivers\BthhfHid.sys [22528] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Réflecteur de mode utilisateur Bluetooth.) -- C:\Windows\System32\drivers\bthl2cap.sys [64000] =>.Microsoft Corporation
O58 - SDL:2018/04/13 23:15:45 A . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\Windows\System32\drivers\bthmodem.sys [47616] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) -- C:\Windows\System32\drivers\bthpan.sys [99328] =>.Microsoft Corporation
O58 - SDL:2018/03/13 05:37:04 A . (.Microsoft Corporation - Pilote de bus Bluetooth.) -- C:\Windows\System32\drivers\bthport.sys [797696] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de Miniport Bluetooth.) -- C:\Windows\System32\drivers\BTHUSB.SYS [61440] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Button Converter Driver.) -- C:\Windows\System32\drivers\buttonconverter.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Charge Arbiration Driver.) -- C:\Windows\System32\drivers\CAD.sys [51608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - CapImg HID Driver.) -- C:\Windows\System32\drivers\capimg.sys [98816] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\cdfs.sys [73728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\cdrom.sys [116736] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:37 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) -- C:\Windows\System32\drivers\CEA.sys [61336] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\Windows\System32\drivers\circlass.sys [38912] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\drivers\Classpnp.sys [355224] =>.Microsoft Windows®
O58 - SDL:2018/02/10 05:46:21 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) -- C:\Windows\System32\drivers\cldflt.sys [308736] =>.Microsoft Corporation
O58 - SDL:2018/02/10 06:13:59 A . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\drivers\clfs.sys [271768] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:29 A . (.Microsoft Corporation - CLIP Service.) -- C:\Windows\System32\drivers\ClipSp.sys [765336] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\Windows\System32\drivers\CmBatt.sys [22528] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Noyau Gestionnaire de configuration Configu.) -- C:\Windows\System32\drivers\cmimcext.sys [24608] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:50 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\drivers\cng.sys [538768] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) -- C:\Windows\System32\drivers\cnghwassist.sys [31640] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Console Driver.) -- C:\Windows\System32\drivers\condrv.sys [43928] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\drivers\crashdmp.sys [71576] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:21 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) -- C:\Windows\System32\drivers\csc.sys [421888] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:21 A . (.Microsoft Corporation - DAM Kernel Driver.) -- C:\Windows\System32\drivers\dam.sys [69016] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) -- C:\Windows\System32\drivers\devauthe.sys [35840] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:42:17 A . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\dfsc.sys [111616] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:25:27 A . (.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\drivers\disk.sys [76192] =>.Microsoft Windows®
O58 - SDL:2018/01/01 12:44:05 A . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\drivers\Diskdump.sys [33176] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) -- C:\Windows\System32\drivers\Dmpusbstor.sys [11264] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:39 A . (.Microsoft Corporation - Mémoire dynamique.) -- C:\Windows\System32\drivers\dmvsc.sys [39424] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\drivers\drmk.sys [70144] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\drivers\drmkaud.sys [14584] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\Windows\System32\drivers\Dumpata.sys [30104] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:06:09 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\Windows\System32\drivers\dumpfve.sys [74000] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:46:32 A . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\drivers\dumpsd.sys [155552] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) -- C:\Windows\System32\drivers\dumpsdport.sys [23040] =>.Microsoft Corporation
O58 - SDL:2018/01/01 12:22:26 A . (.Microsoft Corporation - Storport Dump Driver.) -- C:\Windows\System32\drivers\Dumpstorport.sys [20480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:14:33 A . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\drivers\dxgkrnl.sys [2117536] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:14:21 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\drivers\dxgmms1.sys [339360] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:14:29 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\drivers\dxgmms2.sys [607648] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) -- C:\Windows\System32\drivers\EhStorClass.sys [73624] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) -- C:\Windows\System32\drivers\EhStorTcgDrv.sys [99360] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Error Device Driver.) -- C:\Windows\System32\drivers\errdev.sys [9728] =>.Microsoft Corporation
O58 - SDL:2018/07/18 17:13:56 A . (.ELAN Microelectronic Corp. - ELAN SMBus Driver.) -- C:\Windows\System32\drivers\ETDSMBus.sys [28744] =>.ELAN MICROELECTRONICS CORPORATION®
O58 - SDL:2017/09/29 12:49:49 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\Windows\System32\drivers\exfat.sys [287744] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\drivers\fastfat.sys [301464] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:47 A . (.Microsoft Corporation - Microsoft Virtual Fibre Channel HBA minipor.) -- C:\Windows\System32\drivers\fcvsc.sys [24064] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\Windows\System32\drivers\fdc.sys [25600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) -- C:\Windows\System32\drivers\filecrypt.sys [45056] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\Windows\System32\drivers\fileinfo.sys [67480] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\Windows\System32\drivers\filetrace.sys [29184] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Floppy Driver.) -- C:\Windows\System32\drivers\flpydisk.sys [20480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:22:18 A . (.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) -- C:\Windows\System32\drivers\fltMgr.sys [300960] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:16:37 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) -- C:\Windows\System32\drivers\fsdepends.sys [52640] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:26:49 A . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System32\drivers\fs_rec.sys [27544] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:03 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\drivers\fvevol.sys [575392] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [306072] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:47 A . (.Microsoft Corporation - MS Generic AGPv3.0 Filter for K8/9 Processo.) -- C:\Windows\System32\drivers\GAGP30KX.sys [59232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Generic USB Function Class Driver.) -- C:\Windows\System32\drivers\genericusbfn.sys [17408] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:50 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) -- C:\Windows\System32\drivers\gpuenergydrv.sys [7680] =>.Microsoft Corporation
O58 - SDL:2018/07/23 17:10:31 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\Windows\System32\drivers\GUBootStartup.sys [25864] =>.Glarysoft LTD®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\hdaudbus.sys [68608] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:16:11 A . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\HdAudio.sys [322560] =>.Microsoft Corporation
O58 - SDL:2009/09/17 20:54:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECI.sys [41088] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Hid Battery Driver.) -- C:\Windows\System32\drivers\hidbatt.sys [30104] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de miniport Bluetooth pour les périp.) -- C:\Windows\System32\drivers\hidbth.sys [96768] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bibliothèque Hid Class.) -- C:\Windows\System32\drivers\hidclass.sys [128512] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - I2C HID Miniport Driver.) -- C:\Windows\System32\drivers\hidi2c.sys [36864] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) -- C:\Windows\System32\drivers\hidinterrupt.sys [38296] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\Windows\System32\drivers\hidir.sys [37888] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:18:32 A . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\drivers\hidparse.sys [30720] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\Windows\System32\drivers\hidusb.sys [27648] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [55840] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:04:53 A . (.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\drivers\http.sys [758688] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:20 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) -- C:\Windows\System32\drivers\hvsocket.sys [100256] =>.Microsoft Windows®
O58 - SDL:2017/10/30 13:00:00 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Hardware Policy Driver.) -- C:\Windows\System32\drivers\hwpolicy.sys [28056] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:44:39 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) -- C:\Windows\System32\drivers\hyperkbd.sys [11776] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:26 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) -- C:\Windows\System32\drivers\HyperVideo.sys [21504] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [89600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iagpio.sys [28672] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\Windows\System32\drivers\iai2c.sys [74240] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\Windows\System32\drivers\iaiogpio.sys [22016] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\Windows\System32\drivers\iaioi2c.sys [57856] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\Windows\System32\drivers\iaStorAV.sys [525208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [333720] =>.Microsoft Windows®
O58 - SDL:2018/03/01 16:36:14 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [149688] =>.Tonec Inc.®
O58 - SDL:2018/09/05 20:07:01 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [3036104] =>.Intel Corporation - pGFX®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) -- C:\Windows\System32\drivers\IndirectKmd.sys [30208] =>.Microsoft Corporation
O58 - SDL:2018/09/05 20:07:02 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\intelaud.sys [44096] =>.Intel(R) Wireless Display®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\Windows\System32\drivers\intelide.sys [17304] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\Windows\System32\drivers\intelpep.sys [119376] {3300000156C30C37BAD4FC2C64000000000156} =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:25 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\intelppm.sys [162304] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:48 A . (.Microsoft Corporation - I/O QoS Filter.) -- C:\Windows\System32\drivers\ioqos.sys [23040] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:29 A . (.Microsoft Corporation - Filtre de contrôle de taux d’E/S.) -- C:\Windows\System32\drivers\iorate.sys [43552] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\Windows\System32\drivers\ipfltdrv.sys [62976] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\drivers\IPMIDrv.sys [77208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\ipnat.sys [185856] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - IPT Driver.) -- C:\Windows\System32\drivers\ipt.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:59 A . (.Microsoft Corporation - IRDA Protocol Driver.) -- C:\Windows\System32\drivers\irda.sys [92672] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:26 A . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\Windows\System32\drivers\irenum.sys [13824] =>.Microsoft Corporation
O58 - SDL:2018/03/01 07:25:40 A . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\Windows\System32\drivers\isapnp.sys [48024] =>.Microsoft Windows®
O58 - SDL:2018/09/05 20:07:02 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\iwdbus.sys [35904] =>.Intel(R) Wireless Display®
O58 - SDL:2018/07/23 13:32:09 A . (.Microsoft Corporation - Boot Time Removal Tool.) -- C:\Windows\System32\drivers\juodwbcs.sys [63448] =>.Microsoft Corporation®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\Windows\System32\drivers\kbdclass.sys [48536] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de filtre clavier HID.) -- C:\Windows\System32\drivers\kbdhid.sys [29184] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) -- C:\Windows\System32\drivers\kdnic.sys [17408] =>.Microsoft Corporation
O58 - SDL:2018/02/10 05:41:37 A . (.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\drivers\ks.sys [298496] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:28:18 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\drivers\ksecdd.sys [103320] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:12:05 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\drivers\ksecpkg.sys [142744] =>.Microsoft Windows®
O58 - SDL:2018/07/18 17:14:37 A . (.Qualcomm Atheros, Inc. - Killer e2200 PCI-E Gigabit Ethernet Control.) -- C:\Windows\System32\drivers\L1C63x86.sys [131304] =>.Rivet Networks LLC®
O58 - SDL:2018/03/30 04:43:39 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\System32\drivers\lltdio.sys [48128] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [93216] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2i.sys [102808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3i.sys [84376] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [69528] =>.Microsoft Windows®
O58 - SDL:2017/10/25 03:52:42 A . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) -- C:\Windows\System32\drivers\luafv.sys [97792] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) -- C:\Windows\System32\drivers\mausbhost.sys [405024] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - MA-USB IP Driver.) -- C:\Windows\System32\drivers\mausbip.sys [42904] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:16 A . (.Microsoft Corporation - Medium changer class driver.) -- C:\Windows\System32\drivers\mcd.sys [17408] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [52120] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\MegaSas2i.sys [56728] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [464792] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:29 A . (.Microsoft Corporation - MMCSS Driver.) -- C:\Windows\System32\drivers\mmcss.sys [36864] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\Windows\System32\drivers\modem.sys [32768] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\drivers\monitor.sys [30720] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\Windows\System32\drivers\mouclass.sys [45464] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\drivers\mouhid.sys [23552] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:24:53 A . (.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\System32\drivers\mountmgr.sys [81824] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:37 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\System32\drivers\mpsdrv.sys [55296] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:24 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\drivers\mrxdav.sys [122368] =>.Microsoft Corporation
O58 - SDL:2018/02/10 06:07:51 A . (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\mrxsmb.sys [434072] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:49 A . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\drivers\mrxsmb10.sys [232960] =>.Microsoft Corporation
O58 - SDL:2017/11/26 12:00:13 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\drivers\mrxsmb20.sys [167832] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:16 A . (.Microsoft Corporation - Mailslot driver.) -- C:\Windows\System32\drivers\msfs.sys [24064] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:36 A . (.Microsoft Corporation - GPIO Class Extension Driver.) -- C:\Windows\System32\drivers\msgpioclx.sys [133016] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - GPIO Button Driver.) -- C:\Windows\System32\drivers\msgpiowin32.sys [37784] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\Windows\System32\drivers\mshidkmdf.sys [7168] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Pilote direct pour interface HID-UMDF.) -- C:\Windows\System32\drivers\mshidumdf.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) -- C:\Windows\System32\drivers\mshwnclx.sys [18944] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ISA Driver.) -- C:\Windows\System32\drivers\msisadrv.sys [16280] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:42:26 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\drivers\msiscsi.sys [239000] =>.Microsoft Windows®
O58 - SDL:2018/02/10 05:44:55 A . (.Microsoft Corporation - MS KS Server.) -- C:\Windows\System32\drivers\mskssrv.sys [25600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Pilote de protocole LLDP (Link Layer Discov.) -- C:\Windows\System32\drivers\mslldp.sys [67072] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:59 A . (.Microsoft Corporation - MS Proxy Clock.) -- C:\Windows\System32\drivers\mspclock.sys [8192] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:59 A . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\Windows\System32\drivers\mspqm.sys [8192] =>.Microsoft Corporation
O58 - SDL:2018/03/01 07:35:55 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\Windows\System32\drivers\msrpc.sys [195488] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:17 A . (.Microsoft Corporation - Pilote du filtre de système de fichiers du.) -- C:\Windows\System32\drivers\mssecflt.sys [210328] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\System32\drivers\mssmbios.sys [35224] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:59 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\Windows\System32\drivers\mstee.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote HID multipoint Microsoft.) -- C:\Windows\System32\drivers\MTConfig.sys [11776] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:10:48 A . (.Microsoft Corporation - Pilote de fournisseur UNC multiples.) -- C:\Windows\System32\drivers\mup.sys [104344] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [58264] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:19:33 A . (.Microsoft Corporation - NDIS (Network Driver Interface Specificatio.) -- C:\Windows\System32\drivers\ndis.sys [965024] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) -- C:\Windows\System32\drivers\ndiscap.sys [34816] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:09 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) -- C:\Windows\System32\drivers\NdisImPlatform.sys [109056] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\Windows\System32\drivers\ndistapi.sys [20992] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:36 A . (.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) -- C:\Windows\System32\drivers\ndisuio.sys [49664] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:09 A . (.Microsoft Corporation - Énumérateur de cartes réseau virtuelles Mic.) -- C:\Windows\System32\drivers\NdisVirtualBus.sys [15872] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\Windows\System32\drivers\ndiswan.sys [164352] =>.Microsoft Corporation
O58 - SDL:2018/01/01 12:23:05 A . (.Microsoft Corporation - NDIS Proxy.) -- C:\Windows\System32\drivers\ndproxy.sys [48640] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:27 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) -- C:\Windows\System32\drivers\Ndu.sys [104448] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) -- C:\Windows\System32\drivers\NetAdapterCx.sys [91648] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:13:38 A . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\System32\drivers\netbios.sys [47520] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:41:25 A . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netbt.sys [236544] =>.Microsoft Corporation
O58 - SDL:2018/03/13 06:12:54 A . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\drivers\netio.sys [376216] =>.Microsoft Windows®
O58 - SDL:2013/10/01 04:58:20 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [1739440] =>.Mediatek Inc.®
O58 - SDL:2018/03/30 04:43:22 A . (.Microsoft Corporation - Miniport NDIS virtuel.) -- C:\Windows\System32\drivers\netvsc.sys [136192] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:16 A . (.Microsoft Corporation - NPFS Driver.) -- C:\Windows\System32\drivers\npfs.sys [57344] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Named pipe service triggers.) -- C:\Windows\System32\drivers\npsvctrig.sys [18944] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:42:51 A . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\drivers\nsiproxy.sys [29696] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:25:19 A . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1995168] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:03 A . (.Microsoft Corporation - NTOS extension host driver.) -- C:\Windows\System32\drivers\ntosext.sys [17304] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:16 A . (.Microsoft Corporation - NULL Driver.) -- C:\Windows\System32\drivers\null.sys [5120] =>.Microsoft Corporation
O58 - SDL:2016/12/09 13:49:42 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda32v.sys [171960] =>.NVIDIA Corporation®
O58 - SDL:2016/12/09 14:11:58 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [10720832] =>.NVIDIA Corporation®
O58 - SDL:2018/01/15 15:35:50 A . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\drivers\nvmf6232.sys [291456] =>.NVIDIA Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [119192] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [141344] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:49 A . (.Microsoft Corporation - NForce NT AGP Filter.) -- C:\Windows\System32\drivers\NV_AGP.SYS [107360] =>.Microsoft Windows®
O58 - SDL:2018/03/01 06:57:46 A . (.Microsoft Corporation - Pilote de miniport WiFi natif.) -- C:\Windows\System32\drivers\nwifi.sys [435200] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:37 A . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\System32\drivers\pacer.sys [129944] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\parport.sys [81920] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:28:30 A . (.Microsoft Corporation - Partition driver.) -- C:\Windows\System32\drivers\partmgr.sys [132000] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote parallèle VDM.) -- C:\Windows\System32\drivers\parvdm.sys [9216] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:42:05 A . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\Windows\System32\drivers\pci.sys [279448] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\pciide.sys [14744] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\Windows\System32\drivers\pciidex.sys [41880] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\Windows\System32\drivers\pcmcia.sys [97176] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:25:11 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\Windows\System32\drivers\pcw.sys [42400] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\drivers\pdc.sys [100760] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:41:16 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\Windows\System32\drivers\PEAuth.sys [670720] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas2i.sys [51608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas3i.sys [54680] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - Pilote mémoire Plug and Play.) -- C:\Windows\System32\drivers\pnpmem.sys [13312] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\Windows\System32\drivers\portcls.sys [270336] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:22 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\processr.sys [145920] =>.Microsoft Corporation
O58 - SDL:2015/05/28 04:54:16 A . (.TOSHIBA - Generic IO & Memory Access.) -- C:\Windows\System32\drivers\QIOMem.sys [20664] =>.WDKTestCert 1,130752733198717037®
O58 - SDL:2017/09/29 12:50:07 A . (.Microsoft Corporation - Pilote du support de Microsoft Quality Wind.) -- C:\Windows\System32\drivers\qwavedrv.sys [32256] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - RAM Disk Driver.) -- C:\Windows\System32\drivers\ramdisk.sys [32152] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:44:42 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\Windows\System32\drivers\rasacd.sys [12288] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\rasl2tp.sys [79872] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\Windows\System32\drivers\raspppoe.sys [67584] =>.Microsoft Corporation
O58 - SDL:2018/01/01 12:22:32 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\Windows\System32\drivers\raspptp.sys [73728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\Windows\System32\drivers\rassstp.sys [64512] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:10:56 A . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) -- C:\Windows\System32\drivers\rdbss.sys [353184] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:34:20 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\Windows\System32\drivers\rdpbus.sys [20480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:34:35 A . (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [131072] =>.Microsoft Corporation
O58 - SDL:2017/09/30 15:25:24 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\Windows\System32\drivers\rdpvideominiport.sys [23448] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:16:52 A . (.Microsoft Corporation - ReadyBoost Driver.) -- C:\Windows\System32\drivers\rdyboost.sys [221600] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\System32\drivers\rfcomm.sys [146944] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:33 A . (.Microsoft Corporation - Transport d’ordinateur virtuel Microsoft Re.) -- C:\Windows\System32\drivers\RfxVmt.sys [31744] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) -- C:\Windows\System32\drivers\rhproxy.sys [71680] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:26 A . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\Windows\System32\drivers\rmcast.sys [120320] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\Windows\System32\drivers\RNDISMP.sys [26112] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\Windows\System32\drivers\rootmdm.sys [8704] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:56 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\Windows\System32\drivers\rspndr.sys [62976] =>.Microsoft Corporation
O58 - SDL:2018/09/05 20:07:02 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 32-bit Dri.) -- C:\Windows\System32\drivers\rt640x86.sys [492032] =>.Realtek
O58 - SDL:2017/09/29 12:49:19 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\Windows\System32\drivers\rteth.sys [47616] =>.Realtek
O58 - SDL:2018/04/12 20:47:18 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\Windows\System32\drivers\RtsUer.sys [311744] =>.Realtek Semiconductor Corp.®
O58 - SDL:2009/09/02 10:59:42 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [174592] =>.Realtek Semiconductor Corp.
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\Windows\System32\drivers\sbp2port.sys [88096] =>.Microsoft Windows®
O58 - SDL:2017/02/17 17:18:52 A . (.ThreatTrack Security - ThreatTrack Security Firewall SDK TDI Firew.) -- C:\Windows\System32\drivers\sbwfw.sys [330536] =>.ThreatTrack Security, Inc.®
O58 - SDL:2017/02/17 09:45:24 A . (.ThreatTrack Security - ThreatTrack Security Firewall SDK Transport.) -- C:\Windows\System32\drivers\sbwtis.sys [106144] =>.ThreatTrack Security, Inc.®
O58 - SDL:2017/06/07 01:36:30 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [124616] =>.Power Software Limited®
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - Pilote de filtre de lecteur de carte à puce.) -- C:\Windows\System32\drivers\scfilter.sys [35328] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:17 A . (.Microsoft Corporation - SCSI Port Driver.) -- C:\Windows\System32\drivers\scsiport.sys [143768] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:54:03 A . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\drivers\sdbus.sys [233376] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - SD Host Controller Port Driver.) -- C:\Windows\System32\drivers\sdport.sys [75672] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:42:08 A . (.Microsoft Corporation - Pilote de classe de stockage SD.) -- C:\Windows\System32\drivers\sdstor.sys [76192] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Serial Class Extension.) -- C:\Windows\System32\drivers\SerCx.sys [58776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Serial Class Extension V2.) -- C:\Windows\System32\drivers\SerCx2.sys [114208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\Windows\System32\drivers\serenum.sys [17920] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\Windows\System32\drivers\serial.sys [76800] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\drivers\sermouse.sys [20480] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\Windows\System32\drivers\sfloppy.sys [13824] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:51 A . (.Microsoft Corporation - SIS NT AGP Filter.) -- C:\Windows\System32\drivers\SISAGP.SYS [54112] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [41368] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [78368] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Sleep Study Helper.) -- C:\Windows\System32\drivers\SleepStudyHelper.sys [26520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - Smart Card Driver Library.) -- C:\Windows\System32\drivers\smclib.sys [17920] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) -- C:\Windows\System32\drivers\spacedump.sys [135200] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:21:38 A . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\drivers\spaceport.sys [454048] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - SPB Class Extension.) -- C:\Windows\System32\drivers\SpbCx.sys [61848] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:52 A . (.Microsoft Corporation - Server driver.) -- C:\Windows\System32\drivers\srv.sys [341504] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:34:49 A . (.Microsoft Corporation - Pilote de serveur SMB 2.0.) -- C:\Windows\System32\drivers\srv2.sys [650240] =>.Microsoft Corporation
O58 - SDL:2017/11/26 11:27:17 A . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\drivers\srvnet.sys [198144] =>.Microsoft Corporation
O58 - SDL:2018/03/27 15:06:23 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssudbus.sys [109456] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2018/03/27 15:06:24 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\Windows\System32\drivers\ssudmdm.sys [147344] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2017/09/29 12:49:10 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [27032] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:43:00 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) -- C:\Windows\System32\drivers\storahci.sys [128408] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:43:14 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) -- C:\Windows\System32\drivers\stornvme.sys [80800] =>.Microsoft Windows®
O58 - SDL:2018/01/01 12:44:38 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\drivers\storport.sys [480152] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:08 A . (.Microsoft Corporation - Filtre de qualité de service de stockage.) -- C:\Windows\System32\drivers\storqosflt.sys [62976] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:42:43 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) -- C:\Windows\System32\drivers\storufs.sys [38304] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:12:30 A . (.Microsoft Corporation - Storage VSC Driver.) -- C:\Windows\System32\drivers\storvsc.sys [28064] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:17 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\drivers\stream.sys [54272] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:11 A . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\Windows\System32\drivers\swenum.sys [16280] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:28 A . (.Microsoft Corporation - VSC vidéo Synth3D RemoteFX Microsoft.) -- C:\Windows\System32\drivers\Synth3dVsc.sys [50688] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:15 A . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\Windows\System32\drivers\tape.sys [23552] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) -- C:\Windows\System32\drivers\tbs.sys [21400] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:02:08 A . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\drivers\tcpip.sys [2172312] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:09 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\System32\drivers\tcpipreg.sys [40960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - TDI Wrapper.) -- C:\Windows\System32\drivers\tdi.sys [32152] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:24:24 A . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [96160] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:19 A . (.Microsoft Corporation - Terminal Server Input Driver.) -- C:\Windows\System32\drivers\terminpt.sys [30104] =>.Microsoft Windows®
O58 - SDL:2015/12/30 22:26:22 A . (.Toshiba Corporation - Toshiba Hotkey Driver.) -- C:\Windows\System32\drivers\Thotkey.sys [42088] =>.TOSHIBA CORPORATION®
O58 - SDL:2018/03/30 05:28:24 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) -- C:\Windows\System32\drivers\tm.sys [98208] =>.Microsoft Windows®
O58 - SDL:2018/02/22 16:38:13 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [31160] =>.TOSHIBA CORPORATION®
O58 - SDL:2018/02/22 01:42:32 A . (.Microsoft Corporation - Pilote de périphérique TPM.) -- C:\Windows\System32\drivers\tpm.sys [186784] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Pilote de filtre pour concentrateur USB du.) -- C:\Windows\System32\drivers\TsUsbFlt.sys [49664] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:11 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) -- C:\Windows\System32\drivers\TsUsbGD.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Concentrateur USB du Bureau à distance.) -- C:\Windows\System32\drivers\tsusbhub.sys [89600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Pilote d’interface de tunnel Microsoft.) -- C:\Windows\System32\drivers\tunnel.sys [87040] =>.Microsoft Corporation
O58 - SDL:2015/09/18 09:36:50 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [40528] =>.TOSHIBA CORPORATION®
O58 - SDL:2018/01/15 15:35:52 A . (.Microsoft Corporation - MS AGPv3.5 Filter.) -- C:\Windows\System32\drivers\UAGP35.sys [58208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Microsoft Uasp Driver.) -- C:\Windows\System32\drivers\uaspstor.sys [59288] =>.Microsoft Windows®
O58 - SDL:2017/10/25 04:06:07 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) -- C:\Windows\System32\drivers\UcmCx.sys [79872] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) -- C:\Windows\System32\drivers\UcmTcpciCx.sys [100864] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:19:02 A . (.Microsoft Corporation - USB Connector Manager UCSI Client.) -- C:\Windows\System32\drivers\UcmUcsi.sys [39424] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - USB Controller Extension.) -- C:\Windows\System32\drivers\Ucx01000.sys [185752] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - 'udecx.DRIVER'.) -- C:\Windows\System32\drivers\Udecx.sys [31744] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\drivers\udfs.sys [258560] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - UEFI Driver for NT.) -- C:\Windows\System32\drivers\uefi.sys [23448] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:16 A . (.Microsoft Corporation - Microsoft User Experience Virtualization Ag.) -- C:\Windows\System32\drivers\UevAgentDriver.sys [35736] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - USB Function Driver Class Extension.) -- C:\Windows\System32\drivers\ufx01000.sys [204696] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - UFX Chipidea Client Driver.) -- C:\Windows\System32\drivers\UfxChipidea.sys [74272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) -- C:\Windows\System32\drivers\ufxsynopsys.sys [107416] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:53 A . (.Microsoft Corporation - ULi AGPv3.0 Filter for K8/9 Processor Platf.) -- C:\Windows\System32\drivers\ULIAGPKX.SYS [59232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - User-Mode Bus Enumerator.) -- C:\Windows\System32\drivers\umbus.sys [49152] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Generic pass-through driver.) -- C:\Windows\System32\drivers\umpass.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Role-Switch Driver for Chipidea Core.) -- C:\Windows\System32\drivers\urschipidea.sys [22424] =>.Microsoft Windows®
O58 - SDL:2017/10/10 07:06:40 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) -- C:\Windows\System32\drivers\urscx01000.sys [43416] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Role-Switch Driver for Synopsys Core.) -- C:\Windows\System32\drivers\urssynopsys.sys [21912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\drivers\usb8023.sys [15360] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:21 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\drivers\USBCAMD.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:21 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\drivers\USBCAMD2.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\drivers\usbccgp.sys [122776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\drivers\usbcir.sys [88064] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\drivers\usbd.sys [24608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\drivers\usbehci.sys [73112] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de concentrateur USB par défaut.) -- C:\Windows\System32\drivers\usbhub.sys [368536] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:07:21 A . (.Microsoft Corporation - Pilote de concentrateur USB3.) -- C:\Windows\System32\drivers\USBHUB3.SYS [434080] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\drivers\usbohci.sys [21504] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\drivers\usbport.sys [378776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:07 A . (.Microsoft Corporation - USB Printer driver.) -- C:\Windows\System32\drivers\usbprint.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:53 A . (.Microsoft Corporation - Windows USB Redirection Policy Manager.) -- C:\Windows\System32\drivers\usbrpm.sys [26624] =>.Microsoft Corporation
O58 - SDL:2018/03/13 05:41:41 A . (.Microsoft Corporation - USB Serial Driver.) -- C:\Windows\System32\drivers\usbser.sys [52224] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de classe de stockage de masse USB.) -- C:\Windows\System32\drivers\USBSTOR.SYS [107928] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\drivers\usbuhci.sys [24576] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\drivers\usbvideo.sys [230400] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:43:14 A . (.Microsoft Corporation - Pilote XHCI USB.) -- C:\Windows\System32\drivers\USBXHCI.SYS [336800] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:17:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) -- C:\Windows\System32\drivers\vdrvroot.sys [48544] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Driver Verifier Extension.) -- C:\Windows\System32\drivers\VerifierExt.sys [171928] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:18:12 A . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\drivers\vhdmp.sys [534944] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Pilote d'infrastructure HID virtuelle (VHF).) -- C:\Windows\System32\drivers\vhf.sys [24576] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:54 A . (.Microsoft Corporation - VIA NT AGP Filter.) -- C:\Windows\System32\drivers\VIAAGP.SYS [56160] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:45:50 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\viac7.sys [146432] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Video Port Driver.) -- C:\Windows\System32\drivers\videoprt.sys [35840] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:11:21 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) -- C:\Windows\System32\drivers\vmbkmcl.sys [61344] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:24:31 A . (.Microsoft Corporation - Pilote enfant de bus VMBus sous Microsoft H.) -- C:\Windows\System32\drivers\vmbus.sys [81824] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:44:33 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) -- C:\Windows\System32\drivers\VMBusHID.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:28 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) -- C:\Windows\System32\drivers\vmgencounter.sys [10240] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:35 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) -- C:\Windows\System32\drivers\vmgid.sys [8704] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:35 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) -- C:\Windows\System32\drivers\vms3cap.sys [6656] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:11:29 A . (.Microsoft Corporation - Pilote de filtre de stockage virtuel.) -- C:\Windows\System32\drivers\vmstorfl.sys [39832] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:26:39 A . (.Microsoft Corporation - Pilote du gestionnaire de volumes.) -- C:\Windows\System32\drivers\volmgr.sys [65432] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\Windows\System32\drivers\volmgrx.sys [309144] =>.Microsoft Windows®
O58 - SDL:2017/12/07 23:21:45 A . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [353688] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Volume driver.) -- C:\Windows\System32\drivers\volume.sys [14232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [149912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [276000] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:26 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) -- C:\Windows\System32\drivers\vwifibus.sys [20992] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:26 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\System32\drivers\vwififlt.sys [62976] =>.Microsoft Corporation
O58 - SDL:2017/11/26 11:39:04 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\Windows\System32\drivers\vwifimp.sys [31232] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - Pilote de tablette Wacom à stylet série.) -- C:\Windows\System32\drivers\wacompen.sys [21504] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:51 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\System32\drivers\wanarp.sys [61952] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:34 A . (.Microsoft Corporation - Watchdog Driver.) -- C:\Windows\System32\drivers\watchdog.sys [43520] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:10:15 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) -- C:\Windows\System32\drivers\wcifs.sys [116128] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:37 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) -- C:\Windows\System32\drivers\wcnfs.sys [57856] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:24 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\drivers\WdBoot.sys [37440] {33000001B97C2438A5F70796530000000001B9} =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) -- C:\Windows\System32\drivers\Wdf01000.sys [597728] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:24 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\drivers\WdFilter.sys [253848] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\System32\drivers\WdfLdr.sys [53984] =>.Microsoft Windows®
O58 - SDL:2018/03/01 06:58:12 A . (.Microsoft Corporation - WDI Driver Framework Driver.) -- C:\Windows\System32\drivers\WdiWiFi.sys [539648] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:27 A . (.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) -- C:\Windows\System32\drivers\WdNisDrv.sys [98200] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:49 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) -- C:\Windows\System32\drivers\wdnsfltr.sys [24576] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) -- C:\Windows\System32\drivers\werkernel.sys [39320] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:12:47 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\Windows\System32\drivers\wfplwfs.sys [88992] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:49 A . (.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\System32\drivers\wimmount.sys [30104] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:10:43 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) -- C:\Windows\System32\drivers\WindowsTrustedRT.sys [53288] =>.Microsoft Windows Hardware Abstraction Layer Publisher®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [14552] {3300000156C30C37BAD4FC2C64000000000156} =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:16:34 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) -- C:\Windows\System32\drivers\winhv.sys [26016] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:11 A . (.Microsoft Corporation - Pilote NAT Windows.) -- C:\Windows\System32\drivers\winnat.sys [182272] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) -- C:\Windows\System32\drivers\winusb.sys [67072] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\Windows\System32\drivers\wmiacpi.sys [12288] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\Windows\System32\drivers\wmilib.sys [16416] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Filtre de superposition Windows.) -- C:\Windows\System32\drivers\wof.sys [175000] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:54 A . (.Microsoft Corporation - Family Safety Filter Driver.) -- C:\Windows\System32\drivers\wpcfltr.sys [42904] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:24 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) -- C:\Windows\System32\drivers\WpdUpFltr.sys [24472] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - WPP Trace Recorder.) -- C:\Windows\System32\drivers\WppRecorder.sys [26520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:22 A . (.Microsoft Corporation - Couche IFS Winsock2.) -- C:\Windows\System32\drivers\ws2ifsl.sys [16896] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:03 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\drivers\WUDFPf.sys [86528] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:03 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\drivers\WUDFRd.sys [186880] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Game Input Protocol Driver.) -- C:\Windows\System32\drivers\xboxgip.sys [229888] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - XINPUT filter driver for HID.) -- C:\Windows\System32\drivers\xinputhid.sys [36864] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\ANSI.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\country.sys [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\HIMEM.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\KEY01.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\KEYBOARD.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS404.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS411.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS412.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS804.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO404.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO411.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO412.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO804.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Full/Desktop Multi-User Win32 Driver.) -- C:\Windows\System32\win32k.sys [303104] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:36:37 A . (.Microsoft Corporation - Pilote du noyau Base Win32k.) -- C:\Windows\System32\win32kbase.sys [1624576] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:46:30 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) -- C:\Windows\System32\win32kfull.sys [2902528] =>.Microsoft Corporation
O58 - SDL:2018/02/22 16:07:54 A . (.NewSoftwares.net, Inc. - Virtual Encryption Driver.) -- C:\Windows\System32\WinVDEdrv.sys [228112] =>.NewSoftwares.net Inc. SDN. BHD.®
O58 - SDL:2018/02/22 16:07:55 A . (...) -- C:\Windows\System32\WinVDEdrv6.sys [188176] =>.NewSoftwares.net Inc. SDN. BHD.®
---\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (3) - 66s
O61 - LFC: 2018/08/29 13:12:34 A . (..) -- C:\ProgramData\CTES\CTESPersistence.exe [0]
O61 - LFC: 2018/09/05 22:46:50 A . (..) -- C:\Users\Charaf\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ACE1LZ71\ZHPDiag3[1].exe [0]
O61 - LFC: 2018/09/05 23:56:25 A . (..) -- C:\Users\Charaf\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\M5CYQME3\ZHPCleaner[1].exe [0]
---\ ASSOCIATION Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe '%1' %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- '%1' /S =>.Default.Value
---\ MENU DE DÉMARRAGE INTERNET (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
---\ RECHERCHE D'INFECTION SUR LES NAVIGATEURS (2) - 10s
O69 - SBI: SearchScopes [HKCU]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
---\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (48) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [182272] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [182272] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [207872] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1136128] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [733184] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [725504] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [24064] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [117760] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [116224] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [91136] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [695808] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [183808] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [317440] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [339456] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [79872] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [788992] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [143360] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [187392] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [46592] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\Windows\System32\NetSetupSvc.dll [215552] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [331264] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) -- C:\Windows\System32\flightsettings.dll [654336] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll [516608] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [656896] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\NcaSvc.dll [146432] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) -- C:\Windows\System32\NaturalAuth.dll [297472] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1008640] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [53760] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Broker à jetons.) -- C:\Windows\System32\TokenBroker.dll [915968] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [931328] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) -- C:\Windows\System32\WpnService.dll [245248] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1652224] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\Windows\System32\irmon.dll [20480] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [92672] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [830976] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [403456] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [533504] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [252928] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2343424] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [1004544] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565248] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [769536] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\Windows\System32\lfsvc.dll [37888] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [947712] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [163840] =>.Microsoft Corporation
---\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (36) - 56s
O87 - FAEL: '{05611640-5D6E-4640-BEC2-116270743705}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O87 - FAEL: '{DD780B42-82F0-4453-BF21-2BCC2BEBF0B3}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O87 - FAEL: '{CDE7A6FA-5027-48C9-81CA-821BCA78542E}' [In-None-P17-TRUE] .(.深圳市驱动人生软件技术有限公司 - 160WiFi手机管理.) -- C:\Program Files\OSTotoHotspot\YunExplorer.exe =>.SUP.DriveTheLife
O87 - FAEL: '{1B90A398-4B88-44EC-8136-129DB6608CE6}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\helptool.exe
O87 - FAEL: '{27E9F91F-0FE9-472D-A002-6FE757CDE835}' [In-None-P17-TRUE] .(.IObit - Driver Booster.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe =>.IObit
O87 - FAEL: '{5BEBA494-584E-4B7A-A2DC-061E393112C5}' [Out-None-P17-TRUE] .(.IObit - Driver Booster.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe =>.IObit
O87 - FAEL: '{39DFC7CC-1D0E-46FA-8835-32F032F03FDA}' [In-None-P17-TRUE] .(.IObit - Driver Booster Downloader.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DBDownloader.exe =>.IObit Information Technology®
O87 - FAEL: '{DC975E92-D1A0-46B4-AF4D-983FDB544D28}' [Out-None-P17-TRUE] .(.IObit - Driver Booster Downloader.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DBDownloader.exe =>.IObit Information Technology®
O87 - FAEL: '{D964718D-1FD2-438E-BE15-9E8106DFB530}' [In-None-P17-TRUE] .(.IObit - Driver Booster Updater.) -- C:\Program Files\IObit\Driver Booster\5.0.3\AutoUpdate.exe =>.IObit Information Technology®
O87 - FAEL: '{8761BD87-5D4B-42B4-BFB7-F684956EE254}' [Out-None-P17-TRUE] .(.IObit - Driver Booster Updater.) -- C:\Program Files\IObit\Driver Booster\5.0.3\AutoUpdate.exe =>.IObit Information Technology®
O87 - FAEL: '{9B4B299D-01F5-489E-8E03-5045F5D850A6}' [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: '{63F5A541-147A-48EB-A007-AFEF8030FC5D}' [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: '{A0B5DFFE-BF04-4EDF-AAD7-AF2CA4BDD461}' [In-None-P6-TRUE] .(.SHAREit Technologies Co.Ltd - SHAREit.) -- C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O87 - FAEL: '{0C05D7DC-6089-44C6-84CE-A206C238E505}' [In-None-P17-TRUE] .(.SHAREit Technologies Co.Ltd - SHAREit.) -- C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O87 - FAEL: '{DA044B3B-8003-4573-B838-B858802FF7FC}' [In-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\aips.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{57BAF58C-6BD7-4C2D-924E-67442ACC94EB}' [Out-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\aips.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{D85A6483-6332-477C-87EA-C171605187DA}' [In-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\netcut_windows.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{0CECA6AE-3D8E-458D-92E1-CE7B31C49E89}' [Out-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\netcut_windows.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{C71DC298-2D7A-4E8D-A6EE-46F575FFD030}' [In-None-P6-TRUE] .(...) -- C:\Users\Charaf\Desktop\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{C45B3AE6-8DB5-4DAF-9335-241DA736A80F}' [Out-None-P6-TRUE] .(...) -- C:\Users\Charaf\Desktop\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: 'TCP Query User{D3C00B65-FF72-4827-9EFD-DA568D6200B1}C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe' [In-None-P6-TRUE] .(...) -- C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: 'UDP Query User{0CFDF328-4A4D-4552-8F7C-7EAC0D5BF4C7}C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe' [In-None-P17-TRUE] .(...) -- C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{3BB0AB6F-5D53-489F-8AC0-BE04631760AB}' [In-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{90E13074-9E84-4BAE-B054-F5A7EA614882}' [Out-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{DD6E6053-F970-40C7-B3A3-548098557A13}' [In-None-P6-TRUE] .(...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: '{6C3C6C29-F31E-452A-A9A4-B3DA4743F53C}' [Out-None-P6-TRUE] .(...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: '{E6072573-EFBE-4B09-B465-8903DF41F30C}' [In-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\Microsoft Toolkit\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{F2C11891-8FF3-4651-8230-8BAAE8FD2C28}' [Out-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\Microsoft Toolkit\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: 'TCP Query User{55644115-B64D-420C-8467-9A4D3CD3D474}C:\program files\mozilla firefox\firefox.exe' [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: 'UDP Query User{1B5974E2-0BB1-48EE-90EA-05EB1342FAC7}C:\program files\mozilla firefox\firefox.exe' [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: 'TCP Query User{1160ADB5-A4E7-4132-87B2-62B34337A964}D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe' [In-None-P6-TRUE] .(...) -- D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe
O87 - FAEL: 'UDP Query User{B4A6521B-46C3-4DE7-866E-AE297CF2D25D}D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe' [In-None-P17-TRUE] .(...) -- D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe
O87 - FAEL: '{7F25CFC0-794C-46C9-8826-8EF197D2D1E0}' [In-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\Microsoft Toolkit\Microsoft-Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{F5B3E43E-18C1-44A0-AC04-F0E78F0DACE1}' [Out-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\Microsoft Toolkit\Microsoft-Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{EFAFFD1F-61F1-4975-9636-CB9660815263}' [In-None-P17-TRUE] .(.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O87 - FAEL: '{1FB9C1B5-A445-4E66-A3EC-728E8E170BD4}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
---\ CODES PRODUITS LOGICIELS (41) - 1s
O90 - PUC: '000051090900C0400000000000F01FEC' [HKLM] . (.Microsoft DCF MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109110000000000000000F01FEC' [HKLM] . (.Microsoft Office Professional Plus 2013.) =>.Microsoft Corporation
O90 - PUC: '000051091A00C0400000000000F01FEC' [HKLM] . (.Microsoft OneNote MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051091E00C0400000000000F01FEC' [HKLM] . (.Microsoft Office OSM MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051092E00C0400000000000F01FEC' [HKLM] . (.Microsoft Office OSM UX MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051094400C0400000000000F01FEC' [HKLM] . (.Microsoft InfoPath MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051095100C0400000000000F01FEC' [HKLM] . (.Microsoft Access MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051096100C0400000000000F01FEC' [HKLM] . (.Microsoft Excel MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051098100C0400000000000F01FEC' [HKLM] . (.Microsoft PowerPoint MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051099100C0400000000000F01FEC' [HKLM] . (.Microsoft Publisher MUI (French) 2013.) =>.bl.org
O90 - PUC: '00005109A100C0400000000000F01FEC' [HKLM] . (.Microsoft Outlook MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109AB00C0400000000000F01FEC' [HKLM] . (.Microsoft Groove MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109B100C0400000000000F01FEC' [HKLM] . (.Microsoft Word MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109B210C0400000000000F01FEC' [HKLM] . (.Microsoft Lync MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109C200C0400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109E600C0400000000000F01FEC' [HKLM] . (.Microsoft Office Shared MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109F10010400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - اللغة العربية.) -- C:\Windows\Installer\{90150000-001F-0401-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F10031400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - Nederlands.) -- C:\Windows\Installer\{90150000-001F-0413-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F10070400000000000F01FEC' [HKLM] . (.Microsoft Office Korrekturhilfen 2013 - Deutsch.) -- C:\Windows\Installer\{90150000-001F-0407-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F10090400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - English.) -- C:\Windows\Installer\{90150000-001F-0409-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F100A0C00000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - Español.) -- C:\Windows\Installer\{90150000-001F-0C0A-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F100C0400000000000F01FEC' [HKLM] . (.Outils de vérification linguistique 2013 de Microsoft Office - Français.) -- C:\Windows\Installer\{90150000-001F-040C-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '0AA7CFB2C445A3E47869763FEB56B59E' [HKLM] . (.Microsoft XNA Framework Redistributable 4.0.) -- C:\Windows\Installer\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}\ProductIcon =>.bl.org
O90 - PUC: '12B8D03ED28D112328CCF0A0D541598E' [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660.) =>.Microsoft Corporation
O90 - PUC: '1D5E3C0FEDA1E123187686FED06E995A' [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: '2246038675C7F37388062DC64EABA251' [HKLM] . (.Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25017.) =>.Microsoft Corporation
O90 - PUC: '3FB95CD427D08EC3FBFEE1F8FA86E90B' [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x86).) =>.Microsoft Corporation
O90 - PUC: '4EA42A62D9304AC4784BF2238110260F' [HKLM] . (.Java 8 Update 162.) -- C:\Program Files\Java\jre1.8.0_162\\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: '55AEF1CECC37F5A3FB743B048B240C85' [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA.) =>.Microsoft Corporation
O90 - PUC: '6E815EB96CCE9A53884E7857C57002F0' [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
O90 - PUC: '72437307078466244823D94012690AB6' [HKLM] . (.Setup.)
O90 - PUC: '838AE285991981530AC5BD9064F286CE' [HKLM] . (.Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25017.) =>.Microsoft Corporation
O90 - PUC: '8520DAD7C5154DD39846DB1714990E7F' [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660.) =>.Microsoft Corporation
O90 - PUC: '852B5038B4F808245B4FDD51CD404EA0' [HKLM] . (.Update for Windows 10 (KB4023057).) =>.Microsoft Corporation
O90 - PUC: 'A089CE062ADB6BC44A720BA745894BAC' [HKLM] . (.Google Update Helper.) =>.Google Inc.
O90 - PUC: 'C025571B2A687A53689168CD7369889B' [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: 'CFD2C1F142D260E3CB8B271543DA9F98' [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.) =>.bl.org
O90 - PUC: 'D20352A90C039D93DBF6126ECE614057' [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
O90 - PUC: 'D7314F9862C648A4DB8BE2A5B47BE100' [HKLM] . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon =>.Microsoft Corporation
O90 - PUC: 'DC8A59DBF9D1DA5389A1E3975220E6BB' [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: 'F60730A4A66673047777F5728467D401' [HKLM] . (.Java Auto Updater.) =>.Sun Microsystems
---\ PACKAGES WINDOWS INSTALLER (3) - 10s
[MD5.50EA7A4D9481B12A97070942F474D918] [WIS][2018/07/03 11:19:52] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\14f551.msi [40960] =>.Google Inc.
[MD5.F93D045AAA3DFE9FECD0646941004FA5] [WIS][2018/04/12 21:22:12] (.Oracle Corporation - Java SE Runtime Environment 8 Update 162.) -- C:\Windows\Installer\4c81d2e6.msi [61689856] =>.Oracle Corporation
[MD5.82757F422DC7175449173BDE351C8D55] [WIS][2018/04/12 21:25:03] (.Oracle Corporation - Java Auto Updater.) -- C:\Windows\Installer\4c81d2f1.msi [765952] =>.Oracle Corporation
---\ FEATURE CONTROLE. (887) - 2s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:UNPUXHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:FoxitReader.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Common.ShowHelp.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:WORDICON.EXE =>.Legitimate
---\ SCAN ADDITIONNEL (18) - 9s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} =>.SUP.Orphan
C:\ProgramData\Babylon =>Adware.Babylon
C:\Users\Charaf\AppData\Roaming\Babylon =>Adware.Babylon
C:\Users\Charaf\AppData\Local\Babylon =>Adware.Babylon
C:\Windows\Prefetch\KMS SERVER SERVICE.EXE-79009524.pf =>HackTool.AutoKMS
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ITL Total Security =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ITL Total Security =>.SUP.Orphan
D:\Programmes\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{3BB0AB6F-5D53-489F-8AC0-BE04631760AB} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{90E13074-9E84-4BAE-B054-F5A7EA614882} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DD6E6053-F970-40C7-B3A3-548098557A13} =>HackTool.AutoKMS
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{6C3C6C29-F31E-452A-A9A4-B3DA4743F53C} =>HackTool.AutoKMS
D:\Programmes\microsoft-toolkit-2.6.5\Microsoft Toolkit\Microsoft Toolkit.exe =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{E6072573-EFBE-4B09-B465-8903DF41F30C} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{F2C11891-8FF3-4651-8230-8BAAE8FD2C28} =>HackTool.WinActivator
D:\Programmes\Microsoft Toolkit\Microsoft-Toolkit.exe =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{7F25CFC0-794C-46C9-8826-8EF197D2D1E0} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{F5B3E43E-18C1-44A0-AC04-F0E78F0DACE1} =>HackTool.WinActivator
---\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (5) - 0s
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriveTheLife
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
~ Unselected Options: O82,
~ End of the scan, 8415 items in 08mn19s (2680)(0)
~ Démarré par Charaf (Administrator) (2018/09/06 00:01:18)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ Etat de la version: Version KO
~ Mode: Scanner
~ Rapport: C:\Users\Charaf\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Charaf\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Enterprise, 32-bit (Build 16299) =>.Microsoft Corporation
---\ NAVIGATEURS INTERNET (4) - 0s
~ GCIE: Google Chrome v68.0.3440.106
~ MFIE: Mozilla Firefox 61.0.2 (x86 fr)
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.371.16299.0
---\ INFORMATIONS SUR LES PRODUITS WINDOWS (7) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : 2YT43
~ Windows Remaining Initializations Number : 1000
Windows Automatic Updates : OK
---\ LOGICIELS DE PROTECTION (1) - 23s
Windows Defender W10 (Activate) (Protection)
---\ SURVEILLANCE LOGICIEL (1) - 23s
~ Adobe Flash Player 30 NPAPI (Surveillance)
---\ LOGICIELS D'OPTIMISATION (1) - 23s
~ Driver Booster 5 v5.0.3 (Optimisation)
---\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3135.34 MB (49% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 11 GB (11%) free of 96 GB : ATTENTION =>Warning Disk Space
---\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: DESKTOP-LA4896G
~ User Name: Charaf
~ Logged in as Administrator
---\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (2) - 0s
~ Drive C: has 11 GB free of 96 GB (System)
~ Drive D: has 3 GB free of 196 GB
---\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (24) - 6s
[MD5.E79CC4B9A9EAA1E5D801742C093043A9] - 10/02/2018 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [3485392] =>.Microsoft Windows®
[MD5.BFEF0511D30F8866AF6595FC21460856] - 29/09/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [63488] =>.Microsoft Corporation
[MD5.127B9C203C5A3D65783BB7E7A833FF47] - 29/09/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [269192] =>.Microsoft Windows Publisher®
[MD5.D412BF3EB6647A694F155B3E256C66FB] - 30/03/2018 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2869760] =>.Microsoft Corporation
[MD5.DCD4DD0EE276A3FA74B00C3E1680088C] - 30/03/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [613376] =>.Microsoft Corporation
[MD5.10204B5E7BFF059D87848F0BD0E0F0E9] - 10/02/2018 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [403968] =>.Microsoft Corporation
[MD5.CCF0DECFEB3D31F4CB733B39EFDFBAB3] - 13/03/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.3B34C7B9D7E22AEF58DF0CFC4C7CC82D] - 30/09/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.5B20F475AB6C06D802C99C85C9F0CF98] - 30/03/2018 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\AFD.sys [506272] =>.Microsoft Windows®
[MD5.25E93AC838DBBA1757501C9F3B85DC74] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [22936] =>.Microsoft Windows®
[MD5.813041DC9CF434D539372C50F6B72F0E] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [73728] =>.Microsoft Corporation
[MD5.17CD2948AC64E0E17111566FF2D05A25] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [116736] =>.Microsoft Corporation
[MD5.51A13A4E8C1E645DD6E9AFAA4A442B45] - 30/03/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [111616] =>.Microsoft Corporation
[MD5.79FFBEEF3CEBCD265E865EF7BADB3BC1] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [68608] =>.Microsoft Corporation
[MD5.97B6AFF4BDDA95434490E82D48EDD028] - 29/09/2017 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [89600] =>.Microsoft Corporation
[MD5.CA3B20720265F619DAE5B5F563BC2BEC] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [185856] =>.Microsoft Corporation
[MD5.5F866C99CE1E65AC2E8C01E722B80B2F] - 10/02/2018 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\MRxSmb.sys [434072] =>.Microsoft Windows®
[MD5.4BE570A0B818741289058EA843114864] - 30/03/2018 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [236544] =>.Microsoft Corporation
[MD5.2B50D226B72B463AABE18FA1D55E97E5] - 30/03/2018 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1995168] =>.Microsoft Windows®
[MD5.ADA500A1BF37FA0659AD08AC70EE9C0F] - 29/09/2017 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [81920] =>.Microsoft Corporation
[MD5.729ABF4C4A4624BF153B261675223508] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [79872] =>.Microsoft Corporation
[MD5.1B34DA6372F37CA2CE1847AE4A66B390] - 30/03/2018 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [131072] =>.Microsoft Corporation
[MD5.3DD72EB3805E41B3EB116FCAF44AC711] - 30/03/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [96160] =>.Microsoft Windows®
[MD5.134523B18C89C4E1E46C4AA5CA048F49] - 07/12/2017 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [353688] =>.Microsoft Windows®
---\ LISTE DES SERVICES (Non désactivés) (65) - 5s
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - C:\Program Files\netcut\services\aips.exe =>.arcai.com
O23 - Service: C:\Windows\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Générateur de points de terminaison du serv.) - C:\Windows\System32\AudioEndpointBuilder.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\audiosrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\BFE.DLL (BFE) . (.Microsoft Corporation - Moteur de filtrage de base.) - C:\Windows\System32\BFE.DLL =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Service d’infrastructure des tâches en arri.) - C:\Windows\System32\bisrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Composants utilisateur Microsoft (R) CDP.) - C:\Windows\System32\CDPUserSvc.dll =>.Microsoft Corporation
O23 - Service: Service pour utilisateur de plateforme d’appareils connecté (CDPUserSvc_3bde6) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft Windows®
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Services de chiffrement.) - C:\Windows\System32\cryptsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\das.dll (DeviceAssociationService) . (.Microsoft Corporation - Service d’association de périphérique.) - C:\Windows\System32\das.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - Service client DHCP.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\diagtrack.dll (DiagTrack) . (.Microsoft Corporation - Suivi des diagnostics Microsoft Windows.) - C:\Windows\System32\diagtrack.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - Service de résolution du cache DNS.) - C:\Windows\System32\dnsrslvr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dosvc.dll (DoSvc) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Service Consommation des données.) - C:\Windows\System32\dusmsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll =>.Microsoft Corporation
O23 - Service: FLService (FLService) . (.NewSoftwares.net - Service Application.) - C:\Windows\System32\WinFLService.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O23 - Service: C:\Windows\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Service de cache de police Windows.) - C:\Windows\System32\FntCache.dll =>.Microsoft Corporation
O23 - Service: Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated®
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) - C:\Windows\System32\gpsvc.dll =>.Microsoft Corporation
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: C:\Windows\System32\IKEEXT.DLL (IKEEXT) . (.Microsoft Corporation - Extension IKE.) - C:\Windows\System32\IKEEXT.DLL =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - C:\Windows\System32\iphlpsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - DLL du service Serveur.) - C:\Windows\System32\srvsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - DLL du service Station de travail.) - C:\Windows\System32\wkssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\lsm.dll (LSM) . (.Microsoft Corporation - Service du gestionnaire de session locale.) - C:\Windows\System32\lsm.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Gestionnaire des cartes téléchargées.) - C:\Windows\System32\moshost.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (MpsSvc) . (.Microsoft Corporation - Service de protection Microsoft.) - C:\Windows\System32\MPSSVC.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Connaissance des emplacements réseau 2.) - C:\Windows\System32\nlasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Serveur RPC de l’interface du magasin résea.) - C:\Windows\System32\nsisvc.dll =>.Microsoft Corporation
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation®
O23 - Service: C:\Windows\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\Windows\System32\APHostService.dll =>.Microsoft Corporation
O23 - Service: Hôte de synchronisation_3bde6 (OneSyncSvc_3bde6) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - Service d’alimentation en mode utilisateur.) - C:\Windows\System32\umpo.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll =>.Microsoft Corporation
O23 - Service: RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files\OSTotoHotspot\RaRegistry.exe =>.Mediatek Inc.®
O23 - Service: C:\Windows\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) - C:\Windows\System32\rasmans.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - Mappeur de point de terminaison RPC.) - C:\Windows\System32\RpcEpMap.dll =>.Microsoft Corporation
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) . (.Absolute Software Corp. - rpcnet.) - C:\Windows\System32\rpcnet.exe =>.Absolute Software Corp.®
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) - C:\Windows\System32\schedsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SecurityHealthAgent.dll (SecurityHealthService) . (.Microsoft Corporation - Windows Security Health Service.) - C:\Windows\System32\SecurityHealthService.exe =>.Microsoft Windows Publisher®
O23 - Service: Windows Remediation Service (sedsvc) . (.Microsoft Corporation - sedsvc.) - C:\Program Files\rempl\sedsvc.exe =>.Microsoft Windows®
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) - C:\Windows\System32\Sens.dll =>.Microsoft Corporation
O23 - Service: Microsoft Ms (Service1) . (...) - C:\Windows\system32\service.exe (.not file.)
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) - C:\Windows\System32\shsvcs.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Application sous-système spouleur.) - C:\Windows\System32\spoolsv.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Service de la plateforme de protection logi.) - C:\Windows\System32\sppsvc.exe =>.Microsoft Windows®
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
O23 - Service: C:\Windows\System32\wiaservc.dll (StiSvc) . (.Microsoft Corporation - Service de périphériques d’images fixes.) - C:\Windows\System32\wiaservc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - Hôte de service Superfetch.) - C:\Windows\System32\sysmain.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) - C:\Windows\System32\SystemEventsBrokerServer.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) - C:\Windows\System32\themeservice.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\Windows\System32\usermgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - DLL du service de gestion des connexions Wi.) - C:\Windows\System32\wcmsvc.dll =>.Microsoft Corporation
O23 - Service: DHCP Service (WifiSrv) . (. - DHCP Service.) - C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe =>.Microsoft Corporation®
O23 - Service: C:\Windows\System32\wbem\WMIsvc.dll (winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wlansvc.dll (Wlansvc) . (.Microsoft Corporation - DLL du service de configuration automatique.) - C:\Windows\System32\wlansvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) - C:\Windows\System32\WpnService.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Service utilisateur de notifications Push W.) - C:\Windows\System32\WpnUserService.dll =>.Microsoft Corporation
O23 - Service: Service utilisateur de notifications Push Windows_3bde6 (WpnUserService_3bde6) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Windows Publisher®
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Service Centre de sécurité de Windows.) - C:\Windows\System32\wscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - C:\Windows\System32\SearchIndexer.exe =>.Microsoft Corporation
---\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (13) - 7s
SS - Demand [05/09/2018] [ 335872] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [28/07/2011] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files\netcut\services\aips.exe =>.arcai.com
SR - Auto [22/02/2018] [ 94728] FLService (FLService) . (.NewSoftwares.net.) - C:\Windows\System32\WinFLService.exe =>.NewSoftwares.net, Inc SDN. BHD.®
SR - Auto [29/06/2017] [ 1659456] Foxit Reader Service (FoxitReaderService) . (.Foxit Software Inc..) - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe =>.Foxit Software Incorporated®
SR - Auto [12/04/2018] [ 153168] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [12/04/2018] [ 153168] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [05/09/2018] [ 177104] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [14/11/2016] [ 677312] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation®
SR - Auto [10/11/2016] [ 391472] RalinkRegistryWriter (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\OSTotoHotspot\RaRegistry.exe =>.Mediatek Inc.®
SR - Auto [16/01/2018] [ 78032] Remote Procedure Call (RPC) Net (rpcnet) . (.Absolute Software Corp..) - C:\Windows\System32\rpcnet.exe =>.Absolute Software Corp.®
SR - Auto [14/11/2016] [ 426040] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe =>.NVIDIA Corporation®
SS - Demand [11/09/2017] [ 33224] SHAREit Hotspot Service (uSHAREitSvc) . (.SHAREit Technologies Co.Ltd.) - C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe =>.SHAREit Technologies Co.Ltd®
SR - Auto [10/11/2016] [ 194216] DHCP Service (WifiSrv) . (...) - C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
---\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (12) - 9s
O38 - TASK: {3479E8F6-469F-4EDE-94F4-4DF041396DEE}[\Driver Booster SkipUAC (Charaf)] - (.IObit - Driver Booster.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe [5486880] =>.IObit
O38 - TASK: {65B221D3-B276-4280-9CB5-D41F0C95A179}[\GoogleUpdateTaskMachineUA] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {995A097D-50D1-43EC-9AB6-1D0B5AB299C4}[\GoogleUpdateTaskMachineCore] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc.
O38 - TASK: {BA953E2F-EBC0-480B-96C9-668C68DB613F}[\Adobe Flash Player Updater] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 30.0 r0.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [335872] =>.Adobe Systems Incorporated
O38 - TASK: {FD1B0449-85A9-42A6-9840-3EC4F903A308}[\GlaryInitialize 5] - (.Glarysoft Ltd - Glary Utilities Initialize.) -- C:\Program Files\Glary Utilities 5\Initialize.exe [135120] =>.Glarysoft Ltd
O38 - TASK: {FFC7EF5C-81F5-4513-80CE-A04BB96D41BE}[\Adobe Flash Player NPAPI Notifier] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [1449472] =>.Adobe Systems Incorporated
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Charaf) - (.IObit.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe [/skipuac] =>.IObit
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [/ua ./ua] =>.Google Inc.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [/c] =>.Google Inc.
C:\Windows\System32\Tasks\Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [] =>.Adobe Systems Incorporated
C:\Windows\System32\Tasks\GlaryInitialize 5 - (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities 5\Initialize.exe [] =>.Glarysoft Ltd
C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [-check plugin.-check] =>.Adobe Systems Incorporated
---\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (13) - 1s
O4 - HKLM\..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) -- C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKLM\..\Run: [Ad Muncher] . (.Murray Hurps Software Pty Ltd - Ad Muncher.) -- C:\Program Files\Ad Muncher\AdMunch.exe =>.Murray Hurps Software Pty Ltd®
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE =>.Power Software Limited®
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe =>.Lanzhou Itanium Software Technology Co., Ltd.®
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKCU\..\Run: [FLBackup] . (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe =>.Glarysoft LTD®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-4089965892-2185791453-417247309-1001\..\Run: [FLBackup] . (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O4 - HKUS\S-1-5-21-4089965892-2185791453-417247309-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\S-1-5-21-4089965892-2185791453-417247309-1001\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe =>.Glarysoft LTD®
---\ PROCESSUS LANCÉS (22) - 21s
[MD5.9910AA3A3CDD29AA542ABEE305F7A072] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) -- C:\Windows\System32\nvvsvc.exe [677312] [PID.1684] =>.NVIDIA Corporation®
[MD5.843F16D234D03756B9EB6054B5C62FAA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [426040] [PID.1692] =>.NVIDIA Corporation®
[MD5.89FAC2D528A321A52B5CDF04CCBA754E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [946112] [PID.1912] =>.NVIDIA Corporation®
[MD5.9910AA3A3CDD29AA542ABEE305F7A072] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.0.) -- C:\Windows\System32\nvvsvc.exe [677312] [PID.1924] =>.NVIDIA Corporation®
[MD5.2870CE9BFD6BA66FB0FFC6D11C9E41A7] - (.Arcai.com - Arp Intelligent Protection Service.) -- C:\Program Files\netcut\services\aips.exe [262144] [PID.2136] =>.arcai.com
[MD5.81D73EEB3F63770EC5799BC1A175FD42] - (.NewSoftwares.net - Service Application.) -- C:\Windows\System32\WinFLService.exe [94728] [PID.2836] =>.NewSoftwares.net, Inc SDN. BHD.®
[MD5.D764AC84BD49569D61D841700B7E100D] - (.Foxit Software Inc. - Foxit Reader ConnectedPDF Windows Service..) -- C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456] [PID.2848] =>.Foxit Software Incorporated®
[MD5.E3D78F6FE54B27DE451E350AC908E8B4] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\OSTotoHotspot\RaRegistry.exe [391472] [PID.2880] =>.Mediatek Inc.®
[MD5.DC908AB53016010462F371BBFD3173F5] - (.Absolute Software Corp. - rpcnet.) -- C:\Windows\System32\rpcnet.exe [78032] [PID.2928] =>.Absolute Software Corp.®
[MD5.039D779604E3E86C79F8B65C790B9AA0] - (. - DHCP Service.) -- C:\Program Files\OSTotoHotspot\WifiService.exe [194216] [PID.2996] =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
[MD5.AA7950FEEB5B0D82E4C0B7CF32D900A2] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeHost.exe [75264] [PID.1284] =>.Skype Technologies
[MD5.EDD15222718345DEF9F12336BA2405D1] - (.Murray Hurps Software Pty Ltd - Ad Muncher.) -- C:\Program Files\Ad Muncher\AdMunch.exe [560760] [PID.5620] =>.Murray Hurps Software Pty Ltd®
[MD5.BAC15D03EFC8249216D1D610F3B1E67F] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [695528] [PID.5260] =>.Lanzhou Itanium Software Technology Co., Ltd.®
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.6160]
[MD5.757003A03326CD661AF978F0DDC45FB9] - (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe [277512] [PID.6328] =>.NewSoftwares.net, Inc SDN. BHD.®
[MD5.BFB2F48C7A72ADA3ED8C2673BB99583A] - (.NewSoftwares.net - .) -- C:\Program Files\NewSoftware's\Folder Lock\FLComServ.exe [1240072] [PID.6520] =>.NewSoftwares.net, Inc SDN. BHD.®
[MD5.9B9E18455568967E22711BDB5E0188BB] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3948600] [PID.6692] =>.Tonec Inc.
[MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [275512] [PID.7316] =>.Tonec Inc.®
[MD5.BB18BAD9445A75AECC4CCC1DC614D740] - (...) -- C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe [1287848] [PID.7752] =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
[MD5.3C2705F767DFE024DA8D89F3B574C9BB] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files\Glary Utilities 5\Integrator.exe [914896] [PID.9380] =>.Glarysoft LTD®
[MD5.B76F080C6E18F167FC5676CAB7700565] - (.Nicolas Coolman - ZHPCleaner.) -- C:\Users\Charaf\Downloads\Programs\ZHPCleaner.exe [3275136] [PID.7304] =>.Nicolas Coolman
[MD5.83DA6D7375F55F993D26B6722BEC3B49] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Charaf\Downloads\Programs\ZHPDiag3.exe [3164032] [PID.8400] =>.Nicolas Coolman
---\ CHROME, Démarrage, Recherche, Extensions (16) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://interceptedby.admuncher.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.arcai.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G2 - GCE: Preference [Charaf][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [Charaf][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [Charaf][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [Charaf][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Charaf][User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [Charaf][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Charaf][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [Charaf][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (15) - 6s
M0 - MFSP: prefs.js [Charaf - 5cw32kks.default] http://www.google.com/ =>.Google Inc.
P2 - EXT FILE: (.uBlock Origin - .) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\uBlock0@raymondhill.net.xpi =>.uBlock Origin
P2 - EXT FILE: (.Ad-Blocker Pro - Ad-Blocker Pro is the best ad blocker .) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\{246C9D65-51E6-4B0C-9CCF-B081B7BF9242}.xpi
P2 - EXT FILE: (.Popup Blocker Ultimate - Popup Blocker Ultimate.) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi
P2 - EXT FILE: (...) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.webcompat.com.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi =>.webcompat.com
P2 - EXT FILE: (.webcompat.com.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.webcompat.com
P2 - EXT: (...) -- C:\Users\Charaf\AppData\Roaming\Mozilla\Firefox\Profiles\5cw32kks.default\extensions\trash =>.Mozilla Corporation
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_30_0_0_154.dll =>.Adobe Systems Incorporated
---\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (8) - 0s
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.16299.371 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\ INTERNET EXPLORER, Site de confiance et site sensible (2) - 0s
~ IE Restricted Site Good: localhost
~ Microsoft Internet Explorer Restricted Site(s) Domains: 1(Good) / 0(Bad)
---\ INTERNET EXPLORER,Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\ ÉTUDE DU FICHIER HOSTS (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (30)
---\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (4) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_162\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: (no name) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} (.Orphan.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_162\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\ INTERNET EXPLORER, Barre d'outil (Toolbar) (1) - 0s
O3 - Toolbar: VIPRE Search Guard Toolbar - [HKLM]{A924C17A-5E94-4E02-BED5-49720BA6F7FA} . (...) -- (.not file.)
---\ RACCOURCIS GLOBAL STARTUP (133) - 29s
O4 - GS\Desktop [Administrateur]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Desktop [Administrateur]: Excel 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Desktop [Administrateur]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Desktop [Administrateur]: Media Player Classic.lnk . (...) C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe
O4 - GS\Desktop [Administrateur]: Movies+Videos+Séries.lnk . (...) D:\Movies+Videos+Séries
O4 - GS\Desktop [Administrateur]: MP3.lnk . (...) D:\MP3
O4 - GS\Desktop [Administrateur]: MPC-HC.lnk . (.MPC-HC Team - MPC-HC.) C:\Program Files\MPC-HC\mpc-hc.exe =>.Fotis Zafiropoulos®
O4 - GS\Desktop [Administrateur]: netcut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Desktop [Administrateur]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [Administrateur]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Desktop [Administrateur]: Photos+Images.lnk . (...) D:\Photos+Images
O4 - GS\Desktop [Administrateur]: PowerPoint 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Administrateur]: Programmes.lnk . (...) D:\Programmes
O4 - GS\Desktop [Administrateur]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\Desktop [Administrateur]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\Desktop [Administrateur]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Charaf\AppData\Local\WhatsApp\WhatsApp.exe =>.WhatsApp
O4 - GS\Desktop [Administrateur]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrateur]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Administrateur]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrateur]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrateur]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Quicklaunch [Administrateur]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Quicklaunch [Administrateur]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Startup [Administrateur]: rugjsavh.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start '' 'C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\rugjsavh\cegdbibf.exe' =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [Administrateur]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [Charaf]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Charaf]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Desktop [Charaf]: Excel 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Charaf]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Desktop [Charaf]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Desktop [Charaf]: Media Player Classic.lnk . (...) C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe
O4 - GS\Desktop [Charaf]: Movies+Videos+Séries.lnk . (...) D:\Movies+Videos+Séries
O4 - GS\Desktop [Charaf]: MP3.lnk . (...) D:\MP3
O4 - GS\Desktop [Charaf]: MPC-HC.lnk . (.MPC-HC Team - MPC-HC.) C:\Program Files\MPC-HC\mpc-hc.exe =>.Fotis Zafiropoulos®
O4 - GS\Desktop [Charaf]: netcut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Desktop [Charaf]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [Charaf]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Desktop [Charaf]: Photos+Images.lnk . (...) D:\Photos+Images
O4 - GS\Desktop [Charaf]: PowerPoint 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Charaf]: Programmes.lnk . (...) D:\Programmes
O4 - GS\Desktop [Charaf]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\Desktop [Charaf]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\Desktop [Charaf]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Charaf\AppData\Local\WhatsApp\WhatsApp.exe =>.WhatsApp
O4 - GS\Desktop [Charaf]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Charaf]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [Charaf]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Quicklaunch [Charaf]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Charaf]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Quicklaunch [Charaf]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Charaf]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Quicklaunch [Charaf]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Quicklaunch [Charaf]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\sendTo [Charaf]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Charaf]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Charaf]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Charaf]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Startup [Charaf]: rugjsavh.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start '' 'C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\rugjsavh\cegdbibf.exe' =>.Microsoft Corporation
O4 - GS\Programs [Charaf]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [Charaf]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [WDAGUtilityAccount]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Desktop [WDAGUtilityAccount]: Excel 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Desktop [WDAGUtilityAccount]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Desktop [WDAGUtilityAccount]: Media Player Classic.lnk . (...) C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe
O4 - GS\Desktop [WDAGUtilityAccount]: Movies+Videos+Séries.lnk . (...) D:\Movies+Videos+Séries
O4 - GS\Desktop [WDAGUtilityAccount]: MP3.lnk . (...) D:\MP3
O4 - GS\Desktop [WDAGUtilityAccount]: MPC-HC.lnk . (.MPC-HC Team - MPC-HC.) C:\Program Files\MPC-HC\mpc-hc.exe =>.Fotis Zafiropoulos®
O4 - GS\Desktop [WDAGUtilityAccount]: netcut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Desktop [WDAGUtilityAccount]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Desktop [WDAGUtilityAccount]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Desktop [WDAGUtilityAccount]: Photos+Images.lnk . (...) D:\Photos+Images
O4 - GS\Desktop [WDAGUtilityAccount]: PowerPoint 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: Programmes.lnk . (...) D:\Programmes
O4 - GS\Desktop [WDAGUtilityAccount]: SHAREit.lnk . (.SHAREit Technologies Co.Ltd - SHAREit.) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O4 - GS\Desktop [WDAGUtilityAccount]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\Desktop [WDAGUtilityAccount]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Charaf\AppData\Local\WhatsApp\WhatsApp.exe =>.WhatsApp
O4 - GS\Desktop [WDAGUtilityAccount]: Word 2013.lnk . (...) C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files\netcut\netcut.exe =>.arcai.com
O4 - GS\Quicklaunch [WDAGUtilityAccount]: DLLSuite.lnk . (.VskSoft - DLLSuite Crack UZ1.) C:\Program Files\DLL Suite\DLLSuite.exe =>.VskSoft
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 8.3.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Hard Disk Low Level Format Tool.lnk . (...) C:\Program Files\HDDGURU LLF Tool\LLFTOOL.EXE
O4 - GS\Quicklaunch [WDAGUtilityAccount]: OSTotoHotspot.lnk . (...) C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Switch Off.lnk . (.YaSoft - Automatic shutdown utility.) C:\Program Files\Switch Off\swoff.exe =>.YaSoft
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [WDAGUtilityAccount]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Startup [WDAGUtilityAccount]: rugjsavh.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start '' 'C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\rugjsavh\cegdbibf.exe' =>.Microsoft Corporation
O4 - GS\Programs [WDAGUtilityAccount]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [WDAGUtilityAccount]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\CommonDesktop [Public]: BQ Firmware Flash Tool.lnk . (.BQ - App for flashing the last firmware in BQ de.) C:\BQ\BQ_Firmware_Flash_Tool\bq_flash_tool.exe
O4 - GS\CommonDesktop [Public]: Driver Booster 5.lnk . (.IObit - Driver Booster.) C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe =>.IObit
O4 - GS\CommonDesktop [Public]: EaseUS Data Recovery Wizard.lnk . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Data Recovery Wizard.) C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\DRW.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Folder Lock.lnk . (.NewSoftwares.net. - Folder Lock Application.) C:\Program Files\NewSoftware's\Folder Lock\Folder Lock.exe =>.NewSoftwares.net, Inc SDN. BHD.®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Hide IP Easy.lnk . (.easy-hideip.com - Hide IP Easy.) C:\Program Files\HideIPEasy\HideIPEasy.exe
O4 - GS\CommonDesktop [Public]: Minimal ADB and Fastboot.lnk . (...) C:\Program Files\Minimal ADB and Fastboot\cmd-here.exe
O4 - GS\CommonDesktop [Public]: PowerISO.lnk . (.Power Software Ltd - PowerISO.) C:\Program Files\PowerISO\PowerISO.exe =>.Power Software Limited®
O4 - GS\CommonDesktop [Public]: RAR Password Unlocker.lnk . (.Password Unlocker, Inc. - Rar Password Unlocker.) C:\Program Files\RAR Password Unlocker\RAR Password Unlocker.exe =>.Password Unlocker, Inc.
O4 - GS\CommonDesktop [Public]: USB Disk Security.lnk . (.Zbshareware Lab - USB Disk Security.) C:\Program Files\USB Disk Security\USBGuard.exe =>.Lanzhou Itanium Software Technology Co., Ltd.®
O4 - GS\Programs [Public]: Charaf.lnk . (...) C:\Users\Charaf
O4 - GS\Programs [Public]: New Movies.lnk . (...) D:\Movies+Videos+Séries\Movies\New Movies
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\Windows\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d’écran.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d’actions.) C:\Windows\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Assistant Mise à niveau de Windows 10.lnk . (.Microsoft Corporation - Assistant Mise à jour de Windows 10.) C:\Windows10Upgrade\Windows10UpgraderApp.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: BQ Firmware Flash Tool.lnk . (.BQ - App for flashing the last firmware in BQ de.) C:\BQ\BQ_Firmware_Flash_Tool\bq_flash_tool.exe
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Glary Utilities 5.lnk . (.Glarysoft Ltd - Glary Utilities 5.) C:\Program Files\Glary Utilities 5\Integrator.exe =>.Glarysoft LTD®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\Control.exe =>.Microsoft Corporation
---\ MODIFICATION DOMAINE/ADRESSES (DNS) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\..\{17865674-c589-4de1-8dce-dbacc33cb4b6}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{730d5cc8-6202-4e62-bf72-be0fb6cd0613}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{7c1e32b5-8cb7-4447-8573-ed87ff7598ae}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{ac2fb6c8-0107-4572-ad9b-a57797361313}: DhcpNameServer = 192.168.1.1 =>.Local IP Adress
---\ PROTOCOLE ADDITIONNEL (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®
---\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (5) - 1s
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe =>.Google Inc®
---\ LOGICIELS INSTALLÉS (217) - 45s
O42 - Logiciel: Ad Muncher v4.94.34121 (Free) - (..) [HKLM] -- Ad Muncher =>.Murray Hurps Software Pty Ltd®
O42 - Logiciel: Adobe Flash Player 30 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Assistant Mise à jour de Windows 10 - (.Microsoft Corporation.) [HKLM] -- {D5C69738-B486-402E-85AC-2456D98A64E4} =>.Microsoft Corporation®
O42 - Logiciel: BQ Firmware Flash Tool version 3.0.4 - (.Mundo Reader S.L..) [HKLM] -- {58946287-F553-4D93-AC53-8296836A500A}_is1
O42 - Logiciel: BQ Handset USB Driver 1.0 - (..) [HKLM] -- USB Driver_is1
O42 - Logiciel: Definition Update for Microsoft Office 2013 (KB3115404) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96903939-431D-4BD1-ADCD-B578900397D7} =>.Microsoft Corporation®
O42 - Logiciel: DLL Suite 9.0 - (.dllsuite.com.) [HKLM] -- {E557052E-9828-40E4-BFF6-311D3E89DB81}_is1 =>.dllsuite.com
O42 - Logiciel: Driver Booster 5 - (.IObit.) [HKLM] -- Driver Booster_is1 =>.IObit Information Technology®
O42 - Logiciel: EaseUS Data Recovery Wizard - (.EaseUS.) [HKLM] -- EaseUS Data Recovery Wizard_is1 =>.CHENGDU YIWO Tech Development Co., Ltd.®
O42 - Logiciel: Folder Lock - (.New Softwares.net.) [HKLM] -- Folder Lock =>.NewSoftwares.net, Inc SDN. BHD.®
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Glary Utilities 5.102 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities 5 =>.Glarysoft LTD®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hard Disk Low Level Format Tool 4.40 - (.HDDGURU.) [HKLM] -- Hard Disk Low Level Format Tool_is1 =>.HDDGURU
O42 - Logiciel: Hide IP Easy - (..) [HKLM] -- HideIPEasy
O42 - Logiciel: Internet Download Manager - (.Tonek Inc..) [HKLM] -- Internet Download Manager =>.Tonek Inc.
O42 - Logiciel: Java 8 Update 162 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180162F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: K-Lite Codec Pack 14.0.0 Basic - (.KLCP.) [HKLM] -- KLiteCodecPack_is1 =>.KLCP
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Korrekturhilfen 2013 - Deutsch - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OSM MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00E1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OSM UX MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00E2-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professional Plus 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professionnel Plus 2013 - (.Microsoft Corporation.) [HKLM] -- Office15.PROPLUS =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Proofing (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-002C-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - English - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - Español - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - Nederlands - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing Tools 2013 - اللغة العربية - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM] -- {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM] -- {B175520C-86A2-35A7-8619-86DC379688B9} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM] -- {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 - (.Microsoft Corporation.) [HKLM] -- {61087a79-ac85-455c-934d-1fa22cc64f36} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 - (.Microsoft Corporation.) [HKLM] -- {7DAD0258-515C-3DD4-8964-BD714199E0F7} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 - (.Microsoft Corporation.) [HKLM] -- {E30D8B21-D82D-3211-82CC-0F0A5D1495E8} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 - (.Microsoft Corporation.) [HKLM] -- {cb7c3049-21de-415b-bd85-b65c14e547df} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25017 - (.Microsoft Corporation.) [HKLM] -- {68306422-7C57-373F-8860-D26CE4BA2A15} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25017 - (.Microsoft Corporation.) [HKLM] -- {582EA838-9199-3518-A05C-DB09462F68EC} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - (.Microsoft Corporation.) [HKLM] -- {4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual Studio 2010 Tools for Office Runtime (x86) =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - - (.Microsoft Corporation.) [HKLM] -- {EC1FEA55-73CC-3A5F-BF47-B340B842C058} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation
O42 - Logiciel: Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA =>.Microsoft Corporation®
O42 - Logiciel: Mozilla Firefox 61.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 61.0.2 (x86 fr) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MPC-HC 1.7.13 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 =>.Fotis Zafiropoulos®
O42 - Logiciel: NetCut 2.1.4 - (.arcai.com.) [HKLM] -- NetCut_is1 =>.arcai.com
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.17.0524 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote 3D Vision 342.01 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.30.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote graphique 342.01 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo =>.NVIDIA Corporation®
O42 - Logiciel: OpenAL - (.Open Audio Library.) [HKLM] -- OpenAL =>.Creative Labs Inc®
O42 - Logiciel: OSTotoHotspot - (..) [HKLM] -- OSTotoHotspot =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O42 - Logiciel: Outils de vérification linguistique 2013 de Microsoft Office - Français - (.Microsoft Corporation.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Panneau de configuration NVIDIA 342.01 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: RAR Password Unlocker 4.2.0.0 - (.Password Unlocker Studio.) [HKLM] -- {B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1 =>.Password Unlocker Studio
O42 - Logiciel: RAR Repair Tool v.4.0 - (.ZRT Labs.) [HKLM] -- RAR Repair Tool_is1 =>.ZRT Labs
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AC01A2CB-2754-4F70-9645-50F516CC2F03} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}_Office15.PROPLUS_{AC01A2CB-2754-4F70-9645-50F516CC2F03} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Excel 2013 (KB4032241) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C3FBC33A-77F9-40B3-9841-74443EBCAA73} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft InfoPath 2013 (KB3162075) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{618C6154-0B5C-4448-B6AC-615942DDB39D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3039746) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB111BDB-315E-4D9B-A337-AAA7E4B20571} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3039794) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5C7851D1-B548-4BFE-A4FC-DF1967857A47} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3039798) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2113B49B-7A19-4592-863E-CD4124792AAE} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB3213564) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{66B828E2-7C7D-46AF-93AB-5C2DAA285260} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022182) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{89285BEE-B2B3-43A8-A20D-294BAA218421} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022188) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{18D2E3B4-34A4-49A7-9E08-6A35049A7F89} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022188) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{18D2E3B4-34A4-49A7-9E08-6A35049A7F89} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Office 2013 (KB4022189) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1CFB07F8-17F2-4C42-8D83-4E65947141F0} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Outlook 2013 (KB4032240) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{461D59C1-8F3C-4DA7-BD92-BBE1343C67AA} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Outlook 2013 (KB4032240) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{461D59C1-8F3C-4DA7-BD92-BBE1343C67AA} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Microsoft Word 2013 (KB4022224) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{90430052-14B4-40FA-8D18-98705D19E22D} =>.Microsoft Corporation®
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3191937) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{51ACADB4-830D-41A6-82C5-C7AE9437E349} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE}_Office15.PROPLUS_{351E3E84-CD58-401D-AEFD-147BDBBAA1C7} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{55A588B8-2D30-4B60-AB09-5DB57C592B81} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{1F79A96A-2A70-45B3-8A5C-79DA61952879} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{9BB6CB7C-80E3-4F73-8A82-E3D88A3721BE} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE}_Office15.PROPLUS_{33ADBDF0-040B-4375-8303-0634AB069C5E} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{64B94D95-B6EC-4E25-832F-D15B13ACFB0C} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-002C-040C-0000-0000000FF1CE}_Office15.PROPLUS_{D90F0B03-8B58-4E72-993E-4ECA65C04BA2} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{95678FB2-1310-429F-91FC-6FE9B5701E1E} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E2-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{05EEB900-97DD-4974-86FB-46B56E5B122B} =>.Microsoft Corporation®
O42 - Logiciel: Setup - (.Microsoft.) [HKLM] -- {70373427-4870-4266-8432-9D042196A06B} =>.Microsoft
O42 - Logiciel: SHAREit - (.SHAREit Technologies Co.Ltd.) [HKLM] -- www.ushareit.com_is1 =>.SHAREit Technologies Co.Ltd
O42 - Logiciel: Switch Off - (.YaSoft.) [HKLM] -- SwitchOff =>.YaSoft
O42 - Logiciel: TeraCopy 2.27 - (.Code Sector.) [HKLM] -- TeraCopy_is1 =>.Code Sector®
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: Update for Microsoft InfoPath 2013 (KB3114946) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6120444C-EB75-452F-A0EA-1ADADC4B4B3F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft InfoPath 2013 (KB3114946) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}_Office15.PROPLUS_{6120444C-EB75-452F-A0EA-1ADADC4B4B3F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft InfoPath 2013 (KB3114946) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{6120444C-EB75-452F-A0EA-1ADADC4B4B3F} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FFF87DE6-6602-4F65-BD75-D481E0539DCD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7A9AB1AE-98B5-4B45-86B8-33A7B946D7CA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2889863) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{52064DE8-AF91-4EAC-8B57-CECA10E8C1C0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{87F6726E-6F99-42F0-8E11-55D798E57DD5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3023049) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E4B6204A-AC54-477D-9AEF-3D420EF162A2} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3023052) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FC017EDD-645B-44D8-9D84-623DE069F1B9} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3023052) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{FC017EDD-645B-44D8-9D84-623DE069F1B9} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039701) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{83DE9B8F-E294-411F-977F-4707E6424BBB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-002C-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00E2-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{16F64A9D-6561-4378-98F2-BD2095B78511} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039756) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BF493817-CADD-4F13-BB51-598FBABB521A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039766) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B7382DD-C92C-4942-BFE6-9B892B915E5C} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039778) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8D1685F4-1C36-4AB5-ACC0-486A6BE71435} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3039795) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{36AF42FA-AF90-4A4F-BC2D-2D4863818E65} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3054856) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF0A4C57-A2D2-4ACA-9DF5-23DB94A718A1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3055007) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BA623BBA-817A-4B29-94D7-6ACFB24DB409} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3085587) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AA8C16EA-D595-47E0-9F49-101C11B860E8} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3101503) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{07BE4996-5557-4A17-9B98-AD57883607EA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3114488) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5C568FE6-A269-4A88-8256-DC1A8B89E622} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3114499) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BB92A877-3443-4FAF-B4BB-470B9792AFBE} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3127916) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C90D79C2-2B75-493B-9850-E8677FD7B1E1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172443) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B0C449E5-4975-49B4-8FB4-66DBBB843905} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172471) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B61C3564-4E7B-49FE-9220-9836DBC49BB7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172506) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2741B1B7-443F-4C06-BA38-DBFBF0448679} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0401-0000-0000000FF1CE}_Office15.PROPLUS_{A4E2523D-FA3F-4F6D-9527-F356A8FFB040} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{D81CB2A0-F65E-4F2B-A902-86A7D6CF5676} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{1101EE52-BCE7-4682-8CC7-AB2875ECE9FD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{35811308-2CBE-4303-95A2-D2D46F3C99B6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0413-0000-0000000FF1CE}_Office15.PROPLUS_{1991B6C7-A932-4A09-B370-B6E6375F76F7} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172510) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{6DF45348-1D51-4AD5-9D63-63BA8A3BF9E8} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172523) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FDF6648B-BF62-4CC7-94D3-0944ACD4A07D} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3172545) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{0D50B52F-AB5A-44B7-A67C-2DE4F61443D0} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3191872) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{68AD8B09-DD14-4875-A4DB-E04F6FF7ECCB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB3191872) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}_Office15.PROPLUS_{68AD8B09-DD14-4875-A4DB-E04F6FF7ECCB} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4011155) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7A41ACD-C1EA-4628-BCD2-8CA7AA8DDB29} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4018333) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB18969F-C317-48CF-AF5B-275D3B7650D1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4018333) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{FB18969F-C317-48CF-AF5B-275D3B7650D1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4018378) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2FDF7953-75A9-4341-A769-EC0CAA09FFF3} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4022212) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FC519FD8-5B83-4761-B02C-13DF5B2D9598} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4022233) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{ACD4ABA2-6B0F-4654-B981-D3A76C42AAFE} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4092469) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5E656E55-B9F4-4E55-A79D-84C6B15673D4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Office 2013 (KB4092469) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{5E656E55-B9F4-4E55-A79D-84C6B15673D4} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB4022226) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB83D80E-C78E-41B0-8D08-4FAD6889E867} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneDrive for Business (KB4022226) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}_Office15.PROPLUS_{FB83D80E-C78E-41B0-8D08-4FAD6889E867} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2013 (KB4011281) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AF09D88A-0206-40F1-B7A0-AE15CCFAC61A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft OneNote 2013 (KB4011281) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}_Office15.PROPLUS_{AF09D88A-0206-40F1-B7A0-AE15CCFAC61A} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Outlook Social Connector 2013 (KB3054854) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{3A2EB2A7-9F2D-4FA0-AE80-AD1A5A02A7AA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Outlook Social Connector 2013 (KB3054854) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}_Office15.PROPLUS_{3A2EB2A7-9F2D-4FA0-AE80-AD1A5A02A7AA} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2013 (KB4018374) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5EC6B66A-047B-4122-9EAE-7AC1CB75F7D5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft PowerPoint 2013 (KB4018374) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}_Office15.PROPLUS_{5EC6B66A-047B-4122-9EAE-7AC1CB75F7D5} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Publisher 2013 (KB3114329) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C4B41052-3F51-4B6A-80E3-DE0518506C13} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Publisher 2013 (KB3114329) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}_Office15.PROPLUS_{C4B41052-3F51-4B6A-80E3-DE0518506C13} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-006E-040C-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501} =>.Microsoft Corporation®
O42 - Logiciel: Update for Microsoft Word 2013 (KB3162081) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{42064CFD-BA0C-4FA7-BC6B-1192C2F6DDFD} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB4092457) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB4092457) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUS_{B6756C17-29E3-478B-B585-661E9EA286D6} =>.Microsoft Corporation®
O42 - Logiciel: Update for Windows 10 (KB4023057) - (.Microsoft Corporation.) [HKLM] -- {8305B258-8F4B-4280-B5F4-DD15DC04E40A} =>.Microsoft Corporation
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1 =>.Zbshareware Lab
O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU] -- WhatsApp =>.WhatsApp
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH
---\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (133) - 45s
HKLM\SOFTWARE\AdMuncher
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\AMD =>.AMD
HKLM\SOFTWARE\Arcai =>.Arcai.com
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\aW5ub3ZhbmF0aGlua2xhYnMuY29t
HKLM\SOFTWARE\Babylon =>Adware.Babylon
HKLM\SOFTWARE\Code Sector =>.Code Sector
HKLM\SOFTWARE\DRWNewFree =>.Unknown
HKLM\SOFTWARE\EASEUS =>.EaseUS Software
HKLM\SOFTWARE\FDT
HKLM\SOFTWARE\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\GlarySoft =>.GlarySoft
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HideIPEasy
HKLM\SOFTWARE\Icaros =>.Icaros
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\INextUUID
HKLM\SOFTWARE\innovanathinklabs.com
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\LphcmModem
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NewSoftware's =>.NewSoftware's
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\OpenAL =>.Open Audio Library
HKLM\SOFTWARE\Oracle =>.Oracle
HKLM\SOFTWARE\OSTotoHotspot =>.SUP.DriveTheLife
HKLM\SOFTWARE\PowerISO =>.PowerISO Computing
HKLM\SOFTWARE\Ralink =>.Ralink
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Schneider Electric =>.Schneider Electric
HKLM\SOFTWARE\SHAREit Technologies =>..SUP.SHAREit
HKLM\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\XinYi Network =>.XinYi Network
HKLM\SOFTWARE\YaSoft =>.YaSoft
HKLM\SOFTWARE\WOW6432Node\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\WOW6432Node\Internet Download Manager =>.Tonec Inc
HKCU\SOFTWARE\All-Radio
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Arcai.com =>.Arcai.com
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\Code Sector =>.Code Sector
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\FLEXnet =>.FlexNet
HKCU\SOFTWARE\Foxit Software =>.Foxit Software
HKCU\SOFTWARE\Glarysoft =>.GlarySoft
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Icaros =>.Icaros
HKCU\SOFTWARE\innovanathinklabs.com
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NewSoftware's =>.NewSoftware's
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OSTotoHotspot =>.SUP.DriveTheLife
HKCU\SOFTWARE\PowerISO =>.PowerISO Computing
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\VIPRE
HKCU\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\XinYi Network =>.XinYi Network
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\ZRT Labs =>.ZRT Labs
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint =>.ThinPrint
HKU\.DEFAULT\SOFTWARE\AMD =>.AMD
HKU\.DEFAULT\SOFTWARE\Arcai.com =>.Arcai.com
HKU\.DEFAULT\SOFTWARE\ATI =>.ATI
HKU\.DEFAULT\SOFTWARE\FLEXnet =>.FlexNet
HKU\.DEFAULT\SOFTWARE\Foxit Software =>.Foxit Software
HKU\.DEFAULT\SOFTWARE\Google =>.Google
HKU\.DEFAULT\SOFTWARE\JavaSoft =>.JavaSoft
HKU\.DEFAULT\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\Schneider Electric =>.Schneider Electric
HKU\.DEFAULT\SOFTWARE\SetID =>.Bitdefender
HKU\.DEFAULT\SOFTWARE\WOT Services =>.WOT Services
HKU\.DEFAULT\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\.DEFAULT\SOFTWARE\WIFISTARTFLAG
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\All-Radio
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Arcai.com =>.Arcai.com
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ATI =>.ATI
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Code Sector =>.Code Sector
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\DownloadManager =>.DownloadManager
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\FLEXnet =>.FlexNet
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Foxit Software =>.Foxit Software
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Glarysoft =>.GlarySoft
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Google =>.Google
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Icaros =>.Icaros
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\innovanathinklabs.com
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\JavaSoft =>.JavaSoft
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Macromedia =>.Macromedia
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\MPC-HC =>.MPC-HC Team
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\NewSoftware's =>.NewSoftware's
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\OSTotoHotspot =>.SUP.DriveTheLife
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\PowerISO =>.PowerISO Computing
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\VIPRE
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\VMware, Inc. =>.VMware, Inc.
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\XinYi Network =>.XinYi Network
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ZHP =>.Nicolas Coolman
HKU\S-1-5-21-4089965892-2185791453-417247309-1001\SOFTWARE\ZRT Labs =>.ZRT Labs
---\ CONTENU DES DOSSIERS PROGRAMMES (247) - 20s
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Ad Muncher =>.Murray Hurps Software Pty Ltd®
O43 - CFD: 09/01/2018 - [] D -- C:\Program Files\AMD =>.AMD
O43 - CFD: 13/04/2018 - [] D -- C:\Program Files\arcai.com =>.Arcai.com
O43 - CFD: 26/11/2017 - [] D -- C:\Program Files\BQ Handset USB Driver
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\DLL Suite =>.DLL Suite
O43 - CFD: 01/08/2018 - [] D -- C:\Program Files\EaseUS =>.EaseUS Software
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation
O43 - CFD: 27/11/2017 - [] D -- C:\Program Files\Foxit Software =>.Foxit Software
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Glary Utilities 5 =>.GlarySoft
O43 - CFD: 13/04/2018 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 04/11/2017 - [] D -- C:\Program Files\HDDGURU LLF Tool
O43 - CFD: 15/01/2018 - [] D -- C:\Program Files\HideIPEasy
O43 - CFD: 30/10/2017 - [] HD -- C:\Program Files\InstallShield Installation Information =>.InstallShield
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/04/2018 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\IObit =>.IObit
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\iRoot =>.Shenzhen Xinyi Network Ltd
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\Java =>.Oracle
O43 - CFD: 22/02/2018 - [] D -- C:\Program Files\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Microsoft Toolkit Final =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Microsoft XNA =>.Microsoft Corporation
O43 - CFD: 24/07/2018 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 29/03/2018 - [] D -- C:\Program Files\Minimal ADB and Fastboot
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 16/01/2018 - [] D -- C:\Program Files\MPC-HC =>.MPC-HC Team
O43 - CFD: 02/12/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 14/04/2018 - [] D -- C:\Program Files\netcut =>.Arcai.com
O43 - CFD: 22/02/2018 - [] D -- C:\Program Files\NewSoftware's =>.NewSoftware's
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\OpenAL =>.Open Audio Library
O43 - CFD: 15/11/2017 - [] D -- C:\Program Files\OSTotoHotspot =>.OSToto Co
O43 - CFD: 03/11/2017 - [] D -- C:\Program Files\PowerISO =>.PowerISO Computing
O43 - CFD: 05/07/2018 - [] D -- C:\Program Files\RAR Password Unlocker =>.DNSoft
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Rar Repair Tool
O43 - CFD: 10/11/2017 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 02/12/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files\rempl =>.Microsoft Windows®
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\SHAREit Technologies =>.SHAREit Technologies Co.Ltd®
O43 - CFD: 04/11/2017 - [] D -- C:\Program Files\Switch Off =>.YaSoft
O43 - CFD: 03/02/2018 - [] D -- C:\Program Files\TeraCopy =>.Code Sector Inc.
O43 - CFD: 27/10/2017 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] D -- C:\Program Files\Unlocker =>.Cedrick Collomb
O43 - CFD: 22/02/2018 - [] D -- C:\Program Files\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 13/04/2018 - [] D -- C:\Program Files\VIPRE =>.VIPRE
O43 - CFD: 12/04/2018 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 26/02/2018 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 26/02/2018 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Program Files\windows nt =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad Muncher
O43 - CFD: 26/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com =>.Arcai.com
O43 - CFD: 26/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BQ Handset USB Driver
O43 - CFD: 15/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Suite 9.0
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 =>.IObit
O43 - CFD: 01/08/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard =>.EaseUS Software
O43 - CFD: 23/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Lock
O43 - CFD: 27/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader =>.Foxit Corporation
O43 - CFD: 23/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 =>.GlarySoft
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
O43 - CFD: 15/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP Easy
O43 - CFD: 12/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 22/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 22/02/2018 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft =>.Lavasoft
O43 - CFD: 29/09/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 16/01/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC =>.MPC-HC Team
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSTotoHotspot =>.OSToto Co
O43 - CFD: 03/11/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO =>.PowerISO Computing
O43 - CFD: 05/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker =>.DNSoft
O43 - CFD: 23/07/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rar Repair Tool
O43 - CFD: 12/04/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit =>.Lenovo Group Limited
O43 - CFD: 29/09/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 26/02/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 03/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy =>.Code Sector Inc.
O43 - CFD: 22/02/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security =>.FlashPeak Inc
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 04/11/2017 - [] D -- C:\ProgramData\160WIFI =>.OSToto Co
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Ad Muncher
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 05/07/2018 - [0] D -- C:\ProgramData\Babylon =>Adware.Babylon
O43 - CFD: 22/02/2018 - [0] D -- C:\ProgramData\BSD =>.Berkeley
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation
O43 - CFD: 29/08/2018 - [] D -- C:\ProgramData\CTES
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 03/12/2017 - [] D -- C:\ProgramData\FLEXnet =>.Flexera Software
O43 - CFD: 27/11/2017 - [] D -- C:\ProgramData\Foxit ContentPlatform =>.Foxit Corporation
O43 - CFD: 27/11/2017 - [] D -- C:\ProgramData\Foxit Software =>.Foxit Software
O43 - CFD: 01/08/2018 - [] D -- C:\ProgramData\GlarySoft =>.GlarySoft
O43 - CFD: 15/01/2018 - [] D -- C:\ProgramData\HideIPEasy
O43 - CFD: 23/07/2018 - [0] D -- C:\ProgramData\IDM =>.IDM
O43 - CFD: 03/12/2017 - [] D -- C:\ProgramData\InstallShield =>.InstallShield
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation
O43 - CFD: 13/04/2018 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 25/02/2018 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 15/11/2017 - [0] D -- C:\ProgramData\Ralink =>.Ralink
O43 - CFD: 01/08/2018 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 12/12/2017 - [] D -- C:\ProgramData\Schneider Electric =>.Schneider Electric
O43 - CFD: 29/09/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 29/10/2017 - [] D -- C:\ProgramData\VIPRE =>.VIPRE
O43 - CFD: 18/07/2018 - [] D -- C:\ProgramData\VMware =>.VMware
O43 - CFD: 30/10/2017 - [] D -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 03/12/2017 - [] D -- C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files\Common Files\Java =>.Oracle
O43 - CFD: 05/09/2018 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [] D -- C:\Program Files\Common Files\system =>.Microsoft Corporation
O43 - CFD: 26/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\ADBDriverInstaller =>.Samsung Electronics
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Babylon =>Adware.Babylon
O43 - CFD: 23/07/2018 - [0] D -- C:\Users\Charaf\AppData\Roaming\DiskDefrag =>.Auslogics Software
O43 - CFD: 05/09/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 04/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\DtlWifi =>.OSToto Co
O43 - CFD: 03/12/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\FLEXnet =>.Flexera Software
O43 - CFD: 27/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Foxit AgentInformation =>.Foxit Corporation
O43 - CFD: 27/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 23/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\GlarySoft =>.GlarySoft
O43 - CFD: 15/01/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\HideIPEasy
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\IDM =>.IDM
O43 - CFD: 30/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\IObit =>.IObit
O43 - CFD: 15/01/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 03/12/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Macrovision =>.Macrovision
O43 - CFD: 12/04/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\mgyun =>.mgyun.com
O43 - CFD: 16/01/2018 - [] SD -- C:\Users\Charaf\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\MPC-HC =>.MPC-HC Team
O43 - CFD: 03/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\PowerISO =>.PowerISO Computing
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\RAR_Password_Unlocker_4.2.0
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 18/07/2018 - [0] D -- C:\Users\Charaf\AppData\Roaming\Task Scheduler Host
O43 - CFD: 03/02/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\TeraCopy =>.Code Sector Inc.
O43 - CFD: 20/04/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Umeng
O43 - CFD: 18/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Viber =>.Viber
O43 - CFD: 18/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\VMware =>.VMware
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\WhatsApp =>.WhatsApp
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 22/02/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Zbshareware Lab =>.Zbshareware Lab
O43 - CFD: 06/09/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/09/2018 - [0] D -- C:\Users\Charaf\AppData\Local\Adobe =>.Adobe
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Charaf\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\Babylon =>Adware.Babylon
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\DBG =>.DBG
O43 - CFD: 18/07/2018 - [0] D -- C:\Users\Charaf\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 12/04/2018 - [] D -- C:\Users\Charaf\AppData\Local\Google =>.Google
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Charaf\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 16/01/2018 - [] D -- C:\Users\Charaf\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 09/08/2018 - [] D -- C:\Users\Charaf\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\mpress =>.MPress
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 01/08/2018 - [] D -- C:\Users\Charaf\AppData\Local\PlaceholderTileLogoFolder =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 09/01/2018 - [] D -- C:\Users\Charaf\AppData\Local\RadeonInstaller
O43 - CFD: 12/04/2018 - [] D -- C:\Users\Charaf\AppData\Local\SHAREit Technologies
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 06/09/2018 - [] D -- C:\Users\Charaf\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Charaf\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Local\VIPRE =>.VIPRE
O43 - CFD: 26/11/2017 - [] D -- C:\Users\Charaf\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 18/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\VMware =>.VMware
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Local\WhatsApp =>.WhatsApp
O43 - CFD: 05/09/2018 - [] D -- C:\Users\Charaf\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 27/10/2017 - [0] D -- C:\Users\Charaf\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 30/10/2017 - [] D -- C:\Users\Charaf\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 16/01/2018 - [] SD -- C:\Users\Charaf\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 05/09/2018 - [0] D -- C:\Users\Charaf\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 26/11/2017 - [] D -- C:\Users\Charaf\Desktop\bootloader_tools
O43 - CFD: 06/03/2018 - [] D -- C:\Users\Charaf\Desktop\idm.Patch.MyEgy
O43 - CFD: 22/02/2018 - [] D -- C:\Users\Charaf\Desktop\idman.Patch.MyEgy.EGYGO
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\Desktop\Re-Loader Activator v2.2
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 14/04/2018 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 23/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 29/09/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 04/11/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switch Off =>.YaSoft
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 05/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker =>.Cedrick Collomb
O43 - CFD: 03/07/2018 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp =>.WhatsApp
O43 - CFD: 29/09/2017 - [] RD -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [] D -- C:\Users\Charaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/07/2018 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 27/10/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 04/11/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\DataSharing =>.DataSharing
O43 - CFD: 29/10/2017 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\DBG =>.DBG
O43 - CFD: 18/07/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 03/07/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 05/09/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 09/01/2018 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 12/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\SHAREit Technologies
O43 - CFD: 12/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 29/10/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\TokenBroker
O43 - CFD: 27/10/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\VipreEdgeProtection
O43 - CFD: 27/10/2017 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\WebProxy
O43 - CFD: 03/07/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 22/02/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 09/01/2018 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 20/04/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/07/2018 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\VMware =>.VMware
---\ DERNIERS FICHIERS CRÉÉS DANS WINDOWS Prefetcher (1) - 99s
O45 - LFCP:[MD5.ABAE03A85CDE5FA0B603964986DBEDDA] 01/08/2018 A -- C:\Windows\Prefetch\KMS SERVER SERVICE.EXE-79009524.pf =>HackTool.AutoKMS
---\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
---\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (42) - 5s
O108 - CMH1: EPP - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Extension Microsoft Security Client Shell.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH1: Foxit_ConvertToPDF_Reader - {A94757A0-0226-426F-B4F1-4DF381C630D3} . (.Foxit Software Inc. - ConvertToPDFShellExtension.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll =>.Foxit Software Incorporated®
O108 - CMH1: Glary Utilities - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Glarysoft Ltd - Context Menu Handler.) -- C:\Program Files\Glary Utilities 5\ContextHandler.dll =>.Glarysoft LTD®
O108 - CMH1: ITL Total Security - {EC6FBE09-5A2F-439F-89E5-F8356582FB3A} . (.Orphan.)
O108 - CMH1: ModernSharing - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} . (.Power Software Ltd - PowerISOShell DLL.) -- C:\Program Files\PowerISO\PWRISOSH.DLL =>.Power Software Limited®
O108 - CMH1: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH1: WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.Alexander Roshal
O108 - CMH1: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: OpenContainingFolderMenu - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH2: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH3: CopyAsPathMenu - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: UnlockerShellExtension - {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} . (...) -- C:\Program Files\Unlocker\UnlockerCOM.dll
O108 - CMH4: EPP - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Extension Microsoft Security Client Shell.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH4: Offline Files - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} . (.Power Software Ltd - PowerISOShell DLL.) -- C:\Program Files\PowerISO\PWRISOSH.DLL =>.Power Software Limited®
O108 - CMH4: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH4: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: New - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: NvCplDesktopContext - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\nvshext.dll =>.NVIDIA Corporation®
O108 - CMH5: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH5: WorkFolders - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: Foxit_ConvertToPDF_Reader - {A94757A0-0226-426F-B4F1-4DF381C630D3} . (.Foxit Software Inc. - ConvertToPDFShellExtension.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll =>.Foxit Software Incorporated®
O108 - CMH6: Glary Utilities - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Glarysoft Ltd - Context Menu Handler.) -- C:\Program Files\Glary Utilities 5\ContextHandler.dll =>.Glarysoft LTD®
O108 - CMH6: ITL Total Security - {EC6FBE09-5A2F-439F-89E5-F8356582FB3A} . (.Orphan.)
O108 - CMH6: Library Location - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Programme de résolution d’applications.) -- C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH6: PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} . (.Power Software Ltd - PowerISOShell DLL.) -- C:\Program Files\PowerISO\PWRISOSH.DLL =>.Power Software Limited®
O108 - CMH6: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
O108 - CMH6: UnlockerShellExtension - {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} . (...) -- C:\Program Files\Unlocker\UnlockerCOM.dll
O108 - CMH6: WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.Alexander Roshal
O108 - CMH7: EnhancedStorageShell - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Extension Microsoft Security Client Shell.) -- C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH7: Glary Utilities - {B3C418F8-922B-4faf-915E-59BC14448CF7} . (.Glarysoft Ltd - Context Menu Handler.) -- C:\Program Files\Glary Utilities 5\ContextHandler.dll =>.Glarysoft LTD®
O108 - CMH7: Sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH7: TeraCopy - {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} . (...) -- C:\Program Files\TeraCopy\TeraCopyExt.dll
---\ IMAGE FILE EXECUTION OPTIONS (IFEO) (21) - 22s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\drvinst.exe - (.Microsoft Corporation - Module d’installation de pilotes.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\FlashPlayerApp.exe - (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) [DisableExceptionChainValidation\\0] {330000006B78F7B7015C8B4A1300000000006B} =>.Adobe Systems Incorporated
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\MRT.exe - (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) [CFGOptions\\1] =>.Microsoft Corporation®
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Windows®
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Application sous-système spouleur.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\SppExtComObj.exe - (.Microsoft Corporation - KMS Connection Broker.) [Debugger\\KMS-R@1nHook.exe] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Processus hôte pour les services Windows.) [MitigationAuditOptions\\17660905521152] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
---\ LISTE DES PILOTES DU SYSTÈME (437) - 31s
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) -- C:\Windows\System32\drivers\1394ohci.sys [169984] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [85912] =>.Microsoft Windows®
O58 - SDL:2018/03/01 07:37:36 A . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\Windows\System32\drivers\acpi.sys [508312] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - ACPI Devices Driver.) -- C:\Windows\System32\drivers\AcpiDev.sys [13312] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - ACPIEx Driver.) -- C:\Windows\System32\drivers\acpiex.sys [90520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) -- C:\Windows\System32\drivers\acpipagr.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\Windows\System32\drivers\acpipmi.sys [9728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ACPI Wake Alarm.) -- C:\Windows\System32\drivers\acpitime.sys [9728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [1037344] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:05:14 A . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\afd.sys [506272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - Gestionnaire d'appels RAS Agile Vpn Minipor.) -- C:\Windows\System32\drivers\agilevpn.sys [93696] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:46 A . (.Microsoft Corporation - 440 NT AGP Filter.) -- C:\Windows\System32\drivers\AGP440.sys [55648] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:20 A . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\Windows\System32\drivers\ahcache.sys [199168] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:46 A . (.Microsoft Corporation - AMD NT AGP Filter.) -- C:\Windows\System32\drivers\amdagp.sys [55648] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:22 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\amdk8.sys [148480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:22 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\amdppm.sys [146432] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [75160] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [215448] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22936] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:48 A . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\drivers\appid.sys [160160] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - Applocker Filter.) -- C:\Windows\System32\drivers\applockerfltr.sys [13312] =>.Microsoft Corporation
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Microsoft Application Virtualization Stream.) -- C:\Windows\System32\drivers\AppVStrm.sys [92056] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Microsoft Application Virtualization VE Man.) -- C:\Windows\System32\drivers\AppvVemgr.sys [116632] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Microsoft Application Virtualization VFS Fi.) -- C:\Windows\System32\drivers\AppvVfs.sys [109464] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [116632] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:15 A . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\Windows\System32\drivers\asyncmac.sys [20480] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [22936] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:50:32 A . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\drivers\ataport.sys [156056] =>.Microsoft Windows®
O58 - SDL:2018/07/18 17:14:52 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athw10.sys [3294600] =>.Qualcomm Atheros®
O58 - SDL:2017/09/29 12:49:05 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athwn.sys [3228672] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2015/01/13 16:40:18 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [10070016] =>.Advanced Micro Devices, Inc.
O58 - SDL:2015/01/13 15:20:36 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [290304] =>.Advanced Micro Devices, Inc.
O58 - SDL:2016/11/18 13:23:56 N . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\System32\drivers\avc3.sys [1285360] =>.Bitdefender SRL®
O58 - SDL:2016/11/18 13:23:56 N . (.BitDefender - Active Virus Control Kernel Filtering drive.) -- C:\Windows\System32\drivers\avckf.sys [718488] =>.Bitdefender SRL®
O58 - SDL:2016/10/14 07:52:20 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [126064] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/10/14 07:52:20 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [151784] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/10/14 07:52:20 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [44208] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2018/03/30 05:24:22 A . (.Microsoft Corporation - BAM Kernel Driver.) -- C:\Windows\System32\drivers\bam.sys [49568] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\drivers\BasicDisplay.sys [46592] =>.Microsoft Corporation
O58 - SDL:2018/03/01 07:02:05 A . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\drivers\BasicRender.sys [27648] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Battery Class Driver.) -- C:\Windows\System32\drivers\battc.sys [34712] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (. - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [8192] =>.Broadcom Corporation
O58 - SDL:2018/03/30 04:33:46 A . (.Microsoft Corporation - BEEP Driver.) -- C:\Windows\System32\drivers\beep.sys [7168] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:27 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Windows\System32\drivers\bowser.sys [78336] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:56 A . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\drivers\bridge.sys [95232] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) -- C:\Windows\System32\drivers\BtaMPM.sys [16896] =>.Microsoft Corporation
O58 - SDL:2018/02/22 17:50:38 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [519584] =>.Qualcomm Atheros®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Audio/Video Remote Control HID.) -- C:\Windows\System32\drivers\BthAvrcpTg.sys [34304] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Extension de bus Bluetooth.) -- C:\Windows\System32\drivers\bthenum.sys [87040] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) -- C:\Windows\System32\drivers\bthhfenum.sys [80384] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Hands-free HID Minidriver.) -- C:\Windows\System32\drivers\BthhfHid.sys [22528] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Réflecteur de mode utilisateur Bluetooth.) -- C:\Windows\System32\drivers\bthl2cap.sys [64000] =>.Microsoft Corporation
O58 - SDL:2018/04/13 23:15:45 A . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\Windows\System32\drivers\bthmodem.sys [47616] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) -- C:\Windows\System32\drivers\bthpan.sys [99328] =>.Microsoft Corporation
O58 - SDL:2018/03/13 05:37:04 A . (.Microsoft Corporation - Pilote de bus Bluetooth.) -- C:\Windows\System32\drivers\bthport.sys [797696] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de Miniport Bluetooth.) -- C:\Windows\System32\drivers\BTHUSB.SYS [61440] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Button Converter Driver.) -- C:\Windows\System32\drivers\buttonconverter.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Charge Arbiration Driver.) -- C:\Windows\System32\drivers\CAD.sys [51608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - CapImg HID Driver.) -- C:\Windows\System32\drivers\capimg.sys [98816] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\cdfs.sys [73728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\cdrom.sys [116736] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:37 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) -- C:\Windows\System32\drivers\CEA.sys [61336] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\Windows\System32\drivers\circlass.sys [38912] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\drivers\Classpnp.sys [355224] =>.Microsoft Windows®
O58 - SDL:2018/02/10 05:46:21 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) -- C:\Windows\System32\drivers\cldflt.sys [308736] =>.Microsoft Corporation
O58 - SDL:2018/02/10 06:13:59 A . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\drivers\clfs.sys [271768] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:29 A . (.Microsoft Corporation - CLIP Service.) -- C:\Windows\System32\drivers\ClipSp.sys [765336] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\Windows\System32\drivers\CmBatt.sys [22528] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Noyau Gestionnaire de configuration Configu.) -- C:\Windows\System32\drivers\cmimcext.sys [24608] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:50 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\drivers\cng.sys [538768] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) -- C:\Windows\System32\drivers\cnghwassist.sys [31640] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Console Driver.) -- C:\Windows\System32\drivers\condrv.sys [43928] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\drivers\crashdmp.sys [71576] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:21 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) -- C:\Windows\System32\drivers\csc.sys [421888] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:21 A . (.Microsoft Corporation - DAM Kernel Driver.) -- C:\Windows\System32\drivers\dam.sys [69016] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) -- C:\Windows\System32\drivers\devauthe.sys [35840] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:42:17 A . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\dfsc.sys [111616] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:25:27 A . (.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\drivers\disk.sys [76192] =>.Microsoft Windows®
O58 - SDL:2018/01/01 12:44:05 A . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\drivers\Diskdump.sys [33176] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) -- C:\Windows\System32\drivers\Dmpusbstor.sys [11264] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:39 A . (.Microsoft Corporation - Mémoire dynamique.) -- C:\Windows\System32\drivers\dmvsc.sys [39424] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\drivers\drmk.sys [70144] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System32\drivers\drmkaud.sys [14584] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\Windows\System32\drivers\Dumpata.sys [30104] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:06:09 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\Windows\System32\drivers\dumpfve.sys [74000] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:46:32 A . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\drivers\dumpsd.sys [155552] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) -- C:\Windows\System32\drivers\dumpsdport.sys [23040] =>.Microsoft Corporation
O58 - SDL:2018/01/01 12:22:26 A . (.Microsoft Corporation - Storport Dump Driver.) -- C:\Windows\System32\drivers\Dumpstorport.sys [20480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:14:33 A . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\drivers\dxgkrnl.sys [2117536] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:14:21 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\drivers\dxgmms1.sys [339360] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:14:29 A . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\drivers\dxgmms2.sys [607648] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) -- C:\Windows\System32\drivers\EhStorClass.sys [73624] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) -- C:\Windows\System32\drivers\EhStorTcgDrv.sys [99360] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Error Device Driver.) -- C:\Windows\System32\drivers\errdev.sys [9728] =>.Microsoft Corporation
O58 - SDL:2018/07/18 17:13:56 A . (.ELAN Microelectronic Corp. - ELAN SMBus Driver.) -- C:\Windows\System32\drivers\ETDSMBus.sys [28744] =>.ELAN MICROELECTRONICS CORPORATION®
O58 - SDL:2017/09/29 12:49:49 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\Windows\System32\drivers\exfat.sys [287744] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\drivers\fastfat.sys [301464] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:47 A . (.Microsoft Corporation - Microsoft Virtual Fibre Channel HBA minipor.) -- C:\Windows\System32\drivers\fcvsc.sys [24064] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\Windows\System32\drivers\fdc.sys [25600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) -- C:\Windows\System32\drivers\filecrypt.sys [45056] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\Windows\System32\drivers\fileinfo.sys [67480] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:48 A . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\Windows\System32\drivers\filetrace.sys [29184] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Floppy Driver.) -- C:\Windows\System32\drivers\flpydisk.sys [20480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:22:18 A . (.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) -- C:\Windows\System32\drivers\fltMgr.sys [300960] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:16:37 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) -- C:\Windows\System32\drivers\fsdepends.sys [52640] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:26:49 A . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System32\drivers\fs_rec.sys [27544] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:03 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\drivers\fvevol.sys [575392] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [306072] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:47 A . (.Microsoft Corporation - MS Generic AGPv3.0 Filter for K8/9 Processo.) -- C:\Windows\System32\drivers\GAGP30KX.sys [59232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Generic USB Function Class Driver.) -- C:\Windows\System32\drivers\genericusbfn.sys [17408] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:50 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) -- C:\Windows\System32\drivers\gpuenergydrv.sys [7680] =>.Microsoft Corporation
O58 - SDL:2018/07/23 17:10:31 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\Windows\System32\drivers\GUBootStartup.sys [25864] =>.Glarysoft LTD®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\hdaudbus.sys [68608] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:16:11 A . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\HdAudio.sys [322560] =>.Microsoft Corporation
O58 - SDL:2009/09/17 20:54:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECI.sys [41088] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Hid Battery Driver.) -- C:\Windows\System32\drivers\hidbatt.sys [30104] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de miniport Bluetooth pour les périp.) -- C:\Windows\System32\drivers\hidbth.sys [96768] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bibliothèque Hid Class.) -- C:\Windows\System32\drivers\hidclass.sys [128512] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - I2C HID Miniport Driver.) -- C:\Windows\System32\drivers\hidi2c.sys [36864] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) -- C:\Windows\System32\drivers\hidinterrupt.sys [38296] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\Windows\System32\drivers\hidir.sys [37888] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:18:32 A . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\drivers\hidparse.sys [30720] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\Windows\System32\drivers\hidusb.sys [27648] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [55840] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:04:53 A . (.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\drivers\http.sys [758688] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:11:20 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) -- C:\Windows\System32\drivers\hvsocket.sys [100256] =>.Microsoft Windows®
O58 - SDL:2017/10/30 13:00:00 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Hardware Policy Driver.) -- C:\Windows\System32\drivers\hwpolicy.sys [28056] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:44:39 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) -- C:\Windows\System32\drivers\hyperkbd.sys [11776] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:26 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) -- C:\Windows\System32\drivers\HyperVideo.sys [21504] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [89600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iagpio.sys [28672] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\Windows\System32\drivers\iai2c.sys [74240] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\Windows\System32\drivers\iaiogpio.sys [22016] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\Windows\System32\drivers\iaioi2c.sys [57856] =>.Intel Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\Windows\System32\drivers\iaStorAV.sys [525208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [333720] =>.Microsoft Windows®
O58 - SDL:2018/03/01 16:36:14 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [149688] =>.Tonec Inc.®
O58 - SDL:2018/09/05 20:07:01 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [3036104] =>.Intel Corporation - pGFX®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) -- C:\Windows\System32\drivers\IndirectKmd.sys [30208] =>.Microsoft Corporation
O58 - SDL:2018/09/05 20:07:02 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\intelaud.sys [44096] =>.Intel(R) Wireless Display®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\Windows\System32\drivers\intelide.sys [17304] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\Windows\System32\drivers\intelpep.sys [119376] {3300000156C30C37BAD4FC2C64000000000156} =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:25 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\intelppm.sys [162304] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:48 A . (.Microsoft Corporation - I/O QoS Filter.) -- C:\Windows\System32\drivers\ioqos.sys [23040] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:29 A . (.Microsoft Corporation - Filtre de contrôle de taux d’E/S.) -- C:\Windows\System32\drivers\iorate.sys [43552] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\Windows\System32\drivers\ipfltdrv.sys [62976] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\drivers\IPMIDrv.sys [77208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\ipnat.sys [185856] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - IPT Driver.) -- C:\Windows\System32\drivers\ipt.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:59 A . (.Microsoft Corporation - IRDA Protocol Driver.) -- C:\Windows\System32\drivers\irda.sys [92672] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:26 A . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\Windows\System32\drivers\irenum.sys [13824] =>.Microsoft Corporation
O58 - SDL:2018/03/01 07:25:40 A . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\Windows\System32\drivers\isapnp.sys [48024] =>.Microsoft Windows®
O58 - SDL:2018/09/05 20:07:02 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\iwdbus.sys [35904] =>.Intel(R) Wireless Display®
O58 - SDL:2018/07/23 13:32:09 A . (.Microsoft Corporation - Boot Time Removal Tool.) -- C:\Windows\System32\drivers\juodwbcs.sys [63448] =>.Microsoft Corporation®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\Windows\System32\drivers\kbdclass.sys [48536] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de filtre clavier HID.) -- C:\Windows\System32\drivers\kbdhid.sys [29184] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) -- C:\Windows\System32\drivers\kdnic.sys [17408] =>.Microsoft Corporation
O58 - SDL:2018/02/10 05:41:37 A . (.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\drivers\ks.sys [298496] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:28:18 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\drivers\ksecdd.sys [103320] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:12:05 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\drivers\ksecpkg.sys [142744] =>.Microsoft Windows®
O58 - SDL:2018/07/18 17:14:37 A . (.Qualcomm Atheros, Inc. - Killer e2200 PCI-E Gigabit Ethernet Control.) -- C:\Windows\System32\drivers\L1C63x86.sys [131304] =>.Rivet Networks LLC®
O58 - SDL:2018/03/30 04:43:39 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\System32\drivers\lltdio.sys [48128] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [93216] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2i.sys [102808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3i.sys [84376] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [69528] =>.Microsoft Windows®
O58 - SDL:2017/10/25 03:52:42 A . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) -- C:\Windows\System32\drivers\luafv.sys [97792] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) -- C:\Windows\System32\drivers\mausbhost.sys [405024] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - MA-USB IP Driver.) -- C:\Windows\System32\drivers\mausbip.sys [42904] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:16 A . (.Microsoft Corporation - Medium changer class driver.) -- C:\Windows\System32\drivers\mcd.sys [17408] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [52120] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\MegaSas2i.sys [56728] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:09 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [464792] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:29 A . (.Microsoft Corporation - MMCSS Driver.) -- C:\Windows\System32\drivers\mmcss.sys [36864] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\Windows\System32\drivers\modem.sys [32768] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\drivers\monitor.sys [30720] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\Windows\System32\drivers\mouclass.sys [45464] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\drivers\mouhid.sys [23552] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:24:53 A . (.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\System32\drivers\mountmgr.sys [81824] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:37 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\System32\drivers\mpsdrv.sys [55296] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:24 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\drivers\mrxdav.sys [122368] =>.Microsoft Corporation
O58 - SDL:2018/02/10 06:07:51 A . (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\mrxsmb.sys [434072] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:49 A . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\drivers\mrxsmb10.sys [232960] =>.Microsoft Corporation
O58 - SDL:2017/11/26 12:00:13 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\drivers\mrxsmb20.sys [167832] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:16 A . (.Microsoft Corporation - Mailslot driver.) -- C:\Windows\System32\drivers\msfs.sys [24064] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:36 A . (.Microsoft Corporation - GPIO Class Extension Driver.) -- C:\Windows\System32\drivers\msgpioclx.sys [133016] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - GPIO Button Driver.) -- C:\Windows\System32\drivers\msgpiowin32.sys [37784] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\Windows\System32\drivers\mshidkmdf.sys [7168] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Pilote direct pour interface HID-UMDF.) -- C:\Windows\System32\drivers\mshidumdf.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) -- C:\Windows\System32\drivers\mshwnclx.sys [18944] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - ISA Driver.) -- C:\Windows\System32\drivers\msisadrv.sys [16280] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:42:26 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\drivers\msiscsi.sys [239000] =>.Microsoft Windows®
O58 - SDL:2018/02/10 05:44:55 A . (.Microsoft Corporation - MS KS Server.) -- C:\Windows\System32\drivers\mskssrv.sys [25600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Pilote de protocole LLDP (Link Layer Discov.) -- C:\Windows\System32\drivers\mslldp.sys [67072] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:59 A . (.Microsoft Corporation - MS Proxy Clock.) -- C:\Windows\System32\drivers\mspclock.sys [8192] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:59 A . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\Windows\System32\drivers\mspqm.sys [8192] =>.Microsoft Corporation
O58 - SDL:2018/03/01 07:35:55 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\Windows\System32\drivers\msrpc.sys [195488] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:17 A . (.Microsoft Corporation - Pilote du filtre de système de fichiers du.) -- C:\Windows\System32\drivers\mssecflt.sys [210328] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\System32\drivers\mssmbios.sys [35224] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:59 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\Windows\System32\drivers\mstee.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote HID multipoint Microsoft.) -- C:\Windows\System32\drivers\MTConfig.sys [11776] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:10:48 A . (.Microsoft Corporation - Pilote de fournisseur UNC multiples.) -- C:\Windows\System32\drivers\mup.sys [104344] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [58264] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:19:33 A . (.Microsoft Corporation - NDIS (Network Driver Interface Specificatio.) -- C:\Windows\System32\drivers\ndis.sys [965024] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) -- C:\Windows\System32\drivers\ndiscap.sys [34816] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:09 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) -- C:\Windows\System32\drivers\NdisImPlatform.sys [109056] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\Windows\System32\drivers\ndistapi.sys [20992] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:36 A . (.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) -- C:\Windows\System32\drivers\ndisuio.sys [49664] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:09 A . (.Microsoft Corporation - Énumérateur de cartes réseau virtuelles Mic.) -- C:\Windows\System32\drivers\NdisVirtualBus.sys [15872] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\Windows\System32\drivers\ndiswan.sys [164352] =>.Microsoft Corporation
O58 - SDL:2018/01/01 12:23:05 A . (.Microsoft Corporation - NDIS Proxy.) -- C:\Windows\System32\drivers\ndproxy.sys [48640] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:27 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) -- C:\Windows\System32\drivers\Ndu.sys [104448] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) -- C:\Windows\System32\drivers\NetAdapterCx.sys [91648] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:13:38 A . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\System32\drivers\netbios.sys [47520] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:41:25 A . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netbt.sys [236544] =>.Microsoft Corporation
O58 - SDL:2018/03/13 06:12:54 A . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\drivers\netio.sys [376216] =>.Microsoft Windows®
O58 - SDL:2013/10/01 04:58:20 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [1739440] =>.Mediatek Inc.®
O58 - SDL:2018/03/30 04:43:22 A . (.Microsoft Corporation - Miniport NDIS virtuel.) -- C:\Windows\System32\drivers\netvsc.sys [136192] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:16 A . (.Microsoft Corporation - NPFS Driver.) -- C:\Windows\System32\drivers\npfs.sys [57344] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Named pipe service triggers.) -- C:\Windows\System32\drivers\npsvctrig.sys [18944] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:42:51 A . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\drivers\nsiproxy.sys [29696] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:25:19 A . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1995168] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:03 A . (.Microsoft Corporation - NTOS extension host driver.) -- C:\Windows\System32\drivers\ntosext.sys [17304] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:32:16 A . (.Microsoft Corporation - NULL Driver.) -- C:\Windows\System32\drivers\null.sys [5120] =>.Microsoft Corporation
O58 - SDL:2016/12/09 13:49:42 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda32v.sys [171960] =>.NVIDIA Corporation®
O58 - SDL:2016/12/09 14:11:58 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [10720832] =>.NVIDIA Corporation®
O58 - SDL:2018/01/15 15:35:50 A . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\drivers\nvmf6232.sys [291456] =>.NVIDIA Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [119192] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [141344] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:49 A . (.Microsoft Corporation - NForce NT AGP Filter.) -- C:\Windows\System32\drivers\NV_AGP.SYS [107360] =>.Microsoft Windows®
O58 - SDL:2018/03/01 06:57:46 A . (.Microsoft Corporation - Pilote de miniport WiFi natif.) -- C:\Windows\System32\drivers\nwifi.sys [435200] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:37 A . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\System32\drivers\pacer.sys [129944] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\parport.sys [81920] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:28:30 A . (.Microsoft Corporation - Partition driver.) -- C:\Windows\System32\drivers\partmgr.sys [132000] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote parallèle VDM.) -- C:\Windows\System32\drivers\parvdm.sys [9216] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:42:05 A . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\Windows\System32\drivers\pci.sys [279448] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\pciide.sys [14744] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\Windows\System32\drivers\pciidex.sys [41880] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\Windows\System32\drivers\pcmcia.sys [97176] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:25:11 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\Windows\System32\drivers\pcw.sys [42400] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\drivers\pdc.sys [100760] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:41:16 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\Windows\System32\drivers\PEAuth.sys [670720] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas2i.sys [51608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas3i.sys [54680] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - Pilote mémoire Plug and Play.) -- C:\Windows\System32\drivers\pnpmem.sys [13312] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\Windows\System32\drivers\portcls.sys [270336] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:32:22 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\processr.sys [145920] =>.Microsoft Corporation
O58 - SDL:2015/05/28 04:54:16 A . (.TOSHIBA - Generic IO & Memory Access.) -- C:\Windows\System32\drivers\QIOMem.sys [20664] =>.WDKTestCert 1,130752733198717037®
O58 - SDL:2017/09/29 12:50:07 A . (.Microsoft Corporation - Pilote du support de Microsoft Quality Wind.) -- C:\Windows\System32\drivers\qwavedrv.sys [32256] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - RAM Disk Driver.) -- C:\Windows\System32\drivers\ramdisk.sys [32152] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:44:42 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\Windows\System32\drivers\rasacd.sys [12288] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\rasl2tp.sys [79872] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\Windows\System32\drivers\raspppoe.sys [67584] =>.Microsoft Corporation
O58 - SDL:2018/01/01 12:22:32 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\Windows\System32\drivers\raspptp.sys [73728] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\Windows\System32\drivers\rassstp.sys [64512] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:10:56 A . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) -- C:\Windows\System32\drivers\rdbss.sys [353184] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:34:20 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\Windows\System32\drivers\rdpbus.sys [20480] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:34:35 A . (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [131072] =>.Microsoft Corporation
O58 - SDL:2017/09/30 15:25:24 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\Windows\System32\drivers\rdpvideominiport.sys [23448] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:16:52 A . (.Microsoft Corporation - ReadyBoost Driver.) -- C:\Windows\System32\drivers\rdyboost.sys [221600] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\System32\drivers\rfcomm.sys [146944] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:33 A . (.Microsoft Corporation - Transport d’ordinateur virtuel Microsoft Re.) -- C:\Windows\System32\drivers\RfxVmt.sys [31744] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) -- C:\Windows\System32\drivers\rhproxy.sys [71680] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:26 A . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\Windows\System32\drivers\rmcast.sys [120320] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\Windows\System32\drivers\RNDISMP.sys [26112] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\Windows\System32\drivers\rootmdm.sys [8704] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:56 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\Windows\System32\drivers\rspndr.sys [62976] =>.Microsoft Corporation
O58 - SDL:2018/09/05 20:07:02 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 32-bit Dri.) -- C:\Windows\System32\drivers\rt640x86.sys [492032] =>.Realtek
O58 - SDL:2017/09/29 12:49:19 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) -- C:\Windows\System32\drivers\rteth.sys [47616] =>.Realtek
O58 - SDL:2018/04/12 20:47:18 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\Windows\System32\drivers\RtsUer.sys [311744] =>.Realtek Semiconductor Corp.®
O58 - SDL:2009/09/02 10:59:42 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [174592] =>.Realtek Semiconductor Corp.
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\Windows\System32\drivers\sbp2port.sys [88096] =>.Microsoft Windows®
O58 - SDL:2017/02/17 17:18:52 A . (.ThreatTrack Security - ThreatTrack Security Firewall SDK TDI Firew.) -- C:\Windows\System32\drivers\sbwfw.sys [330536] =>.ThreatTrack Security, Inc.®
O58 - SDL:2017/02/17 09:45:24 A . (.ThreatTrack Security - ThreatTrack Security Firewall SDK Transport.) -- C:\Windows\System32\drivers\sbwtis.sys [106144] =>.ThreatTrack Security, Inc.®
O58 - SDL:2017/06/07 01:36:30 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [124616] =>.Power Software Limited®
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - Pilote de filtre de lecteur de carte à puce.) -- C:\Windows\System32\drivers\scfilter.sys [35328] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:17 A . (.Microsoft Corporation - SCSI Port Driver.) -- C:\Windows\System32\drivers\scsiport.sys [143768] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:54:03 A . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\drivers\sdbus.sys [233376] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - SD Host Controller Port Driver.) -- C:\Windows\System32\drivers\sdport.sys [75672] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:42:08 A . (.Microsoft Corporation - Pilote de classe de stockage SD.) -- C:\Windows\System32\drivers\sdstor.sys [76192] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Serial Class Extension.) -- C:\Windows\System32\drivers\SerCx.sys [58776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Serial Class Extension V2.) -- C:\Windows\System32\drivers\SerCx2.sys [114208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\Windows\System32\drivers\serenum.sys [17920] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\Windows\System32\drivers\serial.sys [76800] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\drivers\sermouse.sys [20480] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\Windows\System32\drivers\sfloppy.sys [13824] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:51 A . (.Microsoft Corporation - SIS NT AGP Filter.) -- C:\Windows\System32\drivers\SISAGP.SYS [54112] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [41368] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [78368] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Sleep Study Helper.) -- C:\Windows\System32\drivers\SleepStudyHelper.sys [26520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:13 A . (.Microsoft Corporation - Smart Card Driver Library.) -- C:\Windows\System32\drivers\smclib.sys [17920] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) -- C:\Windows\System32\drivers\spacedump.sys [135200] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:21:38 A . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\drivers\spaceport.sys [454048] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - SPB Class Extension.) -- C:\Windows\System32\drivers\SpbCx.sys [61848] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:52 A . (.Microsoft Corporation - Server driver.) -- C:\Windows\System32\drivers\srv.sys [341504] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:34:49 A . (.Microsoft Corporation - Pilote de serveur SMB 2.0.) -- C:\Windows\System32\drivers\srv2.sys [650240] =>.Microsoft Corporation
O58 - SDL:2017/11/26 11:27:17 A . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\drivers\srvnet.sys [198144] =>.Microsoft Corporation
O58 - SDL:2018/03/27 15:06:23 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssudbus.sys [109456] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2018/03/27 15:06:24 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\Windows\System32\drivers\ssudmdm.sys [147344] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2017/09/29 12:49:10 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [27032] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:43:00 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) -- C:\Windows\System32\drivers\storahci.sys [128408] =>.Microsoft Windows®
O58 - SDL:2018/02/22 01:43:14 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) -- C:\Windows\System32\drivers\stornvme.sys [80800] =>.Microsoft Windows®
O58 - SDL:2018/01/01 12:44:38 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\drivers\storport.sys [480152] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:08 A . (.Microsoft Corporation - Filtre de qualité de service de stockage.) -- C:\Windows\System32\drivers\storqosflt.sys [62976] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:42:43 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) -- C:\Windows\System32\drivers\storufs.sys [38304] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:12:30 A . (.Microsoft Corporation - Storage VSC Driver.) -- C:\Windows\System32\drivers\storvsc.sys [28064] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:17 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\drivers\stream.sys [54272] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:11 A . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\Windows\System32\drivers\swenum.sys [16280] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:28 A . (.Microsoft Corporation - VSC vidéo Synth3D RemoteFX Microsoft.) -- C:\Windows\System32\drivers\Synth3dVsc.sys [50688] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:15 A . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\Windows\System32\drivers\tape.sys [23552] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) -- C:\Windows\System32\drivers\tbs.sys [21400] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:02:08 A . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\drivers\tcpip.sys [2172312] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:09 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\System32\drivers\tcpipreg.sys [40960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - TDI Wrapper.) -- C:\Windows\System32\drivers\tdi.sys [32152] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:24:24 A . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [96160] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:19 A . (.Microsoft Corporation - Terminal Server Input Driver.) -- C:\Windows\System32\drivers\terminpt.sys [30104] =>.Microsoft Windows®
O58 - SDL:2015/12/30 22:26:22 A . (.Toshiba Corporation - Toshiba Hotkey Driver.) -- C:\Windows\System32\drivers\Thotkey.sys [42088] =>.TOSHIBA CORPORATION®
O58 - SDL:2018/03/30 05:28:24 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) -- C:\Windows\System32\drivers\tm.sys [98208] =>.Microsoft Windows®
O58 - SDL:2018/02/22 16:38:13 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [31160] =>.TOSHIBA CORPORATION®
O58 - SDL:2018/02/22 01:42:32 A . (.Microsoft Corporation - Pilote de périphérique TPM.) -- C:\Windows\System32\drivers\tpm.sys [186784] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Pilote de filtre pour concentrateur USB du.) -- C:\Windows\System32\drivers\TsUsbFlt.sys [49664] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:11 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) -- C:\Windows\System32\drivers\TsUsbGD.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/30 15:25:23 A . (.Microsoft Corporation - Concentrateur USB du Bureau à distance.) -- C:\Windows\System32\drivers\tsusbhub.sys [89600] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Pilote d’interface de tunnel Microsoft.) -- C:\Windows\System32\drivers\tunnel.sys [87040] =>.Microsoft Corporation
O58 - SDL:2015/09/18 09:36:50 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [40528] =>.TOSHIBA CORPORATION®
O58 - SDL:2018/01/15 15:35:52 A . (.Microsoft Corporation - MS AGPv3.5 Filter.) -- C:\Windows\System32\drivers\UAGP35.sys [58208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Microsoft Uasp Driver.) -- C:\Windows\System32\drivers\uaspstor.sys [59288] =>.Microsoft Windows®
O58 - SDL:2017/10/25 04:06:07 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) -- C:\Windows\System32\drivers\UcmCx.sys [79872] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) -- C:\Windows\System32\drivers\UcmTcpciCx.sys [100864] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:19:02 A . (.Microsoft Corporation - USB Connector Manager UCSI Client.) -- C:\Windows\System32\drivers\UcmUcsi.sys [39424] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - USB Controller Extension.) -- C:\Windows\System32\drivers\Ucx01000.sys [185752] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - 'udecx.DRIVER'.) -- C:\Windows\System32\drivers\Udecx.sys [31744] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:19 A . (.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\drivers\udfs.sys [258560] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - UEFI Driver for NT.) -- C:\Windows\System32\drivers\uefi.sys [23448] =>.Microsoft Windows®
O58 - SDL:2017/09/30 15:25:16 A . (.Microsoft Corporation - Microsoft User Experience Virtualization Ag.) -- C:\Windows\System32\drivers\UevAgentDriver.sys [35736] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - USB Function Driver Class Extension.) -- C:\Windows\System32\drivers\ufx01000.sys [204696] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - UFX Chipidea Client Driver.) -- C:\Windows\System32\drivers\UfxChipidea.sys [74272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) -- C:\Windows\System32\drivers\ufxsynopsys.sys [107416] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:53 A . (.Microsoft Corporation - ULi AGPv3.0 Filter for K8/9 Processor Platf.) -- C:\Windows\System32\drivers\ULIAGPKX.SYS [59232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - User-Mode Bus Enumerator.) -- C:\Windows\System32\drivers\umbus.sys [49152] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Generic pass-through driver.) -- C:\Windows\System32\drivers\umpass.sys [9216] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Role-Switch Driver for Chipidea Core.) -- C:\Windows\System32\drivers\urschipidea.sys [22424] =>.Microsoft Windows®
O58 - SDL:2017/10/10 07:06:40 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) -- C:\Windows\System32\drivers\urscx01000.sys [43416] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Role-Switch Driver for Synopsys Core.) -- C:\Windows\System32\drivers\urssynopsys.sys [21912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:11 A . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\drivers\usb8023.sys [15360] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:21 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\drivers\USBCAMD.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:21 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\drivers\USBCAMD2.sys [27136] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\drivers\usbccgp.sys [122776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:05 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\drivers\usbcir.sys [88064] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\drivers\usbd.sys [24608] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\drivers\usbehci.sys [73112] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de concentrateur USB par défaut.) -- C:\Windows\System32\drivers\usbhub.sys [368536] =>.Microsoft Windows®
O58 - SDL:2018/03/13 06:07:21 A . (.Microsoft Corporation - Pilote de concentrateur USB3.) -- C:\Windows\System32\drivers\USBHUB3.SYS [434080] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\drivers\usbohci.sys [21504] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\drivers\usbport.sys [378776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:07 A . (.Microsoft Corporation - USB Printer driver.) -- C:\Windows\System32\drivers\usbprint.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:53 A . (.Microsoft Corporation - Windows USB Redirection Policy Manager.) -- C:\Windows\System32\drivers\usbrpm.sys [26624] =>.Microsoft Corporation
O58 - SDL:2018/03/13 05:41:41 A . (.Microsoft Corporation - USB Serial Driver.) -- C:\Windows\System32\drivers\usbser.sys [52224] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Pilote de classe de stockage de masse USB.) -- C:\Windows\System32\drivers\USBSTOR.SYS [107928] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\drivers\usbuhci.sys [24576] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:08 A . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\drivers\usbvideo.sys [230400] =>.Microsoft Corporation
O58 - SDL:2018/02/22 01:43:14 A . (.Microsoft Corporation - Pilote XHCI USB.) -- C:\Windows\System32\drivers\USBXHCI.SYS [336800] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:17:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) -- C:\Windows\System32\drivers\vdrvroot.sys [48544] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Driver Verifier Extension.) -- C:\Windows\System32\drivers\VerifierExt.sys [171928] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:18:12 A . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\drivers\vhdmp.sys [534944] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:19 A . (.Microsoft Corporation - Pilote d'infrastructure HID virtuelle (VHF).) -- C:\Windows\System32\drivers\vhf.sys [24576] =>.Microsoft Corporation
O58 - SDL:2018/01/15 15:35:54 A . (.Microsoft Corporation - VIA NT AGP Filter.) -- C:\Windows\System32\drivers\VIAAGP.SYS [56160] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:45:50 A . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\drivers\viac7.sys [146432] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - Video Port Driver.) -- C:\Windows\System32\drivers\videoprt.sys [35840] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:11:21 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) -- C:\Windows\System32\drivers\vmbkmcl.sys [61344] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:24:31 A . (.Microsoft Corporation - Pilote enfant de bus VMBus sous Microsoft H.) -- C:\Windows\System32\drivers\vmbus.sys [81824] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:44:33 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) -- C:\Windows\System32\drivers\VMBusHID.sys [19456] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:28 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) -- C:\Windows\System32\drivers\vmgencounter.sys [10240] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:35 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) -- C:\Windows\System32\drivers\vmgid.sys [8704] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:44:35 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) -- C:\Windows\System32\drivers\vms3cap.sys [6656] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:11:29 A . (.Microsoft Corporation - Pilote de filtre de stockage virtuel.) -- C:\Windows\System32\drivers\vmstorfl.sys [39832] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:26:39 A . (.Microsoft Corporation - Pilote du gestionnaire de volumes.) -- C:\Windows\System32\drivers\volmgr.sys [65432] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\Windows\System32\drivers\volmgrx.sys [309144] =>.Microsoft Windows®
O58 - SDL:2017/12/07 23:21:45 A . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [353688] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Volume driver.) -- C:\Windows\System32\drivers\volume.sys [14232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [149912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:10 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [276000] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:26 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) -- C:\Windows\System32\drivers\vwifibus.sys [20992] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:26 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\System32\drivers\vwififlt.sys [62976] =>.Microsoft Corporation
O58 - SDL:2017/11/26 11:39:04 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\Windows\System32\drivers\vwifimp.sys [31232] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:09 A . (.Microsoft Corporation - Pilote de tablette Wacom à stylet série.) -- C:\Windows\System32\drivers\wacompen.sys [21504] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:43:51 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\System32\drivers\wanarp.sys [61952] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:34 A . (.Microsoft Corporation - Watchdog Driver.) -- C:\Windows\System32\drivers\watchdog.sys [43520] =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:10:15 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) -- C:\Windows\System32\drivers\wcifs.sys [116128] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:37 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) -- C:\Windows\System32\drivers\wcnfs.sys [57856] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:24 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\drivers\WdBoot.sys [37440] {33000001B97C2438A5F70796530000000001B9} =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) -- C:\Windows\System32\drivers\Wdf01000.sys [597728] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:24 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\drivers\WdFilter.sys [253848] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:52 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\System32\drivers\WdfLdr.sys [53984] =>.Microsoft Windows®
O58 - SDL:2018/03/01 06:58:12 A . (.Microsoft Corporation - WDI Driver Framework Driver.) -- C:\Windows\System32\drivers\WdiWiFi.sys [539648] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:27 A . (.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) -- C:\Windows\System32\drivers\WdNisDrv.sys [98200] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:49 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) -- C:\Windows\System32\drivers\wdnsfltr.sys [24576] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) -- C:\Windows\System32\drivers\werkernel.sys [39320] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:12:47 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\Windows\System32\drivers\wfplwfs.sys [88992] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:49 A . (.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\System32\drivers\wimmount.sys [30104] =>.Microsoft Windows®
O58 - SDL:2018/03/30 05:10:43 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) -- C:\Windows\System32\drivers\WindowsTrustedRT.sys [53288] =>.Microsoft Windows Hardware Abstraction Layer Publisher®
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [14552] {3300000156C30C37BAD4FC2C64000000000156} =>.Microsoft Corporation
O58 - SDL:2018/03/30 05:16:34 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) -- C:\Windows\System32\drivers\winhv.sys [26016] =>.Microsoft Windows®
O58 - SDL:2018/03/30 04:43:11 A . (.Microsoft Corporation - Pilote NAT Windows.) -- C:\Windows\System32\drivers\winnat.sys [182272] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) -- C:\Windows\System32\drivers\winusb.sys [67072] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:10 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\Windows\System32\drivers\wmiacpi.sys [12288] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\Windows\System32\drivers\wmilib.sys [16416] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:50 A . (.Microsoft Corporation - Filtre de superposition Windows.) -- C:\Windows\System32\drivers\wof.sys [175000] =>.Microsoft Windows®
O58 - SDL:2018/01/15 15:35:54 A . (.Microsoft Corporation - Family Safety Filter Driver.) -- C:\Windows\System32\drivers\wpcfltr.sys [42904] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:24 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) -- C:\Windows\System32\drivers\WpdUpFltr.sys [24472] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:49:51 A . (.Microsoft Corporation - WPP Trace Recorder.) -- C:\Windows\System32\drivers\WppRecorder.sys [26520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 12:50:22 A . (.Microsoft Corporation - Couche IFS Winsock2.) -- C:\Windows\System32\drivers\ws2ifsl.sys [16896] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:03 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\drivers\WUDFPf.sys [86528] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:03 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\drivers\WUDFRd.sys [186880] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - Game Input Protocol Driver.) -- C:\Windows\System32\drivers\xboxgip.sys [229888] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:16 A . (.Microsoft Corporation - XINPUT filter driver for HID.) -- C:\Windows\System32\drivers\xinputhid.sys [36864] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\ANSI.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\country.sys [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\HIMEM.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\KEY01.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\KEYBOARD.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS404.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS411.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS412.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTDOS804.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO404.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO411.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO412.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:50:08 A . (.Microsoft Corporation - Windows Win16 Application Launcher.) -- C:\Windows\System32\NTIO804.SYS [8960] =>.Microsoft Corporation
O58 - SDL:2017/09/29 12:49:39 A . (.Microsoft Corporation - Full/Desktop Multi-User Win32 Driver.) -- C:\Windows\System32\win32k.sys [303104] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:36:37 A . (.Microsoft Corporation - Pilote du noyau Base Win32k.) -- C:\Windows\System32\win32kbase.sys [1624576] =>.Microsoft Corporation
O58 - SDL:2018/03/30 04:46:30 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) -- C:\Windows\System32\win32kfull.sys [2902528] =>.Microsoft Corporation
O58 - SDL:2018/02/22 16:07:54 A . (.NewSoftwares.net, Inc. - Virtual Encryption Driver.) -- C:\Windows\System32\WinVDEdrv.sys [228112] =>.NewSoftwares.net Inc. SDN. BHD.®
O58 - SDL:2018/02/22 16:07:55 A . (...) -- C:\Windows\System32\WinVDEdrv6.sys [188176] =>.NewSoftwares.net Inc. SDN. BHD.®
---\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (3) - 66s
O61 - LFC: 2018/08/29 13:12:34 A . (..) -- C:\ProgramData\CTES\CTESPersistence.exe [0]
O61 - LFC: 2018/09/05 22:46:50 A . (..) -- C:\Users\Charaf\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ACE1LZ71\ZHPDiag3[1].exe [0]
O61 - LFC: 2018/09/05 23:56:25 A . (..) -- C:\Users\Charaf\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\M5CYQME3\ZHPCleaner[1].exe [0]
---\ ASSOCIATION Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- '%1' %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe '%1' %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- '%1' /S =>.Default.Value
---\ MENU DE DÉMARRAGE INTERNET (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
---\ RECHERCHE D'INFECTION SUR LES NAVIGATEURS (2) - 10s
O69 - SBI: SearchScopes [HKCU]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
---\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (48) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [182272] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [182272] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [207872] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1136128] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [733184] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [725504] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [24064] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [117760] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [116224] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [91136] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [695808] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [183808] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [317440] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [339456] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [79872] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [788992] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\Windows\System32\Windows.SharedPC.AccountManager.dll [143360] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) -- C:\Windows\System32\PushToInstall.dll [187392] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\Windows\System32\XboxGipSvc.dll [46592] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\Windows\System32\NetSetupSvc.dll [215552] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [331264] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) -- C:\Windows\System32\flightsettings.dll [654336] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll [516608] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [656896] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\NcaSvc.dll [146432] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) -- C:\Windows\System32\NaturalAuth.dll [297472] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll [1008640] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [53760] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Broker à jetons.) -- C:\Windows\System32\TokenBroker.dll [915968] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [931328] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) -- C:\Windows\System32\WpnService.dll [245248] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1652224] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\Windows\System32\irmon.dll [20480] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [92672] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [830976] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [403456] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [533504] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [252928] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2343424] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [1004544] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565248] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [769536] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\Windows\System32\lfsvc.dll [37888] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [947712] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [163840] =>.Microsoft Corporation
---\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (36) - 56s
O87 - FAEL: '{05611640-5D6E-4640-BEC2-116270743705}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\OSTotoHotspot.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O87 - FAEL: '{DD780B42-82F0-4453-BF21-2BCC2BEBF0B3}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
O87 - FAEL: '{CDE7A6FA-5027-48C9-81CA-821BCA78542E}' [In-None-P17-TRUE] .(.深圳市驱动人生软件技术有限公司 - 160WiFi手机管理.) -- C:\Program Files\OSTotoHotspot\YunExplorer.exe =>.SUP.DriveTheLife
O87 - FAEL: '{1B90A398-4B88-44EC-8136-129DB6608CE6}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\helptool.exe
O87 - FAEL: '{27E9F91F-0FE9-472D-A002-6FE757CDE835}' [In-None-P17-TRUE] .(.IObit - Driver Booster.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe =>.IObit
O87 - FAEL: '{5BEBA494-584E-4B7A-A2DC-061E393112C5}' [Out-None-P17-TRUE] .(.IObit - Driver Booster.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DriverBooster.exe =>.IObit
O87 - FAEL: '{39DFC7CC-1D0E-46FA-8835-32F032F03FDA}' [In-None-P17-TRUE] .(.IObit - Driver Booster Downloader.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DBDownloader.exe =>.IObit Information Technology®
O87 - FAEL: '{DC975E92-D1A0-46B4-AF4D-983FDB544D28}' [Out-None-P17-TRUE] .(.IObit - Driver Booster Downloader.) -- C:\Program Files\IObit\Driver Booster\5.0.3\DBDownloader.exe =>.IObit Information Technology®
O87 - FAEL: '{D964718D-1FD2-438E-BE15-9E8106DFB530}' [In-None-P17-TRUE] .(.IObit - Driver Booster Updater.) -- C:\Program Files\IObit\Driver Booster\5.0.3\AutoUpdate.exe =>.IObit Information Technology®
O87 - FAEL: '{8761BD87-5D4B-42B4-BFB7-F684956EE254}' [Out-None-P17-TRUE] .(.IObit - Driver Booster Updater.) -- C:\Program Files\IObit\Driver Booster\5.0.3\AutoUpdate.exe =>.IObit Information Technology®
O87 - FAEL: '{9B4B299D-01F5-489E-8E03-5045F5D850A6}' [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: '{63F5A541-147A-48EB-A007-AFEF8030FC5D}' [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: '{A0B5DFFE-BF04-4EDF-AAD7-AF2CA4BDD461}' [In-None-P6-TRUE] .(.SHAREit Technologies Co.Ltd - SHAREit.) -- C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O87 - FAEL: '{0C05D7DC-6089-44C6-84CE-A206C238E505}' [In-None-P17-TRUE] .(.SHAREit Technologies Co.Ltd - SHAREit.) -- C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe =>.SHAREit Technologies Co.Ltd®
O87 - FAEL: '{DA044B3B-8003-4573-B838-B858802FF7FC}' [In-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\aips.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{57BAF58C-6BD7-4C2D-924E-67442ACC94EB}' [Out-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\aips.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{D85A6483-6332-477C-87EA-C171605187DA}' [In-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\netcut_windows.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{0CECA6AE-3D8E-458D-92E1-CE7B31C49E89}' [Out-None-P6-TRUE] .(...) -- C:\Program Files\arcai.com\netcut_windows.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{C71DC298-2D7A-4E8D-A6EE-46F575FFD030}' [In-None-P6-TRUE] .(...) -- C:\Users\Charaf\Desktop\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{C45B3AE6-8DB5-4DAF-9335-241DA736A80F}' [Out-None-P6-TRUE] .(...) -- C:\Users\Charaf\Desktop\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: 'TCP Query User{D3C00B65-FF72-4827-9EFD-DA568D6200B1}C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe' [In-None-P6-TRUE] .(...) -- C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: 'UDP Query User{0CFDF328-4A4D-4552-8F7C-7EAC0D5BF4C7}C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe' [In-None-P17-TRUE] .(...) -- C:\users\charaf\desktop\embratoria_g10_3\embratoria_g10_3\libsg10.exe (.not file.) =>.SUP.Orphan
O87 - FAEL: '{3BB0AB6F-5D53-489F-8AC0-BE04631760AB}' [In-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{90E13074-9E84-4BAE-B054-F5A7EA614882}' [Out-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{DD6E6053-F970-40C7-B3A3-548098557A13}' [In-None-P6-TRUE] .(...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: '{6C3C6C29-F31E-452A-A9A4-B3DA4743F53C}' [Out-None-P6-TRUE] .(...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: '{E6072573-EFBE-4B09-B465-8903DF41F30C}' [In-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\Microsoft Toolkit\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{F2C11891-8FF3-4651-8230-8BAAE8FD2C28}' [Out-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\microsoft-toolkit-2.6.5\Microsoft Toolkit\Microsoft Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: 'TCP Query User{55644115-B64D-420C-8467-9A4D3CD3D474}C:\program files\mozilla firefox\firefox.exe' [In-None-P6-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: 'UDP Query User{1B5974E2-0BB1-48EE-90EA-05EB1342FAC7}C:\program files\mozilla firefox\firefox.exe' [In-None-P17-TRUE] .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe =>.Mozilla Corporation®
O87 - FAEL: 'TCP Query User{1160ADB5-A4E7-4132-87B2-62B34337A964}D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe' [In-None-P6-TRUE] .(...) -- D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe
O87 - FAEL: 'UDP Query User{B4A6521B-46C3-4DE7-866E-AE297CF2D25D}D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe' [In-None-P17-TRUE] .(...) -- D:\programmes\embratoria_g10_2\embratoria_g10\libsg10.exe
O87 - FAEL: '{7F25CFC0-794C-46C9-8826-8EF197D2D1E0}' [In-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\Microsoft Toolkit\Microsoft-Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{F5B3E43E-18C1-44A0-AC04-F0E78F0DACE1}' [Out-None-P6-TRUE] .(.CODYQX4 - Microsoft Toolkit.) -- D:\Programmes\Microsoft Toolkit\Microsoft-Toolkit.exe =>HackTool.WinActivator
O87 - FAEL: '{EFAFFD1F-61F1-4975-9636-CB9660815263}' [In-None-P17-TRUE] .(.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O87 - FAEL: '{1FB9C1B5-A445-4E66-A3EC-728E8E170BD4}' [In-None-P17-TRUE] .(...) -- C:\Program Files\OSTotoHotspot\WifiService.exe =>.Shenzhen DriveTheLife Software Technology Co.Ltd®
---\ CODES PRODUITS LOGICIELS (41) - 1s
O90 - PUC: '000051090900C0400000000000F01FEC' [HKLM] . (.Microsoft DCF MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109110000000000000000F01FEC' [HKLM] . (.Microsoft Office Professional Plus 2013.) =>.Microsoft Corporation
O90 - PUC: '000051091A00C0400000000000F01FEC' [HKLM] . (.Microsoft OneNote MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051091E00C0400000000000F01FEC' [HKLM] . (.Microsoft Office OSM MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051092E00C0400000000000F01FEC' [HKLM] . (.Microsoft Office OSM UX MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051094400C0400000000000F01FEC' [HKLM] . (.Microsoft InfoPath MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051095100C0400000000000F01FEC' [HKLM] . (.Microsoft Access MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051096100C0400000000000F01FEC' [HKLM] . (.Microsoft Excel MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051098100C0400000000000F01FEC' [HKLM] . (.Microsoft PowerPoint MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '000051099100C0400000000000F01FEC' [HKLM] . (.Microsoft Publisher MUI (French) 2013.) =>.bl.org
O90 - PUC: '00005109A100C0400000000000F01FEC' [HKLM] . (.Microsoft Outlook MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109AB00C0400000000000F01FEC' [HKLM] . (.Microsoft Groove MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109B100C0400000000000F01FEC' [HKLM] . (.Microsoft Word MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109B210C0400000000000F01FEC' [HKLM] . (.Microsoft Lync MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109C200C0400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109E600C0400000000000F01FEC' [HKLM] . (.Microsoft Office Shared MUI (French) 2013.) =>.Microsoft Corporation
O90 - PUC: '00005109F10010400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - اللغة العربية.) -- C:\Windows\Installer\{90150000-001F-0401-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F10031400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - Nederlands.) -- C:\Windows\Installer\{90150000-001F-0413-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F10070400000000000F01FEC' [HKLM] . (.Microsoft Office Korrekturhilfen 2013 - Deutsch.) -- C:\Windows\Installer\{90150000-001F-0407-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F10090400000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - English.) -- C:\Windows\Installer\{90150000-001F-0409-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F100A0C00000000000F01FEC' [HKLM] . (.Microsoft Office Proofing Tools 2013 - Español.) -- C:\Windows\Installer\{90150000-001F-0C0A-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '00005109F100C0400000000000F01FEC' [HKLM] . (.Outils de vérification linguistique 2013 de Microsoft Office - Français.) -- C:\Windows\Installer\{90150000-001F-040C-0000-0000000FF1CE}\misc.exe,6 =>.Microsoft Corporation
O90 - PUC: '0AA7CFB2C445A3E47869763FEB56B59E' [HKLM] . (.Microsoft XNA Framework Redistributable 4.0.) -- C:\Windows\Installer\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}\ProductIcon =>.bl.org
O90 - PUC: '12B8D03ED28D112328CCF0A0D541598E' [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660.) =>.Microsoft Corporation
O90 - PUC: '1D5E3C0FEDA1E123187686FED06E995A' [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: '2246038675C7F37388062DC64EABA251' [HKLM] . (.Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25017.) =>.Microsoft Corporation
O90 - PUC: '3FB95CD427D08EC3FBFEE1F8FA86E90B' [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x86).) =>.Microsoft Corporation
O90 - PUC: '4EA42A62D9304AC4784BF2238110260F' [HKLM] . (.Java 8 Update 162.) -- C:\Program Files\Java\jre1.8.0_162\\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: '55AEF1CECC37F5A3FB743B048B240C85' [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA.) =>.Microsoft Corporation
O90 - PUC: '6E815EB96CCE9A53884E7857C57002F0' [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
O90 - PUC: '72437307078466244823D94012690AB6' [HKLM] . (.Setup.)
O90 - PUC: '838AE285991981530AC5BD9064F286CE' [HKLM] . (.Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25017.) =>.Microsoft Corporation
O90 - PUC: '8520DAD7C5154DD39846DB1714990E7F' [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660.) =>.Microsoft Corporation
O90 - PUC: '852B5038B4F808245B4FDD51CD404EA0' [HKLM] . (.Update for Windows 10 (KB4023057).) =>.Microsoft Corporation
O90 - PUC: 'A089CE062ADB6BC44A720BA745894BAC' [HKLM] . (.Google Update Helper.) =>.Google Inc.
O90 - PUC: 'C025571B2A687A53689168CD7369889B' [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: 'CFD2C1F142D260E3CB8B271543DA9F98' [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.) =>.bl.org
O90 - PUC: 'D20352A90C039D93DBF6126ECE614057' [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
O90 - PUC: 'D7314F9862C648A4DB8BE2A5B47BE100' [HKLM] . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon =>.Microsoft Corporation
O90 - PUC: 'DC8A59DBF9D1DA5389A1E3975220E6BB' [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: 'F60730A4A66673047777F5728467D401' [HKLM] . (.Java Auto Updater.) =>.Sun Microsystems
---\ PACKAGES WINDOWS INSTALLER (3) - 10s
[MD5.50EA7A4D9481B12A97070942F474D918] [WIS][2018/07/03 11:19:52] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\14f551.msi [40960] =>.Google Inc.
[MD5.F93D045AAA3DFE9FECD0646941004FA5] [WIS][2018/04/12 21:22:12] (.Oracle Corporation - Java SE Runtime Environment 8 Update 162.) -- C:\Windows\Installer\4c81d2e6.msi [61689856] =>.Oracle Corporation
[MD5.82757F422DC7175449173BDE351C8D55] [WIS][2018/04/12 21:25:03] (.Oracle Corporation - Java Auto Updater.) -- C:\Windows\Installer\4c81d2f1.msi [765952] =>.Oracle Corporation
---\ FEATURE CONTROLE. (887) - 2s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:UNPUXHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:FoxitReader.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:Common.ShowHelp.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:sllauncher.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:Common.DBConnection64.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:WORDICON.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VPREVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:Common.DBConnection.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSE.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Setup.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:ODeploy.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Oarpmany.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OSPPREARM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:LICLUA.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:FLTLDR.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOSQM.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CMigrate.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:protocolhandler.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CSISYNCCLIENT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CLVIEW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:NAMECONTROLSERVER.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:DW20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:DWTRIG20.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOHTMED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOXMLED.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msotd.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msoev.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:msoia.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOSYNC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSOUC.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OLicenseHeartbeat.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:FIRSTRUN.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SELFCERT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SETLANG.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:GRAPH.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:MSQRY32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SmartTagInstall.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SQLDumper.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:EXCEL.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:XLICONS.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:OUTLOOK.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:SCANPST.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:CNFNOT32.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:excelcnv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:Wordconv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:POWERPNT.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PPTICO.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:misc.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PDFREFLOW.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:WINWORD.EXE =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:WORDICON.EXE =>.Legitimate
---\ SCAN ADDITIONNEL (18) - 9s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} =>.SUP.Orphan
C:\ProgramData\Babylon =>Adware.Babylon
C:\Users\Charaf\AppData\Roaming\Babylon =>Adware.Babylon
C:\Users\Charaf\AppData\Local\Babylon =>Adware.Babylon
C:\Windows\Prefetch\KMS SERVER SERVICE.EXE-79009524.pf =>HackTool.AutoKMS
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ITL Total Security =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ITL Total Security =>.SUP.Orphan
D:\Programmes\microsoft-toolkit-2.6.5\microsoft-toolkit-2.6.5\Microsoft Toolkit.exe =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{3BB0AB6F-5D53-489F-8AC0-BE04631760AB} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{90E13074-9E84-4BAE-B054-F5A7EA614882} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DD6E6053-F970-40C7-B3A3-548098557A13} =>HackTool.AutoKMS
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{6C3C6C29-F31E-452A-A9A4-B3DA4743F53C} =>HackTool.AutoKMS
D:\Programmes\microsoft-toolkit-2.6.5\Microsoft Toolkit\Microsoft Toolkit.exe =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{E6072573-EFBE-4B09-B465-8903DF41F30C} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{F2C11891-8FF3-4651-8230-8BAAE8FD2C28} =>HackTool.WinActivator
D:\Programmes\Microsoft Toolkit\Microsoft-Toolkit.exe =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{7F25CFC0-794C-46C9-8826-8EF197D2D1E0} =>HackTool.WinActivator
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{F5B3E43E-18C1-44A0-AC04-F0E78F0DACE1} =>HackTool.WinActivator
---\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (5) - 0s
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.DriveTheLife
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator
~ Unselected Options: O82,
~ End of the scan, 8415 items in 08mn19s (2680)(0)