--------------- QuickDiag | g3n-h@ckm@n | 2_04.12.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 21/12/2016 20:46:34 Updated 04/12/2016 | 10.30 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jean- (Administrator)] - [DESKTOP-N632QEV] (S-1-5-21-4137909735-3827719672-2247753569-1001) System: Microsoft Windows 10 Professionnel - - (10.0.14393) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : SafeMode with network PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Extended ---------- | SoundDevice Realtek High Definition Audio - Status: Unknown - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 HD Webcam C310 - Status: Unknown - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_081B&MI_02\7&4D0A220&0&0002 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34640 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25352 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % Total Overall CPU Usage value:0 % ---------- | Network Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) - Ethernet 802.3 - Qualcomm Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_2AE3103C&REV_C1\4&186C6B44&0&00A9 Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - - - Status: - PnPID : WAN Miniport (SSTP) - - - Status: - PnPID : WAN Miniport (IKEv2) - - - Status: - PnPID : WAN Miniport (L2TP) - - - Status: - PnPID : WAN Miniport (PPTP) - - - Status: - PnPID : WAN Miniport (PPPOE) - - - Status: - PnPID : WAN Miniport (IP) - - - Status: - PnPID : WAN Miniport (IPv6) - - - Status: - PnPID : WAN Miniport (Network Monitor) - - - Status: - PnPID : RAS Async Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 3747 | Free (MB) : 2844 Pagefile = Total (MB) : 4796 | Free (MB) : 4009 Virtual = Total (MB) : 4194 | Free (MB) : 3991 Physical Memory 0 : Capacity: 4294967296 - A1_DIMM0 - Posit.: 0 - Manufacturer: Micron - PartNumber: 8JTF51264AZ-1G6E1 - S/N: DEA02E9 ---------- | SID Users Administrateur : [S-1-5-21-4137909735-3827719672-2247753569-500] DefaultAccount : [S-1-5-21-4137909735-3827719672-2247753569-503] Invité : [S-1-5-21-4137909735-3827719672-2247753569-501] jean- : [S-1-5-21-4137909735-3827719672-2247753569-1001] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-4137909735-3827719672-2247753569-1002] SQLServer2005SQLBrowserUser$DESKTOP-N632QEV : [S-1-5-21-4137909735-3827719672-2247753569-1003] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 930.16 Go | Free : 838.78 Go -> NTFS [SATA] E:\ -> [Removable] | [cewbé] | Total : 59.5 Go | Free : 59.49 Go -> exFAT [USB] F:\ -> [CDROM] | [ESD-ISO] | Total : 3.1 Go | Free : 0 Go -> UDF [SATA] G:\ -> [Fixed] | [WD My Passport 3To] | Total : 2794.49 Go | Free : 239.86 Go -> NTFS [USB] H:\ -> [Removable] | [] | Total : 119.5 Go | Free : 106.64 Go -> NTFS [USB] I:\ -> [Removable] | [FramaLive] | Total : 14.87 Go | Free : 7.95 Go -> FAT32 [USB] J:\ -> [CDROM] | [power2go 11 utilities] | Total : 1.64 Go | Free : 0 Go -> UDF [USB] K:\ -> [Removable] | [UUI] | Total : 7.26 Go | Free : 1.91 Go -> FAT32 [USB] L:\ -> [Removable] | [WinToUSB] | Total : 115.59 Go | Free : 89.69 Go -> NTFS [USB] M:\ -> [Removable] | [] | Total : 57.9 Go | Free : 45.08 Go -> NTFS [USB] N:\ -> [Removable] | [COMPANION] | Total : 30.02 Go | Free : 1.77 Go -> FAT32 [USB] O:\ -> [Removable] | [PARTED MAGI] | Total : 3.74 Go | Free : 0.26 Go -> FAT32 [USB] P:\ -> [Removable] | [MONTRE ESPI] | Total : 7.42 Go | Free : 0.93 Go -> FAT32 [USB] Q:\ -> [Removable] | [ZONEALARM] | Total : 29.99 Go | Free : 29.97 Go -> FAT32 [USB] R:\ -> [Removable] | [PARTED MAGI] | Total : 57.89 Go | Free : 32.83 Go -> FAT32 [USB] S:\ -> [Removable] | [CLONEZILLA] | Total : 1.86 Go | Free : 0.2 Go -> FAT32 [USB] T:\ -> [Removable] | [EASEUSBOOT] | Total : 14.3 Go | Free : 12.12 Go -> FAT32 [USB] U:\ -> [Removable] | [stylo espio] | Total : 3.69 Go | Free : 3.55 Go -> FAT32 [USB] W:\ -> [Fixed] | [ZALMAN VE-350] | Total : 931.06 Go | Free : 628.25 Go -> NTFS [USB] Disk Usage Information [19 total Physical Disks] Physical Drive #0 [C:] : Read:69,020 bytes/sec, Written:1,069,822 bytes/sec Max Read:69,020 bytes/sec, Max Write:1,069,822 bytes/sec Physical Drive #1 [W:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [X:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #7 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #8 [K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #9 [M:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, N:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, O:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, P:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, Q:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, S:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, T:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, U:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, R:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, L:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:69,020 bytes/sec, Write Maximum:1,069,822 bytes/sec DeviceID: \\.\PHYSICALDRIVE13 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA_FIT&REV_1.00\4C530001130911114113&0 DeviceID: \\.\PHYSICALDRIVE9 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA&REV_1.00\4C530001300623119533&0 DeviceID: \\.\PHYSICALDRIVE11 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SMI&PROD_USB_DISK&REV_1100\00000347&0 DeviceID: \\.\PHYSICALDRIVE16 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA&REV_1.00\4C531001630616108350&0 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - External hard disk media - 4 Part. - PnPID : USBSTOR\DISK&VEN_WD&PROD_MY_PASSPORT_0827&REV_1012\575831314438354450483744&0 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SAMSUNG&PROD_FLASH_DRIVE_FIT&REV_1100\0363316010027335&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-60ZF5A0\4&32E8E4A0&0&000000 DeviceID: \\.\PHYSICALDRIVE18 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA_FIT&REV_1.00\4C530001050902110312&0 DeviceID: \\.\PHYSICALDRIVE8 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_2.0&REV_PMAP\001BFC3653BCBFC0698F7C35&0 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_EPSON&PROD_STORAGE&REV_1.00\8&39D170AA&0&534E4A593030303390&1 DeviceID: \\.\PHYSICALDRIVE17 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_GENPLUS&PROD_USB-MSDC_DISK_A&REV_1.00\B&1ED0CA9A&0 DeviceID: \\.\PHYSICALDRIVE7 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_3.0&REV_PMAP\AC220B280C8CB030D9732DE0&0 DeviceID: \\.\PHYSICALDRIVE12 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENPLUS&PROD_USB-MSDC_DISK_A&REV_1.00\A&368B17D4&0 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_EPSON&PROD_STORAGE&REV_1.00\8&39D170AA&0&534E4A593030303390&0 DeviceID: \\.\PHYSICALDRIVE10 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1100\0116000000008682&0 DeviceID: \\.\PHYSICALDRIVE15 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_&PROD_FIXMESTICK&REV_8.07\D2BF4C401E2763FP1289&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - External hard disk media - 2 Part. - PnPID : USBSTOR\DISK&VEN_ZALMAN&PROD_ZM-VE350&REV_1060\303030303030303030303030&0 DeviceID: \\.\PHYSICALDRIVE14 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0815\000000000004&GL&23 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_9451\7&1BF356A7&0 ---------- | Windows updates No detected update !!! ---------- | Browsers IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) FF : 50.1.0.6186 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 ---------- | FlashPlayer FlashPlayer ActiveX : 24.0.0.186 ---------- | Security AV : Ad-Aware Antivirus Disabled AS : Windows Defender Disabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 532 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.14393.0) = C:\Windows\System32\smss.exe [16/07/2016 12:42:27] CPU Usage:0 % 792 | [Owner : | Parent : 720() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.14393.0) = C:\Windows\System32\wininit.exe [16/07/2016 12:42:27] CPU Usage:0 % 852 | [Owner : | Parent : 784() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.14393.479) = C:\Windows\System32\winlogon.exe [17/12/2016 23:41:03] CPU Usage:0 % 920 | [Owner : | Parent : 792(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.14393.479) = C:\Windows\System32\services.exe [17/12/2016 23:41:10] CPU Usage:0 % 940 | [Owner : | Parent : 792(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.14393.187) = C:\Windows\System32\lsass.exe [17/12/2016 23:41:50] CPU Usage:0 % 1016 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 564 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 336 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1032 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1084 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1092 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1140 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1192 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1272 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1488 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1568 | [Owner : | Parent : 920(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1596 | [Owner : | Parent : 920(services.exe) | ?????] - (.SUPERAntiSpyware.com - Core Service.) - (6.0.0.1080) = C:\Program Files\SUPERAntiSpyware\SASCore64.exe [23/07/2014 00:31:23] CPU Usage:0 % 1628 | [Owner : | Parent : 920(services.exe) | ?????] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.388) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [19/12/2016 13:07:44] CPU Usage:0 % 1872 | [Owner : jean- | Parent : 336(svchost.exe) | 21.62 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.14393.0) = C:\Windows\System32\sihost.exe [16/07/2016 12:42:09] CPU Usage:0 % 2132 | [Owner : jean- | Parent : 2080() | 112.06 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.479) = C:\Windows\explorer.exe [17/12/2016 23:41:21] CPU Usage:0 % 2244 | [Owner : jean- | Parent : 2132(explorer.exe) | 10.65 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.14393.0) = C:\Windows\System32\ctfmon.exe [16/07/2016 12:42:43] CPU Usage:0 % 2596 | [Owner : jean- | Parent : 1016(svchost.exe) | 10.95 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.14393.0) = C:\Windows\System32\dllhost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2848 | [Owner : jean- | Parent : 1016(svchost.exe) | 21.29 Mo] - (.Microsoft Corporation - Aide et support Microsoft.) - (10.0.14393.0) = C:\Windows\HelpPane.exe [16/07/2016 12:42:20] CPU Usage:0 % 2980 | [Owner : jean- | Parent : 2132(explorer.exe) | 6.73 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe [16/12/2016 10:25:16] CPU Usage:0 % 2688 | [Owner : jean- | Parent : 1016(svchost.exe) | 18.28 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe [16/07/2016 12:42:40] CPU Usage:0 % 2236 | [Owner : jean- | Parent : 1016(svchost.exe) | 14.76 Mo] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe [17/12/2016 23:40:28] CPU Usage:0 % 2796 | [Owner : | Parent : 336(svchost.exe) | ?????] - (.Microsoft Corporation - WMI Reverse Performance Adapter Maintenance Utility.) - (10.0.14393.0) = C:\Windows\System32\wbem\WMIADAP.exe [16/07/2016 12:42:31] CPU Usage:0 % 2764 | [Owner : jean- | Parent : 2132(explorer.exe) | 29.1 Mo] - (.SosVirus - QuickDiag.) - (4.12.2016.1) = C:\Users\jean-\Desktop\quickdiag_2_04.12.2016.1.exe [09/12/2016 15:10:47] CPU Usage:0 % ---------- | MD5 [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [17/12/2016 23:41:21] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4563.77 Ko] - (10.0.14393.479) : C:\WINDOWS\Explorer.exe [MD5.F4F684066175B77E0C3A000549D2922C] - [16/07/2016 12:42:36] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [227.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\cmd.exe [MD5.77DBC745D957B4F0404ABABC10696784] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\csrss.exe [MD5.DA63852A2B0340E94D74EAF0CD444979] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - COM Surrogate.) - [20.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\dllhost.exe [MD5.6955067712F2F4752CA12192B08EF860] - [16/07/2016 12:42:16] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [683.48 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.6F8E95716C1A27FF2FE96D30B147F1C1] - [17/12/2016 23:41:50] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.05 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\lsass.exe [MD5.7BD259FC59CF9C2AE1B979564B374CC6] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - Distributed COM Services.) - [867.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rpcss.dll [MD5.C7645D43451C6D94D87F4D07BDE59C89] - [16/07/2016 12:42:42] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [68 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rundll32.exe [MD5.3C69CC28665854F1AAB4B4005005FA31] - [17/12/2016 23:41:10] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [443.94 Ko] - (10.0.14393.479) : C:\WINDOWS\System32\services.exe [MD5.36F670D89040709013F6A460176767EC] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [43.45 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\svchost.exe [MD5.C46EA86BF0E7C96235E9064CBAD6ED26] - [17/12/2016 23:40:39] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1426.95 Ko] - (10.0.14393.576) : C:\WINDOWS\System32\user32.dll [MD5.C1B1FFC800BE2F31EB2CF8CB40629C69] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [32.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\userinit.exe [MD5.99A19C9A74E2F9820E501DCE77F84F70] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [297.11 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Wininit.exe [MD5.DE6DF9BBBECAFDEF462A37D839167368] - [17/12/2016 23:41:03] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [658 Ko] - (10.0.14393.479) : C:\WINDOWS\System32\Winlogon.exe [MD5.323AA1953ED9C01E23F740FA891FE064] - [17/12/2016 23:41:49] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [570.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.A10F989A812B57B9695F6C305907C9C6] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.65DEB05FC234BFF207379F06F0754402] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [187.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.613D0137C269187FA298A157E3D14A18] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.0D1D392ED2597F295956D058D33BD7C3] - [17/12/2016 23:41:40] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [141.5 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.10E3515FE5DBA6656FA62C29342EC4A1] - [16/07/2016 12:41:52] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [81.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.B54B30992620C97230013A74461C8517] - [16/07/2016 12:41:54] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [111.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.F1DAECC3B3D6399875D4F10529D6A77C] - [16/07/2016 12:42:39] - (.© Microsoft Corporation. - IP Network Address Translator.) - [207.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - [17/12/2016 23:41:40] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [439.84 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.D5564FC81350458ED570528C4E3B1CCF] - [17/12/2016 23:41:50] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1153.84 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - MBT Transport driver.) - [272.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - [17/12/2016 23:41:50] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2202.84 Ko] - (10.0.14393.447) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.17E565710172ED71B8531D8822E1C5D1] - [16/07/2016 12:42:39] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.7135785C21CA79D270D11037C43D3F19] - [16/07/2016 12:44:03] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [173 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.4F25E481124059CC593B4C68BC485640] - [17/12/2016 23:42:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2478.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.9D2DD64A0B51C56285512DC9454340F6] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.BF2546583BB75F01DDA60A7921DFB230] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - Volume Shadow Copy driver.) - [382.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.HP.-.HP DeskBand.) - (8.2.0.8) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\CoreUIComponents.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySyncExplorerOverlayX64.dll (.C-O-M-O-D-O.-.COMODO BackUp ShellExtension.) - (2.0.0.1834) -- C:\Program Files\COMODO\COMMON\ShellExtension.dll (..-..) - (0.0.0.0) -- C:\Program Files\Unlocker\UnlockerCOM.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.16) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (..-..) - (11.15.1046.10613) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareShellExtension.dll (.Nero AG.-.Nero Burning ROM Shell Extension.) - (17.0.8.0) -- C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\NeroShellExt.dll (.Nero AG.-.Nero Solution Explorer Dynamic Link Library.) - (17.0.0.3) -- C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\SolutionExplorer.dll (.SUPERAntiSpyware.com.-.SUPERAntiSpyware Context Menu Extension.) - (1.0.0.1024) -- C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL (.Nero AG.-.Nero Burning ROM Shell Extension.) - (18.0.15.0) -- C:\Program Files (x86)\Common Files\Nero\Nero 2017\NeroShellExt\x64\NeroShellExt.dll (.Pro-Softnet Corp.-.ZoneAlarmContextMenu Module.) - (1.0.0.0) -- C:\ZoneAlarmBackup\ZABackupContextMenuExt.dll (.WinZip Computing, S.L..-.WinZip Shell Extension DLL.) - (4.1.0.0) -- C:\Program Files\WinZip\WZSHLS64.DLL (.IObit.-.IObitUnlockerExtension.) - (1.2.0.2) -- C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\TeraCopy\TERACO~2.DLL (.CHENGDU YIWO Tech Development Co.,Ltd.-.EaseUS Todo Backup Application.) - (3.0.0.1) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll (.Paramount Software UK Ltd.-.Reflect Shell Extension Context Menu.) - (6.1.865.0) -- C:\Program Files\Macrium\Reflect\RContextMenu.dll (.ConeXware, Inc..-..) - (16.0.12.1) -- C:\Program Files (x86)\PowerArchiver\PASHLEXT64.DLL (.Ashampoo.-.Ashampoo AshLang 2 API.) - (2.0.0.3) -- C:\Program Files (x86)\PowerArchiver\pa_lang2_x64.dll (.IObit.-.Protected Folder Shell Extension.) - (4.2.0.0) -- C:\Program Files (x86)\IObit\Protected Folder\PfShellExtension.dll (.Killer{R}.-.KillCopy Shell Extension DLL.) - (1.0.0.1) -- C:\Program Files (x86)\KillSoft\KillCopy\killcopy_amd64.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\IsoWindowMenu64.dll (.Free Time.-.FormatFactory Shell Menu Module.) - (1.0.0.3) -- C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll (.CHENGDU Yiwo Tech Development Co., Ltd..-.EverySync.) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EUSyncExtMenux64.dll (.Disc Soft Ltd.-.DAEMON Tools Pro.) - (8.1.0.654) -- C:\Program Files\DAEMON Tools Pro\DTShl64.dll (.COMODO Security Solutions.-.COMODO BackUp Language DLL.) - (1.0.0.1813) -- C:\Program Files\COMODO\COMMON\LANG\GUILANG.dll (.Cyberlink.-.Cyberlink Shell Extension dynamic link library.) - (11.0.914.0) -- C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt11.dll (..-..) - (0.0.0.0) -- C:\Program Files\Copy Handler\chext64.dll (..-..) - (0.0.0.0) -- C:\Program Files\Copy Handler\libchcore64u.dll (.SQLite.-.SQLite.) - (3.11.1.0) -- C:\Program Files\Copy Handler\sqlite3_64.dll (..-..) - (1.0.0.0) -- C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU EaseUS EverySync - (EaseUS EverySync.lnk [Startup]) - User: DESKTOP-N632QEV\jean- ZoneAlarm Backup Tray - (ZoneAlarm Backup Tray.lnk [Startup]) - User: DESKTOP-N632QEV\jean- OneDrive - ("C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- DAEMON Tools Pro Agent - ("C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- Copy Handler - (C:\Program Files\Copy Handler\ch64.exe [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- COS - (C:\Program Files\COMODO\cCloud\cCloud.exe [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- Power2GoExpress11 - ("C:\Program Files (x86)\CyberLink\Power2Go11\Power2GoExpress.exe" /Startup [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- Jing - (C:\Program Files (x86)\TechSmith\Jing\Jing.exe [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- Software Informer - (C:\Program Files\Software Informer\softinfo.exe -autorun [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- SUPERAntiSpyware - (C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- PowerArchiver Tray - (C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- ZoneAlarm Backup Startup - ("C:\ZoneAlarmBackup\ZABackupStartup.exe" Hide [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\...\Run]) - User: DESKTOP-N632QEV\jean- Notifications de Mises à jour - (C:\PROGRA~1\WinZip\WZUPDA~1.EXE [Common Startup]) - User: Public WinZip Préchargeur - (C:\PROGRA~1\WinZip\WZPREL~1.EXE [Common Startup]) - User: Public ZAM - ("C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized [HKLM\...\Run]) - User: Public AdAwareTray - ("C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe" [HKLM\...\Run]) - User: Public jv16 PT 2017 (System Startup Check) - ("G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\jv16PTPortable\App\jv16PT\jv16pt_PreWorker2.exe" /SysStartupCheck /PT:"G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\jv16PTPortable\App\jv16PT\" [HKLM\...\Run]) - User: Public Malwarebytes TrayApp - (C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [HKLM\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\...\Run]) - User: Public WindowsDefender - ("%ProgramFiles%\Windows Defender\MSASCuiL.exe" [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun "Copy Handler"=C:\Program Files\Copy Handler\ch64.exe [16/12/2016 10:32:37] "COS"=C:\Program Files\COMODO\cCloud\cCloud.exe [16/12/2016 10:39:14] "Power2GoExpress11"="C:\Program Files (x86)\CyberLink\Power2Go11\Power2GoExpress.exe" /Startup "Jing"=C:\Program Files (x86)\TechSmith\Jing\Jing.exe [11/09/2015 15:21:34] "Software Informer"=C:\Program Files\Software Informer\softinfo.exe -autorun "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [18/10/2016 20:09:20] "PowerArchiver Tray"=C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE [23/05/2016 15:03:36] "ZoneAlarm Backup Startup"="C:\ZoneAlarmBackup\ZABackupStartup.exe" Hide [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"="G:\barrow 2 & widen 100% sécurisé\sosvirus app for stop all power2go 11 process for facilite iobit unlocker work\processclose_1.0.0.3(1).exe"\1 "MRUList"=bdca "b"=wordpad\1 "c"=msinfo32\1 "d"="G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\sosvirus app for stop all youcam 8 process for facilite iobit unlocker work\processclose_1.0.0.3(5).exe"\1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "ZAM"="C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized "AdAwareTray"="C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe" "jv16 PT 2017 (System Startup Check)"="G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\jv16PTPortable\App\jv16PT\jv16pt_PreWorker2.exe" /SysStartupCheck /PT:"G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\jv16PTPortable\App\jv16PT\" "Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [19/12/2016 13:07:32] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "WindowsDefender"="%ProgramFiles%\Windows Defender\MSASCuiL.exe" [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun "BingDesktop"=C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey "VMXPLXService"="C:\Program Files (x86)\CyberLink\Shared files\VMXPLXShare\Service\VMXPLXService.exe" /s "Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [16/12/2016 11:16:42] "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "CLMLServer_For_P2G11"="C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=0549820f-ce01-400d-b867-4074622 "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA SAFEBOOT:NETWORK NOGUIBOOT BOOTLOGO "SystemBootDevice"=multi(0)disk(0)rdisk(4)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(4)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=3 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [16/12/2016 08:20:33] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "fullprivilegeauditing"=0x80 "LsaPid"=940 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ---------- | .LNK c:\hp\hpqware\dtshortcuts\ca-es\esp\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=ca_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\da_dk\snapfish billeder.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_dk) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de-de\aut\ebay.at.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=de_at&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de-de\bel\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=de_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de-de\che\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=de_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de-de\deu\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=de_de&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de_at\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_at) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de_ch\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de_ch) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de_de\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\aus\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_au&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\bel\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\can\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_ca&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\che\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\deu\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_de&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\esp\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\fra\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_fr&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\gbr\visit ebay.co.uk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_gb&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\hkg\ebay.com.hk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_hk&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\ind\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_in&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\ita\ebay italia.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_it&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\mys\ebay.com.my.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_my&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\nld\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_nl&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\phl\ebay.ph.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_ph&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\sgp\ebay.com.sg.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_sg&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\usa\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_us&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_au\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_au) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_ca\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_ca) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_gb\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_gb) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_ie\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_ie) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_in\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_in) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_nz\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_nz) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_sg\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_sg) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en_us\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_us) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\es-es\esp\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=es_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\es-es\usa\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=en_us&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\es_es\fotos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_es) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\eu-es\esp\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=eu_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\bel\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=fr_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\can\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=fr_ca&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\che\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=fr_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\fra\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=fr_fr&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_be\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr_be) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_ca\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr_ca) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_ch\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr_ch) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr_fr\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\gl-es\esp\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=gl_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\hi-in\ind\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=hi_in&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it-it\che\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=it_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it-it\ita\ebay italia.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=it_it&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it_ch\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_it_ch) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it_it\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_it_it) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\ja_jp\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_jp) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nb_no\snapfish-bilder.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_no) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nl-nl\bel\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=nl_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nl-nl\nld\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=nl_nl&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nl_be\snapfish foto's.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_nl_be) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\nl_nl\snapfish foto's.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_nl) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\pt_pt\fotos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_pt) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\sv_se\snapfishbilder.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_se) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\zh-hk\hkg\做買賣?去ebay!.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=zh_hk&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\zh_cn\惠普喀嚓鱼.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_cn) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\ca-es\esp\shopping and services\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=ca_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\da_dk\music, photos and videos\snapfish billeder.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_dk) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\aut\shopping and services\ebay.at.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=de_at&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\bel\shopping and services\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=de_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\che\shopping and services\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=de_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\deu\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=de_de&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_at\music, photos and videos\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_at) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_ch\music, photos and videos\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de_ch) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de_de\music, photos and videos\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\aus\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_au&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\bel\shopping and services\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\can\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_ca&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\che\shopping and services\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\deu\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_de&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\esp\shopping and services\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\fra\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_fr&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\gbr\shopping and services\visit ebay.co.uk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_gb&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\hkg\shopping and services\ebay.com.hk.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_hk&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\ind\shopping and services\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_in&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\irl\shopping and services\ebay.ie.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=EN_IE&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\ita\shopping and services\ebay italia.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_it&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\mys\shopping and services\ebay.com.my.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_my&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\nld\shopping and services\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_nl&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\phl\shopping and services\ebay.ph.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_ph&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\sgp\shopping and services\ebay.com.sg.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_sg&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\usa\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_us&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_au\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_au) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ca\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_ca) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_gb\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_gb) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_ie\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_ie) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_in\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_in) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_nz\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_nz) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_sg\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_sg) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en_us\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_us) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\es-es\esp\shopping and services\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=es_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\es-es\usa\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=en_us&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\es_es\music, photos and videos\fotos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_es) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\eu-es\esp\shopping and services\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=eu_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\bel\shopping and services\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=fr_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\can\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=fr_ca&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\che\shopping and services\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=fr_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\fra\shopping and services\ebay.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=fr_fr&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_be\music, photos and videos\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr_be) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_ca\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr_ca) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_ch\music, photos and videos\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr_ch) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr_fr\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_fr) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\gl-es\esp\shopping and services\ebay compra y vende de todo.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=gl_es&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\hi-in\ind\shopping and services\ebay.in.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=hi_in&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it-it\che\shopping and services\ebay.ch.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=it_ch&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it-it\ita\shopping and services\ebay italia.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=it_it&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it_ch\music, photos and videos\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_it_ch) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it_it\music, photos and videos\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_it_it) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\ja_jp\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_jp) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nb_no\music, photos and videos\snapfish-bilder.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_no) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl-nl\bel\shopping and services\bezoek ebay.be.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=nl_be&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl-nl\nld\shopping and services\ebay.nl.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=nl_nl&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl_be\music, photos and videos\snapfish foto's.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_nl_be) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\nl_nl\music, photos and videos\snapfish foto's.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_nl) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\pt_pt\music, photos and videos\fotos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_pt) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\sv_se\music, photos and videos\snapfishbilder.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_se) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\zh-hk\hkg\shopping and services\做買賣?去ebay!.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=zh_hk&bd=all&c=124) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\zh_cn\music, photos and videos\惠普喀嚓鱼.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_cn) - Hidden: False - Status: OK ---------- | AppCertDlls | AppInit_DLLs [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\jean-\AppData\Local\Microsoft\BingDesktop\themes\2016-12-21.jpg [21/12/2016 09:01:03] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E3E078012000000 "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100D755040080070000B004000054615560605BD20143003A005C00550073006500720073005C006A00650061006E002D005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00420069006E0067004400650073006B0074006F0070005C007400680065006D00650073005C0032003000310036002D00310032002D00320031002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "AutoColorization"=1 "ImageColor"=2830342215 "PreferredUILanguages"=fr-FR "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003E28000000000000000000000000000001000000130000000000000063000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0xBD0E0C47735D584D9CEDE91E22E23282A70D01002E0266FAE42F294A916C84A0D8173FBB509C0000793E3DD0440C453DB15FBCFD8A8B4C7E0EB40000783E3DD0440C453DB15FBCFD8A8B4C7E1A2F0E006024B221EA3A6910A2DC08002B30309DF1F90000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=2 "GlobalAssocChangedCounter"=46 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=328 "link"=0x15000000 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StoreAppsOnTaskbar"=1 "EnableStartMenu"=1 "StartMenuInit"=13 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarGlomLevel"=0 "HideDrivesWithNoMedia"=0 "ReindexedProfile"=1 "TaskbarStateLastRun"=0x830C565800000000 "SeparateProcess"=1 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x00000000FFFFFFFF "0"=0x640072006900760065006C00650064000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "EnableLinkedConnections"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=12 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "EnableLinkedConnections"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=51 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=14393 "FirstLogon"=0 "PUUActive"=0x84B4F811010003000A0026000E2C010018480100E4D50300D100000002001B00E9737090D93F0400A43F0400355A0000443E0000AC1D000000000000F73D0400410B000031010000E8C93909C25BD2010E2C0100000000000100000000000000 "AutoRestartShell"=1 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "LastLogOffEndTimePerfCounter"=31047495385 "ShutdownFlags"=135 "Userinit"=C:\Windows\system32\userinit.exe, "scremoveoption"=0 "AutoAdminLogon"=0 "DefaultUserName"=jean-marie.carribon@wanadoo.fr "AutoRestartShell"=0 "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe [16/07/2016 12:42:27] ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/07/2016 12:43:06] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/07/2016 12:43:06] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C03802000BA5020001000000000000000000000A00210000180120CD6657D2010000000100000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0AC02007050030001000000000000000000000A00210000180120CD6657D2010000000100000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\PortableApps\FirefoxPortable\FirefoxPortable.exe"=0x5341435001000000000000000700000028000000683703006832040001000000000000000000010600010000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000005BDF3300000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\vcredist_x64.exe"=0x5341435001000000000000000700000028000000D8AE6D0078016E0001000000000000000000030600010000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000000A40000000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\vcredist_x86.exe"=0x5341435001000000000000000700000028000000700864002BB0640001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000E9BB0100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WFHProSetup.exe"=0x5341435001000000000000000700000028000000306921002ED2210001000000000000000000000A00210000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000C2AC3D00000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WHKSetup.exe"=0x534143500100000000000000070000002800000030264000AE1A410001000000000000000000000A00210000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000F4396100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\Windows_ISO_Downloader.exe"=0x5341435001000000000000000700000028000000008007000000000001000000000000000000000AF52000005D8256B86657D201000000000000000002000000280000000000000000000000000000000000000000000000000000006A6B3500000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WinZip_Pro_Portable_19.5_32-64_bit_Multilingual_Online.exe"=0x534143500100000000000000070000002800000071A004000000000001000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000EF5B0900000000000200000002000000 "G:\anti-faux positif pre_scan - exe installers\WinRAR_Portable_Multiversion_32-64_Multilingual_Online.exe"=0x5341435001000000000000000700000028000000A64F05000000000001000000000000000000010600010000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000047160000000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WinToUSB_Free.exe"=0x534143500100000000000000070000002800000018F94B000000000001000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000004BF20100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\winzip210fr.exe"=0x534143500100000000000000070000002800000060EA9D0996C69E0901000000000000000000010600010000180120CD6657D2010000000000000000020000002800000000000000800000000000000000000000000000000000000009A15E00000000000100000001000000 "C:\Users\jean-\AppData\Local\Temp\CloseFAH.exe"=0x534143500100000000000000070000002800000060760100D90F020001000000000000000000000A71220000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000019010000000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WJSSetup.exe"=0x5341435001000000000000000700000028000000A01A220055FD220001000000000000000000030600010000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000005E710200000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WRCFree.exe"=0x534143500100000000000000070000002800000050BD42005292430001000000000000000000000A00210000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000091023100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\WVDSetup.exe"=0x5341435001000000000000000700000028000000C8A12A000D352B0001000000000000000000000A00210000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000360B0100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\unlocker-setup.exe"=0x5341435001000000000000000700000028000000C8692500E600260001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000E0CC0100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\ultracopier-ultimate-cgminer-windows-x86_64-1.2.3.0-setup.exe"=0x5341435001000000000000000700000028000000EB9A79000000000001000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000E0F40000000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\tb_free.exe"=0x5341435001000000000000000700000028000000980C22074F02230701000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000040000000000000000000000000000000002D1C2200000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\supercopier-windows-x86_64-1.2.3.4-setup.exe"=0x534143500100000000000000070000002800000014D366000000000001000000000000000000010600010000180120CD6657D201000000000000000002000000280000000000000000000040000000000000000000000000000000008BB40000000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\protected-folder-setup.exe"=0x534143500100000000000000070000002800000050982F009972300001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000077B0100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\PresenterLinkPlus_160527_Beta_PLX160107-01.exe"=0x5341435001000000000000000700000028000000C8BD36028D8A370201000000000000000000010600010000180120CD6657D2010000000000000000020000002800000000000000800000000000000000000000000000000000000085135300000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\Power2Go_11.0.1013.0_Essential_Essential_P2G160727-05.exe"=0x5341435001000000000000000700000028000000F01E470DA1F6470D01000000000000000000010600010000180120CD6657D201000000000000000002000000280000000000000080000000000000000000000000000000000000001C956F04000000000200000002000000 "G:\anti-faux positif pre_scan - exe installers\Photoshop_Portable_13.1.2_x64_Multilingual.exe"=0x5341435001000000000000000700000028000000F704D2060000000001000000000000000000010600010000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000089B20300000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\Notepadpp_Portable_6.x_Multilingual_Online.exe"=0x5341435001000000000000000700000028000000061607000000000001000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000C8250000000000000400000004000000 "G:\anti-faux positif pre_scan - exe installers\marmiton-install.exe"=0x5341435001000000000000000700000028000000D0E90B00000000000100000000000000000000067102000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000747C0000000000000200000002000000 "G:\anti-faux positif pre_scan - exe installers\everysync_trial.exe"=0x5341435001000000000000000700000028000000A87F91014209920101000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000040000000000000000000000000000000007AB80500000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\DTPro810-0654.exe"=0x5341435001000000000000000700000028000000387DE9010A12EA0101000000000000000000000A00210000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000499B0600000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\chsetup-1.40.exe"=0x534143500100000000000000070000002800000050707900C5E8790001000000000000000000000A00210000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000081CE0200000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\CB_setup.exe"=0x5341435001000000000000000700000028000000E0565601FFF5560101000000000000000000010600010000180120CD6657D2010000000000000000020000002800000000000000000000400000000000000000000000000000000071C02B00000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\BingDesktopSetup.exe"=0x5341435001000000000000000700000028000000D86AA00040A2A00001000000000000000000010571000000180120CD6657D20100000000000000000200000028000000000000008009004000000000000000000000000000000000B17A0600000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\auslogics-bitreplica-setup.exe"=0x5341435001000000000000000700000028000000782465009DA4650001000000000000000000030600010000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000008B904100000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\ashampoo_privacy_protector_e1.1.3_sm (1).exe"=0x5341435001000000000000000700000028000000E8635601975E570101000000000000000000000A00210000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000035971900000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\KCinst.exe"=0x5341435001000000000000000700000028000000112209000000000001000000000000000000010571000000180120CD6657D2010000000000000000020000002800000000000000000800400000000000000000000000000000000056730100000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\army.exe"=0x53414350010000000000000007000000280000003F9301000000000001000000000000000000010571000000180120CD6657D2010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400000200000000000000020000000000077350000000000000100000001000000010000000400000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\kill_xp.exe"=0x5341435001000000000000000700000028000000602C02000000000001000000000000000000010571000000180120CD6657D20100000000000000000500000010000000000000000000000000000000000800000200000028000000000000000008004000002000000000000000200000000000E6610000000000000100000001000000010000000400000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\teracopy.exe"=0x534143500100000000000000070000002800000088BB2800BE83290001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000195B1F00000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\Unlocker1.9.2.exe"=0x5341435001000000000000000700000028000000DF2506000000000001000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000291C0200000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\wood.exe"=0x534143500100000000000000070000002800000068D401000000000001000000000000000000010571000000180120CD6657D2010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400004200000000000000020000000000046670000000000000100000001000000010000000400000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\data copy tools for youcam 8\xpsolive.exe"=0x53414350010000000000000007000000280000001B9700000000000001000000000000000000010571000000180120CD6657D20100000000000000000500000010000000000000000000000000000000000800000200000028000000000000000008004000002000000000000000200000000000EF2E0000000000000100000001000000010000000400000001000000 "G:\LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\Setup.exe"=0x53414350010000000000000007000000280000003E300B000000000001000000000000000000020671000000180120CD6657D20100000000000000000200000028000000000000000008004000000000000000000000000000000000F5FA0100000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\finalisation 100% sécurisé (& lfs ultra)\zemana antilogger pro beta free lifetime license\Zemana.AntiLogger.Setup.exe"=0x534143500100000000000000070000002800000030845600CC87AF0001000000000000000000000A00210000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000054E00200000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora_setup_full1084.exe"=0x5341435001000000000000000700000028000000906812003E4D130001000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000040000000000000000000000000000000005BD00B00000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\efm du musée de l'homme & du musée de l'ordre de la libération\video editor wonderdar cher lloyd oath de youcam 8 essendar for efm du musée de l'homme 2 & du MOL\filmora_resource.exe"=0x5341435001000000000000000700000028000000C06651164347521601000000000000000000010600010000180120CD6657D2010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000053FB0B00000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\FreeDownloadManagerPortable\FreeDownloadManagerPortable.exe"=0x5341435001000000000000000700000028000000206402007453030001000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000280B1B00000000000100000001000000 "C:\Program Files (x86)\CyberLink\PresenterLinkPlus\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000183703006B6F030001000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000006F390000000000000100000001000000 "C:\Users\jean-\Desktop\RSIT.exe"=0x534143500100000000000000070000002800000000E810009530110001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000A2F90000000000000100000001000000 "G:\logarythms - souvenirs 2005 & 2011 - lfs ultra & 100% sécurisé\sosvirus SIMPLE\Drive D\UsbFix_Standard\UsbFix_Standard.exe"=0x534143500100000000000000070000002800000018052F005B5D2F0001000000000000000000000671000000180120CD6657D20100000000000000000200000028000000000000000008000000000000000000000000000000000000B2EC3704000000000200000002000000 "G:\LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra\lfs ultimate\label de feta syrtos, 100% sécurisé & lfs finalis\amorce finalisation label de feta syrtos & 100% sécurisé\WMOSetup.exe"=0x5341435001000000000000000700000028000000B83C130029DA130001000000000000000000030600010000180120CD6657D201000000000000000002000000280000000000000000000040000000000000000000000000000000001D092D00000000000100000001000000 "C:\Users\jean-\AppData\Local\Temp\SoftwareUpdate_Temp\Setup.exe"=0x5341435001000000000000000700000028000000F8C10500C74C060001000000000000000000030600010000180120CD6657D2010000008000000000020000002800000000000000000000400000000000000000000000000000000050B60000000000000100000001000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x5341435001000000000000000700000028000000F8DD2900CA2B2A0001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000329C2700000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\tentatives finalisatisation lfs ultra & 100% sécurisé après le 8 novembre 2016\ad-aware en élodie galeyroux & wa miss dessert de widen inapareceu & et de toutes fa'var - 2 12\Ad-Aware_Total_Security.exe"=0x5341435001000000000000000700000028000000D807C3000E5FC30001000000000000000000030600010000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000003AB1E00000000000100000001000000 "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe"=0x5341435001000000000000000700000028000000F8789100890F920001000000000000000000000A002100005D8256B86657D201000000000000000002000000280000000000000000000000000000000000000000000000000000000E896A04000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go11\Trial\TrialMgr.exe"=0x5341435001000000000000000700000028000000181F0200FC21020001000000000000000000000A7120000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000090D0800000000000E0000000E000000 "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareDesktop.exe"=0x5341435001000000000000000700000028000000F8142701E9D2270101000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000911E1B00000000000200000002000000 "C:\MARMITON\MARMITON.EXE"=0x5341435001000000000000000700000028000000006001009AB2010001000000000000000000000A7120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008A730000000000000400000004000000 "G:\EASEUs Todo PCTrans Pro & FIX-IT Utilities 15 Pro\Fix-It_Professional_ENU_15.0.32.28.exe"=0x534143500100000000000000070000002800000060F75E0412785F0401000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000C6D14B04000000000100000001000000 "C:\Program Files\Wise\Wise Hotkey\WiseHotkey.exe"=0x5341435001000000000000000700000028000000F806570062C2570001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C908FC03000000000200000002000000 "SIGN.MEDIA=E03839D8 data - xilisoft\ResetBrowser.exe"=0x534143500100000000000000070000002800000000C21800410A190001000000000000000000030600010000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000BE6F0400000000000100000001000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8CB0700BE3D080001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\jean-\Downloads\susetupPro.exe"=0x534143500100000000000000070000002800000070D664005ADA640001000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000004000000000000000000000000000000000D49D0700000000000100000001000000 "C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe"=0x5341435001000000000000000700000028000000D0230D0095C00D0001000000000000000000000A71220000180120CD6657D20100000080000000000200000028000000000000000000004000000000000000000000000000000000E84ED503000000000100000001000000 "C:\Users\jean-\Downloads\jing.exe"=0x534143500100000000000000070000002800000018386600B730670001000000000000000000000671020000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A7CAC303000000000100000001000000 "C:\Program Files (x86)\TechSmith\Jing\Jing.exe"=0x5341435001000000000000000700000028000000F86B2C00FA272D0001000000000000000000000AF122000033504C2B57DFD101000000000000000002000000500000000000000000000040000000000000000000000000000000000A0D38040000000008000000080000000000000000000050000000000000000000000000000000008F01C203000000000400000000000000 "C:\Users\jean-\Downloads\unchecky_setup.exe"=0x5341435001000000000000000700000028000000F82B1600C943160001000000000000000000030600010000180120CD6657D2010000000000000000020000002800000000000000000000000000000000000000000000000000000026B00000000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora_resource.exe"=0x5341435001000000000000000700000028000000C06651164347521601000000000000000000010600010000180120CD6657D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000FAB71600000000000200000002000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-fashion-effect-pack.exe"=0x5341435001000000000000000700000028000000F8B19406C7AF950601000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000B7D41000000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-80s-effect-pack.exe"=0x5341435001000000000000000700000028000000D8721A13C9641B1301000000000000000000010600010000180120CD6657D201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000009CC70F00000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-halloween-effect-pack.exe"=0x534143500100000000000000070000002800000048F2290218262A0201000000000000000000010600010000180120CD6657D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000B84C0A00000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-holiday-pack.exe"=0x5341435001000000000000000700000028000000D8C2FB0D4308FC0D01000000000000000000010600010000180120CD6657D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000D4720C00000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-romantic-effect-pack.exe"=0x5341435001000000000000000700000028000000804A01060519020601000000000000000000010600010000180120CD6657D2010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000034C20400000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-spring-effect-pack.exe"=0x5341435001000000000000000700000028000000C8230D182BDC0D1801000000000000000000010600010000180120CD6657D2010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000054210D00000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-resource-pack.exe"=0x5341435001000000000000000700000028000000F8DEE31510D1E41501000000000000000000010600010000180120CD6657D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000B4A80D00000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\filmora-summer-effect-pack.exe"=0x534143500100000000000000070000002800000000CFDA0803E5DA0801000000000000000000010600010000180120CD6657D20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000299E0900000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\tidymymusic_full1686.exe"=0x534143500100000000000000070000002800000000E227015198280101000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A05E1600000000000100000001000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\ou a i a wonder'dar & le pavillon de l'hor'dar\macarons domi'gru\lws280.exe"=0x5341435001000000000000000700000028000000981771044C33710401000000000000000000010600010000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000AFB10600000000000100000001000000 "C:\Users\jean-\Downloads\WJSSetup.exe"=0x5341435001000000000000000700000028000000203B1C0010511C0001000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000003E8C8303000000000100000001000000 "C:\Program Files (x86)\Wise\Wise JetSearch\WiseJetSearch.exe"=0x5341435001000000000000000700000028000000F86422004089220001000000000000000000000A71220000180120CD6657D2010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000057D80500000000000200000002000000 "C:\Program Files (x86)\CyberLink\VideoMeetingPlus\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000183503007DFC030001000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000000D320000000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\Cadeaux finalis lfs100%s - version léa torres\setup.exe"=0x5341435001000000000000000700000028000000C0B35801A2C3580101000000000000000000000A00210000180120CD6657D201000000000000000002000000280000000000000000000000000000000000000000000000000000006A9F2800000000000500000005000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\Start.exe"=0x534143500100000000000000070000002800000000CD1500D90A160001000000000000000000000A71220000180120CD6657D20100000000000000000200000028000000000000000000000000000000000000000000000000000000DB1CC600000000000200000002000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\jv16PTPortable\jv16PTPortable.exe"=0x5341435001000000000000000700000028000000521201000000000001000000000000000000010600010000180120CD6657D2010000000000000000020000002800000000000000000000400000000000000000000000000000000081BC0F00000000000100000001000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000E0064A01B2FE4A0101000000000000000000000A00210000180120CD6657D2010000000100000000 "C:\Program Files (x86)\Unchecky\unchecky.exe"=0x534143500100000000000000070000002800000018611C0053631C000100000000000000000003060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000085400300000000000400000004000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000E07E03004B44040001000000000000000000000A00210000180120CD6657D2010000000100000000 "C:\Program Files (x86)\Glarysoft\Software Update Pro\Modifyiconmodule.exe"=0x5341435001000000000000000500000010000000000000000000000000000000000000000700000028000000D0CB10001113110001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000E8BD0200000000000900000009000000 "SIGN.MEDIA=568E1A Data\Documents\1er logiciel giveawayoftheday après lfs ultra & 10\LikeNEWPC230-24xh57\Setup.exe"=0x5341435001000000000000000700000028000000588856006957570001000000000000000000000A00210000180120CD6657D2010000000000000000020000002800000000000000000000400000000000000000000000000000000021432800000000000100000001000000 "C:\Program Files\WinZip\WINZIP64.EXE"=0x53414350010000000000000007000000280000006068BD04446BBD0401000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000EE55EA00000000000800000008000000 "G:\anti-faux positif pre_scan - exe installers\MovaviVideoSuiteSetup.exe"=0x5341435001000000000000000700000028000000D891010616D501060100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C0E66400000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\Nero_Portable_17.0.8.0_Multilingual.exe"=0x534143500100000000000000070000002800000020CAE601000000000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000DA660300000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\tentatives finalisatisation lfs ultra & 100% sécurisé après le 8 novembre 2016\CAD FIN LFS ULTRA 100%s 14 12 2016 ET 1ER ANNIV WIDEN ET AJUS LFS UL FIN - 14 12\Nero2017_Platinum-18.0.06100.exe"=0x5341435001000000000000000700000028000000C8CFA51318E5A51301000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000027815C00000000000100000001000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000E07E03004B44040001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000AC44007880450001000000010000000000000A73220000D5B3B31A57DFD1010000000000000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\cadeaux de finalisation 100% sécurisé finalis (& de lfs ultra)\Nero2016-17.0.04500.exe"=0x5341435001000000000000000700000028000000C8F51610F03B17100100000000000000000001067102000033504C2B57DFD101000000000000000002000000280000000000000000000000001000000000000000000000000000008D1F1400000000000200000002000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\tentatives finalisatisation lfs ultra & 100% sécurisé après le 8 novembre 2016\adlice pe viewer & filmorago - 17 12\RogueKillerPE64.exe"=0x53414350010000000000000007000000280000004866AE018F54AF0101000000000000000000000A00210000D5B3B31A57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000003FD20B00000000000100000001000000 "C:\Users\jean-\Downloads\AVG_Driver_Updater_Setup_11_3.exe"=0x5341435001000000000000000700000028000000806412001817130001000000000000000000000A0021000033504C2B57DFD1010000008000000000020000002800000000000000000000400000000000000000000000000000000041DC6700000000000100000001000000 "G:\SlimCleaner\SlimCleaner.exe"=0x534143500100000000000000070000002800000040D9CE016067CF010100000000000000000002067122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000033816000000000000100000001000000 "G:\barrow 2 & widen 100% sécurisé\sosvirus app for stop all power2go 11 process for facilite iobit unlocker work\processclose_1.0.0.3(1).exe"=0x534143500100000000000000070000002800000000140F0001DC0F0001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DA8E0500000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\1ers logiciels giveawayoftheday après lfs ultra & 100%S finalis\AutoPoweronandShutdown283-ad92md\Setup.exe"=0x534143500100000000000000070000002800000060CC2600C3AE27000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000001684F803000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\1ers logiciels giveawayoftheday après lfs ultra & 100%S finalis\DimoVideoConverterUltimate272-1kq3nk\Setup.exe"=0x5341435001000000000000000700000028000000ED4969010000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000BCB20200000000000100000001000000 "C:\Program Files (x86)\Nero\Nero 2017\Nero Launcher\NeroLauncher.exe"=0x534143500100000000000000070000002800000078AFD2012361D30101000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000008000000000000000000000000000000000000000A34E0200000000000100000001000000 "C:\Program Files (x86)\Nero\Nero 2016\Nero Launcher\NeroLauncher.exe"=0x5341435001000000000000000700000028000000F0F335013C78360101000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000008000000000000000000000000000000000000000A6BF0000000000000100000001000000 "C:\Users\jean-\Downloads\DriversCloud_Win.exe"=0x534143500100000000000000070000002800000080920300854E04000100000000000000000000067100000033504C2B57DFD101000000000000000002000000280000000000000000080000000000000000000000000000000000005A060300000000000100000001000000 "C:\Users\jean-\Downloads\HPSupportSolutionsFramework-12.5.32.203.exe"=0x5341435001000000000000000700000028000000B0EA3D0098493E000100000000000000000000067102000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000052150C00000000000100000001000000 "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe"=0x534143500100000000000000070000002800000020861100FB8B110001000000000000000000000AF5220000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000001F692102000000000100000001000000 "C:\Users\jean-\Downloads\apowersoft-online-launcher.exe"=0x534143500100000000000000070000002800000078B512001153130001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000800000000000000000000000000000000000000096980A00000000000100000001000000 "G:\LFS Ultra & 100% Sécurisé\PortableApps\FirefoxPortable\FirefoxPortable.exe"=0x5341435001000000000000000700000028000000283803006FF203000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C21A0200000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\sosvirus app for stop all youcam 8 process for facilite iobit unlocker work\processclose_1.0.0.3(2).exe"=0x534143500100000000000000070000002800000000140F0001DC0F0001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000CED10200000000000100000001000000 "C:\Users\jean-\Downloads\FFSetupOnline.exe"=0x5341435001000000000000000700000028000000302E1000E99E100001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000044CC0B00000000000100000001000000 "C:\Program Files (x86)\FormatFactory\FormatFactory.exe"=0x5341435001000000000000000700000028000000801660007B4A600001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000B0281500000000000100000001000000 "G:\the village masher - logiciel montage vidéo & video efm rentrée 2011 poufs ronds only anti-me, myself and i\camtasia.exe"=0x5341435001000000000000000700000028000000405BFE103EC5FE1001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000082F4A00000000000100000001000000 "C:\Users\jean-\Downloads\idman627build2.exe"=0x5341435001000000000000000700000028000000B8B96900747B6A0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F5FA0B00000000000100000001000000 "C:\Users\jean-\Downloads\mb3-setup-consumer-3.0.4.1269.exe"=0x5341435001000000000000000700000028000000B8FF1803D6E9190301000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000002CDA0800000000000100000001000000 "C:\Users\jean-\Desktop\Outils entraide aidoweb\SUPERAntiSpyware.exe"=0x5341435001000000000000000700000028000000380CB301E160B3010100000000000000000002060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000036AC1C00000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\sosvirus app for stop all youcam 8 process for facilite iobit unlocker work\processclose_1.0.0.3(1).exe"=0x534143500100000000000000070000002800000000140F0001DC0F0001000000000000000000000A0021000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000039530800000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\3ème logiciel giveawayoftheday après lfs ultra & 100% sécurisé finalis\PowerArchiver161024Standard-tey0s2m\Setup (2).exe"=0x534143500100000000000000070000002800000010079F01DB329F010100000000000000000000067100000033504C2B57DFD10100000000000000000200000028000000000000000008004000000000000000000000000000000000AF5D0A00000000000100000001000000 "C:\Program Files (x86)\PowerArchiver\POWERARC.EXE"=0x5341435001000000000000000700000028000000789E83019FA3830101000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000800000000000000000000000061A50800000000000200000002000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\sosvirus app for stop all youcam 8 process for facilite iobit unlocker work\processclose_1.0.0.3(3).exe"=0x534143500100000000000000070000002800000000140F0001DC0F0001000000000000000000000A0021000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001FE00000000000000100000001000000 "G:\anti-faux positif pre_scan - exe installers\ReflectDL.exe"=0x5341435001000000000000000700000028000000D01936008FE336000100000000000000000002060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000BB5F1C00000000000100000001000000 "C:\Program Files\Macrium\Reflect\Reflect.exe"=0x534143500100000000000000070000002800000028F30400A4B2050001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000249E7B02000000000400000004000000 "C:\Program Files (x86)\CyberLink\Power2Go11\Power2Go.exe"=0x53414350010000000000000007000000280000001887620038C9620001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000B77C4502000000000200000002000000 "G:\100% sécurisé finalis - padam-sirtaki of lfs ultra, barrow 2 & widen\revo uninstaller pro portable\program files (x64)\RevoUninstallerPro_Portable\RevoUPPort.exe"=0x5341435001000000000000000700000028000000381B0200DA9E02000100000000000000000003067102000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000058785000000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\revo uninstaller pro portable\program files (x64)\RevoUninstallerPro_Portable\RevoUPPort.exe"=0x534143500100000000000000070000002800000050060200136102000100000000000000000003067102000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000964B0200000000000100000001000000 "G:\LFS Ultra & 100% Sécurisé\emsisoft on barrow ushuaia.exe"=0x5341435001000000000000000700000028000000591A491A6648020001000000000000000000000A7120000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000ACC53900000000000100000001000000 "C:\Users\jean-\Downloads\EmsisoftEmergencyKit.exe"=0x5341435001000000000000000700000028000000608F0710C2D5071001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000091B01400000000000100000001000000 "C:\Program Files\Macrium\Reflect\ReflectBin.exe"=0x534143500100000000000000070000002800000038FE1C02163D1D0201000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000B61B0000000000000100000001000000 "C:\Program Files (x86)\EaseUS\Todo Backup\bin\Loader.exe"=0x534143500100000000000000070000002800000028C2090060FE090001000000000000000000000A7122000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000003ED40C00000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000000D12900C7142A0001000000000000000000000A0021000033504C2B57DFD1010000000000000000 "C:\Program Files\Software Informer\softinfo.exe"=0x5341435001000000000000000700000028000000004819000000000001000000000000000000000A73220000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000006B030000000000000100000001000000 "C:\Program Files\RogueKillerPE\RogueKillerPE64.exe"=0x53414350010000000000000007000000280000004866AE018F54AF0101000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000864A0000000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2017\burningstudio2017.exe"=0x5341435001000000000000000700000028000000601B950184DA950101000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000005E9E0100000000000100000001000000 "C:\Program Files\DriversCloud.com\DriversCloud.exe"=0x53414350010000000000000007000000280000007082660006F8660001000000000000000000000A00210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000043950500000000000100000001000000 "C:\Users\jean-\Downloads\setup.exe"=0x5341435001000000000000000700000028000000982C0A02701D0B0201000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000CAA86B00000000000100000001000000 "C:\Program Files\TechSmith\Camtasia 9\CamtasiaStudio.exe"=0x534143500100000000000000070000002800000040D63100FC95320001000000000000000000000A80210000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000002B5B1800000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\VivaldiPortable\VivaldiPortable.exe"=0x5341435001000000000000000700000028000000ED520100000000000100000000000000000001060001000033504C2B57DFD1010000000000000000 "C:\Users\jean-\Downloads\free-video-downloader_setup_full1290.exe"=0x534143500100000000000000070000002800000060450C00D4660C000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000A65A1D00000000000100000001000000 "C:\Users\jean-\Desktop\OTM.exe"=0x534143500100000000000000070000002800000000F807000E4C080001000000000000000000000A4122000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400600000000000000000000000000000069611400000000000300000003000000 "C:\Users\jean-\Desktop\quickdiag_2_04.12.2016.1.exe"=0x5341435001000000000000000700000028000000A8732400B6E9240001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000327C0400000000000300000003000000 "G:\PortableApps\OperaPortable\OperaPortable.exe"=0x534143500100000000000000070000002800000020E40300289904000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000008000000000000000000000000AE4E3100000000000200000002000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\sosvirus app for stop all youcam 8 process for facilite iobit unlocker work\processclose_1.0.0.3(5).exe"=0x534143500100000000000000070000002800000000140F0001DC0F0001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000B5E607000000000002000000020000000000000000000000000000000000000000000000000000009E9C0000000000000100000000000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\1ers logiciels giveawayoftheday après lfs ultra & 100% sécurisé finalis\WinXDVDCopyPro371-320djf\Setup.exe"=0x534143500100000000000000070000002800000060CC2600C3AE27000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F6DA0F00000000000100000001000000 "G:\barrow 3, widen 2 & 100% sécurisé finalis\1ers logiciels giveawayoftheday après lfs ultra & 100% sécurisé finalis\DriverEasyPro515-m4j5d5\Setup.exe"=0x534143500100000000000000070000002800000060CC2600C3AE27000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000007C2C00000000000100000001000000 "\\Livebox\CARBIDE\UsbFix_Standard\UsbFix_Standard.exe"=0x5341435001000000000000000700000028000000EA8F3F00000000000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000006CBEC900000000000100000001000000 "C:\Users\jean-\AppData\Roaming\UsbFix\UsbFix.exe"=0x534143500100000000000000070000002800000000D41B004B0A1C0001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000000E398100000000000100000001000000 "G:\PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000000D1290044D9290001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000583C4600000000000100000001000000 "G:\PortableApps\OperaPortableLegacy12\OperaPortable.exe"=0x534143500100000000000000070000002800000028150400F01F04000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000040C84200000000000200000002000000 "SIGN.MEDIA=FE40B8 digitalriver get it on micro sd - zonealarm backup micro sd (disk)\ZoneAlarmBackupSetup.exe"=0x5341435001000000000000000700000028000000487B9000079390000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000CDD83100000000000100000001000000 "C:\ZoneAlarmBackup\RegisterZABackupDlls.exe"=0x534143500100000000000000070000002800000010960000142001000100000000000000000000067120000033504C2B57DFD1010000000000000000020000002800000000000000000000000010000000000000000000000000000004020000000000000100000001000000 "C:\ZoneAlarmBackup\ZABackupStartup.exe"=0x534143500100000000000000070000002800000010B60200D82B03000100000000000000000001067120000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000038010000000000000100000001000000 "C:\ZoneAlarmBackup\ZABackupTray.exe"=0x534143500100000000000000070000002800000010861E00EF6D1F000100000000000000000001067120000033504C2B57DFD101000000000000000002000000280000000000000000000000001000000000000000000000000000005A022900000000000100000001000000 "SIGN.MEDIA=FE40B8 digitalriver get it on micro sd - zonealarm backup micro sd (disk)\ZoneAlarmBackupPluginSetup.exe"=0x534143500100000000000000070000002800000088631C004AC41C0001000000000000000000000A4122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000EDC90200000000000100000001000000 "C:\Users\jean-\Desktop\zhpfix_2015.10.19.9.exe"=0x534143500100000000000000070000002800000051BC35000000000001000000000000000000000A4122000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000004C8D0000000000000100000001000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Windows Defender] "UIFirstRun"=0 [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131264920874367636 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0x04E3AEFE6057D201 "OOBEInstallTime"=0x0481391AE458D201 "DisableAntiVirus"=0 "InstallLocation"=C:\Program Files\Windows Defender\ "OneTimeSqmDataSent"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\!SASCORE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts # Hosts file cleared by RogueKiller (Adlice Software) # http://www.adlice.com 127.0.0.1 localhost # unchecky_begin # These rules were added by the Unchecky program in order to block advertising software modules 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com [61] More lines ---------- | @ [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://www.google.fr/ "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "Use FormSuggest"=no "ImageStoreRandomFolder"=hd573kq "NotifyDownloadComplete"=yes "OperationalData"=13 "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.161024-1825 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3E0000003E0000005E030000BE020000 "Start Page_TIMESTAMP"=0xC638CB298B57D201 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x0100000048000000620E9769F50F2D7ED6F0E96B90807D24A53F02E71E2BAD1A13D5122D1558117C04F78DFEAACE44325A758B471A22B3467987586DA97873527DDE1FDB74D2BBA14FE24F885E845E8402000000100000007663585725326233636639496F253364 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x378D918F6157D201 "IE10TourShown"=1 "IE10TourShownTime"=0x378D918F6157D201 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Internet Explorer\SearchURL] ""=http://www.bing.com/search?FORM=IE8SRC&q=%s [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x7A783251AE58D201 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://www.google.fr/ "Default_Search_URL"=http://www.google.fr/ "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://www.google.fr/?q={searchTerms} "Security Risk Page"=about:SecurityRisk "Start Page"=http://www.google.fr/ "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://www.google.fr/ "Default_Search_URL"=http://www.google.fr/ "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://www.google.fr/?q={searchTerms} "Security Risk Page"=about:SecurityRisk "Start Page"=http://www.google.fr/ "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={96BBC430-9900-4299-9F5D-7951AB36EFDF} "KnownProvidersUpgradeTime"=0x378D918F6157D201 "Version"=5 "UpgradeTime"=0x378D918F6157D201 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : ---------- | ElevationPolicy [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B}] - (C:\Program Files (x86)\Internet Download Manager) - idmBroker.exe : [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A}] - (C:\Program Files (x86)\Internet Download Manager) - IEMonitor.exe : [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C306DF7-2171-45c8-9324-D36448104BD5}] - (G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\FreeDownloadManagerPortable\App\FreeDownloadManager) - fdm.exe : [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD41E1A5-99E5-41BA-8703-6BE974416118}] - (C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\) - nero.exe : [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4}] - (C:\Program Files (x86)\Internet Download Manager) - IDMan.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\4DDD5300-D063-473A-9D82-96B009619DA5] - (C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Solutions) - HPSAObjectMetrics.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4a6f3852-f648-43b8-ac6a-b7f54e73b41b}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IPRELPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a9d89246-c24f-43be-9b36-7bcc637a0b2b}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IARNLPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\4DDD5300-D063-473A-9D82-96B009619DA5] - (C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Solutions) - HPSAObjectMetrics.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34372DD3-19BF-454f-BF23-8761F26CFFD2}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewps.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{886D9852-A9A8-4b88-83D4-50FC6616C21D}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewpsbw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD41E1A5-99E5-41BA-8703-6BE974416118}] - (C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\) - nero.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4}] - (C:\Program Files (x86)\Internet Download Manager) - IDMan.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx ---------- | Ext\Stats [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] : : ---------- | Browser Helper Objects ---------- | Chrome [HKLM\Software\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek] ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [HKLM\Software\WOW6432Node\MozillaPlugins\@Nero.com/KM] - () : C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{d1195db5-a689-4b32-ba8b-929ea0e79fb3}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{d1195db5-a689-4b32-ba8b-929ea0e79fb3}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - [1,1,1,9] - -> [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - [10,0,14393,0] - -> [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - [12,0,10011,16384] - -> [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - [10,0,14393,479] - -> [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [11,187,14393,0] - -> [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,14393,82] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\inf\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,10011,16384] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - [1,1,1,9] - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{31699572-6286-3C1C-A03C-511D59181038}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,187,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [10,0,14393,0] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,187,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,187,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,187,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [10,0,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - [10,0,14393,479] - @%SystemRoot%\system32\shell32.dll,-32969 -> U [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - [11,187,14393,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,187,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,187,14393,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [10,0,14393,187] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,10011,16384] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,187,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [10,0,14393,0] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,187,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,187,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,187,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{71A5A636-652F-3BE0-BC14-02545E9F5EC7}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [10,0,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,187,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,187,14393,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [10,0,14393,187] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: Microsoft SQL Server Replication Remote Merge Agent 11.0 - AppID: {042A4340-A4D7-44DD-A22E-93278FB52475} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: SEAPO - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: CamrecShellExt - AppID: {0DE69E95-29A8-4A7B-B10C-78EF7E2AA5B4} Name: NeroShellExt - AppID: {10EBE05D-77B3-4C15-9080-6002AFD08B48} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: ShellExt - AppID: {15C5BD04-9020-44A9-9E5E-EE28DDF36A3B} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: NAUpdate - AppID: {1AC9CDC0-9D87-4371-9DE7-65C3F39AE5E6} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: Disc soft DT Pro bus service - AppID: {1E9D16CB-FF03-481F-ABE2-F406C2808FE2} Name: MyEpson Portal Service - AppID: {1EA8AE6B-3E49-4C56-B4F6-91BC83604BEB} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: hpqCaslWmiEx - AppID: {20ED5D44-3C74-4E20-B62A-4FB59ED919B0} Name: AutoSync - AppID: {210C0BC3-EA09-478C-91FB-D38714374C81} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: Dispatch - AppID: {224FC5DE-26AD-4A47-A2C3-5A50885F314C} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: InstallAgent - AppID: {260eb9de-5cbe-4bff-a99a-3710af55bf1e} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: Exchange Active Sync Policies Broker - AppID: {26795871-6B8F-4115-89DD-986213012798} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00} Name: InstallAgentUserBroker - AppID: {28d08f70-46eb-4f26-a6cb-54b75132e100} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: DTS Package Host (32-bit) - AppID: {2CB1C2AA-A8EA-41CD-B439-25F4F4C846A9} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: Microsoft SQL Server Replication Logreader Agent 11.0 - AppID: {368C2E48-7E89-4970-94C9-6757E96C49AF} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: idmBroker - AppID: {3C085E26-7DF6-4A34-ADA6-877D06BAE9A8} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: PIFUAC - AppID: {45CB30B1-B453-488a-9E8F-CE3C2ABFAAA7} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: IndexedDbCacheServer - AppID: {49f6e667-6658-4bd1-9de9-6af87f9faf85} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: DTS Task Host (32-bit) - AppID: {4D3E4495-4A1C-4AB6-BFCB-E4056EB546D0} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: Offline Files Service - AppID: {52551A19-B337-498d-AE75-2283E29902DE} Name: FsrmPropertiesPropSheet - AppID: {52FC5917-F4E4-4C78-B469-20E722379F6C} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: PfShellExtension - AppID: {59A55EF0-525F-4276-AB62-8F7E5F230399} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: PrintBrmEngine - AppID: {5C797117-3B23-4549-A6D8-475AB3B62228} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: MyPrivilegedObject - AppID: {6BCFB187-C1DD-4807-96AD-F91AB4AB08AC} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: SUPERAntiSpywareContextMenuExtension - AppID: {746C91D0-C4A9-460A-B841-851A2B6F2C4B} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: CLMLSvc_P2G11 - AppID: {79454E97-52CD-4517-B6A1-43A1D3C5FDAC} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: GPMC Reporting - AppID: {7f9bbc82-ba5f-4448-8622-ef76b8d007e6} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: AdAwareShellExtension - AppID: {815E3070-A914-4A36-BC40-2F35AAD1C91E} Name: hpcaslutils - AppID: {8195693E-0C55-4BE2-A2DB-32376ABC24C4} Name: CnxtDSPdll - AppID: {81D6AA8D-5401-4EE7-A7A2-95133649C977} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: Microsoft SQL Server Integration Services 11.0 - AppID: {83B33982-693D-4824-B42E-7196AE61BB05} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: AppVClient - AppID: {8D315960-32C4-4235-8369-901DF222816F} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: SQLTaskConnections - AppID: {91A708A7-D12F-4B03-B8D0-DDE814119454} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: English - AppID: {98EE641D-7027-477F-97E5-CECD0DFDFE95} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Microsoft SQL Server Replication Remote Dist Agent 11.0 - AppID: {99434DAB-0F08-4F30-8CCF-B3E80296C907} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: chext - AppID: {9D4C4C5F-EE90-4a6b-9245-244C369E4FAE} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: CDP Reference Host - AppID: {A0316E2D-8793-4E74-AA48-8CE2ED05BA57} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: SwapAPODll - AppID: {A85F41D6-156B-470D-B505-110388968D5A} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: Out of proc server to enable Insider Hub scenarios to be reached from inside of its appcontainer - AppID: {ac0fd47a-37f4-4502-bfee-6b317e479d41} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: RContextMenu - AppID: {B5B6E648-E9F7-4CE3-987C-53FEDA97C1FA} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: ewpsie_tb - AppID: {BBFE69BB-2EA4-49A6-99F3-9408974D0684} Name: ZoneAlarmBackup Service - AppID: {BC2F1BDB-3429-4500-A722-7B431556C67B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: EPTBL - AppID: {CACC252F-95A7-4741-BBE8-FB1F18C2826F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: ShellExtension - AppID: {CB65493D-4F92-4301-8EDB-0C93266A3B51} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: SwapAPODll - AppID: {CF85F74A-E465-4fb6-898F-8F72C2B84D8E} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Microsoft SQL Server Replication Distribution Agent 11.0 - AppID: {D41192E9-AB13-4A23-AB3B-A5FED98306DB} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: IndexedDbBrokerServer - AppID: {dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: EverySyncExplorerOverlay - AppID: {DE4CE140-5838-468B-86C0-A422AC75B092} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: TokenBroker Out Of Proc COM Server - AppID: {E73A797B-24CE-424A-AD4F-48E98B1E95B8} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Immersive Print Dialog Surrogate - AppID: {EB28E902-728E-42C4-97DC-DA89E144C744} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: ImagXpr7 - AppID: {ED512BE6-6629-4FB4-953D-D0C353847163} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: UACObject - AppID: {F632543F-3A79-4cc9-AACD-07036DF9FFCD} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: DaemonShellExtImage - AppID: {F9B84490-4C45-4737-82E5-0EA0B1CF5307} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: NeroShellExt2017 - AppID: {FB312EDA-061F-49C2-902E-291101CABE1C} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: ESLoadSevice - AppID: {FCA6F20F-92E5-4E74-AC19-D14B59CB1C15} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Microsoft SQL Server Replication Queuereader Agent 11.0 - AppID: {FD737704-43CB-4791-B4DB-EE8CDBC64450} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Microsoft SQL Server Replication Merge Agent 11.0 - AppID: {FDF7E044-456E-46C5-A396-807479AAFB4D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0EA3EECE-6ABF-467A-9040-11AA728B7B0B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0EA3EECE-6ABF-467A-9040-11AA728B7B0B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0EA3EECE-6ABF-467A-9040-11AA728B7B0B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{224FC5DE-26AD-4A47-A2C3-5A50885F314C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{224FC5DE-26AD-4A47-A2C3-5A50885F314C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-15-3-1024-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{52FC5917-F4E4-4C78-B469-20E722379F6C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{52FC5917-F4E4-4C78-B469-20E722379F6C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6BCFB187-C1DD-4807-96AD-F91AB4AB08AC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6BCFB187-C1DD-4807-96AD-F91AB4AB08AC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7f9bbc82-ba5f-4448-8622-ef76b8d007e6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7f9bbc82-ba5f-4448-8622-ef76b8d007e6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{83B33982-693D-4824-B42E-7196AE61BB05}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{83B33982-693D-4824-B42E-7196AE61BB05}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A0316E2D-8793-4E74-AA48-8CE2ED05BA57}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F632543F-3A79-4cc9-AACD-07036DF9FFCD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F632543F-3A79-4cc9-AACD-07036DF9FFCD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | Svchost - Netsvcs (Whitelisted) ---------- | Software [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Adlice Software] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Apowersoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\AppDataLow] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Ashampoo] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\ATI] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Auslogics] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\AVG Netherlands BV] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\BugSplat] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Chromium] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Clients] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Code Sector] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\ComodoGroup] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\ConeXware] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Corel] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\CyberLink] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Disc Soft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\EaseUS] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\ECSOFTWARE] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\EPSON] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\FreeDownloadManager.ORG] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\FreeTime] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\GlarySoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Google] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Informer Technologies, Inc.] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\iskysoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\ISOWINDOWMENU] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\KillSoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Lifsoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Logitech] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\macrium] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Macromedia] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\MainConcept] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Malwarebytes] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Marmiton] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Mozilla] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Nero] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Nico Mak Computing] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Paramount Software (UK) Ltd.] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Policies] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\PowerArchiverInt] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\PPM] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Pro-SoftNet] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Realtek] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\RegisteredApplications] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\SampleView] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\SlimWare Utilities Inc] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\softorbits] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\SUPERAntiSpyware.com] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\SyncEngines] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\sysinternals] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\TechSmith] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Unchecky] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\UsbFix] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\UsbFix Standard] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Vivaldi] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\WinRAR SFX] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\WinZip Computing] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\WiseCleaner] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Wondershare] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Wow6432Node] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Zemana] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\{98132F81-18BE-4722-8B1D-0A25D9AE3DA0}] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\AppDataLow\Software\adawarebp] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AMD] [HKLM\Software\Ashampoo] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\AVC3] [HKLM\Software\Bitdefender] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\ComodoGroup] [HKLM\Software\cybelsoft] [HKLM\Software\Disc Soft] [HKLM\Software\EPSON] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Ignis] [HKLM\Software\Intel] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\Lavasoft] [HKLM\Software\LikeNEWPC] [HKLM\Software\Logitech] [HKLM\Software\Macrium] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\PowerArchiverInt] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\sysinternals] [HKLM\Software\TechSmith] [HKLM\Software\WiseCleaner] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\Software\Zemana] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Ashampoo] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Auslogics] [HKLM\Software\WOW6432Node\AVG Netherlands B.V] [HKLM\Software\WOW6432Node\AVG Netherlands BV] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\ConeXware] [HKLM\Software\WOW6432Node\ConeXware, Inc.] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\EaseUS Todo Backup] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\g3n-h@ckm@n] [HKLM\Software\WOW6432Node\GlarySoft] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\HP] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\iskysoft] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KillSoft] [HKLM\Software\WOW6432Node\Lavasoft] [HKLM\Software\WOW6432Node\LogMeInRescueCallingCard] [HKLM\Software\WOW6432Node\macrium] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\Nico Mak Computing] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\PowerArchiverInt] [HKLM\Software\WOW6432Node\RecordDISCXXX] [HKLM\Software\WOW6432Node\Seiko Epson Corporation] [HKLM\Software\WOW6432Node\SlimWare Utilities Inc] [HKLM\Software\WOW6432Node\Softgogo] [HKLM\Software\WOW6432Node\TechSmith] [HKLM\Software\WOW6432Node\TrendMicro] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Zemana] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | FeatureControl [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Trial.exe"="8888" "OneDrive.exe"="11000" "softinfo.exe"="11000" "burningstudio2017.exe"="11001" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801] "burningstudio2017.exe"="1" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation] "burningstudio2017.exe"="1" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" "burningstudio2017.exe"="1" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "burningstudio2017.exe"="10" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "burningstudio2017.exe"="10" [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "burningstudio2017.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "WiseHotkey.exe"="11000" "winzip64.exe"="8000" "Filmora.exe"="9999" "softinfo.exe"="11000" "HPSFViewer.exe"="11000" "HPCF.exe"="11000" "CamtasiaStudio.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "TBConsoleUI.exe"="9999" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [16/12/2016 10:38:45] - |D| - [258723099] - C:\Program Files (x86)\Ashampoo [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:32] - |AD| - [106367910] - C:\Program Files (x86)\ATI Technologies [MD5.00000000000000000000000000000000] - [16/12/2016 10:36:33] - |D| - [25210737] - C:\Program Files (x86)\Auslogics [MD5.00000000000000000000000000000000] - [18/12/2016 14:12:02] - |AD| - [5533509] - C:\Program Files (x86)\AutoPowerOn [MD5.00000000000000000000000000000000] - [16/12/2016 10:30:44] - |D| - [809241436] - C:\Program Files (x86)\CyberLink [MD5.00000000000000000000000000000000] - [18/12/2016 14:33:14] - |AD| - [111606460] - C:\Program Files (x86)\Dimo Video Converter Ultimate [MD5.00000000000000000000000000000000] - [16/12/2016 10:13:57] - |D| - [1482813673] - C:\Program Files (x86)\EaseUS [MD5.00000000000000000000000000000000] - [16/12/2016 12:08:35] - |D| - [17240503] - C:\Program Files (x86)\EPSON [MD5.00000000000000000000000000000000] - [16/12/2016 12:00:54] - |AD| - [233877241] - C:\Program Files (x86)\EPSON Software [MD5.00000000000000000000000000000000] - [19/12/2016 09:01:23] - |D| - [158905565] - C:\Program Files (x86)\FormatFactory [MD5.00000000000000000000000000000000] - [21/12/2016 13:03:07] - |D| - [5654459] - C:\Program Files (x86)\Genesyslogic [MD5.00000000000000000000000000000000] - [16/12/2016 15:39:12] - |D| - [22665454] - C:\Program Files (x86)\Glarysoft [MD5.00000000000000000000000000000000] - [18/12/2016 21:03:35] - |D| - [22638963] - C:\Program Files (x86)\Hewlett-Packard [MD5.00000000000000000000000000000000] - [18/12/2016 21:10:32] - |D| - [8466872] - C:\Program Files (x86)\HP [MD5.00000000000000000000000000000000] - [16/12/2016 11:03:25] - |HD| - [59636133] - C:\Program Files (x86)\InstallShield Installation Information [MD5.00000000000000000000000000000000] - [16/12/2016 10:12:11] - |D| - [12348017] - C:\Program Files (x86)\IObit [MD5.00000000000000000000000000000000] - [16/12/2016 11:11:24] - |D| - [199534] - C:\Program Files (x86)\KeyCryptSDK [MD5.00000000000000000000000000000000] - [16/12/2016 10:42:25] - |D| - [1247147] - C:\Program Files (x86)\KillSoft [MD5.00000000000000000000000000000000] - [16/12/2016 10:35:34] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [MD5.00000000000000000000000000000000] - [19/12/2016 21:47:58] - |AD| - [1192839524] - C:\Program Files (x86)\Microsoft SQL Server [MD5.00000000000000000000000000000000] - [19/12/2016 22:23:31] - |D| - [4850] - C:\Program Files (x86)\Microsoft Visual Studio 10.0 [MD5.00000000000000000000000000000000] - [21/12/2016 19:20:04] - |D| - [96884816] - C:\Program Files (x86)\Mozilla Firefox [MD5.00000000000000000000000000000000] - [21/12/2016 19:22:57] - |D| - [262595] - C:\Program Files (x86)\Mozilla Maintenance Service [MD5.00000000000000000000000000000000] - [18/12/2016 06:43:55] - |AD| - [2511610446] - C:\Program Files (x86)\Nero [MD5.00000000000000000000000000000000] - [16/12/2016 11:03:16] - |D| - [28953777] - C:\Program Files (x86)\NSIS Uninstall Information [MD5.00000000000000000000000000000000] - [19/12/2016 14:39:53] - |AD| - [169900560] - C:\Program Files (x86)\PowerArchiver [MD5.00000000000000000000000000000000] - [16/12/2016 10:53:59] - |D| - [959392] - C:\Program Files (x86)\RegSeeker [MD5.00000000000000000000000000000000] - [20/12/2016 20:11:59] - |AD| - [84660115] - C:\Program Files (x86)\Sketch Drawer [MD5.00000000000000000000000000000000] - [16/12/2016 16:08:24] - |D| - [11373214] - C:\Program Files (x86)\TechSmith [MD5.00000000000000000000000000000000] - [16/12/2016 11:39:29] - |D| - [807895] - C:\Program Files (x86)\trend micro [MD5.00000000000000000000000000000000] - [16/12/2016 16:10:37] - |AD| - [5425836] - C:\Program Files (x86)\Unchecky [MD5.00000000000000000000000000000000] - [19/12/2016 19:33:05] - |D| - [4124347674] - C:\Program Files (x86)\Windows Kits [MD5.00000000000000000000000000000000] - [16/12/2016 10:00:40] - |D| - [22944523] - C:\Program Files (x86)\Wise [MD5.00000000000000000000000000000000] - [16/12/2016 11:23:38] - |D| - [28780662] - C:\Program Files (x86)\Wondershare [MD5.00000000000000000000000000000000] - [16/12/2016 11:11:03] - |AD| - [16665357] - C:\Program Files (x86)\Zemana AntiLogger [MD5.00000000000000000000000000000000] - [21/12/2016 19:21:18] - |D| - [7233310] - C:\Program Files (x86)\ZHPFix [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/12/2016 00:07:32] - |A| - [0] - C:\WINDOWS\ativpsrm.bin [MD5.2E79FA3CDE16FCF26D30791E1A73FE3A] - [18/12/2016 00:06:21] - |AS| - [67584] - C:\WINDOWS\bootstat.dat [MD5.18075A456156C824752350A8022EF498] - [18/12/2016 00:25:55] - |A| - [6291] - C:\WINDOWS\comsetup.log [MD5.00000000000000000000000000000000] - [16/12/2016 07:02:09] - |D| - [0] - C:\WINDOWS\CSC [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [18/12/2016 00:44:19] - |A| - [7623] - C:\WINDOWS\diagerr.xml [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [18/12/2016 00:44:19] - |A| - [7623] - C:\WINDOWS\diagwrn.xml [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [17/12/2016 23:41:21] - |A| - [4673304] - C:\WINDOWS\explorer.exe [MD5.00000000000000000000000000000000] - [21/12/2016 12:56:23] - |D| - [54162297] - C:\WINDOWS\LastGood.Tmp [MD5.00000000000000000000000000000000] - [20/12/2016 07:24:18] - |D| - [108136] - C:\WINDOWS\Minidump [MD5.00000000000000000000000000000000] - [18/12/2016 00:02:49] - |DC| - [114813689] - C:\WINDOWS\Panther [MD5.EDE84F22B1C0FF0E493B3720DBE9CA6C] - [18/12/2016 07:07:43] - |A| - [8998] - C:\WINDOWS\PFRO.log [MD5.00000000000000000000000000000000] - [18/12/2016 00:04:13] - |D| - [34082163] - C:\WINDOWS\Prefetch [MD5.0DD3698CBEE8CB6ACEC3379A813F62C1] - [21/12/2016 13:03:42] - |A| - [4332032] - C:\WINDOWS\RtCRU64.exe [MD5.00000000000000000000000000000000] - [17/12/2016 23:15:01] - |D| - [50221009] - C:\WINDOWS\ServiceProfiles [MD5.4101C1E2E002E187B7755CE53FD80E91] - [18/12/2016 00:06:00] - |A| - [37283] - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/12/2016 00:06:00] - |A| - [0] - C:\WINDOWS\setuperr.log [MD5.00000000000000000000000000000000] - [16/12/2016 12:40:17] - |D| - [4839] - C:\WINDOWS\ShellNew [MD5.BCDB205132974EC3AB6F5C01DD93489B] - [17/12/2016 23:41:14] - |A| - [130560] - C:\WINDOWS\splwow64.exe [MD5.038356387332650843BCB352BB89A101] - [16/12/2016 08:04:02] - |A| - [275] - C:\WINDOWS\WindowsUpdate.log [MD5.0CB3E875081096144E4E83431A21F475] - [16/12/2016 10:00:55] - |A| - [14256] - C:\WINDOWS\WiseFs64.sys [MD5.28C6E1980860BB377C8A9E463CBD2FF0] - [21/12/2016 20:12:23] - |A| - [29176] - C:\WINDOWS\ZAM.krnl.trace [MD5.757D2978E87A99971F1FF3720A0A7C54] - [21/12/2016 20:12:23] - |A| - [1195] - C:\WINDOWS\ZAM_Guard.krnl.trace [MD5.00000000000000000000000000000000] - [16/12/2016 09:53:27] - |SHD| - [237474127] - C:\WINDOWS\Installer\$PatchCache$ [MD5.FEA981F06D1AF0B5C913CCA8CBDB111A] - [21/12/2016 19:09:27] - |A| - [38755328] - C:\WINDOWS\Installer\14f7b11.msi [MD5.12AC6EF54D6D65FABF4D6D475A246F02] - [18/12/2016 05:26:23] - |A| - [27992576] - C:\WINDOWS\Installer\15d8696.msi [MD5.E09006C85525E718EA03594C5EA172BA] - [18/12/2016 05:29:47] - |A| - [3675136] - C:\WINDOWS\Installer\15d869c.msi [MD5.CF923AE2AE987717DD95DAB5741101E4] - [18/12/2016 05:29:42] - |A| - [4368896] - C:\WINDOWS\Installer\15d86a3.msi [MD5.5C48784412433E81C3042EB7DCA8E8CF] - [18/12/2016 05:27:54] - |A| - [1199104] - C:\WINDOWS\Installer\15d86aa.msi [MD5.5D45ACFD67B27A1827ED7DE9394BD6A7] - [18/12/2016 05:27:48] - |A| - [1216000] - C:\WINDOWS\Installer\15d86b1.msi [MD5.DCFC6401D57C28379002006061396AE5] - [18/12/2016 05:29:52] - |A| - [3159552] - C:\WINDOWS\Installer\15d86b8.msi [MD5.3CBA1EE77FAD369495F65B961C610306] - [18/12/2016 05:29:14] - |A| - [1216000] - C:\WINDOWS\Installer\15d86bf.msi [MD5.B20E93BB8832968008E1C02EC1AC68E7] - [18/12/2016 05:27:43] - |A| - [1217536] - C:\WINDOWS\Installer\15d86c6.msi [MD5.F309F9A5B61687F41B1751F38DBC0721] - [18/12/2016 05:27:40] - |A| - [3815936] - C:\WINDOWS\Installer\15d86cd.msi [MD5.1C1227BC5B50FCFDB8E00A46226AD501] - [18/12/2016 05:27:06] - |A| - [866304] - C:\WINDOWS\Installer\15d86d4.msi [MD5.F7CE41D712528A2E7F161C2504A70D21] - [18/12/2016 05:29:31] - |A| - [1812992] - C:\WINDOWS\Installer\15d86db.msi [MD5.19A845BA3FF54277A23AE263C4451118] - [18/12/2016 05:29:11] - |A| - [3006464] - C:\WINDOWS\Installer\15d86e2.msi [MD5.DB4F92889B441AB528EAE256D9F60112] - [18/12/2016 05:28:04] - |A| - [3638272] - C:\WINDOWS\Installer\15d86e9.msi [MD5.32ADB203A53F4DD325A71DE3EACFFE48] - [18/12/2016 05:27:18] - |A| - [5207040] - C:\WINDOWS\Installer\15d86f0.msi [MD5.F5A385DF1F5246DD21E1FE184A34BE4F] - [18/12/2016 05:27:24] - |A| - [4475392] - C:\WINDOWS\Installer\15d86f7.msi [MD5.E233726C9C61FB876CE8C19572F8F28D] - [18/12/2016 05:26:47] - |A| - [5765632] - C:\WINDOWS\Installer\15d86fe.msi [MD5.5E1F140F41530269EFDD0DBEE93DEFBF] - [18/12/2016 05:27:14] - |A| - [1181696] - C:\WINDOWS\Installer\15d8705.msi [MD5.1411D00156B0A48CF4D9ED1DC40FD5E3] - [18/12/2016 05:27:03] - |A| - [1418240] - C:\WINDOWS\Installer\15d870b.msi [MD5.C3778140B05144919B33884DB205849F] - [18/12/2016 05:29:19] - |A| - [3717632] - C:\WINDOWS\Installer\15d8718.msi [MD5.54935A24707432FB9B364CAFC6F497ED] - [18/12/2016 05:29:55] - |A| - [2833920] - C:\WINDOWS\Installer\15d871f.msi [MD5.7C8096FBB380769BBB7DCDCF0D8BDB04] - [18/12/2016 05:29:28] - |A| - [866816] - C:\WINDOWS\Installer\15d872d.msi [MD5.466EB5C5E441F8DC01EADCFA055E2522] - [18/12/2016 05:27:03] - |A| - [2380288] - C:\WINDOWS\Installer\15d8734.msi [MD5.7C156772BF838C2565AA289DF4C59A5F] - [18/12/2016 21:02:42] - |A| - [9523200] - C:\WINDOWS\Installer\1c6800f.msi [MD5.3E3E5D4A3C602090DC5D1352625BEA09] - [18/12/2016 21:06:05] - |A| - [15673344] - C:\WINDOWS\Installer\1c68012.msi [MD5.B1AF4EAB0A90B020A84CDED52C17699C] - [18/12/2016 21:14:25] - |A| - [649728] - C:\WINDOWS\Installer\1c68017.msi [MD5.77691F16F89C35AC2506A83260316572] - [19/12/2016 16:45:30] - |A| - [9129984] - C:\WINDOWS\Installer\272e1c2.msi [MD5.81082E9E753FBEB85F23F9B2CC179C56] - [18/12/2016 07:46:47] - |A| - [35158016] - C:\WINDOWS\Installer\2d20af.msi [MD5.979F1F98EA72C0B18F9C3A7ED4A928C2] - [18/12/2016 07:49:49] - |A| - [3156992] - C:\WINDOWS\Installer\2d20b5.msi [MD5.0CE3DB6358B90E9CC1A53D59A13E5E32] - [18/12/2016 07:48:04] - |A| - [3817472] - C:\WINDOWS\Installer\2d20bc.msi [MD5.C04CB61ECD7207150E960D23017734B1] - [18/12/2016 07:48:59] - |A| - [3005440] - C:\WINDOWS\Installer\2d20c3.msi [MD5.6C3D5D17E37BFCCC6ED2924EE222ACFF] - [18/12/2016 07:48:28] - |A| - [2101248] - C:\WINDOWS\Installer\2d20ca.msi [MD5.88F348EAD95E84FC203EB578EDC58B29] - [18/12/2016 07:47:48] - |A| - [5206528] - C:\WINDOWS\Installer\2d20d1.msi [MD5.87B42C89EDAC6D0B7E8057EEE5B134E5] - [18/12/2016 07:47:52] - |A| - [4472320] - C:\WINDOWS\Installer\2d20d8.msi [MD5.73AAC6E63825CF6EAED974AF9F312398] - [18/12/2016 07:47:09] - |A| - [5762560] - C:\WINDOWS\Installer\2d20df.msi [MD5.63115A5698215F6D1A388A7E3CF5B8FC] - [18/12/2016 07:48:22] - |A| - [4322304] - C:\WINDOWS\Installer\2d20e6.msi [MD5.CA70C605C7423D3BD80BAA96527BAC6B] - [18/12/2016 07:49:52] - |A| - [2830336] - C:\WINDOWS\Installer\2d20ed.msi [MD5.51B34393B44FE1EF6976D8C841421F21] - [18/12/2016 07:49:15] - |A| - [866816] - C:\WINDOWS\Installer\2d20f4.msi [MD5.D30A68D32F50623B3C96B04C7AA989F3] - [16/12/2016 12:57:11] - |A| - [19871744] - C:\WINDOWS\Installer\3f661d.msi [MD5.2FC7CEBE506AB30614685A8A9AD29498] - [16/12/2016 12:57:52] - |A| - [17513984] - C:\WINDOWS\Installer\3f6621.msi [MD5.94EC983087D03098102B40E5C1A5F16E] - [16/12/2016 13:00:31] - |A| - [2610688] - C:\WINDOWS\Installer\3f6625.msi [MD5.251B96A9779B4C5D57348ECF5DFC1EF7] - [16/12/2016 13:01:14] - |A| - [3176448] - C:\WINDOWS\Installer\3f6629.msi [MD5.FFF8ACA7EB57B7C1A1889395C7656B04] - [16/12/2016 13:01:59] - |A| - [884736] - C:\WINDOWS\Installer\3f662d.msi [MD5.02552890C4F735FE44B2D8A2F0D58B4C] - [16/12/2016 13:02:09] - |A| - [879616] - C:\WINDOWS\Installer\3f6631.msi [MD5.124D0F03542526384BCCCE0F7FF4F786] - [16/12/2016 13:02:21] - |A| - [5102592] - C:\WINDOWS\Installer\3f6635.msi [MD5.C89193D7CB42940A7A9B1F4FE5930752] - [16/12/2016 13:03:41] - |A| - [42120192] - C:\WINDOWS\Installer\3f6639.msi [MD5.C8D9CB881644B18E64C8F3879F28404A] - [19/12/2016 16:19:05] - |A| - [44036096] - C:\WINDOWS\Installer\5efd864.msi [MD5.61B10B5B93D3CE49D772C8BFCF54D946] - [19/12/2016 18:41:22] - |A| - [299008] - C:\WINDOWS\Installer\699edb8.msi [MD5.5779B173CF0C323525A559DB8B802D90] - [19/12/2016 18:41:56] - |A| - [299008] - C:\WINDOWS\Installer\699edbd.msi [MD5.7378671ABC62E828A40121FBD9EB6E37] - [19/12/2016 18:42:03] - |A| - [417792] - C:\WINDOWS\Installer\699edc2.msi [MD5.3DB9332170468D71E0EBA8314065BDF5] - [19/12/2016 18:43:11] - |A| - [2330624] - C:\WINDOWS\Installer\699edc7.msi [MD5.C75E655AD9F6DCF317397139FD4CB200] - [19/12/2016 18:43:12] - |A| - [290816] - C:\WINDOWS\Installer\699edcc.msi [MD5.1C41DFBCB50FD38F1B2EB0C4173965A9] - [19/12/2016 18:43:15] - |A| - [753664] - C:\WINDOWS\Installer\699edd1.msi [MD5.55EA9F5089F892C564FBB409B54A0602] - [19/12/2016 19:00:48] - |A| - [307200] - C:\WINDOWS\Installer\699edd6.msi [MD5.D4EE422A8A194846E6A7EF2CBF2AA464] - [19/12/2016 19:05:44] - |A| - [315392] - C:\WINDOWS\Installer\699eddb.msi [MD5.FA6EFEA71B498441CA68C86CD9F8E01C] - [19/12/2016 19:06:03] - |A| - [1036288] - C:\WINDOWS\Installer\699ede0.msi [MD5.FCDB3C7323542C6342110F4E4BD136A0] - [19/12/2016 19:09:03] - |A| - [11067392] - C:\WINDOWS\Installer\699ede5.msi [MD5.215CC7A33DF8E62533CB83BF400C276B] - [19/12/2016 19:09:14] - |A| - [323584] - C:\WINDOWS\Installer\699edf9.msi [MD5.38C2C7D6A7C75A011C8A6C524656A800] - [19/12/2016 19:09:24] - |A| - [352256] - C:\WINDOWS\Installer\699edfe.msi [MD5.01FF19A5716C14CF771E83F164AE0967] - [19/12/2016 19:09:46] - |A| - [307200] - C:\WINDOWS\Installer\699ee03.msi [MD5.B0C7957FCA923D83BE66416EA859DDAD] - [19/12/2016 19:10:14] - |A| - [15630336] - C:\WINDOWS\Installer\699ee08.msi [MD5.817C3166E64DC1FEFF6F11C9D3216632] - [19/12/2016 19:10:21] - |A| - [290816] - C:\WINDOWS\Installer\699ee0d.msi [MD5.EA764BE70E1FF384E8841490064F8A15] - [19/12/2016 19:11:32] - |A| - [393216] - C:\WINDOWS\Installer\699ee12.msi [MD5.EF48453AF645BD3C93044F2099CF6736] - [19/12/2016 19:11:54] - |A| - [286720] - C:\WINDOWS\Installer\699ee17.msi [MD5.0869104DFF297BC73F335CE7CC8243D8] - [19/12/2016 19:11:56] - |A| - [999424] - C:\WINDOWS\Installer\699ee1c.msi [MD5.E8A4AB8DAE1DFFC94916762133C3D981] - [19/12/2016 19:31:48] - |A| - [303104] - C:\WINDOWS\Installer\7497f9d.msi [MD5.0350DDEA3E8F8F1C81BD600DD9E63EC7] - [19/12/2016 19:31:54] - |A| - [286720] - C:\WINDOWS\Installer\7497fa2.msi [MD5.573FE8DB3585E8B19505D49B6281A831] - [19/12/2016 19:31:55] - |A| - [303104] - C:\WINDOWS\Installer\7497fa7.msi [MD5.D9FFB0D581FADD1927DD41B61000CCB3] - [19/12/2016 19:31:59] - |A| - [323584] - C:\WINDOWS\Installer\7497fac.msi [MD5.443A506847B1025F13D9309E60B12B8E] - [19/12/2016 19:32:25] - |A| - [286720] - C:\WINDOWS\Installer\7497fb1.msi [MD5.F43ED2AB8D20962598FE37AFD5C85475] - [19/12/2016 19:32:37] - |A| - [13529088] - C:\WINDOWS\Installer\7497fb6.msi [MD5.6CCF35034A7E74C9EA2941B8FB5ECED0] - [18/12/2016 15:25:21] - |A| - [2698752] - C:\WINDOWS\Installer\9137a1.msi [MD5.F1260030FE13E9CA0C86791171A1EE2B] - [18/12/2016 15:25:46] - |A| - [4124160] - C:\WINDOWS\Installer\9137cd.msi [MD5.00000000000000000000000000000000] - [19/12/2016 11:43:27] - |D| - [0] - C:\WINDOWS\Installer\MSI4AF2.tmp- [MD5.00000000000000000000000000000000] - [19/12/2016 11:43:29] - |D| - [0] - C:\WINDOWS\Installer\MSI596B.tmp- [MD5.00000000000000000000000000000000] - [18/12/2016 21:04:19] - |D| - [0] - C:\WINDOWS\Installer\MSI7292.tmp- [MD5.00000000000000000000000000000000] - [18/12/2016 21:04:19] - |D| - [0] - C:\WINDOWS\Installer\MSI760D.tmp- [MD5.00000000000000000000000000000000] - [18/12/2016 21:03:26] - |D| - [0] - C:\WINDOWS\Installer\MSIA613.tmp- [MD5.00000000000000000000000000000000] - [18/12/2016 21:03:27] - |D| - [0] - C:\WINDOWS\Installer\MSIAA69.tmp- [MD5.00000000000000000000000000000000] - [18/12/2016 21:03:28] - |D| - [0] - C:\WINDOWS\Installer\MSIAE62.tmp- [MD5.00000000000000000000000000000000] - [18/12/2016 21:03:33] - |D| - [0] - C:\WINDOWS\Installer\MSIC102.tmp- [MD5.31D3DF6C2DF2946B5935D12BCBE35C51] - [19/12/2016 16:19:05] - |A| - [442984275] - C:\WINDOWS\Installer\pe10_1607x64.zip [MD5.C8D9CB881644B18E64C8F3879F28404A] - [19/12/2016 16:18:58] - |A| - [44036096] - C:\WINDOWS\Installer\reflect_setupv6.3.1665-x64-00.msi [MD5.4128FC1E0D50364887418514EAB7B2A5] - [19/12/2016 20:58:46] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{05935793-A34C-4272-3361-7AF9AEEE5649} [MD5.1FFF0037FF570BAF86E9EB55EF3D684B] - [18/12/2016 06:59:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{05C6B128-1B40-4495-9CB9-090B368BFA0A} [MD5.BFBFEB9DF05573F582ACE96DC8CEDAD1] - [18/12/2016 00:09:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{063E67F0-C298-8A2A-0FA6-84C15322A4E0} [MD5.CEBCEFF86F9B52EFC5D2A6BC48C95498] - [18/12/2016 00:08:51] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{07326A3E-02B3-1078-25D7-B8666BA8FE15} [MD5.898729CD7A6C501D4C075F1931C4FFDE] - [18/12/2016 00:08:45] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF} [MD5.55FB66F3EAE09DA92D6EC867256F263D] - [19/12/2016 21:14:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{0D008B74-0622-7F35-0791-C763427F3969} [MD5.C72DC83DB43234A0D37ADBEE5C884E8B] - [18/12/2016 05:46:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1045AB6F-6151-3634-8C2C-EE308AA1A6A7} [MD5.60DB44335DA113ABB7A6531A5C53A96D] - [18/12/2016 00:08:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{11087D24-567D-7D88-69C6-D7A08B5F4C47} [MD5.22C4A193A17C869481EB75D815F2958A] - [19/12/2016 22:44:47] - |A| - [135168] - C:\WINDOWS\Installer\SourceHash{11778632-197C-4D05-8AF3-4C4626019712} [MD5.43314F54FDC8F854F1530DFC4EBB5D03] - [16/12/2016 10:01:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{12345678-1234-1234-1234-123456789012} [MD5.9842D41BF5C14FDE1F76460505503F51] - [19/12/2016 22:21:41] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{124D51A1-F3C2-45AE-B812-D3CA71247093} [MD5.EC800ABEF5048F4D1CACA100E4010D47] - [19/12/2016 22:53:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1454FA4E-58BC-2EF1-9A19-147B0E499E03} [MD5.2F8CB0C99217C742D72FDD34EEDA6F05] - [18/12/2016 00:08:35] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1AD99E77-37CC-744E-39CA-67F6FD34565A} [MD5.2A7F608C69D4B888DB36B3281B148A51] - [18/12/2016 06:45:06] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1B6F5E51-575E-4693-BCA2-7543570D076D} [MD5.6BFD7B2D4F39E14D38CE7C04207A81C3] - [18/12/2016 00:08:43] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6} [MD5.09649C2439BE4AECBA3536FC8CB0E47C] - [18/12/2016 08:04:49] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1C63279A-BF36-4852-9924-B1978D6585A6} [MD5.480CFAED9DE0740F48E4F97D63004111] - [19/12/2016 21:51:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1D8E6291-B0D5-35EC-8441-6616F567A0F7} [MD5.635A638E2E4BCB60D133C9757540108F] - [18/12/2016 00:08:46] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C} [MD5.9666B95DD938895DD7B81D38D2D4ED46] - [16/12/2016 13:11:07] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} [MD5.6258561E425BB7F546E381E05DE75A78] - [18/12/2016 07:00:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{21916D21-F3DD-44F9-952B-FD122CBD1526} [MD5.1097316C6C6493B3AB266994C5D7FA37] - [19/12/2016 19:50:23] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{230524D3-ADB4-69CC-2A78-96D879E3221B} [MD5.B3E34D280A11CFFC541B025D5AEAED22] - [18/12/2016 06:47:48] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2432E589-6256-4513-B0BF-EFA8E325D5F0} [MD5.2BECC1D8F1FA1BF014813BD8D75CAB33] - [18/12/2016 00:08:58] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F} [MD5.F5C08E10D7F6F7A64111AA4F9E90AA5B] - [18/12/2016 06:46:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{29F67D84-3A70-456E-806A-52301B02070B} [MD5.D6AA840D086ED3C01E9FFB42648EF464] - [18/12/2016 00:08:48] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2D07E15C-A9A4-D8D6-D371-92EC8779E587} [MD5.C687F1290B8E902BB1FDC586B5F309E1] - [18/12/2016 00:08:21] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36} [MD5.08C644BFBAB4B31D8C7EAFEEFBFBDD0A] - [19/12/2016 22:12:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{30CA21F2-901A-44DB-A43F-FC31CD0F2493} [MD5.F61673D5E342EEE18D80138A4649170C] - [16/12/2016 12:32:41] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{3361D415-BA35-4143-B301-661991BA6219} [MD5.95D2764F63A1AF21DBC33D1F11E322D1] - [18/12/2016 00:08:44] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0} [MD5.3BC865834C7E673E06F7EC7E977C3BC5] - [18/12/2016 00:09:03] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{35A71DED-DA81-1313-352A-EC8A0B27DF3B} [MD5.1C7AC496B62A64B94733F8F5ECB6BF17] - [19/12/2016 19:43:51] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{363D76EC-B5B9-5D7B-0F59-C193FF6F03FC} [MD5.F504F3C8E72999CCDA135F0D3054D14F] - [16/12/2016 09:53:35] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{37B8F9C7-03FB-3253-8781-2517C99D7C00} [MD5.6D422A3FBEC62B41BEA023D3C291E12E] - [19/12/2016 22:10:16] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{3965C9F9-9B9A-4391-AC4B-8388210D3AA0} [MD5.46D0818D1A6B162161E29CFDB9167388] - [19/12/2016 22:11:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E} [MD5.23D3D3657573FCB0C209580A76C8066E] - [16/12/2016 12:36:31] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{402ED4A1-8F5B-387A-8688-997ABF58B8F2} [MD5.B14820604FF69D1D0366895FB3AECFA3] - [18/12/2016 21:08:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{4780AF24-213D-4187-86F2-0014A6D6077B} [MD5.19D380EAC02097514F299B4DB29BA489] - [19/12/2016 20:56:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{47AEE104-BF96-E407-D3FE-80BBD42732F4} [MD5.A6858D40ECAEE7098616499E433B663E] - [18/12/2016 06:55:02] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{47C00502-CFAC-42D3-8019-D9C557AD49AD} [MD5.5FDDF5A8E42C7A3D5BE62CF2AA416F3B] - [21/12/2016 19:19:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{47E5588F-C3A0-11DE-9857-005056C00008} [MD5.3A6067D32AB363D473E32087C413B3EF] - [19/12/2016 22:12:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{4B9E6EB0-0EED-4E74-9479-F982C3254F71} [MD5.593B3F7E43BC361E8AA13A4C6B748AFB] - [19/12/2016 21:11:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{4D989432-59D7-76A0-DD51-B96422F6FF7F} [MD5.86183FCF937E331D9B9A3F3431B3F0CD] - [18/12/2016 07:03:31] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{521087D5-A9CC-4434-9206-FA011ABBDCF3} [MD5.604659BFB8FCF70E0FFE8E88D134F547] - [19/12/2016 19:36:58] - |A| - [28672] - C:\WINDOWS\Installer\SourceHash{52EA560E-E50F-DC8F-146D-1B631548BA29} [MD5.36CC95F482BFFFE3401E27969B078BE8] - [19/12/2016 21:16:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{549DAD2D-2505-204C-EC58-59807FE6E037} [MD5.D922FA1196E488AF751BFD4685F29D7A] - [19/12/2016 22:23:05] - |A| - [45056] - C:\WINDOWS\Installer\SourceHash{54F84805-0116-467F-8713-899DFC472235} [MD5.0BEC2EDBFE38840974D2617F55D608D8] - [19/12/2016 22:52:59] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{561FA6E1-9438-E678-2D2A-CA99F8DDFBC0} [MD5.0FBB51E4DA29A25B5B467948873567F7] - [18/12/2016 07:57:30] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{5F284483-EE8D-447E-BEBE-2BF13B08C4BF} [MD5.30B2E2BB45BBFC3FB9703734E7B9131B] - [18/12/2016 07:57:37] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{60251665-84B4-41D6-84BF-6D50CE68DD08} [MD5.1C8BCE829BECBFA4B20D32791B356C3F] - [19/12/2016 19:32:50] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B} [MD5.8DBF73E4F4D3BE2439BD1D7D6A96F6E9] - [18/12/2016 21:14:32] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{64228DFB-7450-49B7-935C-B97342CB6659} [MD5.BB8DCBECD8AAE97559550E5F81E10652] - [18/12/2016 00:08:32] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{64D5A142-BD50-726E-ED9E-D2508D2A17E2} [MD5.1FA07901CF49ACE3F9FBCBF683ED34D9] - [18/12/2016 05:45:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{65AD78AD-D23D-3A1E-9305-3AE65CD522C2} [MD5.CD81A144EF25F27C389E9D367FE03FB6] - [18/12/2016 07:00:09] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} [MD5.A7934DAB55E59595D0FAA3ACA099A56F] - [18/12/2016 08:01:23] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6861C1AD-9829-4DE4-8647-4785ECEA421A} [MD5.D9F79BFF387B1DD1C9D6FA42D7DB23F4] - [19/12/2016 22:53:26] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6A7C97F8-E6B6-8043-19FC-75FB7910491E} [MD5.3B989B547B465FC1DACA7140F68C5F93] - [18/12/2016 06:43:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6B81BDC4-3368-4898-8F16-48962F789221} [MD5.23EBC3E12FAF4CB324CD4B0742AA9BB9] - [16/12/2016 12:37:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.B55C4758A269E19266A4E9C5AC8E071E] - [18/12/2016 07:02:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6DAEECA5-8208-47DA-82AA-6B653EC31B97} [MD5.02436942F574AFC9EB99E6E10824156F] - [18/12/2016 07:00:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6E6D453B-AADE-4F14-97F6-9B464488BC53} [MD5.4148C05A430A7DD46AF7C6765CC16271] - [18/12/2016 00:08:40] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494} [MD5.B99C4CCDCA839E358FEC7842CD35EA90] - [16/12/2016 12:37:35] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [MD5.8ABE90A6326E961A856DA240A0849B52] - [18/12/2016 00:09:04] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{79D22166-78C1-2AD4-04E7-BD22BD58FD46} [MD5.4AA2BA0F0BB9519662387D6842EB2026] - [16/12/2016 12:00:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7BAC3F7A-B963-468E-982E-B5608A87408D} [MD5.EF9FC5B04F8C0281BC4E07DBDFD871D5] - [16/12/2016 10:35:12] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7D095455-D971-4D4C-9EFD-9AF6A6584F3A} [MD5.A23A7F626FAA7E5127F3484ABB036080] - [19/12/2016 22:15:51] - |A| - [24576] - C:\WINDOWS\Installer\SourceHash{7D29ED63-84F9-4EC7-B49F-994A3A3195B2} [MD5.5F1CE168A7C6E26CC1C1DDDEA4A57C2D] - [18/12/2016 07:57:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4} [MD5.93B2D27671698555DE9769DF3C5F51BA] - [19/12/2016 14:39:45] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7ED8575D-3A56-44CB-9015-513CA301062F} [MD5.3BFB97DD65F2D77022031F4088CDAB44] - [18/12/2016 07:59:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7F22DD97-256D-491D-9090-743FADC79BBE} [MD5.8D37A248262BF3A17B135C68D2B89B09] - [18/12/2016 00:08:49] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{82CA1714-13EA-F419-91FE-12834424745E} [MD5.C07D04A8021EDEDC26000EB52305AE7E] - [16/12/2016 17:29:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{837b34e3-7c30-493c-8f6a-2b0f04e2912c} [MD5.8378B8C69270A179C2BEDD1A2554A81A] - [16/12/2016 12:36:12] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.5BAB551D77B704D0A6688FA8F0808B81] - [19/12/2016 22:31:41] - |A| - [28672] - C:\WINDOWS\Installer\SourceHash{87D50333-E534-493A-8E98-0A49BC28F64B} [MD5.3F0A0E53DBD19F0F9F7FBD3F991BAD57] - [19/12/2016 22:52:53] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8C5FB518-E78C-F8F0-BFEC-8EAC65F51003} [MD5.6700A5FDC5819C039A1D6F84D403E5BF] - [16/12/2016 16:08:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8C784F8B-89D0-4A59-A000-7EEF129E1574} [MD5.FB8BF56A5C5C01171B4F114F63C9453E] - [18/12/2016 00:09:02] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68} [MD5.F29E5EC289F3F876DCB9A9EEE931E16C] - [18/12/2016 00:08:59] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81} [MD5.99B3C93CF633F65295D0DAD3CF2535FA] - [19/12/2016 16:27:21] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{911949A6-66E6-4C52-8264-CEA4DF6A5A83} [MD5.A12F5036F9234156CEF919566A463E11] - [19/12/2016 21:26:51] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{91361B2A-F741-E591-303B-4EF957F3BAF1} [MD5.1CA5CF8032E75F59171572A424099E43] - [18/12/2016 07:03:42] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{94A4AE85-9F1D-4687-953F-38371C9D1A4F} [MD5.7ECD51BDB0E8B3EBF21D7C274EA2E2C0] - [19/12/2016 21:15:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{97B6FAD9-6F14-CC46-3165-F1785ECCE255} [MD5.10A60DEEBCA32DC7CADDE8BB68EFB140] - [18/12/2016 06:50:39] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{991572A1-F8B9-42E5-B485-A79724558A84} [MD5.EBF56481300DA1FFB5F88AD005523B00] - [18/12/2016 07:56:58] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9C637A56-4287-487F-95BF-1422FC1AA879} [MD5.4F91B406B24838BDBE2D2015497398F9] - [19/12/2016 19:49:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9D550F66-5D52-29CA-28B5-EE0C2C0CDFBE} [MD5.1E908EA0637822085C4FCBD6D4A6AD9A] - [16/12/2016 12:08:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9F205E94-9E42-4486-A92A-DF3F6CB85444} [MD5.A6BD2A268342C6B422A4464543B5B0B9] - [18/12/2016 08:03:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A163159C-B476-4501-B163-3F77809AC833} [MD5.4057CFEC116C5E4FB65FD8E7372D1483] - [18/12/2016 00:08:28] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A2CB1ACB-94A2-32BA-A15E-7D80319F7589} [MD5.55754ACB6B38EF7247CB7E5F356C3B8F] - [19/12/2016 22:22:01] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A39258D7-D80D-4148-84BC-4172C3CFF285} [MD5.7E1BFE932805F2F94F05BA649C853953] - [18/12/2016 06:45:48] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9} [MD5.BD4DEA1C996BAB63CD8F7737E12C6668] - [18/12/2016 00:08:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A5A6A4D0-2005-2A05-2E21-495808CF95ED} [MD5.7D6655A182D8265D47B22F6A308052B9] - [18/12/2016 00:09:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A760847A-C4D9-E7EF-716F-07C6CBF6B147} [MD5.A6776940A6C4CDF4A0C105FC666F05FE] - [18/12/2016 06:43:47] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{ABC88553-8770-4B97-B43E-5A90647A5B63} [MD5.A3A316DCE1C29058D697004D249C41B2] - [18/12/2016 00:08:29] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{AC53FC8B-EE18-3F9C-9B59-60937D0B182C} [MD5.88C888071BAC94D0107952FA1D66345D] - [18/12/2016 06:47:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{ACE49D50-19CD-44A6-B192-46F985283B26} [MD5.9F2026AEAFFCC70A81A07556B67A3C61] - [18/12/2016 00:09:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2} [MD5.F3C007E5E1090951AA317F6C90905976] - [18/12/2016 21:03:30] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B11FEAD6-F19E-473E-A8B1-AE58C058F575} [MD5.8C62FC3DB1E7EE4D3C98520C78AD2061] - [16/12/2016 09:59:36] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B175520C-86A2-35A7-8619-86DC379688B9} [MD5.8CA3DC5A1E4ADFDBDCF47A571C0C4AD5] - [18/12/2016 08:00:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97} [MD5.CAD236995403A1B4C03676A8599CC837] - [18/12/2016 00:08:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B839153C-D4D2-F89C-5033-0A160C62706B} [MD5.E826CEBCC852733E8402BB97B0C4976E] - [16/12/2016 09:59:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [MD5.4206414035CDF43FB3760315F8729B53] - [18/12/2016 06:44:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} [MD5.EB037831D9D6CF9E584CD7C4DB66B755] - [18/12/2016 00:08:50] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C1EA3764-1138-AE27-AD63-549BAD99BA15} [MD5.8F161C12527D4C4B0A7A60EC8DEB8AA3] - [19/12/2016 22:30:22] - |A| - [28672] - C:\WINDOWS\Installer\SourceHash{C22613C2-C7A4-4761-A906-116ECD4E7477} [MD5.FF54E3C440B4E6648CBC05C61D5B3D05] - [19/12/2016 21:12:30] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C30A729A-E9BA-37F8-3C58-64AD9F1D4694} [MD5.D762ADDBDEA8F2043AF21B2B6ABD15DD] - [18/12/2016 00:08:38] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C3D13AB8-468A-0174-1D06-DB9AAE8A131B} [MD5.C59CEF5AA6310AB40C709EA545B020D7] - [16/12/2016 13:08:22] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C59C179C-668D-49A9-B6EA-0121CCFC1243} [MD5.851A29E7FB6B89CB1FD59D21ECA22DED] - [19/12/2016 22:54:13] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE} [MD5.78CED86E3B420C831F3E05B905CB51FD] - [18/12/2016 00:08:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E} [MD5.C5F85FF43526FEB091CF67FB97CEDCB5] - [16/12/2016 10:03:26] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC} [MD5.357B7C91149623279AA380D204DD5ACE] - [16/12/2016 10:05:07] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B} [MD5.481F35B633B81B3645B80CF37930519A] - [19/12/2016 19:35:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CE3829CE-559B-3BFA-BAE7-0F745FAFCD28} [MD5.42D7EC0F820C690B65EDE65C4E1B663E] - [16/12/2016 09:53:26] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [MD5.10BB1EBC2FAD5213664FB0B1205476EA] - [18/12/2016 07:57:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9} [MD5.4F455289C747FD8B6E1951EAF380214D] - [19/12/2016 22:31:09] - |A| - [28672] - C:\WINDOWS\Installer\SourceHash{D0F44C37-A22B-4733-BBA7-86C9F4988725} [MD5.F314776B436E4076657A1DD588109D20] - [21/12/2016 08:00:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D3536C71-00CD-457F-8624-CBD51FD43F1C} [MD5.D7A16300FCEFF1C64D002323A0BB020A] - [19/12/2016 22:13:05] - |A| - [36864] - C:\WINDOWS\Installer\SourceHash{D441BD04-E548-4F8E-97A4-1B66135BAAA8} [MD5.5D17B6614A79AA16FE2313C2DB5CFE25] - [18/12/2016 06:54:31] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF} [MD5.FB14C4FEE6D279B2710DA26EFD0E54B0] - [19/12/2016 11:43:38] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D8A1F37A-B11B-4451-830D-6A243ADE2591} [MD5.1783A21FD10CD24174A11192694F5677] - [18/12/2016 06:48:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5} [MD5.4431BE4BEA504483CBCB4E4387DEA2DA] - [18/12/2016 06:51:06] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{DF4748D8-2FC2-4D51-87D0-95A81CCA962B} [MD5.A4109999C3F393D843A351A5980E49C3] - [19/12/2016 22:54:21] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E17085AE-9658-AA36-AE63-2A79581D8B64} [MD5.D15B71B8C59290677046B8FBEA59E397] - [18/12/2016 06:44:39] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E17BCB76-9924-4BD5-B6D6-50D3407B4E74} [MD5.D8E82DAB0DD341AF4E7D3C7FB410C67D] - [19/12/2016 22:22:14] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E721A8AA-2632-4798-B439-6D4C8A689BB8} [MD5.5AAE714F766B332C7929246FBBDFC091] - [18/12/2016 00:09:07] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E7366CA8-7179-77AE-E712-BA18D70A0A07} [MD5.D4AF7C45966671DC6AF75DFEB30C6DAD] - [18/12/2016 00:08:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E817E580-6318-AFC8-2102-322C73117EC4} [MD5.47C0EDAD327B82EBA6012FC372C2874E] - [18/12/2016 06:47:39] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{EB511CD1-C87C-490D-A7B1-D6C47F57820F} [MD5.B46DA50DE007C9922BF4964479F1F6E7] - [18/12/2016 06:56:41] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78} [MD5.EF058925A01A0FA2C0CCAADFCCC0FE2B] - [18/12/2016 08:03:34] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{EF0BA418-AF37-471E-9594-EAE5913F4681} [MD5.82B93F841722BDCC7DFB4B15C0473A0C] - [18/12/2016 07:03:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F030BFE8-8476-4C08-A553-233DE80A2BE1} [MD5.CBDA4E18135DE12DC2423D01425FAD31] - [18/12/2016 05:31:13] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [MD5.3074762056E8FD2BF0AD6AD4407604D4] - [19/12/2016 21:17:03] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F4EBF948-F00E-29EF-894C-D10A718F981D} [MD5.E9C374F5E5FFDE3D5FFFCF7C0D413B63] - [18/12/2016 00:08:41] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F77474EE-EB6C-C87B-88AF-3310C848E068} [MD5.4450FC1B8A3DFE92B81DFA6625183FE0] - [19/12/2016 21:00:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F7AADEDA-233A-1079-CD15-03AEB050F0C6} [MD5.CB198D87C24665B07787CE05B4AABB76] - [19/12/2016 21:27:25] - |A| - [28672] - C:\WINDOWS\Installer\SourceHash{F8288793-51B6-47EF-2F93-D37767663FC5} [MD5.87CC7E1AF86610D57A4CC49D005D0F97] - [18/12/2016 00:08:39] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F8DDBE95-DCBE-03B5-5359-DE3601146E21} [MD5.D6C472335208F40C9713A0EF80474AD6] - [19/12/2016 21:13:03] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{FB54F620-9555-3A11-26CB-B027C4DDF260} [MD5.7F9A2DA3543C87BBCC57A5BBBEB568E6] - [18/12/2016 00:08:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607} [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/12/2016 16:27:37] - |A| - [0] - C:\WINDOWS\Installer\wix{911949A6-66E6-4C52-8264-CEA4DF6A5A83}.SchedServiceConfig.rmi [MD5.00000000000000000000000000000000] - [18/12/2016 07:00:00] - |D| - [436200] - C:\WINDOWS\Installer\{05C6B128-1B40-4495-9CB9-090B368BFA0A} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:05] - |D| - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:52] - |D| - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:46] - |D| - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:34] - |D| - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47} [MD5.00000000000000000000000000000000] - [19/12/2016 22:46:56] - |D| - [5430] - C:\WINDOWS\Installer\{11778632-197C-4D05-8AF3-4C4626019712} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:37] - |D| - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A} [MD5.00000000000000000000000000000000] - [18/12/2016 06:45:36] - |D| - [436208] - C:\WINDOWS\Installer\{1B6F5E51-575E-4693-BCA2-7543570D076D} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:43] - |D| - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6} [MD5.00000000000000000000000000000000] - [18/12/2016 08:04:51] - |D| - [122880] - C:\WINDOWS\Installer\{1C63279A-BF36-4852-9924-B1978D6585A6} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:47] - |D| - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C} [MD5.00000000000000000000000000000000] - [16/12/2016 12:58:16] - |D| - [59640] - C:\WINDOWS\Installer\{20334FA5-6CD5-48FC-B5F9-D34D75E07845} [MD5.00000000000000000000000000000000] - [18/12/2016 07:00:38] - |D| - [817088] - C:\WINDOWS\Installer\{21916D21-F3DD-44F9-952B-FD122CBD1526} [MD5.00000000000000000000000000000000] - [18/12/2016 06:47:57] - |D| - [122880] - C:\WINDOWS\Installer\{2432E589-6256-4513-B0BF-EFA8E325D5F0} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:58] - |D| - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F} [MD5.00000000000000000000000000000000] - [16/12/2016 13:02:05] - |D| - [59640] - C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C} [MD5.00000000000000000000000000000000] - [18/12/2016 06:46:49] - |D| - [436208] - C:\WINDOWS\Installer\{29F67D84-3A70-456E-806A-52301B02070B} [MD5.00000000000000000000000000000000] - [16/12/2016 13:02:14] - |D| - [59640] - C:\WINDOWS\Installer\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:48] - |D| - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587} [MD5.00000000000000000000000000000000] - [19/12/2016 22:12:38] - |D| - [5430] - C:\WINDOWS\Installer\{30CA21F2-901A-44DB-A43F-FC31CD0F2493} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:44] - |D| - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:03] - |D| - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B} [MD5.00000000000000000000000000000000] - [19/12/2016 22:10:54] - |D| - [5430] - C:\WINDOWS\Installer\{3965C9F9-9B9A-4391-AC4B-8388210D3AA0} [MD5.00000000000000000000000000000000] - [19/12/2016 22:11:53] - |D| - [5430] - C:\WINDOWS\Installer\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E} [MD5.00000000000000000000000000000000] - [16/12/2016 13:02:38] - |D| - [59640] - C:\WINDOWS\Installer\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68} [MD5.00000000000000000000000000000000] - [18/12/2016 21:11:47] - |D| - [409600] - C:\WINDOWS\Installer\{4780AF24-213D-4187-86F2-0014A6D6077B} [MD5.00000000000000000000000000000000] - [18/12/2016 06:56:25] - |D| - [1026000] - C:\WINDOWS\Installer\{47C00502-CFAC-42D3-8019-D9C557AD49AD} [MD5.00000000000000000000000000000000] - [21/12/2016 19:25:19] - |D| - [280617] - C:\WINDOWS\Installer\{47E5588F-C3A0-11DE-9857-005056C00008} [MD5.00000000000000000000000000000000] - [19/12/2016 22:12:18] - |D| - [5430] - C:\WINDOWS\Installer\{4B9E6EB0-0EED-4E74-9479-F982C3254F71} [MD5.00000000000000000000000000000000] - [18/12/2016 07:03:33] - |D| - [122880] - C:\WINDOWS\Installer\{521087D5-A9CC-4434-9206-FA011ABBDCF3} [MD5.00000000000000000000000000000000] - [18/12/2016 07:57:32] - |D| - [424272] - C:\WINDOWS\Installer\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF} [MD5.00000000000000000000000000000000] - [18/12/2016 07:57:40] - |D| - [710640] - C:\WINDOWS\Installer\{60251665-84B4-41D6-84BF-6D50CE68DD08} [MD5.00000000000000000000000000000000] - [18/12/2016 21:14:34] - |D| - [53248] - C:\WINDOWS\Installer\{64228DFB-7450-49B7-935C-B97342CB6659} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:32] - |D| - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2} [MD5.00000000000000000000000000000000] - [18/12/2016 07:00:14] - |D| - [69632] - C:\WINDOWS\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} [MD5.00000000000000000000000000000000] - [18/12/2016 08:03:21] - |D| - [2138048] - C:\WINDOWS\Installer\{6861C1AD-9829-4DE4-8647-4785ECEA421A} [MD5.00000000000000000000000000000000] - [18/12/2016 06:43:31] - |D| - [473072] - C:\WINDOWS\Installer\{6B81BDC4-3368-4898-8F16-48962F789221} [MD5.00000000000000000000000000000000] - [16/12/2016 12:37:11] - |D| - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.00000000000000000000000000000000] - [18/12/2016 07:02:55] - |D| - [122880] - C:\WINDOWS\Installer\{6DAEECA5-8208-47DA-82AA-6B653EC31B97} [MD5.00000000000000000000000000000000] - [18/12/2016 07:01:49] - |D| - [329712] - C:\WINDOWS\Installer\{6E6D453B-AADE-4F14-97F6-9B464488BC53} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:41] - |D| - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:04] - |D| - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46} [MD5.00000000000000000000000000000000] - [16/12/2016 12:01:13] - |D| - [50659] - C:\WINDOWS\Installer\{7BAC3F7A-B963-468E-982E-B5608A87408D} [MD5.00000000000000000000000000000000] - [16/12/2016 11:05:06] - |D| - [123570] - C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A} [MD5.00000000000000000000000000000000] - [18/12/2016 07:59:34] - |D| - [888768] - C:\WINDOWS\Installer\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4} [MD5.00000000000000000000000000000000] - [19/12/2016 14:40:38] - |D| - [144529] - C:\WINDOWS\Installer\{7ED8575D-3A56-44CB-9015-513CA301062F} [MD5.00000000000000000000000000000000] - [18/12/2016 08:00:02] - |D| - [1886152] - C:\WINDOWS\Installer\{7F22DD97-256D-491D-9090-743FADC79BBE} [MD5.00000000000000000000000000000000] - [16/12/2016 13:01:43] - |D| - [59640] - C:\WINDOWS\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:49] - |D| - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E} [MD5.00000000000000000000000000000000] - [16/12/2016 12:36:13] - |D| - [72888] - C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.00000000000000000000000000000000] - [16/12/2016 16:08:29] - |D| - [316416] - C:\WINDOWS\Installer\{8C784F8B-89D0-4A59-A000-7EEF129E1574} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:02] - |D| - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:59] - |D| - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81} [MD5.00000000000000000000000000000000] - [19/12/2016 16:27:35] - |D| - [665497] - C:\WINDOWS\Installer\{911949A6-66E6-4C52-8264-CEA4DF6A5A83} [MD5.00000000000000000000000000000000] - [18/12/2016 07:03:48] - |D| - [122880] - C:\WINDOWS\Installer\{94A4AE85-9F1D-4687-953F-38371C9D1A4F} [MD5.00000000000000000000000000000000] - [18/12/2016 06:50:45] - |D| - [710640] - C:\WINDOWS\Installer\{991572A1-F8B9-42E5-B485-A79724558A84} [MD5.00000000000000000000000000000000] - [18/12/2016 07:57:06] - |D| - [456688] - C:\WINDOWS\Installer\{9C637A56-4287-487F-95BF-1422FC1AA879} [MD5.00000000000000000000000000000000] - [16/12/2016 12:10:38] - |D| - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444} [MD5.00000000000000000000000000000000] - [18/12/2016 08:04:38] - |D| - [122880] - C:\WINDOWS\Installer\{A163159C-B476-4501-B163-3F77809AC833} [MD5.00000000000000000000000000000000] - [19/12/2016 22:22:07] - |D| - [5430] - C:\WINDOWS\Installer\{A39258D7-D80D-4148-84BC-4172C3CFF285} [MD5.00000000000000000000000000000000] - [18/12/2016 06:45:56] - |D| - [710640] - C:\WINDOWS\Installer\{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:54] - |D| - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:01] - |D| - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147} [MD5.00000000000000000000000000000000] - [16/12/2016 13:00:44] - |D| - [59640] - C:\WINDOWS\Installer\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3} [MD5.00000000000000000000000000000000] - [18/12/2016 06:44:00] - |D| - [1374160] - C:\WINDOWS\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63} [MD5.00000000000000000000000000000000] - [18/12/2016 06:47:30] - |D| - [436208] - C:\WINDOWS\Installer\{ACE49D50-19CD-44A6-B192-46F985283B26} [MD5.00000000000000000000000000000000] - [16/12/2016 12:57:21] - |D| - [415992] - C:\WINDOWS\Installer\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:18] - |D| - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2} [MD5.00000000000000000000000000000000] - [18/12/2016 21:04:03] - |D| - [27555] - C:\WINDOWS\Installer\{B11FEAD6-F19E-473E-A8B1-AE58C058F575} [MD5.00000000000000000000000000000000] - [18/12/2016 08:01:11] - |D| - [1026000] - C:\WINDOWS\Installer\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97} [MD5.00000000000000000000000000000000] - [16/12/2016 10:32:49] - |D| - [22566013] - C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:57] - |D| - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B} [MD5.00000000000000000000000000000000] - [18/12/2016 06:44:29] - |D| - [122880] - C:\WINDOWS\Installer\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:50] - |D| - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:38] - |D| - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B} [MD5.00000000000000000000000000000000] - [16/12/2016 13:10:18] - |D| - [155217] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:53] - |D| - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E} [MD5.00000000000000000000000000000000] - [16/12/2016 10:06:24] - |D| - [1351168] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B} [MD5.00000000000000000000000000000000] - [16/12/2016 10:38:45] - |D| - [14236582] - C:\WINDOWS\Installer\{CF6C1B06-4F86-4C41-BD21-9E40500006B5} [MD5.00000000000000000000000000000000] - [18/12/2016 07:57:18] - |D| - [710640] - C:\WINDOWS\Installer\{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9} [MD5.00000000000000000000000000000000] - [21/12/2016 08:01:03] - |D| - [167053] - C:\WINDOWS\Installer\{D3536C71-00CD-457F-8624-CBD51FD43F1C} [MD5.00000000000000000000000000000000] - [19/12/2016 22:14:06] - |D| - [5430] - C:\WINDOWS\Installer\{D441BD04-E548-4F8E-97A4-1B66135BAAA8} [MD5.00000000000000000000000000000000] - [18/12/2016 06:54:46] - |D| - [1886160] - C:\WINDOWS\Installer\{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF} [MD5.00000000000000000000000000000000] - [16/12/2016 13:04:09] - |D| - [1247976] - C:\WINDOWS\Installer\{D88BC069-BFFF-4442-91EC-198EF2B764FE} [MD5.00000000000000000000000000000000] - [19/12/2016 11:46:22] - |D| - [706414] - C:\WINDOWS\Installer\{D8A1F37A-B11B-4451-830D-6A243ADE2591} [MD5.00000000000000000000000000000000] - [18/12/2016 06:50:17] - |D| - [710632] - C:\WINDOWS\Installer\{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5} [MD5.00000000000000000000000000000000] - [18/12/2016 06:53:59] - |D| - [888768] - C:\WINDOWS\Installer\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B} [MD5.00000000000000000000000000000000] - [18/12/2016 06:44:57] - |D| - [436208] - C:\WINDOWS\Installer\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74} [MD5.00000000000000000000000000000000] - [19/12/2016 22:22:17] - |D| - [5430] - C:\WINDOWS\Installer\{E721A8AA-2632-4798-B439-6D4C8A689BB8} [MD5.00000000000000000000000000000000] - [18/12/2016 00:09:08] - |D| - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:55] - |D| - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4} [MD5.00000000000000000000000000000000] - [18/12/2016 06:47:41] - |D| - [423920] - C:\WINDOWS\Installer\{EB511CD1-C87C-490D-A7B1-D6C47F57820F} [MD5.00000000000000000000000000000000] - [18/12/2016 06:59:38] - |D| - [2138048] - C:\WINDOWS\Installer\{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78} [MD5.00000000000000000000000000000000] - [18/12/2016 08:03:44] - |D| - [1013712] - C:\WINDOWS\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681} [MD5.00000000000000000000000000000000] - [18/12/2016 07:03:15] - |D| - [419824] - C:\WINDOWS\Installer\{F030BFE8-8476-4C08-A553-233DE80A2BE1} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:42] - |D| - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068} [MD5.00000000000000000000000000000000] - [18/12/2016 00:08:39] - |D| - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21} [MD5.00000000000000000000000000000000] - [19/12/2016 22:10:36] - |D| - [336225] - C:\WINDOWS\system32\1033 [MD5.40C1E763ACB4FCB8744C220D7B1A4800] - [17/12/2016 23:40:34] - |A| - [425984] - C:\WINDOWS\system32\aadcloudap.dll [MD5.7B2301A9FE0A9B1DF7A321F1E044BA41] - [17/12/2016 23:40:34] - |A| - [1121280] - C:\WINDOWS\system32\aadtb.dll [MD5.3E605CE3C04165B3718B1E4C1E7F5085] - [17/12/2016 23:41:20] - |A| - [284160] - C:\WINDOWS\system32\AboveLockAppHost.dll [MD5.BDD9BD6910DB26CCC136CB1E2271D1C6] - [17/12/2016 23:40:27] - |A| - [441856] - C:\WINDOWS\system32\AccountsRt.dll [MD5.7A6428929BBDB854042D83494DD13101] - [17/12/2016 23:41:20] - |A| - [5511680] - C:\WINDOWS\system32\aclui.dll [MD5.DCB77F9C30B269461B59E87810EE2B43] - [17/12/2016 23:41:02] - |A| - [137568] - C:\WINDOWS\system32\acmigration.dll [MD5.BBB6B1F731DC954B833115DA90A89597] - [17/12/2016 23:40:28] - |A| - [159744] - C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll [MD5.708099C902AD52476D40AB6F5A697015] - [17/12/2016 23:41:23] - |A| - [308736] - C:\WINDOWS\system32\ActionCenter.dll [MD5.48BB8F72BDADBE7FBA5E4380C9D7ADF6] - [17/12/2016 23:41:23] - |A| - [566784] - C:\WINDOWS\system32\ActionCenterCPL.dll [MD5.9E700419EA86397448296B7D9B195907] - [17/12/2016 23:40:28] - |A| - [389632] - C:\WINDOWS\system32\ActivationManager.dll [MD5.EC449756B377F4330B2885567112ACF5] - [17/12/2016 23:40:26] - |A| - [3542016] - C:\WINDOWS\system32\actxprxy.dll [MD5.BDCF02173186A49AB4B9EAEF5B555ED1] - [17/12/2016 23:40:52] - |A| - [68096] - C:\WINDOWS\system32\AddressParser.dll [MD5.4597AFDD76E4E579838F5FE80CF61B51] - [17/12/2016 23:41:03] - |A| - [99328] - C:\WINDOWS\system32\adsmsext.dll [MD5.A6A29385042B7104A797C2A72A638A04] - [17/12/2016 23:41:02] - |A| - [1235296] - C:\WINDOWS\system32\aeinv.dll [MD5.D27086EBF2D41BBCC2672D7B3D22FB90] - [17/12/2016 23:41:02] - |A| - [232800] - C:\WINDOWS\system32\aepic.dll [MD5.ACCA6F8889B8B6F9CF1DBD8A195DC79C] - [21/12/2016 12:52:56] - |A| - [574752] - C:\WINDOWS\system32\AERTAC64.dll [MD5.2AB5D946F1EF95A098F8189C51FF5792] - [21/12/2016 12:52:56] - |A| - [118584] - C:\WINDOWS\system32\AERTAR64.dll [MD5.38D8CA93EC675696D8F4A39C3081A515] - [17/12/2016 23:41:02] - |A| - [1691136] - C:\WINDOWS\system32\aitstatic.exe [MD5.971819F3DD0996BCCB9E4330C52C4207] - [17/12/2016 23:42:15] - |A| - [446896] - C:\WINDOWS\system32\ApnDatabase.xml [MD5.87BF36C0AD9398C7C5AF48CA9C7F3E56] - [17/12/2016 23:41:11] - |A| - [170496] - C:\WINDOWS\system32\AppCapture.dll [MD5.EBB2F503484E75D293613279EA3CB7EA] - [17/12/2016 23:40:28] - |A| - [1060352] - C:\WINDOWS\system32\AppContracts.dll [MD5.73FAA5517CCD1332F00192A303CF2026] - [17/12/2016 23:41:03] - |A| - [125952] - C:\WINDOWS\system32\appinfo.dll [MD5.E2AAF07BEB81E6E4CAC382F0B2CA551C] - [17/12/2016 23:40:52] - |A| - [140288] - C:\WINDOWS\system32\AppointmentActivation.dll [MD5.A1D6EAC6622B351212AC52621ABD3D9B] - [17/12/2016 23:40:52] - |A| - [771072] - C:\WINDOWS\system32\AppointmentApis.dll [MD5.8F1AF1A559291DE87C91C9FBC15BDB80] - [17/12/2016 23:41:02] - |A| - [1637728] - C:\WINDOWS\system32\appraiser.dll [MD5.A0746EF6C5AB7A17A67BC167167499C1] - [17/12/2016 23:40:28] - |A| - [560128] - C:\WINDOWS\system32\AppReadiness.dll [MD5.0257EB6E424875D1FFEF193FED1F2F2E] - [17/12/2016 23:41:04] - |A| - [176128] - C:\WINDOWS\system32\apprepapi.dll [MD5.0CC546199EA54CB510176DB999A455A3] - [17/12/2016 23:41:03] - |A| - [379392] - C:\WINDOWS\system32\apprepsync.dll [MD5.6010A920FDE5BFE4EA056F9736FBDC06] - [17/12/2016 23:40:53] - |A| - [823136] - C:\WINDOWS\system32\AppVClient.exe [MD5.098DF2CFC21F716F5BF86AE54355F5D9] - [17/12/2016 23:40:53] - |A| - [704352] - C:\WINDOWS\system32\AppVEntVirtualization.dll [MD5.09B02E6207527FAC786B979D29E8D606] - [17/12/2016 23:41:21] - |A| - [828416] - C:\WINDOWS\system32\appwiz.cpl [MD5.8F44453338E9B745023478AF4DA4B9EE] - [17/12/2016 23:41:12] - |A| - [203776] - C:\WINDOWS\system32\AppXApplicabilityBlob.dll [MD5.1067D34BEEA34E48E4D30F37F6AA93AF] - [17/12/2016 23:40:36] - |A| - [410112] - C:\WINDOWS\system32\AppXDeploymentClient.dll [MD5.DB023286233396E001A852683590178C] - [17/12/2016 23:41:12] - |A| - [956416] - C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll [MD5.96A380C14A4FFC2883A00FFB250EBD44] - [17/12/2016 23:41:12] - |A| - [1692672] - C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll [MD5.2C1CEC25F6D92871F38960E2E84CC3EE] - [17/12/2016 23:41:12] - |A| - [2275840] - C:\WINDOWS\system32\AppXDeploymentServer.dll [MD5.B2BF860EBDC02527F334E9E6F0F34C30] - [17/12/2016 23:40:18] - |A| - [1112928] - C:\WINDOWS\system32\AppxPackaging.dll [MD5.97BD81719D523D1CF639E6DA1E074180] - [17/12/2016 23:41:03] - |A| - [89088] - C:\WINDOWS\system32\asycfilt.dll [MD5.CD84C41DA2B3C4F6CC4849D3A52C27A2] - [17/12/2016 23:41:24] - |A| - [378720] - C:\WINDOWS\system32\atmfd.dll [MD5.77377F46EC1E38908FB11A48322DD085] - [17/12/2016 23:41:24] - |A| - [45056] - C:\WINDOWS\system32\atmlib.dll [MD5.59F44051BCD479E70446506B7E4E78BB] - [17/12/2016 23:42:15] - |A| - [337920] - C:\WINDOWS\system32\AudioEndpointBuilder.dll [MD5.E4AE313316CCE407A393DDF15690BEB0] - [17/12/2016 23:42:15] - |A| - [534096] - C:\WINDOWS\system32\AudioEng.dll [MD5.B6699EAD25D76CCA04ACA8CEEB8508E6] - [17/12/2016 23:42:15] - |A| - [418952] - C:\WINDOWS\system32\AUDIOKSE.dll [MD5.12563643B2A0D6AD44392F23A34119E8] - [17/12/2016 23:42:15] - |A| - [590960] - C:\WINDOWS\system32\AudioSes.dll [MD5.1C986DC8F4FDA1B040AC1176FB24467F] - [17/12/2016 23:42:15] - |A| - [942080] - C:\WINDOWS\system32\audiosrv.dll [MD5.28AEA9AC3951A7A981FEDD50B02CCEE0] - [17/12/2016 23:42:15] - |A| - [219648] - C:\WINDOWS\system32\AudioSrvPolicyManager.dll [MD5.91B1285AD75D2D7024ECB76853009E30] - [17/12/2016 23:40:28] - |A| - [146432] - C:\WINDOWS\system32\AuthBroker.dll [MD5.8150F0265AF2215D34E5099118B8B406] - [17/12/2016 23:41:20] - |A| - [881664] - C:\WINDOWS\system32\authui.dll [MD5.C892022800FCC059365954F37CAE0EDF] - [17/12/2016 23:41:21] - |A| - [163328] - C:\WINDOWS\system32\autoplay.dll [MD5.C21AE05FEF386D35EC28D029ED7E7BFC] - [17/12/2016 23:42:14] - |A| - [1908224] - C:\WINDOWS\system32\AzureSettingSyncProvider.dll [MD5.0C3C6D5EE3986F459F0D3D214A8F46C1] - [17/12/2016 23:42:06] - |A| - [112640] - C:\WINDOWS\system32\baaupdate.exe [MD5.3413167278CBF08DAE6D5EDDA1C36A94] - [17/12/2016 23:41:02] - |A| - [57856] - C:\WINDOWS\system32\BackgroundMediaPolicy.dll [MD5.FC4B43596C8686A8264DF2A47A869533] - [17/12/2016 23:41:13] - |A| - [85504] - C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll [MD5.4CD89AE11FF2D1C8C5FB4579E42C870B] - [17/12/2016 23:41:11] - |A| - [620544] - C:\WINDOWS\system32\bcastdvr.exe [MD5.E4207E8B3FCD84B019E03B51B57CE4C1] - [17/12/2016 23:41:11] - |A| - [198656] - C:\WINDOWS\system32\BcastDVRHelper.dll [MD5.72669C6C0B70C7617B32D123C72EF41C] - [17/12/2016 23:41:12] - |A| - [425472] - C:\WINDOWS\system32\bcdedit.exe [MD5.AC5344ED480F896C3BCE688F0AAE5144] - [17/12/2016 23:40:37] - |A| - [168424] - C:\WINDOWS\system32\bcrypt.dll [MD5.A76A06E67928D0879D07228BEF1BCB8B] - [17/12/2016 23:42:06] - |A| - [361472] - C:\WINDOWS\system32\bdechangepin.exe [MD5.2B4D3AEAAD02954F8C191BC2D67949AD] - [17/12/2016 23:42:05] - |A| - [361472] - C:\WINDOWS\system32\bdesvc.dll [MD5.ABAE5C42642A9EC0E4DE48A2582E8EA9] - [17/12/2016 23:42:05] - |A| - [33792] - C:\WINDOWS\system32\bdeui.dll [MD5.6CEF0C703030EF548C116A3D65CD94A9] - [17/12/2016 23:42:06] - |A| - [280472] - C:\WINDOWS\system32\bdeunlock.exe [MD5.00000000000000000000000000000000] - [16/12/2016 07:43:04] - |D| - [1626] - C:\WINDOWS\system32\BestPractices [MD5.88125659EFA273D90BF43F34D1209032] - [17/12/2016 23:40:39] - |A| - [7812096] - C:\WINDOWS\system32\BingMaps.dll [MD5.974FA5866D2F4FB4D7FDEB4BDB911071] - [17/12/2016 23:40:40] - |A| - [820736] - C:\WINDOWS\system32\BingOnlineServices.dll [MD5.2447BD15B41298622CC662249CD0F496] - [17/12/2016 23:40:54] - |A| - [770560] - C:\WINDOWS\system32\bisrv.dll [MD5.94E46B3464C0971C64BBBA33F19E27ED] - [17/12/2016 23:42:05] - |A| - [112128] - C:\WINDOWS\system32\BitLockerDeviceEncryption.exe [MD5.92C8FB2FC12757888339C0CC30A99B5A] - [17/12/2016 23:40:54] - |A| - [171520] - C:\WINDOWS\system32\biwinrt.dll [MD5.6FAD3704C336BF87A2543EF82C987F33] - [17/12/2016 23:40:36] - |A| - [120832] - C:\WINDOWS\system32\BluetoothApis.dll [MD5.C29A5DDEF61432C02D7EC6720D4B2A65] - [17/12/2016 23:41:02] - |A| - [582656] - C:\WINDOWS\system32\BootMenuUX.dll [MD5.2BC1A71D87303B75F0DBB1DAC291C40D] - [17/12/2016 23:12:39] - |A| - [3753984] - C:\WINDOWS\system32\bootux.dll [MD5.D07C0FEBC9CF05306DDD3B8320BD1331] - [17/12/2016 23:41:00] - |A| - [98304] - C:\WINDOWS\system32\browserbroker.dll [MD5.B2B0EB8BB0D741B798C691A9FED1B7B8] - [17/12/2016 23:40:36] - |A| - [98816] - C:\WINDOWS\system32\BthRadioMedia.dll [MD5.6C2FBD0580EBC02B723E9DFDE160609E] - [17/12/2016 23:40:50] - |A| - [104960] - C:\WINDOWS\system32\CastLaunch.dll [MD5.8439DB137E719EBFF71FD20586AAA2B4] - [17/12/2016 23:41:40] - |A| - [40960] - C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll [MD5.86DBBA9B08AB9DDA31C2F49E9F8EEFD9] - [17/12/2016 23:40:39] - |A| - [227328] - C:\WINDOWS\system32\cdd.dll [MD5.1F5FF8C45418A3D47DC73D612EFBD47E] - [17/12/2016 23:40:28] - |A| - [5114368] - C:\WINDOWS\system32\cdp.dll [MD5.E8720AD5391738C5EBCCCF696B46C000] - [16/12/2016 07:35:58] - |A| - [59392] - C:\WINDOWS\system32\cdpreference.exe [MD5.2E6612376D257F74781F2EF1F869D8C3] - [17/12/2016 23:40:28] - |A| - [411648] - C:\WINDOWS\system32\cdpsvc.dll [MD5.A93C9B9EBE2FDE5A536000D72CC17F7F] - [17/12/2016 23:40:28] - |A| - [339456] - C:\WINDOWS\system32\cdpusersvc.dll [MD5.424A70711226098D38F09CEEE96984B6] - [17/12/2016 23:40:27] - |A| - [2914304] - C:\WINDOWS\system32\CertEnroll.dll [MD5.997050BEA4A90A3DBF69C7393BD54C08] - [17/12/2016 23:41:59] - |A| - [8129536] - C:\WINDOWS\system32\Chakra.dll [MD5.5725D2F9E67D2D2F944777384BFC5EC3] - [17/12/2016 23:41:59] - |A| - [1081856] - C:\WINDOWS\system32\Chakradiag.dll [MD5.A972DDEFFEF76A9643A65F07C6762154] - [17/12/2016 23:41:59] - |A| - [140288] - C:\WINDOWS\system32\Chakrathunk.dll [MD5.A503F84DE81A3F559BB7620764EC843E] - [17/12/2016 23:41:02] - |A| - [130560] - C:\WINDOWS\system32\chartv.dll [MD5.2F338D525BCA71DC06FA83E72025CBBB] - [17/12/2016 23:40:52] - |A| - [748544] - C:\WINDOWS\system32\ChatApis.dll [MD5.66631B2AA34415118970A1A3CDEBD241] - [17/12/2016 23:40:37] - |A| - [634944] - C:\WINDOWS\system32\ci.dll [MD5.C50FBFDC76EAF8D22EC203B433D0EEFE] - [17/12/2016 23:40:28] - |A| - [200704] - C:\WINDOWS\system32\ClipboardServer.dll [MD5.8BA7A3B2A791159BD5A08D32F8D30A4B] - [17/12/2016 23:41:12] - |A| - [1356352] - C:\WINDOWS\system32\ClipUp.exe [MD5.0072D9AFFB4BE25A6E766A0124599073] - [17/12/2016 23:40:28] - |A| - [352768] - C:\WINDOWS\system32\cloudAP.dll [MD5.08E9936BA132ABE0733BF028C57659FA] - [17/12/2016 23:42:18] - |A| - [295424] - C:\WINDOWS\system32\CloudBackupSettings.dll [MD5.976EB2566EF7A48DD80BEEDE63DE1C65] - [17/12/2016 23:41:20] - |A| - [241504] - C:\WINDOWS\system32\CloudExperienceHost.dll [MD5.632E40D4B280A9B1F3666C7B59B8F960] - [17/12/2016 23:41:20] - |A| - [160096] - C:\WINDOWS\system32\CloudExperienceHostBroker.dll [MD5.A164374BB90548E6A83C94E04F8A7769] - [17/12/2016 23:40:36] - |A| - [146784] - C:\WINDOWS\system32\CloudExperienceHostCommon.dll [MD5.621BE7A39C4A2E06E2D9A223A8AB2DD2] - [17/12/2016 23:40:36] - |A| - [178528] - C:\WINDOWS\system32\CloudExperienceHostUser.dll [MD5.B6337AC6D2C16E4050362711041B2DA4] - [17/12/2016 23:42:14] - |A| - [187520] - C:\WINDOWS\system32\CloudStorageWizard.exe [MD5.3A92354FCB3EFAF96FCD4D09033BE8B0] - [17/12/2016 23:40:27] - |A| - [715264] - C:\WINDOWS\system32\clusapi.dll [MD5.B888C77AD1918D7D9437977B967BF7A7] - [17/12/2016 23:40:27] - |A| - [93184] - C:\WINDOWS\system32\cmifw.dll [MD5.43A8752487FD220B0B79A2BB5E9E7362] - [17/12/2016 23:42:04] - |A| - [36864] - C:\WINDOWS\system32\cmintegrator.dll [MD5.B50F4C3A4DE252EA5E7656A4438F0792] - [17/12/2016 23:40:37] - |A| - [2913144] - C:\WINDOWS\system32\combase.dll [MD5.CBA63D4B9F8A9117A59703EF18DABC53] - [17/12/2016 23:41:20] - |A| - [991232] - C:\WINDOWS\system32\comdlg32.dll [MD5.1AEBF878B8D8638EB823CD398F148EDE] - [17/12/2016 23:40:53] - |A| - [78688] - C:\WINDOWS\system32\CompatTelRunner.exe [MD5.2D1EB38090218C4EE313C69808D89AA0] - [17/12/2016 23:41:03] - |A| - [1639424] - C:\WINDOWS\system32\comsvcs.dll [MD5.62B53E06F95506669CCB6D3810A88E51] - [21/12/2016 12:51:31] - |A| - [122320] - C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll [MD5.BD4167C80AF17E32DA4476BB4FB51527] - [17/12/2016 23:41:20] - |A| - [266240] - C:\WINDOWS\system32\ConsoleLogon.dll [MD5.F729F21451A7948444ACA11FE3E51C48] - [17/12/2016 23:40:52] - |A| - [54784] - C:\WINDOWS\system32\ContactActivation.dll [MD5.C1205EEBE05A10394B3C7C22890F9263] - [17/12/2016 23:40:52] - |A| - [1013760] - C:\WINDOWS\system32\ContactApis.dll [MD5.06283D1A7B1901F027C0C7AD520A2835] - [17/12/2016 23:40:36] - |A| - [327680] - C:\WINDOWS\system32\container.dll [MD5.C5C184635BA06F8F707BB8837D1F7BD1] - [17/12/2016 23:41:23] - |A| - [603488] - C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll [MD5.5DE2049D5F57C1D142F36FA9CE443693] - [17/12/2016 23:40:18] - |A| - [764392] - C:\WINDOWS\system32\CoreMessaging.dll [MD5.8D7AC60330B3E96C4D00E682437868D0] - [17/12/2016 23:40:38] - |A| - [2681200] - C:\WINDOWS\system32\CoreUIComponents.dll [MD5.518FE9EAE640B8CBE80FE374D7DF28B9] - [17/12/2016 23:41:11] - |A| - [886784] - C:\WINDOWS\system32\CPFilters.dll [MD5.00D26DFCB55A8F1EE67A5EE3614F9C75] - [17/12/2016 23:41:12] - |A| - [461312] - C:\WINDOWS\system32\CredProvDataModel.dll [MD5.8F62D1468DB8FB4675C2C560C89B9281] - [17/12/2016 23:41:12] - |A| - [243712] - C:\WINDOWS\system32\credprovhost.dll [MD5.979E1E43F50D4BA6EAD46DC54EAB57BA] - [17/12/2016 23:41:12] - |A| - [157696] - C:\WINDOWS\system32\credprovs.dll [MD5.02562A5596A3B437FABC2188C8A700EA] - [17/12/2016 23:41:20] - |A| - [166912] - C:\WINDOWS\system32\credprovslegacy.dll [MD5.1A67F02D6CF159EE2BD0FEAB157F8F89] - [17/12/2016 23:40:37] - |A| - [1851696] - C:\WINDOWS\system32\crypt32.dll [MD5.0B854C8F588D38CBA00C2B1889A11F2A] - [17/12/2016 23:40:51] - |A| - [381952] - C:\WINDOWS\system32\cryptngc.dll [MD5.7AF01F6539F66128237A3D7E62EE1135] - [17/12/2016 23:40:28] - |A| - [376832] - C:\WINDOWS\system32\CryptoWinRT.dll [MD5.5CA3F620F57697308141552A16842895] - [17/12/2016 23:42:04] - |A| - [779776] - C:\WINDOWS\system32\cscui.dll [MD5.F1E2170B311D75405C53DFDFBDB6DC01] - [17/12/2016 23:41:50] - |A| - [58368] - C:\WINDOWS\system32\csrsrv.dll [MD5.D8597B34447DB8E8631BB3F3A13A5B8C] - [21/12/2016 12:53:35] - |A| - [1615656] - C:\WINDOWS\system32\CX64APO.dll [MD5.F59A4946F017AC8EFEB044E7901A9181] - [21/12/2016 12:53:36] - |A| - [1529136] - C:\WINDOWS\system32\CX64Proxy.dll [MD5.1955F78D9E7E16099DBABAB36FE3CC3C] - [17/12/2016 23:41:11] - |A| - [162850] - C:\WINDOWS\system32\C_932.NLS [MD5.B50025354EF7C48EBF0A21A0D485DFB4] - [17/12/2016 23:41:11] - |A| - [227840] - C:\WINDOWS\system32\C_G18030.DLL [MD5.77DBAF6D7F5F176157DB7F7F57CA46A5] - [17/12/2016 23:41:11] - |A| - [14848] - C:\WINDOWS\system32\c_GSM7.DLL [MD5.C61490A7DB706B7D156C66A3E34ED34C] - [17/12/2016 23:41:11] - |A| - [17408] - C:\WINDOWS\system32\C_IS2022.DLL [MD5.E1913C16CFFA87214FD9BA876117DE77] - [17/12/2016 23:40:38] - |A| - [5611008] - C:\WINDOWS\system32\d2d1.dll [MD5.0BD00AE0D8AAF0A62FDBAE8856F152D9] - [17/12/2016 23:40:38] - |A| - [2677544] - C:\WINDOWS\system32\d3d10warp.dll [MD5.517644763301E25D21FF48F8A894CAC3] - [17/12/2016 23:40:38] - |A| - [2828376] - C:\WINDOWS\system32\d3d11.dll [MD5.9C58479C6F685B0CB9FBA560DD905B0B] - [17/12/2016 23:40:38] - |A| - [1005568] - C:\WINDOWS\system32\D3D12.dll [MD5.98326410B37312F3A57E8040250BDC32] - [17/12/2016 23:41:25] - |A| - [1609920] - C:\WINDOWS\system32\d3d9.dll [MD5.21766CDBBA69CE5C42AA3F666DF7F524] - [17/12/2016 23:40:38] - |A| - [4474368] - C:\WINDOWS\system32\D3DCompiler_47.dll [MD5.7D1A9EE947A48B6DF60FDBA1435B337C] - [17/12/2016 23:41:40] - |A| - [109056] - C:\WINDOWS\system32\dab.dll [MD5.55C58F16ABEEB035D1D3B9DB475EDB09] - [17/12/2016 23:40:36] - |A| - [241152] - C:\WINDOWS\system32\dafBth.dll [MD5.E186BD3988C5BBD8F30AD3BD6786C6A5] - [17/12/2016 23:40:51] - |A| - [239104] - C:\WINDOWS\system32\dafpos.dll [MD5.DD74F18227ACC837D9856E24282D446D] - [17/12/2016 23:42:04] - |A| - [447488] - C:\WINDOWS\system32\das.dll [MD5.6F12B244B6BAC8EEEB506C0BEE04F8CB] - [17/12/2016 23:42:04] - |A| - [94720] - C:\WINDOWS\system32\dasHost.exe [MD5.8C8591CD7FDFDD27BA2395E6EB4C6316] - [17/12/2016 23:40:35] - |A| - [280064] - C:\WINDOWS\system32\DataExchange.dll [MD5.83D459A5CBAF13FA700EBCFD35C8E98A] - [17/12/2016 23:41:21] - |A| - [495104] - C:\WINDOWS\system32\DataSenseHandlers.dll [MD5.81C56248655872C203C52E03F29DEC9F] - [17/12/2016 23:42:04] - |A| - [463872] - C:\WINDOWS\system32\daxexec.dll [MD5.7B8270ADE3831F59CB0A1FBE2B650E45] - [17/12/2016 23:40:52] - |A| - [5384192] - C:\WINDOWS\system32\dbgeng.dll [MD5.7E430C33D24BC0DC76F56FF459EFA44D] - [17/12/2016 23:40:52] - |A| - [650240] - C:\WINDOWS\system32\DbgModel.dll [MD5.D09CA6A4247D8CA8008D7CC850941C67] - [17/12/2016 23:41:24] - |A| - [579072] - C:\WINDOWS\system32\ddraw.dll [MD5.03B40B32AE8631F64FA60CD294AE4191] - [17/12/2016 23:40:19] - |A| - [26112] - C:\WINDOWS\system32\delegatorprovider.dll [MD5.17CA16C7B5AFE34B919D5C86C0E41C5D] - [17/12/2016 23:41:21] - |A| - [289792] - C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll [MD5.08AAAE6D7F7DE043569BE264F87C0A53] - [17/12/2016 23:42:18] - |A| - [90400] - C:\WINDOWS\system32\devenum.dll [MD5.4E3054221246A393DEFCA21DC53C6EBE] - [17/12/2016 23:40:20] - |A| - [329728] - C:\WINDOWS\system32\deviceaccess.dll [MD5.0D16BFB3D49F7041C4C48CCC96F22540] - [17/12/2016 23:42:04] - |A| - [47616] - C:\WINDOWS\system32\deviceassociation.dll [MD5.47E6107CA36990552608CC6316A58086] - [17/12/2016 23:40:37] - |A| - [283488] - C:\WINDOWS\system32\DeviceCensus.exe [MD5.4F222DBCF23A7496BA813AF35E92DFAA] - [17/12/2016 23:41:21] - |A| - [411136] - C:\WINDOWS\system32\DeviceCenter.dll [MD5.28CF4575C39A0662138E6C6A0B107BCB] - [17/12/2016 23:41:13] - |A| - [172544] - C:\WINDOWS\system32\DeviceEnroller.exe [MD5.3D2079B85B9D87D025E0C3E23CDA1D75] - [17/12/2016 23:40:38] - |A| - [2084352] - C:\WINDOWS\system32\DeviceFlows.DataModel.dll [MD5.BB08E753C027F5FEECA835759F180014] - [17/12/2016 23:41:21] - |A| - [567296] - C:\WINDOWS\system32\DevicePairing.dll [MD5.E927C800402DB05BA5B20B0F24E7B197] - [17/12/2016 23:41:21] - |A| - [217088] - C:\WINDOWS\system32\DevicePairingFolder.dll [MD5.B69B3DCCF4C87451F738330C94A99AC9] - [17/12/2016 23:41:03] - |A| - [101216] - C:\WINDOWS\system32\DeviceReactivation.dll [MD5.EBABE2BCCBB21BEBDD5BC6B6AE1A179A] - [17/12/2016 23:41:02] - |A| - [584032] - C:\WINDOWS\system32\devinv.dll [MD5.2ADA0B221942ED692B172B236541C392] - [17/12/2016 23:40:36] - |A| - [265728] - C:\WINDOWS\system32\dhcpcore6.dll [MD5.CAD14E0AD1F03397E9B1C8733D76BEF4] - [17/12/2016 23:40:51] - |A| - [1980416] - C:\WINDOWS\system32\diagtrack.dll [MD5.AC5E9BE667E7F68E5A9B057503DA20B9] - [17/12/2016 23:40:50] - |A| - [187904] - C:\WINDOWS\system32\dialclient.dll [MD5.DAA6A4E3DD36F21A486901284D7BBFB1] - [17/12/2016 23:40:50] - |A| - [164352] - C:\WINDOWS\system32\dialserver.dll [MD5.3A6DCF83ADC03B5E25CD9B40D2F2FC0C] - [17/12/2016 23:41:02] - |A| - [250368] - C:\WINDOWS\system32\discan.dll [MD5.08805138ABD2C17AA6ECD42826C1BEAD] - [17/12/2016 23:41:21] - |A| - [347136] - C:\WINDOWS\system32\Display.dll [MD5.DEE66FE9F9001BC60D757E5CCD01E0E8] - [17/12/2016 23:40:35] - |A| - [185344] - C:\WINDOWS\system32\DisplayManager.dll [MD5.5A14B5B990D991E445E8B9F37F972048] - [17/12/2016 23:42:02] - |A| - [295424] - C:\WINDOWS\system32\dlnashext.dll [MD5.A736567105C8ECE9135C84E23273CE79] - [17/12/2016 23:41:13] - |A| - [147968] - C:\WINDOWS\system32\dmcertinst.exe [MD5.620316E17FB073F9FA519AD0CA9FA615] - [17/12/2016 23:41:13] - |A| - [455168] - C:\WINDOWS\system32\dmenrollengine.dll [MD5.7E2F080D02FE2D426A2D518F9FF13CFE] - [17/12/2016 23:40:50] - |A| - [523712] - C:\WINDOWS\system32\DMRServer.dll [MD5.96B8A433F6407DE34850927C96C6CE9B] - [17/12/2016 23:40:36] - |A| - [646136] - C:\WINDOWS\system32\dnsapi.dll [MD5.9B142FECCBE9D402D63892B12EB1C8AC] - [17/12/2016 23:42:19] - |A| - [498952] - C:\WINDOWS\system32\DolbyDecMFT.dll [MD5.A1D2D0F342A11179AE4D4640416ED6CA] - [17/12/2016 23:41:12] - |A| - [324096] - C:\WINDOWS\system32\domgmt.dll [MD5.704FE1155EAE560979226C6902115B2D] - [17/12/2016 23:41:12] - |A| - [1232384] - C:\WINDOWS\system32\dosvc.dll [MD5.488302B09300EB1CFDE4EDAD21390A68] - [17/12/2016 23:40:37] - |A| - [198144] - C:\WINDOWS\system32\dpapisrv.dll [MD5.00000000000000000000000000000000] - [21/12/2016 19:25:49] - |DC| - [44478] - C:\WINDOWS\system32\DRVSTORE [MD5.727F2875259DFB0A19004A3722DCDB9D] - [17/12/2016 23:40:51] - |A| - [908640] - C:\WINDOWS\system32\drvstore.dll [MD5.22D240F8745F0F64C4638E472F30BB7D] - [17/12/2016 23:41:01] - |A| - [471552] - C:\WINDOWS\system32\DscCore.dll [MD5.67322D2AC2F543C8458F155FFDF05D7A] - [17/12/2016 23:41:01] - |A| - [204288] - C:\WINDOWS\system32\DscCoreConfProv.dll [MD5.7722CBEFB4D140D5C443CC5D03F9778A] - [17/12/2016 23:40:28] - |A| - [480768] - C:\WINDOWS\system32\dsreg.dll [MD5.215A56F35692B2819D5F7721B99B2DCB] - [17/12/2016 23:41:04] - |A| - [686592] - C:\WINDOWS\system32\dsregcmd.exe [MD5.C4DC88BE2140CB670A2AF6572B11D1BB] - [17/12/2016 23:40:18] - |A| - [128864] - C:\WINDOWS\system32\dwmapi.dll [MD5.80316B3EB295BFA0E8B155A0A79869FB] - [17/12/2016 23:40:18] - |A| - [2287616] - C:\WINDOWS\system32\dwmcore.dll [MD5.4D2F68E0BC1F8C8DEC9DDE1DBB6D30C7] - [17/12/2016 23:40:38] - |A| - [2476544] - C:\WINDOWS\system32\DWrite.dll [MD5.D8FA419B49A4EFC3F2CE3BCB881B797F] - [17/12/2016 23:40:38] - |A| - [637400] - C:\WINDOWS\system32\dxgi.dll [MD5.C8FFA2202CE96D92F91A3289C91C122F] - [17/12/2016 23:42:02] - |A| - [6656] - C:\WINDOWS\system32\dxmasf.dll [MD5.26AB90DDC72EF878313AE3A597B27580] - [17/12/2016 23:42:00] - |A| - [276992] - C:\WINDOWS\system32\dxtrans.dll [MD5.D23738B17E5B74BC4D6BB58A3B103C35] - [17/12/2016 23:41:13] - |A| - [41472] - C:\WINDOWS\system32\EAMProgressHandler.dll [MD5.E02113EEBBD2689486B49F08103C70C8] - [17/12/2016 23:40:38] - |A| - [327168] - C:\WINDOWS\system32\eapp3hst.dll [MD5.D4A0A180E2C1A26F5DE4C3517DE0C414] - [17/12/2016 23:40:38] - |A| - [243200] - C:\WINDOWS\system32\eappcfg.dll [MD5.3D5B06EC01C5772DDB8AB82A769A0D97] - [17/12/2016 23:40:38] - |A| - [105984] - C:\WINDOWS\system32\eappgnui.dll [MD5.B6E61F3A3FFE0CE73446BAE0CEDDFA40] - [17/12/2016 23:40:38] - |A| - [302592] - C:\WINDOWS\system32\eapphost.dll [MD5.6314D8E070122C9FEF0FD9E6C46F8F9C] - [17/12/2016 23:40:38] - |A| - [71168] - C:\WINDOWS\system32\eappprxy.dll [MD5.5D24617DC3937CC787F4BC83BBCE6D37] - [17/12/2016 23:41:03] - |A| - [168960] - C:\WINDOWS\system32\easwrt.dll [MD5.39D428A31DA525F730D3262ADCA41CCE] - [17/12/2016 23:41:59] - |A| - [22563328] - C:\WINDOWS\system32\edgehtml.dll [MD5.3B9487062A0CFF44131EAC1731CA47CE] - [17/12/2016 23:40:39] - |A| - [85504] - C:\WINDOWS\system32\EditBufferTestHook.dll [MD5.04E33678D2737E0612084F0AAFBFE832] - [17/12/2016 23:41:03] - |A| - [161792] - C:\WINDOWS\system32\EditionUpgradeHelper.dll [MD5.4CDF5A5841E22456E7D64CC01B41E6AF] - [17/12/2016 23:41:03] - |A| - [882680] - C:\WINDOWS\system32\EditionUpgradeManagerObj.dll [MD5.FAE5D9725F3E1BE1214FBD92A190D01A] - [17/12/2016 23:41:13] - |A| - [143360] - C:\WINDOWS\system32\EDPCleanup.exe [MD5.CAF459B2E168FBA83E5C78A889B1A462] - [17/12/2016 23:41:03] - |A| - [40448] - C:\WINDOWS\system32\efsext.dll [MD5.3BBD41D11F3888F2500CB5A5FBF5A9B2] - [17/12/2016 23:41:13] - |A| - [590336] - C:\WINDOWS\system32\efswrt.dll [MD5.DC09A8F384BD1ADD0D2265C4BF41AEC8] - [17/12/2016 23:40:52] - |A| - [1145856] - C:\WINDOWS\system32\EmailApis.dll [MD5.38F5BB371027851DE180EF436C3A5F28] - [18/12/2016 00:28:56] - |A| - [23108] - C:\WINDOWS\system32\emptyregdb.dat [MD5.CE29091FC549D1C6C9FA92CE6A86874E] - [17/12/2016 23:42:18] - |A| - [27136] - C:\WINDOWS\system32\encapi.dll [MD5.5BB95BF277A60BC0A7C397799B7C22E6] - [17/12/2016 23:41:11] - |A| - [438784] - C:\WINDOWS\system32\EncDec.dll [MD5.B632A851F22428E3CEE286F38679469E] - [17/12/2016 23:40:51] - |A| - [574976] - C:\WINDOWS\system32\energy.dll [MD5.3CE2B6AECB9AF8BC159299EEC46A35CA] - [17/12/2016 23:41:13] - |A| - [285696] - C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [MD5.2892EB16D39C6F6E27BF8A9276B49F20] - [17/12/2016 23:41:13] - |A| - [1004544] - C:\WINDOWS\system32\enterprisecsps.dll [MD5.81C7314FEF69EE047D94AC2BC72F18D2] - [17/12/2016 23:41:13] - |A| - [163840] - C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll [MD5.3468B84ECBAE963913DD67FFCF0728B2] - [17/12/2016 23:40:28] - |A| - [167936] - C:\WINDOWS\system32\ErrorDetails.dll [MD5.ADC3DDB194CB9F8131902473B57EF969] - [17/12/2016 23:40:28] - |A| - [72704] - C:\WINDOWS\system32\ErrorDetailsUpdate.dll [MD5.D315FF43E23DF424ECEC2F6C930203E4] - [16/12/2016 12:35:55] - |A| - [144560] - C:\WINDOWS\system32\escsvc64.exe [MD5.BCB9F3F5C67DAF7FCA462CB7F63C4376] - [17/12/2016 23:40:36] - |A| - [3054080] - C:\WINDOWS\system32\esent.dll [MD5.628A15E06770327358C80C2462261BA8] - [17/12/2016 23:41:11] - |A| - [339968] - C:\WINDOWS\system32\esentutl.exe [MD5.88369A29F105499230C78B162BB04F32] - [16/12/2016 12:35:58] - |A| - [466432] - C:\WINDOWS\system32\esxw2ud.dll [MD5.4F9CF843068D4B798704F9C80EDED818] - [17/12/2016 23:42:03] - |A| - [755656] - C:\WINDOWS\system32\evr.dll [MD5.7EF363096F4411D0EEE1270C73EA2535] - [17/12/2016 23:41:22] - |A| - [4708864] - C:\WINDOWS\system32\ExplorerFrame.dll [MD5.7B3B3E87A3F4657D6D0D2C27EA24940F] - [17/12/2016 23:40:52] - |A| - [263680] - C:\WINDOWS\system32\ExSMime.dll [MD5.AEACA1EC0BFD8B391AA885F84B7547A0] - [17/12/2016 23:40:52] - |A| - [23552] - C:\WINDOWS\system32\ExtrasXmlParser.dll [MD5.BAC5074667751F72A9CE48CDC31BAC48] - [16/12/2016 10:50:57] - |A| - [10752] - C:\WINDOWS\system32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - [16/12/2016 10:50:35] - |A| - [83968] - C:\WINDOWS\system32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - [16/12/2016 10:50:41] - |A| - [179712] - C:\WINDOWS\system32\E_ILMBLPE.DLL [MD5.0C2545B95A19F573D335608680B0C31D] - [17/12/2016 23:40:36] - |A| - [411136] - C:\WINDOWS\system32\facecredentialprovider.dll [MD5.0E39F65BAAF5CDB33364AA21B8929EC8] - [17/12/2016 23:41:21] - |A| - [108032] - C:\WINDOWS\system32\Family.Authentication.dll [MD5.58D3CF7B6A81CF339FD79B685E2EC52A] - [17/12/2016 23:41:21] - |A| - [156160] - C:\WINDOWS\system32\Family.Client.dll [MD5.B6D8AC9F86058C0D3E113AB9CE2A6045] - [17/12/2016 23:41:22] - |A| - [259072] - C:\WINDOWS\system32\Family.SyncEngine.dll [MD5.DFBDC24417B2EDE6513F5570E6CD24C8] - [20/12/2016 21:29:59] - |A| - [26304] - C:\WINDOWS\system32\fbnative.exe [MD5.4D67522D166CCF6248E05B4CF3D9B9C1] - [17/12/2016 23:40:28] - |A| - [49664] - C:\WINDOWS\system32\ffbroker.dll [MD5.2E09FABC2AA103221465AA41824C468E] - [17/12/2016 23:41:02] - |A| - [440320] - C:\WINDOWS\system32\fhcfg.dll [MD5.B24DF87EDB9AE2F69CB156BEC7250DA1] - [17/12/2016 23:41:19] - |A| - [338944] - C:\WINDOWS\system32\fhcpl.dll [MD5.ECD999D8412A3473C26B118F89DB9908] - [17/12/2016 23:41:49] - |A| - [635904] - C:\WINDOWS\system32\FlightSettings.dll [MD5.3B2C397E2947A067980800E4EE1E4AE2] - [21/12/2016 12:52:59] - |A| - [3295064] - C:\WINDOWS\system32\FMAPO64.dll [MD5.8DA03B6C1BD218282B69B78EF9876B4D] - [18/12/2016 00:04:43] - |A| - [216032] - C:\WINDOWS\system32\FNTCACHE.DAT [MD5.49BF5C8182C3D2D6CD9F7EEDF1CFDB66] - [17/12/2016 23:40:38] - |A| - [1840640] - C:\WINDOWS\system32\FntCache.dll [MD5.9A1CA7F4C001921A2E016F004C87E6A4] - [17/12/2016 23:41:24] - |A| - [628552] - C:\WINDOWS\system32\fontdrvhost.exe [MD5.EB4A2458F3DFDECD0A97AD4B0609F085] - [17/12/2016 23:41:20] - |A| - [940032] - C:\WINDOWS\system32\fontext.dll [MD5.0464DED372C0A0A6759B1811E6A2C132] - [17/12/2016 23:40:38] - |A| - [122368] - C:\WINDOWS\system32\FontProvider.dll [MD5.8B52024D3A5C3A12F1C4D75D30A976C5] - [17/12/2016 23:42:15] - |A| - [805888] - C:\WINDOWS\system32\FrameServer.dll [MD5.7169BFC287AF53DAB322B4A8E1A082E2] - [17/12/2016 23:42:15] - |A| - [314880] - C:\WINDOWS\system32\FSClient.dll [MD5.00C24D6FDEF221DDA1625836702AFC6C] - [17/12/2016 23:42:06] - |A| - [730624] - C:\WINDOWS\system32\fveapi.dll [MD5.677E316602D6B09DFDBABA04BFDACEED] - [17/12/2016 23:42:06] - |A| - [216576] - C:\WINDOWS\system32\fveapibase.dll [MD5.6022AD4239F695BCE924A06D6038CC4E] - [17/12/2016 23:42:06] - |A| - [329728] - C:\WINDOWS\system32\fvecpl.dll [MD5.F843E23A3C2ECB0F4F2A43F926A5CCC0] - [17/12/2016 23:42:05] - |A| - [171008] - C:\WINDOWS\system32\fvenotify.exe [MD5.7754713FEC2AB9746963BACCFD887489] - [17/12/2016 23:42:06] - |A| - [159744] - C:\WINDOWS\system32\fveprompt.exe [MD5.1E18B058D4F0D5C3E7F5CFE47A94420B] - [17/12/2016 23:42:05] - |A| - [279040] - C:\WINDOWS\system32\fveui.dll [MD5.9FD020C23D5D9E735C79B301D411394C] - [17/12/2016 23:42:06] - |A| - [796672] - C:\WINDOWS\system32\fvewiz.dll [MD5.2ED2E96B5A6744E67BFFEDAD8965881F] - [17/12/2016 23:41:11] - |A| - [775168] - C:\WINDOWS\system32\GamePanel.exe [MD5.2F495415E9E3386C82B3A2459D93ABD0] - [17/12/2016 23:41:21] - |A| - [2611200] - C:\WINDOWS\system32\gameux.dll [MD5.47EC861F0FEBDB9B871042284A788F0B] - [17/12/2016 23:40:39] - |A| - [206096] - C:\WINDOWS\system32\gdi32.dll [MD5.5BEEB27D8F314D94773FA6568740AE13] - [17/12/2016 23:41:26] - |A| - [1572768] - C:\WINDOWS\system32\gdi32full.dll [MD5.1A285D1020E3D6FC310A1D68FC8CBA9C] - [17/12/2016 23:41:26] - |A| - [1656832] - C:\WINDOWS\system32\GdiPlus.dll [MD5.21B36038414CBD12B5B957B6D76781F7] - [21/12/2016 13:02:47] - |A| - [5636296] - C:\WINDOWS\system32\GeneIcon.dll [MD5.0701B80266B6B3D110BAFEF40347FA09] - [17/12/2016 23:40:53] - |A| - [595296] - C:\WINDOWS\system32\generaltel.dll [MD5.ACB6C92547FC890FBFB9B8FB7B3C0BE6] - [17/12/2016 23:41:03] - |A| - [665768] - C:\WINDOWS\system32\GenValObj.exe [MD5.E16D62A6B83A0B260FFC81C02F426E9B] - [17/12/2016 23:41:50] - |A| - [467968] - C:\WINDOWS\system32\Geolocation.dll [MD5.4ADF6E0E86FA5327D6DBF066F8036874] - [17/12/2016 23:40:28] - |A| - [322048] - C:\WINDOWS\system32\GlobCollationHost.dll [MD5.713A176494CEC107E663CAD6C2B27F77] - [17/12/2016 23:41:03] - |A| - [1227264] - C:\WINDOWS\system32\gpsvc.dll [MD5.59239886A7B4053259DA0F91F6571B88] - [21/12/2016 13:02:46] - |A| - [169752] - C:\WINDOWS\system32\GSCoinst.dll [MD5.E946CC81160AA615984969B1D125E842] - [17/12/2016 23:41:10] - |A| - [434528] - C:\WINDOWS\system32\hal.dll [MD5.BD56EA20694C18421E7A616CEAA05D39] - [17/12/2016 23:42:17] - |A| - [2186896] - C:\WINDOWS\system32\hevcdecoder.dll [MD5.39FE25A61C8DC6AA3CC6297A8C0FD4FE] - [17/12/2016 23:41:21] - |A| - [629248] - C:\WINDOWS\system32\hgcpl.dll [MD5.1A2871BEA49447B68194D0A2BF6759AA] - [17/12/2016 23:41:13] - |A| - [81408] - C:\WINDOWS\system32\HttpsDataSource.dll [MD5.D5C59218EDAD5E424C33D825DD797C49] - [17/12/2016 23:40:39] - |A| - [989024] - C:\WINDOWS\system32\hvax64.exe [MD5.9A077360DC6A6BF2E364FE4A47DC9854] - [17/12/2016 23:40:39] - |A| - [1100128] - C:\WINDOWS\system32\hvix64.exe [MD5.7F6BDCFC4EB0E47EBA67F8CEC404C26C] - [17/12/2016 23:40:39] - |A| - [947552] - C:\WINDOWS\system32\hvloader.efi [MD5.12736C69D73EB8A0D2889CBE167217E2] - [17/12/2016 23:40:39] - |A| - [811872] - C:\WINDOWS\system32\hvloader.exe [MD5.704609D80666FCB1DAE91260CF2CBB20] - [17/12/2016 23:40:26] - |A| - [305152] - C:\WINDOWS\system32\icsvc.dll [MD5.0F621B52259D88A719AA20C6D04E3D72] - [17/12/2016 23:40:27] - |A| - [349696] - C:\WINDOWS\system32\icsvcext.dll [MD5.02DB72679572E637F4688596F12CFBEA] - [17/12/2016 23:41:21] - |A| - [115200] - C:\WINDOWS\system32\IdCtrls.dll [MD5.E3D3A23AD03ADC3C54925A43B9722B10] - [17/12/2016 23:41:51] - |A| - [223744] - C:\WINDOWS\system32\ie4uinit.exe [MD5.E5DDBD20FDB5D66B18781E3E47EEF099] - [17/12/2016 23:41:59] - |A| - [1637888] - C:\WINDOWS\system32\ieapfltr.dll [MD5.E280D2BCD0B40F74562BBAEDA08868FA] - [17/12/2016 23:41:51] - |A| - [387584] - C:\WINDOWS\system32\iedkcs32.dll [MD5.981159C5094E4C2AD4DADCEDF3E8F532] - [17/12/2016 23:41:51] - |A| - [13084160] - C:\WINDOWS\system32\ieframe.dll [MD5.7B68267D8C2646C1B330F37DA6B25D3B] - [17/12/2016 23:41:58] - |A| - [139264] - C:\WINDOWS\system32\iepeers.dll [MD5.FB42A5A74A56DF6A85929B81860F1B64] - [17/12/2016 23:41:59] - |A| - [690688] - C:\WINDOWS\system32\ieproxy.dll [MD5.826FCA980E38A61F95EB9A319B23062A] - [17/12/2016 23:41:51] - |A| - [34304] - C:\WINDOWS\system32\iernonce.dll [MD5.11EC1BFF01763C8FAD7B1424468E89F7] - [17/12/2016 23:41:13] - |A| - [2750936] - C:\WINDOWS\system32\iertutil.dll [MD5.47A9262E3CE601AFB985933CA30254F5] - [17/12/2016 23:41:51] - |A| - [66560] - C:\WINDOWS\system32\iesetup.dll [MD5.682AE21BED327CD7FCC2E38C07C2D04E] - [17/12/2016 23:41:03] - |A| - [501248] - C:\WINDOWS\system32\imapi2.dll [MD5.DCDA84B4419F9A9520D831273B087967] - [17/12/2016 23:41:59] - |A| - [261632] - C:\WINDOWS\system32\indexeddbserver.dll [MD5.00064246BCFA7740CCCFA42D00339AC7] - [17/12/2016 23:41:04] - |A| - [982528] - C:\WINDOWS\system32\inetcomm.dll [MD5.D049BB61B59682BC13784373C43E756D] - [17/12/2016 23:41:51] - |A| - [2095616] - C:\WINDOWS\system32\inetcpl.cpl [MD5.E9593A867F629205B1C3997B07C83FA9] - [17/12/2016 23:41:26] - |A| - [322912] - C:\WINDOWS\system32\input.dll [MD5.8F8B9B67E8BAFE7AEE433609D5DE8076] - [17/12/2016 23:40:39] - |A| - [119296] - C:\WINDOWS\system32\InputLocaleManager.dll [MD5.24B894CCC09F373C8E0883E31A7A1CB0] - [17/12/2016 23:40:39] - |A| - [2820096] - C:\WINDOWS\system32\InputService.dll [MD5.9DAA32C2B9E9E60259491BBFD6F1EB88] - [17/12/2016 23:40:51] - |A| - [211968] - C:\WINDOWS\system32\InstallAgent.exe [MD5.2CB858F99F34CCECC72BE24B2000817F] - [17/12/2016 23:40:51] - |A| - [260608] - C:\WINDOWS\system32\InstallAgentUserBroker.exe [MD5.90D968F1B69B0074EECFCC7AA5C23021] - [17/12/2016 23:41:02] - |A| - [322912] - C:\WINDOWS\system32\invagent.dll [MD5.EF1BB0EF8A12C32DD88C409706B8145E] - [17/12/2016 23:40:26] - |A| - [945664] - C:\WINDOWS\system32\iphlpsvc.dll [MD5.832E933AA8DB9FD4733B96D8B6484D3F] - [17/12/2016 23:41:13] - |A| - [541696] - C:\WINDOWS\system32\ipnathlp.dll [MD5.C58F08689228B307F42E4143E99F6A5E] - [17/12/2016 23:41:03] - |A| - [78336] - C:\WINDOWS\system32\iscsiwmi.dll [MD5.E337677FFD088B87F5D7876F0ED3EC34] - [17/12/2016 23:40:40] - |A| - [1060864] - C:\WINDOWS\system32\JpMapControl.dll [MD5.4CCAD745F8CB73E02B2BE685D3094F5D] - [17/12/2016 23:41:58] - |A| - [4746752] - C:\WINDOWS\system32\jscript9.dll [MD5.F787916668CAD51DB1163F3CDAFA29E1] - [17/12/2016 23:41:58] - |A| - [805888] - C:\WINDOWS\system32\jscript9diag.dll [MD5.A81E1560E8D2002E3949B07883E250A0] - [17/12/2016 23:41:13] - |A| - [52224] - C:\WINDOWS\system32\jsproxy.dll [MD5.64BE4A72B2D9251019865EE849F981F6] - [17/12/2016 23:40:39] - |A| - [20320] - C:\WINDOWS\system32\kdhvcom.dll [MD5.4E5A691D828F74BB01A37C77C8F46896] - [17/12/2016 23:40:26] - |A| - [932864] - C:\WINDOWS\system32\kerberos.dll [MD5.DA842AEF3EED0C980036B5E6A8E51F4F] - [17/12/2016 23:41:49] - |A| - [2213760] - C:\WINDOWS\system32\KernelBase.dll [MD5.4F80785DFEA2B907D3652DD54DB5699A] - [17/12/2016 23:41:13] - |A| - [235008] - C:\WINDOWS\system32\KnobsCore.dll [MD5.C15FAEB360558BEF4515E39862521871] - [17/12/2016 23:41:13] - |A| - [119808] - C:\WINDOWS\system32\KnobsCsp.dll [MD5.675A95DCF8F9C66122A4E3357E95C6DF] - [17/12/2016 23:41:21] - |A| - [43008] - C:\WINDOWS\system32\LaunchWinApp.exe [MD5.84B686AFB958D7ECDC2A1FA5D87353E1] - [18/12/2016 00:02:48] - |A| - [52328] - C:\WINDOWS\system32\license.rtf [MD5.6012019C0E09D6194E0E6144B4859EB2] - [17/12/2016 23:40:51] - |A| - [1293152] - C:\WINDOWS\system32\LicenseManager.dll [MD5.5A23E4BE0CCF49663C4CF7EB74C20278] - [17/12/2016 23:40:51] - |A| - [26112] - C:\WINDOWS\system32\LicenseManagerSvc.dll [MD5.0AC1BD5A28FAA371EF34859FE703E515] - [17/12/2016 23:42:14] - |A| - [274432] - C:\WINDOWS\system32\ListSvc.dll [MD5.2593EAA308B8C99BB9A04A7CECEDDBB1] - [17/12/2016 23:40:19] - |A| - [788624] - C:\WINDOWS\system32\locale.nls [MD5.50B62D4F4850954756A72F435C512921] - [17/12/2016 23:41:14] - |A| - [1130496] - C:\WINDOWS\system32\localspl.dll [MD5.DBBAE6A109765712B82E4F44027A4985] - [17/12/2016 23:41:50] - |A| - [1790464] - C:\WINDOWS\system32\LocationFramework.dll [MD5.00B07EE58121543C637BAB8AA149BAF2] - [17/12/2016 23:41:20] - |A| - [579072] - C:\WINDOWS\system32\LockAppBroker.dll [MD5.63036AE43B673B6C57B999251CD5E8A4] - [17/12/2016 23:41:20] - |A| - [382272] - C:\WINDOWS\system32\LockAppHost.exe [MD5.D7F8E55D7AECA523B2B88EA04545B995] - [17/12/2016 23:41:20] - |A| - [717824] - C:\WINDOWS\system32\LogonController.dll [MD5.DC79517FEBFB066CEA6BDBD376DA9C08] - [17/12/2016 23:41:20] - |A| - [68096] - C:\WINDOWS\system32\lpremove.exe [MD5.78EAF6AFD27154D6DFD21E57D0685F19] - [17/12/2016 23:42:14] - |A| - [218008] - C:\WINDOWS\system32\LsaIso.exe [MD5.151AEA80776413C9FCE3185A10EB4B00] - [17/12/2016 23:40:37] - |A| - [1490944] - C:\WINDOWS\system32\lsasrv.dll [MD5.6F8E95716C1A27FF2FE96D30B147F1C1] - [17/12/2016 23:41:50] - |A| - [57400] - C:\WINDOWS\system32\lsass.exe [MD5.D5EFC0BAEC21EDE6FE03D377D403B421] - [17/12/2016 23:41:24] - |A| - [691712] - C:\WINDOWS\system32\lsm.dll [MD5.FD4A8B2F7E2CDABF7A33F9EF73EEA172] - [18/12/2016 00:07:55] - |A| - [8444] - C:\WINDOWS\system32\lvcoinst.log [MD5.5E5F3E06A07420A2C5D31E66A3EECF76] - [17/12/2016 23:42:05] - |A| - [211968] - C:\WINDOWS\system32\manage-bde.exe [MD5.32D5C807FCC03D07AE7C3616FAF5CD08] - [17/12/2016 23:40:40] - |A| - [446976] - C:\WINDOWS\system32\MapConfiguration.dll [MD5.B2988953AF18B7DEDDE06B195A8DEE64] - [17/12/2016 23:40:40] - |A| - [905216] - C:\WINDOWS\system32\MapControlCore.dll [MD5.A2CB862ACA913DAF3B26D40443C18C95] - [17/12/2016 23:40:40] - |A| - [2560] - C:\WINDOWS\system32\MapControlStringsRes.dll [MD5.BD71ABBF635991C41569163DE31AB674] - [17/12/2016 23:40:40] - |A| - [2953216] - C:\WINDOWS\system32\MapGeocoder.dll [MD5.1E75344E86ED73D0FDCA29F3435F9FFF] - [17/12/2016 23:40:40] - |A| - [3441152] - C:\WINDOWS\system32\MapRouter.dll [MD5.BC198A2793B6B84789D9C159AE146298] - [17/12/2016 23:40:40] - |A| - [151040] - C:\WINDOWS\system32\MapsBtSvc.dll [MD5.51BC3949AA4D326EA2CB81A209CE8A80] - [17/12/2016 23:40:40] - |A| - [15360] - C:\WINDOWS\system32\MapsBtSvcProxy.dll [MD5.3CE841CC4ACEB503CD643A493A9A71A1] - [17/12/2016 23:40:40] - |A| - [95232] - C:\WINDOWS\system32\MapsCSP.dll [MD5.5C98A144C06B806976FA4F5BEEBD4D10] - [17/12/2016 23:40:40] - |A| - [1031680] - C:\WINDOWS\system32\MapsStore.dll [MD5.54D7849E41B05131F28F9F18E60C0B6C] - [17/12/2016 23:40:40] - |A| - [49152] - C:\WINDOWS\system32\mapstoasttask.dll [MD5.7C56370359E42E7ADA21B02D65B6291C] - [17/12/2016 23:40:40] - |A| - [40448] - C:\WINDOWS\system32\mapsupdatetask.dll [MD5.D1D0A6BB482B5B59811A0ECB52413801] - [17/12/2016 23:40:50] - |A| - [845824] - C:\WINDOWS\system32\MbaeApiPublic.dll [MD5.F64D9D9C0620FDC8C758469FD7C07D23] - [17/12/2016 23:40:50] - |A| - [671744] - C:\WINDOWS\system32\mbsmsapi.dll [MD5.BB3DF8AED949BEFB5248D7F1A2846E66] - [17/12/2016 23:40:50] - |A| - [936960] - C:\WINDOWS\system32\MCRecvSrc.dll [MD5.561AE74AEA63C9182749FF3FA8F29424] - [17/12/2016 23:40:50] - |A| - [484352] - C:\WINDOWS\system32\MDEServer.exe [MD5.036D826413ED8690A0F944CEDA444403] - [17/12/2016 23:41:01] - |A| - [111616] - C:\WINDOWS\system32\MDMAppInstaller.exe [MD5.3717827707AC0C50E670F842666FFA87] - [17/12/2016 23:41:13] - |A| - [187392] - C:\WINDOWS\system32\mdmregistration.dll [MD5.5B5800C896A4E27BEF4EDD6CE1B51D6A] - [17/12/2016 23:41:13] - |A| - [133632] - C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll [MD5.3E0D2395AD6E1E5608329DB32F061E7B] - [17/12/2016 23:40:50] - |A| - [595488] - C:\WINDOWS\system32\mf.dll [MD5.F107BF38350045A51AEBFA2C4E0E03B7] - [17/12/2016 23:42:16] - |A| - [126568] - C:\WINDOWS\system32\mfaudiocnv.dll [MD5.C02E819A0CEF6330F06509DA8EAA15ED] - [17/12/2016 23:42:16] - |A| - [811416] - C:\WINDOWS\system32\MFCaptureEngine.dll [MD5.9B5701A33BA8CE1E547645FFAF4CDD18] - [17/12/2016 23:42:16] - |A| - [4130432] - C:\WINDOWS\system32\mfcore.dll [MD5.DD062ACA9093121AD90D799F66EA1A0D] - [17/12/2016 23:42:18] - |A| - [272384] - C:\WINDOWS\system32\mfksproxy.dll [MD5.666090378138806ECC581835FB134C8B] - [17/12/2016 23:42:16] - |A| - [3777536] - C:\WINDOWS\system32\MFMediaEngine.dll [MD5.524086B8BB70DDE6C167F9CC5DC129DD] - [17/12/2016 23:42:16] - |A| - [870400] - C:\WINDOWS\system32\mfmkvsrcsnk.dll [MD5.70D5AF138FDBDF97F8A6415C596C80E4] - [17/12/2016 23:42:16] - |A| - [1988560] - C:\WINDOWS\system32\mfmp4srcsnk.dll [MD5.DCBD829E55AE723ADC574FEF893EBC86] - [17/12/2016 23:42:16] - |A| - [1300600] - C:\WINDOWS\system32\mfmpeg2srcsnk.dll [MD5.C86B21E18545F2A00BE8438B3F64E5E7] - [17/12/2016 23:42:16] - |A| - [1071728] - C:\WINDOWS\system32\mfnetcore.dll [MD5.A6A6DA69CBF625D829C9A7A4FD5D2827] - [17/12/2016 23:42:16] - |A| - [1453992] - C:\WINDOWS\system32\mfnetsrc.dll [MD5.7FC2CEE4B16F4E9AEB5565C9429FC5A5] - [17/12/2016 23:42:16] - |A| - [1473048] - C:\WINDOWS\system32\mfplat.dll [MD5.AA9A5061D81F59B8DB107A871CE96CEE] - [17/12/2016 23:42:03] - |A| - [424616] - C:\WINDOWS\system32\MFPlay.dll [MD5.B93AED6C0949BE5BF7284D22C9E06D19] - [17/12/2016 23:40:50] - |A| - [44472] - C:\WINDOWS\system32\mfpmp.exe [MD5.20BE541385E830C9D21E595D9C9DBEDF] - [17/12/2016 23:42:16] - |A| - [244816] - C:\WINDOWS\system32\mfps.dll [MD5.D7CBE48DA8CB26B6A968BA4450010389] - [17/12/2016 23:42:16] - |A| - [862064] - C:\WINDOWS\system32\mfreadwrite.dll [MD5.601046DB1D3673BBD46E044904579E50] - [17/12/2016 23:42:15] - |A| - [296960] - C:\WINDOWS\system32\mfsensorgroup.dll [MD5.8E4FF5FE5DC971ADF687101D57F52A63] - [17/12/2016 23:42:16] - |A| - [1847048] - C:\WINDOWS\system32\mfsrcsnk.dll [MD5.18F00DE0A1E18D8740B589BABE1965D8] - [17/12/2016 23:42:16] - |A| - [1062480] - C:\WINDOWS\system32\mfsvr.dll [MD5.00000000000000000000000000000000] - [17/12/2016 23:15:01] - |D| - [1133820] - C:\WINDOWS\system32\Microsoft [MD5.512D1E8943E4622EAF985599711A1035] - [17/12/2016 23:40:40] - |A| - [110080] - C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll [MD5.138A8D7DAE9F4DBEC3D1A80F0F9DC51B] - [17/12/2016 23:40:40] - |A| - [9216] - C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll [MD5.C655B54A03DF0944368EE274A6EDB3B8] - [17/12/2016 23:40:40] - |A| - [9728] - C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll [MD5.46357DDCA2C795B63DE0FFA00F2C33D4] - [17/12/2016 23:40:37] - |A| - [327168] - C:\WINDOWS\system32\microsoft-windows-system-events.dll [MD5.A324C1FBD3BC34DD0C88E97E5E75EF5C] - [17/12/2016 23:41:02] - |A| - [142176] - C:\WINDOWS\system32\migisol.dll [MD5.01787CDCF3EE263FE288A9D405FEC856] - [17/12/2016 23:40:50] - |A| - [1105408] - C:\WINDOWS\system32\MiracastReceiver.dll [MD5.DFBB31D6490F9798A16D5F16F407AE8F] - [17/12/2016 23:40:19] - |A| - [3287552] - C:\WINDOWS\system32\mispace.dll [MD5.C1DBD5C3898237A2C8065D7722C8EA36] - [17/12/2016 23:40:28] - |A| - [960000] - C:\WINDOWS\system32\modernexecserver.dll [MD5.9EDCF34001A705B3F0F065E6A4D340CC] - [17/12/2016 23:40:40] - |A| - [7654400] - C:\WINDOWS\system32\mos.dll [MD5.CAAF0CD70FEE7C5110B1E62804E41B17] - [17/12/2016 23:40:40] - |A| - [82944] - C:\WINDOWS\system32\moshost.dll [MD5.AA5EE98CE729DB181B789CFBCFFA78EA] - [17/12/2016 23:40:40] - |A| - [78848] - C:\WINDOWS\system32\MosHostClient.dll [MD5.35202E997F51B4832FF77F52CAC06695] - [17/12/2016 23:40:40] - |A| - [313856] - C:\WINDOWS\system32\moshostcore.dll [MD5.BCE92B3274515F014920690F44B67767] - [17/12/2016 23:40:40] - |A| - [409088] - C:\WINDOWS\system32\MosResource.dll [MD5.4333EB2F0D4EFD6591CC2007F8EBA26C] - [17/12/2016 23:40:40] - |A| - [89600] - C:\WINDOWS\system32\MosStorage.dll [MD5.DD9328C2025498C73EF628F050C12F27] - [17/12/2016 23:40:36] - |A| - [512000] - C:\WINDOWS\system32\mprapi.dll [MD5.4F4B012722E634AFD4A282A730130AAB] - [17/12/2016 23:42:04] - |A| - [857600] - C:\WINDOWS\system32\mprddm.dll [MD5.13F6B64235C60167052364BF7D99E4CA] - [17/12/2016 23:42:04] - |A| - [496128] - C:\WINDOWS\system32\mprdim.dll [MD5.9859ED8F58B9DF85FA001915EFAEC260] - [16/12/2016 12:19:05] - |N| - [485032] - C:\WINDOWS\system32\MpSigStub.exe [MD5.C31AFDF95FE4162ACCA59DB5FBA14EF3] - [17/12/2016 23:40:36] - |A| - [1069720] - C:\WINDOWS\system32\MrmCoreR.dll [MD5.00000000000000000000000000000000] - [17/12/2016 13:59:32] - |D| - [0] - C:\WINDOWS\system32\MRT [MD5.C37A3215E6B4AA74289542BB75657D3D] - [17/12/2016 13:59:13] - |AC| - [135632432] - C:\WINDOWS\system32\MRT.exe [MD5.EB70BCAE115DE9A94BC7A0D1E548503D] - [17/12/2016 23:42:19] - |A| - [228352] - C:\WINDOWS\system32\MSAC3ENC.DLL [MD5.92C741014DA532BAEC1CDDBCF8705B5E] - [17/12/2016 23:40:27] - |A| - [3116544] - C:\WINDOWS\system32\MSAJApi.dll [MD5.899A520E5B6B8631DF6863BBD33A4264] - [17/12/2016 23:42:17] - |A| - [512416] - C:\WINDOWS\system32\MSAudDecMFT.dll [MD5.F20DD184C8DC1BEF7863BEE44BB3D09F] - [17/12/2016 23:41:24] - |A| - [1418312] - C:\WINDOWS\system32\msctf.dll [MD5.B202DB61CBB01C34EF1083225B869BB0] - [17/12/2016 23:41:03] - |A| - [870912] - C:\WINDOWS\system32\msdtcprx.dll [MD5.F1A1EBBFDC04204B89E1B4C4E9EF753E] - [17/12/2016 23:41:03] - |A| - [1589760] - C:\WINDOWS\system32\msdtctm.dll [MD5.B600F3021B9991C8EC72938E6D25A282] - [17/12/2016 23:41:39] - |A| - [306176] - C:\WINDOWS\system32\msdtcuiu.dll [MD5.C8FFA2202CE96D92F91A3289C91C122F] - [17/12/2016 23:42:02] - |A| - [6656] - C:\WINDOWS\system32\msdxm.ocx [MD5.16747F22F593122590CC9B21964E20EA] - [17/12/2016 23:41:51] - |A| - [759296] - C:\WINDOWS\system32\msfeeds.dll [MD5.A71894760975865B3C5C8850A8CBCB6F] - [17/12/2016 23:40:28] - |A| - [3202048] - C:\WINDOWS\system32\msftedit.dll [MD5.25A2DFE2ACE0CA2B7CCEF337EBEA672E] - [17/12/2016 23:41:58] - |A| - [23677952] - C:\WINDOWS\system32\mshtml.dll [MD5.A60CAE46657189DAE840AA3BABF4240C] - [17/12/2016 23:41:59] - |A| - [2755584] - C:\WINDOWS\system32\mshtml.tlb [MD5.4B3704C2E63A66E7E47485F70AE44558] - [17/12/2016 23:42:00] - |A| - [88576] - C:\WINDOWS\system32\mshtmled.dll [MD5.06244AE293E04AB801876B9059DC7615] - [17/12/2016 23:41:01] - |A| - [3059200] - C:\WINDOWS\system32\msi.dll [MD5.8C452FBF0C90155E583FF11D3905D937] - [17/12/2016 23:41:02] - |A| - [369664] - C:\WINDOWS\system32\msinfo32.exe [MD5.5160B6F5CCB2DBFDC6FBF00604BF80B8] - [17/12/2016 23:42:17] - |A| - [2482280] - C:\WINDOWS\system32\msmpeg2vdec.dll [MD5.9F2965CB4D07ED5420C3E01A94888E21] - [17/12/2016 23:41:21] - |A| - [6664192] - C:\WINDOWS\system32\mspaint.exe [MD5.D6385441483A1797D5A44DBF0976C3D4] - [17/12/2016 23:40:39] - |A| - [123904] - C:\WINDOWS\system32\mssprxy.dll [MD5.267D8909F09C0602EDBBB05CB83DA7DE] - [17/12/2016 23:40:39] - |A| - [2538496] - C:\WINDOWS\system32\mssrch.dll [MD5.3EF6CC3C597ECE7FEDFBDB20929DE4C8] - [17/12/2016 23:41:24] - |A| - [3299840] - C:\WINDOWS\system32\mstsc.exe [MD5.98B1A71B02AACE951CCE8DA7746DD118] - [17/12/2016 23:41:24] - |A| - [8075776] - C:\WINDOWS\system32\mstscax.dll [MD5.3C764425AFE3AEEBB8DD4BE4FF51226C] - [17/12/2016 23:40:36] - |A| - [405856] - C:\WINDOWS\system32\msv1_0.dll [MD5.BF1ADD6D67CBC0EC8BD466B909C544C3] - [17/12/2016 23:41:11] - |A| - [3496960] - C:\WINDOWS\system32\MSVidCtl.dll [MD5.42D6CF19DD2D1706F49C81AA552C4E94] - [17/12/2016 23:42:16] - |A| - [725664] - C:\WINDOWS\system32\MSVideoDSP.dll [MD5.8E64543F3A4EE52A5F9A41029F12CF48] - [17/12/2016 23:42:16] - |A| - [691080] - C:\WINDOWS\system32\msvproc.dll [MD5.B8B2347EDEA711D8E945EB8BB6D8D342] - [17/12/2016 23:42:19] - |A| - [1291264] - C:\WINDOWS\system32\MSVPXENC.dll [MD5.70C298C6990F5A0BBF60F5C035BAA0B9] - [17/12/2016 23:41:40] - |A| - [2446696] - C:\WINDOWS\system32\msxml6.dll [MD5.6146F7C1804A477B0AD016A70DDBEBAE] - [17/12/2016 23:41:40] - |A| - [2560] - C:\WINDOWS\system32\msxml6r.dll [MD5.086994F0B334B16A6896C7F9D8895FDB] - [17/12/2016 23:40:52] - |A| - [186880] - C:\WINDOWS\system32\MusNotification.exe [MD5.583EC9BF6E31D25AE6E1CE0FDEADB1FC] - [17/12/2016 23:40:52] - |A| - [523776] - C:\WINDOWS\system32\MusUpdateHandlers.dll [MD5.3726EF4008DFFB6258778D975AA8C890] - [17/12/2016 23:40:40] - |A| - [25088] - C:\WINDOWS\system32\nativemap.dll [MD5.FD144051CA5ECD79D1DF37683266A1C2] - [17/12/2016 23:41:04] - |A| - [1040896] - C:\WINDOWS\system32\NaturalLanguage6.dll [MD5.BB23DF07C549E3CBE21AA0D8E2CFCF2E] - [17/12/2016 23:41:11] - |A| - [396800] - C:\WINDOWS\system32\ncsi.dll [MD5.F2924292A6E176536C598F03B2AB3786] - [17/12/2016 23:41:11] - |A| - [86016] - C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe [MD5.F8812C33996D74261E06FF0F32576AB5] - [17/12/2016 23:41:11] - |A| - [30208] - C:\WINDOWS\system32\netiougc.exe [MD5.31D39097AC99F6A539A363A5722485C2] - [17/12/2016 23:41:23] - |A| - [278016] - C:\WINDOWS\system32\netplwiz.dll [MD5.E6C9FBF308B8A5CA11634DFFA69E92F9] - [17/12/2016 23:42:04] - |A| - [148832] - C:\WINDOWS\system32\NetSetupApi.dll [MD5.13CB028E951A9D2A7D6B50D19F8E9D45] - [17/12/2016 23:42:04] - |A| - [848736] - C:\WINDOWS\system32\NetSetupEngine.dll [MD5.28914EA249602EB87089CFE2B77A14CD] - [18/12/2016 00:04:57] - |A| - [17166] - C:\WINDOWS\system32\NetSetupMig.log [MD5.E72280A50E35C3402276E5C8B02C784C] - [17/12/2016 23:41:11] - |A| - [489472] - C:\WINDOWS\system32\NetSetupShim.dll [MD5.D65F295A049473E6A39EA9A0EA76CA32] - [17/12/2016 23:42:04] - |A| - [265728] - C:\WINDOWS\system32\NetSetupSvc.dll [MD5.85220DEC5309BDF0A0F2CBEDADE6EF45] - [17/12/2016 23:41:11] - |A| - [2800128] - C:\WINDOWS\system32\netshell.dll [MD5.850992AF7A24E30F9E42BF26243935AB] - [17/12/2016 23:41:11] - |A| - [1037312] - C:\WINDOWS\system32\nettrace.dll [MD5.EDC48E91596728405D59FC3FE7B779EF] - [17/12/2016 23:41:11] - |A| - [336896] - C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll [MD5.7901B4C512F2221E310ED5F1D4471E8C] - [17/12/2016 23:41:51] - |A| - [671232] - C:\WINDOWS\system32\NetworkCollectionAgent.dll [MD5.751783631C10210885FD43C6513DF445] - [17/12/2016 23:41:21] - |A| - [240640] - C:\WINDOWS\system32\NetworkDesktopSettings.dll [MD5.30C9B8967B561B2C8BBA8027F09F4FB2] - [17/12/2016 23:41:23] - |A| - [2510848] - C:\WINDOWS\system32\NetworkMobileSettings.dll [MD5.CFC9F56A6E4862242689DD01B643482C] - [17/12/2016 23:40:51] - |A| - [321024] - C:\WINDOWS\system32\NetworkUXBroker.dll [MD5.2D45A814BA589161CACB2E7E100447AD] - [17/12/2016 23:41:13] - |A| - [97792] - C:\WINDOWS\system32\NFCProvisioningPlugin.dll [MD5.18C3A4597089DE493B179CF37A9414A0] - [17/12/2016 23:40:36] - |A| - [51200] - C:\WINDOWS\system32\NfcRadioMedia.dll [MD5.D0B1B74D085035CE6BA5AFCE4AC7F725] - [17/12/2016 23:40:51] - |A| - [641024] - C:\WINDOWS\system32\ngccredprov.dll [MD5.9C09E3057378ADE13AFB1C43C9D13F64] - [17/12/2016 23:40:51] - |A| - [409088] - C:\WINDOWS\system32\NgcCtnr.dll [MD5.101451B1BC1C1F7E7B5C8CB8C4DAF5C7] - [17/12/2016 23:41:04] - |A| - [573952] - C:\WINDOWS\system32\NgcCtnrGidsHandler.dll [MD5.54C31C2B815E2E26BB8158022F837C9C] - [17/12/2016 23:40:51] - |A| - [983040] - C:\WINDOWS\system32\ngcsvc.dll [MD5.9B9F520C72EE33EAEC857124BB800243] - [17/12/2016 23:41:11] - |A| - [368640] - C:\WINDOWS\system32\nlasvc.dll [MD5.8B56CEBE7DECE2C9C2E419CA0B22611F] - [17/12/2016 23:41:11] - |A| - [492544] - C:\WINDOWS\system32\nltest.exe [MD5.EC99B92C40EA47862BF1723EDA9BE55D] - [17/12/2016 23:40:40] - |A| - [936448] - C:\WINDOWS\system32\NMAA.dll [MD5.1E619B8774710B2603C7E4666947AA65] - [17/12/2016 23:40:41] - |A| - [366592] - C:\WINDOWS\system32\NmaDirect.dll [MD5.68CE253C68FD0A25DB4F65B03D1694FE] - [17/12/2016 23:40:53] - |A| - [631296] - C:\WINDOWS\system32\NotificationController.dll [MD5.CADB07325FC174669CDC70D3FCAC1C9C] - [17/12/2016 23:40:51] - |A| - [154112] - C:\WINDOWS\system32\NPSM.dll [MD5.B5E346A9B8A4C2DF249CE17D8754DCF1] - [17/12/2016 23:42:04] - |A| - [730112] - C:\WINDOWS\system32\nshwfp.dll [MD5.45198B71B548B113A18ACD0D9DF7F686] - [17/12/2016 23:41:50] - |A| - [1886344] - C:\WINDOWS\system32\ntdll.dll [MD5.C6E7C0577523905FF4FF3B0D5A036A3B] - [17/12/2016 23:41:10] - |A| - [7816032] - C:\WINDOWS\system32\ntoskrnl.exe [MD5.302C6A5649494779A2CD86492E16AB73] - [17/12/2016 23:41:23] - |A| - [842240] - C:\WINDOWS\system32\ntshrui.dll [MD5.9C10BA91BEDCF39E459C43938E53980F] - [17/12/2016 23:41:04] - |A| - [30208] - C:\WINDOWS\system32\odbcconf.dll [MD5.CC86A87136C6D856C4899349420ED127] - [17/12/2016 23:40:37] - |A| - [114688] - C:\WINDOWS\system32\offlinelsa.dll [MD5.63437B53CFE390C962994F2FC12DDE6E] - [17/12/2016 23:40:37] - |A| - [237056] - C:\WINDOWS\system32\offlinesam.dll [MD5.7B1488C91CB52BA774D077D602974D7C] - [17/12/2016 23:41:02] - |A| - [73216] - C:\WINDOWS\system32\offreg.dll [MD5.FCC7B4C5CAD998DC936251247AB22C9A] - [17/12/2016 23:41:03] - |A| - [1274712] - C:\WINDOWS\system32\ole32.dll [MD5.0DEC52346E0EB2FEB078FEB0384CDE1A] - [17/12/2016 23:40:36] - |A| - [773720] - C:\WINDOWS\system32\oleaut32.dll [MD5.9316A9A9EE2EBDFB81562C421BD869AF] - [17/12/2016 23:40:34] - |A| - [65024] - C:\WINDOWS\system32\OnDemandConnRouteHelper.dll [MD5.5A426D9B8C437A4AE96ACA2D0B2077B2] - [17/12/2016 23:41:13] - |A| - [368640] - C:\WINDOWS\system32\OneBackupHandler.dll [MD5.F4F0BF823CC5E817BA22A290AC1C7CDB] - [17/12/2016 23:40:28] - |A| - [526848] - C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll [MD5.CDD8EDF4C35BE6D6137112F5CC7A70DA] - [17/12/2016 23:41:02] - |A| - [500064] - C:\WINDOWS\system32\pcasvc.dll [MD5.7168BED02D5BC6E28412CCC354947510] - [17/12/2016 23:40:26] - |A| - [295936] - C:\WINDOWS\system32\pdh.dll [MD5.D2F6C8BF55D99E6B2EAAC615510FA360] - [16/12/2016 08:08:21] - |A| - [1814540] - C:\WINDOWS\system32\PerfStringBackup.INI [MD5.B07ECD0CDCA2328AB8050FC3EF3B172C] - [17/12/2016 23:41:13] - |A| - [678912] - C:\WINDOWS\system32\PhoneProviders.dll [MD5.D0D57322ABC7473E54472D8374169CC5] - [17/12/2016 23:41:13] - |A| - [781824] - C:\WINDOWS\system32\PhoneService.dll [MD5.F73F93BEF14F667DD3020D188C19D3D3] - [17/12/2016 23:41:13] - |A| - [2560] - C:\WINDOWS\system32\PhoneServiceRes.dll [MD5.B6D1C3A260C55CCE398B6FF9EC0FBA68] - [17/12/2016 23:40:52] - |A| - [315904] - C:\WINDOWS\system32\Phoneutil.dll [MD5.F539E9DA822B8F2D6B42ABBAF063D11E] - [17/12/2016 23:40:52] - |A| - [2560] - C:\WINDOWS\system32\PhoneutilRes.dll [MD5.B74C2CBC41ACC7946BFC58E738F733E5] - [17/12/2016 23:41:03] - |A| - [1066328] - C:\WINDOWS\system32\pidgenx.dll [MD5.B4AB2C0177715FFAED88A1223212043A] - [17/12/2016 23:40:52] - |A| - [203776] - C:\WINDOWS\system32\PimIndexMaintenance.dll [MD5.00CEFC9E97CE483DC706FFC9A5809EF6] - [17/12/2016 23:40:50] - |A| - [442368] - C:\WINDOWS\system32\PlayToDevice.dll [MD5.94552B30376D315653BE815BEFAC5AD4] - [17/12/2016 23:40:50] - |A| - [539136] - C:\WINDOWS\system32\PlayToManager.dll [MD5.3EC99D79D646A7819F557B93E6BA2C03] - [17/12/2016 23:40:50] - |A| - [279552] - C:\WINDOWS\system32\PlayToReceiver.dll [MD5.6DC285761193CDDA2CC55E7BFEA0F5D0] - [17/12/2016 23:42:03] - |A| - [1891328] - C:\WINDOWS\system32\pnidui.dll [MD5.4005682897714B769CDAE9965C9F732F] - [17/12/2016 23:41:13] - |A| - [266544] - C:\WINDOWS\system32\policymanager.dll [MD5.ABDEFBFA05C3BD84A10EC7A7FB1DA597] - [17/12/2016 23:40:52] - |A| - [65024] - C:\WINDOWS\system32\POSyncServices.dll [MD5.0C4D5B1C001E5B34C759E1A96315FC62] - [17/12/2016 23:41:11] - |A| - [90112] - C:\WINDOWS\system32\powercfg.exe [MD5.6761EC8C3C7E1548B4806402152AADED] - [17/12/2016 23:41:14] - |A| - [132096] - C:\WINDOWS\system32\PrintWSDAHost.dll [MD5.1F115AF75EFBAC28479B4F94A3F8D4A3] - [17/12/2016 23:40:37] - |A| - [358400] - C:\WINDOWS\system32\profsvc.dll [MD5.D848E4A7A36996CCC3E81EC181F73BED] - [17/12/2016 23:41:13] - |A| - [86016] - C:\WINDOWS\system32\provdatastore.dll [MD5.37AE763690826DE44C19360E71C7D32F] - [17/12/2016 23:41:13] - |A| - [349184] - C:\WINDOWS\system32\provengine.dll [MD5.E23FA43A03B99B164423779A4D15146C] - [17/12/2016 23:41:13] - |A| - [295424] - C:\WINDOWS\system32\provhandlers.dll [MD5.38DBE72073C8ACEAAE21DF30A1AAC76E] - [17/12/2016 23:41:13] - |A| - [200704] - C:\WINDOWS\system32\provisioningcsp.dll [MD5.E95A85734483272959E83CDCCCDD9B90] - [17/12/2016 23:41:13] - |A| - [208896] - C:\WINDOWS\system32\provops.dll [MD5.D3CFB16A26EA9FE29CC56D92B9FF5855] - [17/12/2016 23:41:13] - |A| - [83968] - C:\WINDOWS\system32\ProvPluginEng.dll [MD5.C4049F43A5BC629689B2629D50EECF3F] - [17/12/2016 23:41:01] - |A| - [68096] - C:\WINDOWS\system32\ProvSysprep.dll [MD5.6C73C817F42D3BD2FD1638B7A7DB646D] - [17/12/2016 23:41:13] - |A| - [66048] - C:\WINDOWS\system32\provtool.exe [MD5.E94A8DF41C92D40FDE139A8E127A8EC7] - [17/12/2016 23:42:05] - |A| - [321536] - C:\WINDOWS\system32\PsmServiceExtHost.dll [MD5.344576F2EBA8B564924D480B04A13456] - [17/12/2016 23:41:14] - |A| - [456192] - C:\WINDOWS\system32\puiobj.dll [MD5.8F24B1D33DB1672FFAA10DEBAD8CF50E] - [17/12/2016 23:42:05] - |A| - [798720] - C:\WINDOWS\system32\pwcreator.exe [MD5.190CBFF97F393540EF4838EC976E8AD8] - [17/12/2016 23:41:01] - |A| - [90624] - C:\WINDOWS\system32\pwrshplugin.dll [MD5.8B7A9CCCB695444CBCDF352DF8748422] - [17/12/2016 23:41:11] - |A| - [645120] - C:\WINDOWS\system32\qedit.dll [MD5.D876C567AB767258036F05E4766189FD] - [17/12/2016 23:40:36] - |A| - [1054208] - C:\WINDOWS\system32\qmgr.dll [MD5.4851F31B5BFBC2F164A317BD70F82E9C] - [17/12/2016 23:41:13] - |A| - [632320] - C:\WINDOWS\system32\rasapi32.dll [MD5.F26AACA6DC392FE1C903FE866B039958] - [17/12/2016 23:41:13] - |A| - [347648] - C:\WINDOWS\system32\rascustom.dll [MD5.F79BFB5588B777C71734C1D1EC129D07] - [17/12/2016 23:41:12] - |A| - [657920] - C:\WINDOWS\system32\rasmans.dll [MD5.F3C0D6C7F3D29912A4934FA24EB1B1CA] - [21/12/2016 12:52:01] - |A| - [2201600] - C:\WINDOWS\system32\RCoInstII64.dll [MD5.09D3DF86B1C35F66ABE48890F919178E] - [21/12/2016 12:52:03] - |A| - [72520712] - C:\WINDOWS\system32\RCoRes64.dat [MD5.CD3507D4C72480326C128B7DF7811084] - [17/12/2016 23:40:51] - |A| - [3133440] - C:\WINDOWS\system32\rdpcore.dll [MD5.1E94B375D3C43378CDA3000EE97654F0] - [17/12/2016 23:42:05] - |A| - [4148736] - C:\WINDOWS\system32\rdpcorets.dll [MD5.AAFBAB22E45408A5D5A490C6DCF02A9C] - [17/12/2016 23:42:17] - |A| - [299008] - C:\WINDOWS\system32\rdpinit.exe [MD5.0C46FD7FFE02419E5E3633554F4BB242] - [17/12/2016 23:42:17] - |A| - [415744] - C:\WINDOWS\system32\rdpshell.exe [MD5.27A17D0AAAFCA690113935930747EF2A] - [17/12/2016 23:42:05] - |A| - [92512] - C:\WINDOWS\system32\rdpudd.dll [MD5.0660F4A14F9D2A2F59B26B1D74F1A6D0] - [17/12/2016 23:41:23] - |A| - [650752] - C:\WINDOWS\system32\RDXService.dll [MD5.5729FB886E5B0663C6CE1D7F6CCEA566] - [17/12/2016 23:41:13] - |A| - [366080] - C:\WINDOWS\system32\RDXTaskFactory.dll [MD5.5F85A4820C33842B356D96D7EE82230D] - [17/12/2016 23:41:02] - |A| - [1117024] - C:\WINDOWS\system32\ReAgent.dll [MD5.07EA23DB96222D373E81CD2E4EFDE528] - [17/12/2016 23:41:02] - |A| - [34816] - C:\WINDOWS\system32\ReAgentc.exe [MD5.4A9FCD5DED6580C05CD21C4AEFAD36B1] - [17/12/2016 23:41:03] - |A| - [156672] - C:\WINDOWS\system32\RelPost.exe [MD5.6C159EC791FA7DE9C99DD5A099147A57] - [17/12/2016 23:40:51] - |A| - [983040] - C:\WINDOWS\system32\RemoteNaturalLanguage.dll [MD5.FF2D3C069615D8E2FC747E1D98F87B7A] - [17/12/2016 23:41:13] - |A| - [61952] - C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll [MD5.003A750CF9401B57FD41263188134CDA] - [17/12/2016 23:41:13] - |A| - [109056] - C:\WINDOWS\system32\ReportingCSP.dll [MD5.BB2645420933FA55C020BC2D23E3A85E] - [17/12/2016 23:41:02] - |A| - [1082368] - C:\WINDOWS\system32\reseteng.dll [MD5.1A8141D43CDB23C3C76984DC9ED8DB6C] - [17/12/2016 23:41:02] - |A| - [1817088] - C:\WINDOWS\system32\ResetEngine.dll [MD5.3CC81C06630B17913BE6D872F9F84658] - [17/12/2016 23:41:02] - |A| - [11264] - C:\WINDOWS\system32\ResetEngine.exe [MD5.035087546E5EFC28361F2318A27A47B4] - [17/12/2016 23:40:27] - |A| - [374784] - C:\WINDOWS\system32\resutils.dll [MD5.033C350C64617BA4F65084BD0B78385E] - [17/12/2016 23:41:01] - |A| - [105984] - C:\WINDOWS\system32\RjvMDMConfig.dll [MD5.AA03E580D1A23BDDC9A5AB2B93DCC38D] - [21/12/2016 12:51:57] - |A| - [3201368] - C:\WINDOWS\system32\RltkAPO64.dll [MD5.5DAA644F17780FC4E3F4820A46D38FEC] - [17/12/2016 23:41:13] - |A| - [140800] - C:\WINDOWS\system32\RMapi.dll [MD5.24B2ADA395883FA03260D6DEB1B39869] - [21/12/2016 12:52:58] - |A| - [321712] - C:\WINDOWS\system32\RP3DAA64.dll [MD5.6241068A334C45059492867DF7890588] - [21/12/2016 12:52:58] - |A| - [321712] - C:\WINDOWS\system32\RP3DHT64.dll [MD5.BD8F10CB5BE1A1972483F2FFB8DD06AA] - [17/12/2016 23:41:50] - |A| - [1176664] - C:\WINDOWS\system32\rpcrt4.dll [MD5.AA0C8470DB94853FCE9738354B1B4D72] - [17/12/2016 23:41:23] - |A| - [128000] - C:\WINDOWS\system32\rshx32.dll [MD5.17DFEFC2E64939BB16CFBEA080AE06B5] - [21/12/2016 12:52:52] - |A| - [1360512] - C:\WINDOWS\system32\RTCOM64.dll [MD5.D7CFCE6811519582690065C21088E9A5] - [21/12/2016 13:03:39] - |A| - [84480] - C:\WINDOWS\system32\RtCRX64.dll [MD5.F5A3F1DC33AD10EEE8140BCA678FE2FF] - [21/12/2016 12:53:27] - |A| - [689880] - C:\WINDOWS\system32\RtDataProc64.dll [MD5.793408DA550E60C0CF1C760F4C49C1E1] - [21/12/2016 12:53:05] - |A| - [214824] - C:\WINDOWS\system32\RTEED64A.dll [MD5.6C41CFD7D8437E6DD597439164418BE9] - [21/12/2016 12:53:05] - |A| - [88344] - C:\WINDOWS\system32\RTEEG64A.dll [MD5.28D25F2764B6DB8CE3E2B0707119E9C7] - [21/12/2016 12:53:04] - |A| - [110976] - C:\WINDOWS\system32\RTEEL64A.dll [MD5.B817DB4E2172DA73044E7D64304363D8] - [21/12/2016 12:53:05] - |A| - [387312] - C:\WINDOWS\system32\RTEEP64A.dll [MD5.B670A42F4247BD78EF74282CD0B0FC3C] - [21/12/2016 12:52:50] - |A| - [3503048] - C:\WINDOWS\system32\RtkApi64.dll [MD5.A26A581CCB9FE11D00F6E9BD5E3EE927] - [21/12/2016 12:52:54] - |A| - [192976] - C:\WINDOWS\system32\RtkCfg64.dll [MD5.437A1AC8AC6D442FDE478F539572A29B] - [21/12/2016 12:52:55] - |A| - [343704] - C:\WINDOWS\system32\RtlCPAPI64.dll [MD5.F4133CC0DA6212D9BA4E1CB2323F1310] - [17/12/2016 23:40:28] - |A| - [458752] - C:\WINDOWS\system32\RTMediaFrame.dll [MD5.8A02C355B7FDD61341971ED9D305F3CE] - [21/12/2016 12:51:59] - |A| - [3204096] - C:\WINDOWS\system32\RtPgEx64.dll [MD5.093D925E0CAB8E48AD874A9741F5D683] - [21/12/2016 12:51:43] - |A| - [3014144] - C:\WINDOWS\system32\RTSnMg64.cpl [MD5.1EABA23A7305A232C9A16C14806ED091] - [17/12/2016 23:42:15] - |A| - [163752] - C:\WINDOWS\system32\RTWorkQ.dll [MD5.88522C196AC0FAFBB28F2C6EB1EE2573] - [17/12/2016 23:40:37] - |A| - [123904] - C:\WINDOWS\system32\samlib.dll [MD5.876580619AC09C460BFBDE479C85BA46] - [17/12/2016 23:40:37] - |A| - [883712] - C:\WINDOWS\system32\samsrv.dll [MD5.BBF4C59CEED3F1A4A25EAC72CA71AA7F] - [17/12/2016 23:41:11] - |A| - [966144] - C:\WINDOWS\system32\sbe.dll [MD5.3965B7007FC32D4D14383A10B5828660] - [17/12/2016 23:40:36] - |A| - [476672] - C:\WINDOWS\system32\schannel.dll [MD5.E4DC3CAAF0D90F2B2F700A2197FA4323] - [21/12/2016 12:53:52] - |A| - [499152] - C:\WINDOWS\system32\SEAPO64.dll [MD5.DA7928F262B8D6F785E9E0F8438DB0C8] - [17/12/2016 23:40:39] - |A| - [390144] - C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll [MD5.FD570747DA6093A0865317EB1A9A4C47] - [17/12/2016 23:40:39] - |A| - [205824] - C:\WINDOWS\system32\SearchFilterHost.exe [MD5.A8AE70993C0FB8DB0EA893B451E36367] - [17/12/2016 23:41:13] - |A| - [366080] - C:\WINDOWS\system32\SearchFolder.dll [MD5.A46C9F2E70128121413E5EDDEB831012] - [17/12/2016 23:40:39] - |A| - [903680] - C:\WINDOWS\system32\SearchIndexer.exe [MD5.FDB2D414D895B2C32B2423E047A80C46] - [17/12/2016 23:40:39] - |A| - [349184] - C:\WINDOWS\system32\SearchProtocolHost.exe [MD5.8D07A8388DCCE76F09A4E1F4C1DCB4E5] - [17/12/2016 23:42:05] - |A| - [1000288] - C:\WINDOWS\system32\SecConfig.efi [MD5.115817587DCE8A5EE1F394B2D91449FB] - [21/12/2016 12:53:52] - |A| - [850408] - C:\WINDOWS\system32\SECOMN64.dll [MD5.2925A1C60E081F0B51699C148AE1925A] - [17/12/2016 23:40:39] - |A| - [455520] - C:\WINDOWS\system32\securekernel.exe [MD5.687246BCEC7EB81C9FC04288B15CFC91] - [21/12/2016 12:53:53] - |A| - [1003328] - C:\WINDOWS\system32\SEHDHF64.dll [MD5.CA38C11235101A8CDF85D21072F13143] - [21/12/2016 12:53:54] - |A| - [859216] - C:\WINDOWS\system32\SEHDRA64.dll [MD5.E6BA6FF8E956F684524CF5DBBB053687] - [17/12/2016 23:41:21] - |A| - [136192] - C:\WINDOWS\system32\sendmail.dll [MD5.F48535714BED7DD784853889B4594B26] - [17/12/2016 23:41:02] - |A| - [70656] - C:\WINDOWS\system32\Sens.dll [MD5.2B4E090D06C60853C5C00CF255F9E02A] - [17/12/2016 23:41:13] - |A| - [1312768] - C:\WINDOWS\system32\SensorDataService.exe [MD5.5CA9A710B1E6C65CEB11D3A7F0BA8510] - [17/12/2016 23:42:02] - |A| - [411648] - C:\WINDOWS\system32\SensorsApi.dll [MD5.C09A42163878A082C3F0D0A3DFE95714] - [17/12/2016 23:40:51] - |A| - [417792] - C:\WINDOWS\system32\SensorService.dll [MD5.3C69CC28665854F1AAB4B4005005FA31] - [17/12/2016 23:41:10] - |A| - [454592] - C:\WINDOWS\system32\services.exe [MD5.82CF273F0E8F243789683DEB40757569] - [17/12/2016 23:41:24] - |A| - [387072] - C:\WINDOWS\system32\SessEnv.dll [MD5.5D67D5D4CC0E50364A7A79FA66CC9DA4] - [17/12/2016 23:40:51] - |A| - [509440] - C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll [MD5.91793D288E1D10153A74C581A44F036B] - [17/12/2016 23:41:13] - |A| - [236544] - C:\WINDOWS\system32\SettingsHandlers_Flights.dll [MD5.C415587AC829504F74ACE07066A0402F] - [17/12/2016 23:41:21] - |A| - [4749312] - C:\WINDOWS\system32\SettingsHandlers_nt.dll [MD5.1CB6B8E8E4B483D65BC4F13E755211C8] - [17/12/2016 23:41:13] - |A| - [574464] - C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll [MD5.6BFF06B45CC55C272A4E59E6BE986B45] - [17/12/2016 23:41:23] - |A| - [280064] - C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll [MD5.F3D957A6E524592C3482E1FC2DBCB18D] - [17/12/2016 23:42:14] - |A| - [540160] - C:\WINDOWS\system32\SettingSync.dll [MD5.B3DEE8AD2A53818CDC47F2060F744E25] - [17/12/2016 23:40:28] - |A| - [1062912] - C:\WINDOWS\system32\SettingSyncCore.dll [MD5.36D5B4C6107F695E3DF767F4510F425C] - [17/12/2016 23:40:28] - |A| - [584544] - C:\WINDOWS\system32\SettingSyncHost.exe [MD5.B782165C241E3A47D33A93F0E7D77CF6] - [17/12/2016 23:42:14] - |A| - [83968] - C:\WINDOWS\system32\SettingSyncPolicy.dll [MD5.9C86A399648A6FC9A4016B336CAA9F86] - [17/12/2016 23:40:27] - |A| - [125952] - C:\WINDOWS\system32\setupugc.exe [MD5.582FDDA54866BB23C1675341CD80A0A2] - [17/12/2016 23:41:21] - |A| - [1361408] - C:\WINDOWS\system32\SharedStartModel.dll [MD5.DA446593637409C623A1F308371F0505] - [17/12/2016 23:40:28] - |A| - [716800] - C:\WINDOWS\system32\ShareHost.dll [MD5.2A2E51FBF9FE4E422E5A95FF141267B5] - [17/12/2016 23:41:23] - |A| - [243712] - C:\WINDOWS\system32\shdocvw.dll [MD5.587F8B85DA3328512DBF396D595DCCCF] - [17/12/2016 23:41:23] - |A| - [22224480] - C:\WINDOWS\system32\shell32.dll [MD5.1F32156F2C7C3842C91DC2C13F5D94C0] - [17/12/2016 23:40:53] - |A| - [231424] - C:\WINDOWS\system32\shutdownux.dll [MD5.610F800CAFD26F05BB8F9FFBF184E3EB] - [17/12/2016 23:40:39] - |A| - [169056] - C:\WINDOWS\system32\skci.dll [MD5.6588A3773E2E0B4F9BAFE86BCDEFD65A] - [21/12/2016 12:53:43] - |A| - [984912] - C:\WINDOWS\system32\sl3apo64.dll [MD5.060E11DCB875D981E948073986E295DC] - [17/12/2016 23:41:03] - |A| - [135168] - C:\WINDOWS\system32\slc.dll [MD5.A74F8336B0813BC8A5BAC9A7D925487A] - [17/12/2016 23:41:03] - |A| - [22016] - C:\WINDOWS\system32\slcext.dll [MD5.CA977CC9B9CA96539C6EAC29BE955248] - [21/12/2016 12:53:44] - |A| - [2995000] - C:\WINDOWS\system32\slcnt64.dll [MD5.00000000000000000000000000000000] - [18/12/2016 00:04:53] - |D| - [870488] - C:\WINDOWS\system32\SleepStudy [MD5.FB05A4275AD6D1E66915BA2CBD014ED5] - [21/12/2016 12:53:44] - |A| - [258864] - C:\WINDOWS\system32\slprp64.dll [MD5.ED13863F3406096F84EEDFA76F8CF117] - [21/12/2016 12:53:46] - |A| - [2706856] - C:\WINDOWS\system32\sltech64.dll [MD5.8D958808853BE6D12997F8290879820C] - [17/12/2016 23:40:28] - |A| - [2390016] - C:\WINDOWS\system32\smartscreen.exe [MD5.D233EAE2A9D48485321816486ED635EF] - [17/12/2016 23:40:19] - |A| - [23552] - C:\WINDOWS\system32\smphost.dll [MD5.3D5F44B1137E72725BD8A37E3F003185] - [17/12/2016 23:41:11] - |A| - [429568] - C:\WINDOWS\system32\SndVolSSO.dll [MD5.4D46291324AE1C7B53B83B2FFB899DC3] - [17/12/2016 23:41:02] - |A| - [130560] - C:\WINDOWS\system32\SpaceAgent.exe [MD5.7FF21D471CF407AC48AE387CA6A1D0D2] - [17/12/2016 23:41:03] - |A| - [627200] - C:\WINDOWS\system32\SpaceControl.dll [MD5.F531526D51EBB96A08911C79D6377E64] - [17/12/2016 23:40:19] - |A| - [35328] - C:\WINDOWS\system32\spaceman.exe [MD5.E9FBF181DC305FCEEF42BFCCA001893D] - [17/12/2016 23:40:26] - |A| - [1535488] - C:\WINDOWS\system32\SpeechPal.dll [MD5.79DCE27E8C4CF6701BFE49EC2446BBF6] - [17/12/2016 23:41:14] - |A| - [792064] - C:\WINDOWS\system32\spoolsv.exe [MD5.7CF84329545035CC0833119C7268A620] - [17/12/2016 23:41:03] - |A| - [138240] - C:\WINDOWS\system32\sppc.dll [MD5.F0F615E0E416DBD05DC8C0A499052608] - [17/12/2016 23:41:03] - |A| - [538112] - C:\WINDOWS\system32\sppcext.dll [MD5.F8C0699FAA8C4A4A3F3C45FAF3D1D903] - [17/12/2016 23:41:02] - |A| - [178176] - C:\WINDOWS\system32\sppnp.dll [MD5.4C80C700BA6B90EE9ED878EEBE67851D] - [17/12/2016 23:41:03] - |A| - [1600624] - C:\WINDOWS\system32\sppobjs.dll [MD5.23529A00195CE71252FEBF647E56E27D] - [17/12/2016 23:41:03] - |A| - [5622088] - C:\WINDOWS\system32\sppsvc.exe [MD5.4F41459377C3C1B05BF46B7C0D50125A] - [17/12/2016 23:41:03] - |A| - [743224] - C:\WINDOWS\system32\sppwinob.dll [MD5.CC73C60BE3BE01F8A46723189EE05D9F] - [17/12/2016 23:42:02] - |A| - [10752] - C:\WINDOWS\system32\spwmp.dll [MD5.0CD98E08C4E3D303385D8C3DD0991290] - [21/12/2016 12:53:39] - |A| - [467152] - C:\WINDOWS\system32\SRAPO64.dll [MD5.C51C9A9E4918C0484BEBEF9AE5EE2210] - [21/12/2016 12:53:41] - |A| - [341144] - C:\WINDOWS\system32\SRCOM.dll [MD5.EBBE92B5C58425A1CED97676D41893AF] - [21/12/2016 12:53:39] - |A| - [381408] - C:\WINDOWS\system32\SRCOM64.dll [MD5.DB0C3558378D0D752F52919BA10FF05E] - [17/12/2016 23:41:12] - |A| - [1002496] - C:\WINDOWS\system32\SRH.dll [MD5.2269644E1163FEE49D3D3B04372B13B1] - [17/12/2016 23:41:12] - |A| - [2009600] - C:\WINDOWS\system32\SRHInproc.dll [MD5.606F38FFC396640DF385F1E696BC4ADD] - [21/12/2016 12:53:40] - |A| - [1435136] - C:\WINDOWS\system32\SRRPTR64.dll [MD5.69DEC334A320C6B6D9B3A09570741FAA] - [21/12/2016 12:52:49] - |A| - [209528] - C:\WINDOWS\system32\SRSHP64.dll [MD5.00000000000000000000000000000000] - [18/12/2016 00:07:41] - |D| - [2322064] - C:\WINDOWS\system32\SRSLabs [MD5.5951E1D28E558C338408DDDC02497B9D] - [21/12/2016 12:52:49] - |A| - [221960] - C:\WINDOWS\system32\SRSTSH64.dll [MD5.DCFEBC12609F7605EAEB2514ADEE16AD] - [21/12/2016 12:52:48] - |A| - [532376] - C:\WINDOWS\system32\SRSTSX64.dll [MD5.3D5F9EF9749AC9BFEE28C00E49FB689A] - [21/12/2016 12:52:49] - |A| - [166200] - C:\WINDOWS\system32\SRSWOW64.dll [MD5.2DF07B2560A3E961C1CA6ABBB4400C68] - [17/12/2016 23:41:50] - |A| - [172528] - C:\WINDOWS\system32\sspicli.dll [MD5.27D5AC0C9ADFAF0AC31596468C36F2B5] - [17/12/2016 23:40:36] - |A| - [18432] - C:\WINDOWS\system32\stdole2.tlb [MD5.8C02F264C60183EEFCE1ED27FDF006DC] - [17/12/2016 23:41:22] - |A| - [389632] - C:\WINDOWS\system32\stobject.dll [MD5.BA15F36D93174EFCB66FA9EB6F6E1EC7] - [17/12/2016 23:41:11] - |A| - [49664] - C:\WINDOWS\system32\StorageUsage.dll [MD5.DC714BE3C7020F761CE02AA42712C0B3] - [17/12/2016 23:40:19] - |A| - [2860032] - C:\WINDOWS\system32\storagewmi.dll [MD5.C465566BE0477B49763820A21F04F292] - [17/12/2016 23:40:19] - |A| - [25600] - C:\WINDOWS\system32\storagewmi_passthru.dll [MD5.96ADD6454DC4FC40CCEE4C1B195E0EA8] - [17/12/2016 23:40:51] - |A| - [748544] - C:\WINDOWS\system32\StoreAgent.dll [MD5.B91FBE7CB4633FEB32AFBD0B48576396] - [17/12/2016 23:41:11] - |A| - [396800] - C:\WINDOWS\system32\StorSvc.dll [MD5.7594864D793660B483A8C0961EA6B858] - [17/12/2016 23:40:36] - |A| - [634368] - C:\WINDOWS\system32\StructuredQuery.dll [MD5.7BF03B897024B13AEADB4F6D61A4D14C] - [17/12/2016 23:41:21] - |A| - [655872] - C:\WINDOWS\system32\sud.dll [MD5.11BDDEDDCAC6CD65A6A082DF53ED0F39] - [17/12/2016 23:41:21] - |A| - [3400192] - C:\WINDOWS\system32\SyncCenter.dll [MD5.2F7EA7EFF4F12E899DB2307AA7A0AF8A] - [17/12/2016 23:42:18] - |A| - [310784] - C:\WINDOWS\system32\SyncSettings.dll [MD5.688F531DFEF5CCAE897F26CCA4C21FE6] - [17/12/2016 23:41:02] - |A| - [41824] - C:\WINDOWS\system32\SysResetErr.exe [MD5.C512708C0558E9C668E677301560877E] - [17/12/2016 23:41:02] - |A| - [354264] - C:\WINDOWS\system32\systemreset.exe [MD5.12374028713EAC8C2746C6FE518FFCE9] - [17/12/2016 23:42:06] - |A| - [175616] - C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll [MD5.C65167B7D95BA8141F4419EA2F3CC409] - [17/12/2016 23:41:21] - |A| - [496128] - C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll [MD5.8FC3E97C6063915D1F3DBA35930169FC] - [17/12/2016 23:41:14] - |A| - [360040] - C:\WINDOWS\system32\SystemSettingsAdminFlows.exe [MD5.6C9AD8E67F7D1F7AA735A9299D261816] - [17/12/2016 23:41:14] - |A| - [2852864] - C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll [MD5.368A8F7CB6C5D664799759AD4862C9C5] - [17/12/2016 23:41:21] - |A| - [717312] - C:\WINDOWS\system32\taskbarcpl.dll [MD5.74A9DD6039575D2A36E7EEDF053937DF] - [17/12/2016 23:41:11] - |A| - [234496] - C:\WINDOWS\system32\tcpipcfg.dll [MD5.CA3001B4B80E1F1A2D345A5D01676890] - [17/12/2016 23:40:26] - |A| - [680448] - C:\WINDOWS\system32\tdh.dll [MD5.AD7A39B37059851994BC59D18513E13A] - [17/12/2016 23:40:39] - |A| - [433664] - C:\WINDOWS\system32\TextInputFramework.dll [MD5.C3F61671F655569BFF6064C39BEAFEF7] - [17/12/2016 23:41:21] - |A| - [2512384] - C:\WINDOWS\system32\themecpl.dll [MD5.8BDB7ED5B39E7510F711CE625B4D0405] - [17/12/2016 23:41:20] - |A| - [545792] - C:\WINDOWS\system32\timedate.cpl [MD5.A07903E282010196D98E8D280A43A24E] - [17/12/2016 23:40:28] - |A| - [875520] - C:\WINDOWS\system32\TokenBroker.dll [MD5.46C84924542A3FDEB68A435BE6129E75] - [17/12/2016 23:40:51] - |A| - [531456] - C:\WINDOWS\system32\TpmCoreProvisioning.dll [MD5.12BBCC45F54D25603314599D7CA90B8B] - [17/12/2016 23:41:11] - |A| - [43520] - C:\WINDOWS\system32\TpmTasks.dll [MD5.207052CB01E914B291AC5A212F87FEFF] - [17/12/2016 23:40:39] - |A| - [3405824] - C:\WINDOWS\system32\tquery.dll [MD5.1616FBBFC15A7125D84697986F33FA4B] - [17/12/2016 23:41:24] - |A| - [408600] - C:\WINDOWS\system32\tsmf.dll [MD5.D5167593F7D56DB441A5145C99C56571] - [17/12/2016 23:41:11] - |A| - [115712] - C:\WINDOWS\system32\TSpkg.dll [MD5.14F0A5EB5F8FDB47039DC6F1BE645DE8] - [17/12/2016 23:40:26] - |A| - [221696] - C:\WINDOWS\system32\tspubwmi.dll [MD5.2EB168A050569ECEBF6BAEDED2FBB0AB] - [17/12/2016 23:41:24] - |A| - [998912] - C:\WINDOWS\system32\TSWorkspace.dll [MD5.288FDF8ADB9921FD784ED4B1F846CFFA] - [17/12/2016 23:40:26] - |A| - [1157000] - C:\WINDOWS\system32\twinapi.appcore.dll [MD5.20C387210808A0755D58EDF5A4C73462] - [17/12/2016 23:41:20] - |A| - [483328] - C:\WINDOWS\system32\twinapi.dll [MD5.096BC26E7B66E610EFD455A6A5C0F87E] - [17/12/2016 23:40:35] - |A| - [971264] - C:\WINDOWS\system32\twinui.appcore.dll [MD5.047038089EBA9376B3B280C50243263C] - [17/12/2016 23:41:21] - |A| - [9131008] - C:\WINDOWS\system32\twinui.dll [MD5.D2F163E37AFD3E3294AC0B71617AF6E6] - [17/12/2016 23:41:14] - |A| - [323584] - C:\WINDOWS\system32\twinui.pcshell.dll [MD5.F723552F65D44FE693DB1A383825B3A8] - [17/12/2016 23:40:28] - |A| - [95232] - C:\WINDOWS\system32\tzautoupdate.dll [MD5.C11126DCD217F5213CED85E7D990B5AB] - [17/12/2016 23:40:37] - |A| - [2560] - C:\WINDOWS\system32\tzres.dll [MD5.CBC2ED420A156B17B88C3D7898521C81] - [17/12/2016 23:41:12] - |A| - [252928] - C:\WINDOWS\system32\ubpm.dll [MD5.2B7AF493E824EF68527F87EC07420055] - [17/12/2016 23:40:28] - |A| - [273920] - C:\WINDOWS\system32\UIAnimation.dll [MD5.0243E66C562B7FBE9697A36141D177BB] - [17/12/2016 23:40:28] - |A| - [1709056] - C:\WINDOWS\system32\UIAutomationCore.dll [MD5.A9C60295BC9E7C7477F7BCC83356336B] - [17/12/2016 23:41:26] - |A| - [584192] - C:\WINDOWS\system32\UIRibbonRes.dll [MD5.F25A86C9E36402BD4E76B7B5C2301C4B] - [17/12/2016 23:41:11] - |A| - [96256] - C:\WINDOWS\system32\umpoext.dll [MD5.8A0775232E1BC52EA49DC682CB279415] - [17/12/2016 23:41:11] - |A| - [295424] - C:\WINDOWS\system32\unimdm.tsp [MD5.C18A0685310ACE5B085551677FB29955] - [17/12/2016 23:40:52] - |A| - [90112] - C:\WINDOWS\system32\updatepolicy.dll [MD5.6F190B115FBAD4D268148E549BC41428] - [17/12/2016 23:41:11] - |A| - [628736] - C:\WINDOWS\system32\uReFS.dll [MD5.9CE8024075A91397B1059DE58C76502D] - [17/12/2016 23:41:13] - |A| - [1779712] - C:\WINDOWS\system32\urlmon.dll [MD5.85B548343071325CAE75847E3E5DEE5D] - [17/12/2016 23:41:14] - |A| - [324608] - C:\WINDOWS\system32\usbmon.dll [MD5.C46EA86BF0E7C96235E9064CBAD6ED26] - [17/12/2016 23:40:39] - |A| - [1461200] - C:\WINDOWS\system32\user32.dll [MD5.30CED9C2EBD1CA0E3F47A31B3C1E4CBD] - [17/12/2016 23:41:23] - |A| - [1359360] - C:\WINDOWS\system32\usercpl.dll [MD5.9E78D7CF1E781E9A3E8F3434E6EDF49E] - [17/12/2016 23:40:52] - |A| - [8192] - C:\WINDOWS\system32\UserDataAccessRes.dll [MD5.AA614E179022050A89FED112EFAF03E8] - [17/12/2016 23:40:52] - |A| - [44032] - C:\WINDOWS\system32\UserDataLanguageUtil.dll [MD5.8C59437748797591C59F709EEFD087C6] - [17/12/2016 23:40:52] - |A| - [64512] - C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll [MD5.4887704D6548C768D9C3D9DFF397947D] - [17/12/2016 23:40:52] - |A| - [118784] - C:\WINDOWS\system32\UserDataTimeUtil.dll [MD5.50469D6A7AA765EAB8E758F4DFBBD011] - [17/12/2016 23:40:52] - |A| - [45568] - C:\WINDOWS\system32\UserDataTypeHelperUtil.dll [MD5.47A88A58D75E255E06AE6BDCE5255D21] - [17/12/2016 23:40:28] - |A| - [196096] - C:\WINDOWS\system32\UserDeviceRegistration.dll [MD5.170F8253749208D7C431F91676CD36EC] - [17/12/2016 23:40:28] - |A| - [101888] - C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll [MD5.AA24C61D88E36BA1144072227922173D] - [17/12/2016 23:41:11] - |A| - [1020928] - C:\WINDOWS\system32\usermgr.dll [MD5.71C446BA0E327922E81D44DC7C92A3E9] - [17/12/2016 23:41:11] - |A| - [268800] - C:\WINDOWS\system32\UserMgrProxy.dll [MD5.C75B1B48BCAADEB0275C1EBE2EAE742D] - [17/12/2016 23:40:52] - |A| - [539136] - C:\WINDOWS\system32\usocore.dll [MD5.E4BBECEFAE8FC9E2C7386183056D1EF5] - [17/12/2016 23:41:12] - |A| - [590848] - C:\WINDOWS\system32\vbscript.dll [MD5.4AD49C57D4EBF99E94A17419F874FD8A] - [17/12/2016 23:40:52] - |A| - [187904] - C:\WINDOWS\system32\VCardParser.dll [MD5.EF63052EC54A826B484455FB9DB62E0E] - [17/12/2016 23:40:52] - |A| - [158720] - C:\WINDOWS\system32\VEStoreEventHandlers.dll [MD5.DA983A338551065286A2D4631AB3DD78] - [17/12/2016 23:40:26] - |A| - [427008] - C:\WINDOWS\system32\vmrdvcore.dll [MD5.7715BF8720E38F77E69B1B688DCD719D] - [17/12/2016 23:41:12] - |A| - [587776] - C:\WINDOWS\system32\vpnike.dll [MD5.3C26EB27EA2D1ADE809434D330A9FA3C] - [17/12/2016 23:41:12] - |A| - [107520] - C:\WINDOWS\system32\VPNv2CSP.dll [MD5.76C1CC611352499326001F25A3ED15F8] - [17/12/2016 23:41:11] - |A| - [520192] - C:\WINDOWS\system32\w32time.dll [MD5.7C4FAE7A8D55C897E5AE681B245A005F] - [17/12/2016 23:40:36] - |A| - [837632] - C:\WINDOWS\system32\wbiosrvc.dll [MD5.CA80E0CE8289060D6C3157FD463DAE3D] - [17/12/2016 23:40:36] - |A| - [329216] - C:\WINDOWS\system32\wc_storage.dll [MD5.5B786047B2D05EF06C060A8BC448907E] - [21/12/2016 13:02:45] - |A| - [1730312] - C:\WINDOWS\system32\WdfCoInstaller01009.dll [MD5.D10864C1730172780C2D4BE633B9220A] - [16/12/2016 13:07:14] - |A| - [1795952] - C:\WINDOWS\system32\WdfCoInstaller01011.dll [MD5.3ABA3E1E15D6C9321BCD3B76765462D0] - [17/12/2016 23:42:14] - |A| - [963584] - C:\WINDOWS\system32\WebcamUi.dll [MD5.DA91DCED65091DDD6240F02214E09050] - [17/12/2016 23:40:36] - |A| - [560640] - C:\WINDOWS\system32\webio.dll [MD5.62E660B43F1159195A136AF280E0C9AB] - [17/12/2016 23:40:52] - |A| - [682816] - C:\WINDOWS\system32\wer.dll [MD5.57614FC8FA9899FE8990B2B99A9EC0C5] - [17/12/2016 23:40:52] - |A| - [238056] - C:\WINDOWS\system32\weretw.dll [MD5.37BD0ED26D65A28E7CAA32F446BDA67A] - [17/12/2016 23:40:38] - |A| - [389000] - C:\WINDOWS\system32\wevtapi.dll [MD5.7188CC9F62B0F140922EBA599BCF518D] - [17/12/2016 23:40:38] - |A| - [1709056] - C:\WINDOWS\system32\wevtsvc.dll [MD5.8FEE878731141BCED2C698F3227BF3E1] - [17/12/2016 23:42:04] - |A| - [47104] - C:\WINDOWS\system32\wfdprov.dll [MD5.6A96D47A249C59F51AF97CD860C1F8C2] - [17/12/2016 23:42:04] - |A| - [27648] - C:\WINDOWS\system32\WiFiConfigSP.dll [MD5.C62578B495990431FB1C3A01DE66EE2A] - [17/12/2016 23:41:12] - |A| - [137728] - C:\WINDOWS\system32\wificonnapi.dll [MD5.B5052EED409881591D081EB35E31FCF6] - [17/12/2016 23:41:12] - |A| - [1348608] - C:\WINDOWS\system32\wifinetworkmanager.dll [MD5.E0ECAB9B4C275B63C0D43E3E91798DFB] - [17/12/2016 23:42:04] - |A| - [298496] - C:\WINDOWS\system32\wifiprofilessettinghandler.dll [MD5.CF7D6BF07E014BC6466BC1349153D3F0] - [17/12/2016 23:41:12] - |A| - [423776] - C:\WINDOWS\system32\wifitask.exe [MD5.6343BD5C58F385703454D47416EE0100] - [17/12/2016 23:40:39] - |A| - [206848] - C:\WINDOWS\system32\win32k.sys [MD5.7C98397279D619956D6A7F9294FA5C5F] - [17/12/2016 23:40:39] - |A| - [1512960] - C:\WINDOWS\system32\win32kbase.sys [MD5.A930AD470CBCBEEAA2B684325453D48A] - [17/12/2016 23:40:39] - |A| - [3616768] - C:\WINDOWS\system32\win32kfull.sys [MD5.21A82A267DE3E0EC597D1C34037E6496] - [17/12/2016 23:41:14] - |A| - [833024] - C:\WINDOWS\system32\win32spl.dll [MD5.0482CFC6D06935953519340A0D360329] - [17/12/2016 23:40:39] - |A| - [114192] - C:\WINDOWS\system32\win32u.dll [MD5.50F9CA3E5799C16E1E0260FDC3BD576F] - [17/12/2016 23:40:54] - |A| - [243712] - C:\WINDOWS\system32\WinBioDataModel.dll [MD5.ABAF65774CEA41C5B335DD12E2C3109B] - [17/12/2016 23:40:54] - |A| - [57344] - C:\WINDOWS\system32\WinBioDataModelOOBE.exe [MD5.A5D48D65A9D0CB4C0DB8F76C76BA9BCC] - [17/12/2016 23:40:37] - |A| - [380928] - C:\WINDOWS\system32\wincorlib.dll [MD5.43ED68085CC11AB7B04A33AF87B25655] - [17/12/2016 23:40:27] - |A| - [896512] - C:\WINDOWS\system32\Windows.AccountsControl.dll [MD5.30A4C80008169E0CE2BA1436C9AC5FE5] - [17/12/2016 23:40:54] - |A| - [114688] - C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll [MD5.D870D75BBFA03E0C60453EF4578E3BF8] - [17/12/2016 23:40:18] - |A| - [358912] - C:\WINDOWS\system32\Windows.ApplicationModel.dll [MD5.9458B2D945C676A0795823C76B8B506A] - [17/12/2016 23:41:12] - |A| - [324608] - C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll [MD5.FB72606571F97668A773079A3A3A3ADF] - [17/12/2016 23:40:51] - |A| - [1859264] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll [MD5.3344B87342E5235D870ECDAC88A9E7B2] - [17/12/2016 23:40:51] - |A| - [320000] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.99607AB70A9CC717523527F07943E312] - [17/12/2016 23:40:52] - |A| - [561664] - C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll [MD5.E74143CBE0A2E3D58FE2D9E050724D46] - [17/12/2016 23:41:14] - |A| - [431616] - C:\WINDOWS\system32\Windows.Cortana.Desktop.dll [MD5.018E797BA4861E98AFC7B52C471423B0] - [17/12/2016 23:40:28] - |A| - [7216640] - C:\WINDOWS\system32\Windows.Data.Pdf.dll [MD5.DF7DDFB4040CED82E53FB72052C50253] - [17/12/2016 23:40:27] - |A| - [651264] - C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll [MD5.F3EBB0888080EA46AB799C170B496BF7] - [17/12/2016 23:40:36] - |A| - [1275392] - C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll [MD5.B463BEB111D821F590580C13878D2F30] - [17/12/2016 23:40:18] - |A| - [279552] - C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll [MD5.E3A0175FF4E72E30DC7A119CE7EA626D] - [17/12/2016 23:40:38] - |A| - [568320] - C:\WINDOWS\system32\Windows.Devices.LowLevel.dll [MD5.B6CF321927474D3DD66B4327DE0FDA65] - [17/12/2016 23:42:15] - |A| - [460800] - C:\WINDOWS\system32\Windows.Devices.Midi.dll [MD5.5D50C23273ECDD2D88B5230E920478FA] - [17/12/2016 23:41:49] - |A| - [2424320] - C:\WINDOWS\system32\Windows.Devices.Perception.dll [MD5.4820547167E09AB8789B3BEE732F2E78] - [17/12/2016 23:40:38] - |A| - [337408] - C:\WINDOWS\system32\Windows.Devices.Picker.dll [MD5.EB768593C4BBCCC8A70AE0B9A6F7CDB7] - [17/12/2016 23:40:51] - |A| - [949248] - C:\WINDOWS\system32\Windows.Devices.PointOfService.dll [MD5.D3C0E70622CF6BFCC098E12581684FED] - [17/12/2016 23:40:34] - |A| - [90624] - C:\WINDOWS\system32\Windows.Devices.Printers.dll [MD5.2D93C1B3A7743D6F685DB4E7C04E626B] - [17/12/2016 23:40:28] - |A| - [186368] - C:\WINDOWS\system32\Windows.Devices.Radios.dll [MD5.901D8AC5AEB329F50A272ADDE4F8E006] - [17/12/2016 23:41:14] - |A| - [216576] - C:\WINDOWS\system32\Windows.Devices.Scanners.dll [MD5.44F8011B39DC01607109C76DAE6AD7AF] - [17/12/2016 23:42:18] - |A| - [765440] - C:\WINDOWS\system32\Windows.Devices.Sensors.dll [MD5.247BBF1EBC3B9CD0E16578686DBF12C2] - [17/12/2016 23:40:18] - |A| - [171520] - C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll [MD5.3404ED20AE5286C613A8F1014ACCE8AD] - [17/12/2016 23:40:28] - |A| - [912384] - C:\WINDOWS\system32\Windows.Devices.SmartCards.dll [MD5.3FB04928F39985489D8602251E8B0C9A] - [17/12/2016 23:40:36] - |A| - [343552] - C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll [MD5.5D60697028FF1649E3B69D6DA8C14193] - [17/12/2016 23:40:18] - |A| - [437248] - C:\WINDOWS\system32\Windows.Devices.Usb.dll [MD5.F7EFAD8D7F960B7FFF1FA5074B1ECE41] - [17/12/2016 23:40:28] - |A| - [193536] - C:\WINDOWS\system32\Windows.Devices.WiFi.dll [MD5.3ECD136507875B5282913D8B24D4EEAB] - [17/12/2016 23:40:35] - |A| - [505856] - C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll [MD5.1153E3F32082C2283D4255EB3BDD5FE1] - [17/12/2016 23:40:28] - |A| - [169984] - C:\WINDOWS\system32\Windows.Energy.dll [MD5.51C5F949CD2220813B185189C1408A68] - [17/12/2016 23:40:28] - |A| - [547840] - C:\WINDOWS\system32\Windows.Gaming.Input.dll [MD5.C6C562772ADC6BACF5C780ED2CAEDD4F] - [17/12/2016 23:40:38] - |A| - [467968] - C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll [MD5.C20AA1C87E29746C3745FA8BD5849233] - [17/12/2016 23:40:28] - |A| - [1586176] - C:\WINDOWS\system32\Windows.Globalization.dll [MD5.896FF9C1393D667DCE31657ACB4DDCB0] - [17/12/2016 23:40:34] - |A| - [2208768] - C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll [MD5.077BE7BD9ECDED0AB0478E3818CCACA6] - [17/12/2016 23:40:28] - |A| - [611328] - C:\WINDOWS\system32\Windows.Graphics.Printing.dll [MD5.A5767C71E1F56A6BCC13F8C35FDA861C] - [17/12/2016 23:40:36] - |A| - [472064] - C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll [MD5.09CF47A74BFB480B8262FCEE222004B6] - [17/12/2016 23:41:13] - |A| - [407552] - C:\WINDOWS\system32\Windows.Internal.Management.dll [MD5.D0080BFE4CD5D36DBC6FBC137B5B0F7E] - [17/12/2016 23:41:12] - |A| - [208896] - C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll [MD5.5783CAF6C64513FB937D7E56F37D6CA7] - [17/12/2016 23:41:13] - |A| - [28672] - C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll [MD5.72504CCBEEB0765FEB201F32A4438A48] - [17/12/2016 23:42:16] - |A| - [1217024] - C:\WINDOWS\system32\Windows.Media.Audio.dll [MD5.3BC06B2436C509172D1F13E109BAA408] - [17/12/2016 23:41:02] - |A| - [720896] - C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll [MD5.F0ECBA9411082A38CCD6C02C91D2646B] - [17/12/2016 23:42:15] - |A| - [139776] - C:\WINDOWS\system32\Windows.Media.Devices.dll [MD5.20A7D1848593F5988A2ACE63F22DE8BF] - [17/12/2016 23:42:16] - |A| - [6285312] - C:\WINDOWS\system32\Windows.Media.dll [MD5.1C5F6FAA20301F1BA5813182CFBC729C] - [17/12/2016 23:42:16] - |A| - [1403392] - C:\WINDOWS\system32\Windows.Media.Editing.dll [MD5.03D44A7F93EC1F5D21D286AF5697F513] - [17/12/2016 23:40:26] - |A| - [1507840] - C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll [MD5.56F7319A3D2C1072A5B95D4E710825C0] - [17/12/2016 23:40:28] - |A| - [852480] - C:\WINDOWS\system32\Windows.Media.Import.dll [MD5.B6F97FEDAE70E044637D47827679860F] - [17/12/2016 23:41:11] - |A| - [372440] - C:\WINDOWS\system32\Windows.Media.MediaControl.dll [MD5.1592DF03B5ABC1EF0FCE26E13DCC3435] - [17/12/2016 23:40:26] - |A| - [1080320] - C:\WINDOWS\system32\Windows.Media.Ocr.dll [MD5.C539A88D4D53C2DE20D76B1D5C8EB77E] - [17/12/2016 23:41:02] - |A| - [718848] - C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.9EDC292CFA20432BE47F2840A5AB5C15] - [17/12/2016 23:41:02] - |A| - [702464] - C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll [MD5.2F3EA67476D78958F91E070C14A8E31B] - [17/12/2016 23:41:02] - |A| - [8168000] - C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll [MD5.45E17A495E9F42D1A50F5DEF27E3BF2F] - [17/12/2016 23:40:51] - |A| - [1643008] - C:\WINDOWS\system32\Windows.Media.Speech.dll [MD5.C6FACF5D524F94DA53BEF41CE9075CA4] - [17/12/2016 23:40:51] - |A| - [568832] - C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll [MD5.5E6A4B729FF8C016493B9391055ECEE6] - [17/12/2016 23:40:50] - |A| - [1078784] - C:\WINDOWS\system32\Windows.Media.Streaming.dll [MD5.8054F43873E02C41D7D6B73955F7EED8] - [17/12/2016 23:40:34] - |A| - [110080] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll [MD5.19986DF1B9394BA1A20D4C62A6CEA53C] - [17/12/2016 23:40:34] - |A| - [924672] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll [MD5.4D06D0976C0004975F8FD8B8432C4B46] - [17/12/2016 23:40:34] - |A| - [701952] - C:\WINDOWS\system32\Windows.Networking.Connectivity.dll [MD5.F3D563CF231AD62A647589A99B642262] - [17/12/2016 23:40:34] - |A| - [913920] - C:\WINDOWS\system32\Windows.Networking.dll [MD5.AEB4FF628102E6DE554B972229655EFD] - [17/12/2016 23:40:34] - |A| - [223744] - C:\WINDOWS\system32\Windows.Networking.HostName.dll [MD5.42C292AA69762E4C630208064E412311] - [17/12/2016 23:40:38] - |A| - [113664] - C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll [MD5.2C89C590F55F983B922EB705E4F5C009] - [17/12/2016 23:42:04] - |A| - [1087488] - C:\WINDOWS\system32\Windows.Networking.Vpn.dll [MD5.BAB2F86DE0219361898F99B710E33FBF] - [17/12/2016 23:40:27] - |A| - [418304] - C:\WINDOWS\system32\Windows.Perception.Stub.dll [MD5.1388E367C75008A010301C89D842CFEE] - [17/12/2016 23:40:51] - |A| - [252416] - C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll [MD5.A078282A109E2FC4EA26430D5D602830] - [17/12/2016 23:40:29] - |A| - [981504] - C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll [MD5.D55AC147BCDC3DA3EDA4F8F58BF276A8] - [17/12/2016 23:40:28] - |A| - [800768] - C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll [MD5.BFC3A0E0D9CA0BC28FFDDB1999794970] - [17/12/2016 23:41:20] - |A| - [58880] - C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll [MD5.4E330AD1EED4A5D582EE415FD55953A2] - [17/12/2016 23:40:36] - |A| - [4136448] - C:\WINDOWS\system32\Windows.StateRepository.dll [MD5.1D8F285E38781C2688FCBD249B4AA50C] - [17/12/2016 23:40:36] - |A| - [73216] - C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll [MD5.13F5191092A5767D17BAB667395BA42F] - [17/12/2016 23:40:36] - |A| - [122880] - C:\WINDOWS\system32\Windows.StateRepositoryClient.dll [MD5.613FF7815E475EEB84F898A9FB1F658E] - [17/12/2016 23:40:35] - |A| - [328008] - C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll [MD5.3968825A109FE7940D5DB648556D756C] - [17/12/2016 23:40:36] - |A| - [7219672] - C:\WINDOWS\system32\windows.storage.dll [MD5.CFFF0F8196624A07049A1906CBB8961A] - [17/12/2016 23:40:28] - |A| - [82432] - C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll [MD5.CCBAD93556C460C5C50D4DC097FA7A77] - [17/12/2016 23:40:54] - |A| - [363520] - C:\WINDOWS\system32\Windows.UI.BioFeedback.dll [MD5.EC9296E14C716E9D30D176DCF54A77BC] - [17/12/2016 23:40:53] - |A| - [418304] - C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll [MD5.C30FB61C85D12E1F7DDEFEA141F79DB4] - [17/12/2016 23:40:39] - |A| - [261120] - C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll [MD5.49198C0CFB8476EF30D4F6583E75603F] - [17/12/2016 23:40:53] - |A| - [1388544] - C:\WINDOWS\system32\Windows.UI.Cred.dll [MD5.FCA6EDAFA4B69EE5A5B59686716CC9E0] - [17/12/2016 23:40:53] - |A| - [257024] - C:\WINDOWS\system32\Windows.UI.CredDialogController.dll [MD5.43165ADA4B93B958D6CEF6CFAABEBA0C] - [17/12/2016 23:41:35] - |A| - [816640] - C:\WINDOWS\system32\Windows.UI.dll [MD5.52A50D6838A6ED4255FF8B0CE2BC4B11] - [17/12/2016 23:41:20] - |A| - [1726976] - C:\WINDOWS\system32\Windows.UI.Immersive.dll [MD5.A19442728A283A172FB25123B9B5388B] - [17/12/2016 23:40:39] - |A| - [1266176] - C:\WINDOWS\system32\Windows.UI.Input.Inking.dll [MD5.8A6F3A7F4ED2687171FFA0C598FED595] - [17/12/2016 23:40:54] - |A| - [2688512] - C:\WINDOWS\system32\Windows.UI.Logon.dll [MD5.88104DF1A924408A61B35438A0596A1B] - [17/12/2016 23:41:20] - |A| - [909312] - C:\WINDOWS\system32\Windows.UI.Search.dll [MD5.32F359D2120A8C670FE650994A9FF419] - [17/12/2016 23:41:22] - |A| - [49152] - C:\WINDOWS\system32\Windows.UI.Shell.dll [MD5.A9FAD443A2F9424AB7B21A183050F206] - [17/12/2016 23:40:34] - |A| - [17188352] - C:\WINDOWS\system32\Windows.UI.Xaml.dll [MD5.475594097E9D06D3421B70C70276668D] - [17/12/2016 23:40:35] - |A| - [642048] - C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll [MD5.D6F1F925CCB39146CF9E761C7F6B078A] - [17/12/2016 23:40:35] - |A| - [1424896] - C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll [MD5.BAEC308109D4DBBE4471DEAFB839EE10] - [17/12/2016 23:40:35] - |A| - [1369088] - C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll [MD5.B5EBC4909DC4BA8D3757F6A65AF32A95] - [17/12/2016 23:40:34] - |A| - [1631232] - C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll [MD5.45F740736878E8C84E392B455B110199] - [17/12/2016 23:40:52] - |A| - [237568] - C:\WINDOWS\system32\Windows.Web.Diagnostics.dll [MD5.05DDFD4E50E504766028069EC42AE1DC] - [17/12/2016 23:40:34] - |A| - [774656] - C:\WINDOWS\system32\Windows.Web.dll [MD5.A0356DC83D0B5C020151ACD9C3017392] - [17/12/2016 23:40:34] - |A| - [1328128] - C:\WINDOWS\system32\Windows.Web.Http.dll [MD5.99C236BDF40912E253650B562DB65235] - [17/12/2016 23:40:39] - |A| - [1738560] - C:\WINDOWS\system32\WindowsCodecs.dll [MD5.C2A3B07F0118D61086C99BDCBAB6A6A3] - [17/12/2016 23:40:36] - |A| - [817664] - C:\WINDOWS\system32\winhttp.dll [MD5.E584CDC70F694F9A984A060A8291EB04] - [17/12/2016 23:41:13] - |A| - [2669056] - C:\WINDOWS\system32\wininet.dll [MD5.F2EC11E6910B515B603224D431A8DD73] - [17/12/2016 23:41:04] - |A| - [69632] - C:\WINDOWS\system32\wininetlui.dll [MD5.183B7A1DCA847669FB16A7392535B095] - [17/12/2016 23:41:10] - |A| - [1354320] - C:\WINDOWS\system32\winload.efi [MD5.74C191A1BF7AD5AD63432E104E1D7A54] - [17/12/2016 23:41:10] - |A| - [1173496] - C:\WINDOWS\system32\winload.exe [MD5.DE6DF9BBBECAFDEF462A37D839167368] - [17/12/2016 23:41:03] - |A| - [673792] - C:\WINDOWS\system32\winlogon.exe [MD5.DF1E6557FA2D92350A0EA194523F694E] - [17/12/2016 23:40:50] - |A| - [1694712] - C:\WINDOWS\system32\winmde.dll [MD5.A8594741E7FFBA9579715E9451066533] - [17/12/2016 23:41:10] - |A| - [1051112] - C:\WINDOWS\system32\winresume.efi [MD5.0DCF6AF8987CD9EEBAB548A593380C3E] - [17/12/2016 23:41:10] - |A| - [894096] - C:\WINDOWS\system32\winresume.exe [MD5.C509CCD23B086DFC9EAF86E280043672] - [17/12/2016 23:41:24] - |A| - [147456] - C:\WINDOWS\system32\winsrv.dll [MD5.D9D6F747EFF5E427D4C3047A65603554] - [17/12/2016 23:40:36] - |A| - [341936] - C:\WINDOWS\system32\wintrust.dll [MD5.7B07A0CFEB7F5B6C016433C15DCCA9E7] - [17/12/2016 23:40:37] - |A| - [1267512] - C:\WINDOWS\system32\WinTypes.dll [MD5.33DBBCF71F68EA97D9FD34E4C9AB5AC6] - [17/12/2016 23:40:36] - |A| - [283648] - C:\WINDOWS\system32\wkssvc.dll [MD5.EB29E99F261CCC1DFD21D2698C986A41] - [17/12/2016 23:42:04] - |A| - [396168] - C:\WINDOWS\system32\wlanapi.dll [MD5.CF8840234456D3C84876BD4D76FF0663] - [17/12/2016 23:42:04] - |A| - [296448] - C:\WINDOWS\system32\wlancfg.dll [MD5.388D8F174114ED37337F3C7C67B016B4] - [17/12/2016 23:42:04] - |A| - [15872] - C:\WINDOWS\system32\wlanhlp.dll [MD5.9C010096033F1A3945C7932AEFEA4E1A] - [17/12/2016 23:40:51] - |A| - [631296] - C:\WINDOWS\system32\WlanMediaManager.dll [MD5.72FD49FE3028ECA74E40EAEE30056FB0] - [17/12/2016 23:42:04] - |A| - [412160] - C:\WINDOWS\system32\wlanmsm.dll [MD5.5791AC0F4802B34B90CA83015EFBAE4D] - [17/12/2016 23:42:04] - |A| - [462336] - C:\WINDOWS\system32\wlansec.dll [MD5.7671078AEF4C0203B053A9642C401FF7] - [17/12/2016 23:42:04] - |A| - [2370048] - C:\WINDOWS\system32\wlansvc.dll [MD5.61B66562773BE5BB068E49841077B171] - [17/12/2016 23:42:04] - |A| - [26112] - C:\WINDOWS\system32\wlansvcpal.dll [MD5.E15711970C5BE05E8D70B294D0AFF621] - [17/12/2016 23:40:34] - |A| - [2104320] - C:\WINDOWS\system32\wlidsvc.dll [MD5.D5C3E8035ED6C8A96FE1C3EFD453DE52] - [17/12/2016 23:42:02] - |A| - [13441024] - C:\WINDOWS\system32\wmp.dll [MD5.E4BF5B9D5DE1EA3E60A45AFBC64ABB72] - [17/12/2016 23:42:02] - |A| - [1555456] - C:\WINDOWS\system32\WMPDMC.exe [MD5.94074A43D56655B9FE5FEF2AFD448F45] - [17/12/2016 23:42:02] - |A| - [217600] - C:\WINDOWS\system32\wmpdxm.dll [MD5.7FD0E0A3A683A3654CC4D81B4564EE54] - [17/12/2016 23:42:01] - |A| - [292872] - C:\WINDOWS\system32\wmpeffects.dll [MD5.7BCB8EEE8A3ECBF09A66F9BE025660CA] - [17/12/2016 23:42:02] - |A| - [9260032] - C:\WINDOWS\system32\wmploc.DLL [MD5.F5CE6B08E4E3F474F7D00D6B555E6BE3] - [17/12/2016 23:42:15] - |A| - [2049480] - C:\WINDOWS\system32\wmpmde.dll [MD5.53C21D9AD412078037B9029FEBC3B690] - [17/12/2016 23:42:01] - |A| - [387872] - C:\WINDOWS\system32\wmpps.dll [MD5.E936902AE86AC6BE7AF7609894D74B93] - [17/12/2016 23:42:02] - |A| - [126464] - C:\WINDOWS\system32\wmpshell.dll [MD5.C1C8560C3FA7E2F970CB134393B594BC] - [17/12/2016 23:40:39] - |A| - [40448] - C:\WINDOWS\system32\WordBreakers.dll [MD5.BE427F0FF5D26CBEC418F699AB0B5E65] - [17/12/2016 23:40:18] - |A| - [432128] - C:\WINDOWS\system32\WpAXHolder.dll [MD5.3389B83F4D881983A3063185717F354D] - [17/12/2016 23:42:04] - |A| - [836608] - C:\WINDOWS\system32\WpcRefreshTask.dll [MD5.FCD1E8B95BC298E2F482E52B8A9CC2F5] - [17/12/2016 23:42:04] - |A| - [226304] - C:\WINDOWS\system32\WpcTok.exe [MD5.62255F0593C9967DCE38EBD4B959A823] - [17/12/2016 23:42:04] - |A| - [945664] - C:\WINDOWS\system32\WpcWebFilter.dll [MD5.2330E681265607D4AD6C9C9763A3A8A6] - [17/12/2016 23:42:05] - |A| - [864256] - C:\WINDOWS\system32\wpnapps.dll [MD5.90E6A44311F392E63043D4B395FEBE80] - [17/12/2016 23:42:05] - |A| - [1366016] - C:\WINDOWS\system32\wpncore.dll [MD5.0C8FF2286E8D1CDB6B80A6FE2E2874EE] - [17/12/2016 23:42:05] - |A| - [100864] - C:\WINDOWS\system32\wpninprc.dll [MD5.79939990A672F2ED0F56E70475C2EB35] - [17/12/2016 23:42:05] - |A| - [615424] - C:\WINDOWS\system32\wpnprv.dll [MD5.E010703EC49A1EBD7B90F57E0A9E6846] - [17/12/2016 23:41:11] - |A| - [1322848] - C:\WINDOWS\system32\wpx.dll [MD5.19DBA20EA39E641B940156DF8D2E96E2] - [17/12/2016 23:41:49] - |A| - [424640] - C:\WINDOWS\system32\ws2_32.dll [MD5.4EC62F8C60191A2710294C8BDFEECB9A] - [17/12/2016 23:41:01] - |A| - [198856] - C:\WINDOWS\system32\wscapi.dll [MD5.8019685F581BD9E0C605D227383CFF58] - [17/12/2016 23:41:00] - |A| - [159232] - C:\WINDOWS\system32\wscinterop.dll [MD5.9A0E0B836413EB0BC885532D2A5389D6] - [17/12/2016 23:41:01] - |A| - [184832] - C:\WINDOWS\system32\wscsvc.dll [MD5.FB081DD05891F05ECF6B015CBD7AEC8F] - [17/12/2016 23:41:00] - |A| - [1220096] - C:\WINDOWS\system32\wscui.cpl [MD5.9664CEE01F1F168FD201C1972DB2C718] - [17/12/2016 23:41:02] - |A| - [1477632] - C:\WINDOWS\system32\wsecedit.dll [MD5.11D3620AB49916F0179316888852A570] - [17/12/2016 23:40:52] - |A| - [32256] - C:\WINDOWS\system32\WSManHTTPConfig.exe [MD5.B8C0D620219ECAA23A2AC841EAF454D1] - [17/12/2016 23:40:52] - |A| - [2716672] - C:\WINDOWS\system32\WsmSvc.dll [MD5.011C9D432E756AF6A7BFEC1E32DE0605] - [17/12/2016 23:41:02] - |A| - [1913344] - C:\WINDOWS\system32\wsp_fs.dll [MD5.95E795E17E85BDD48A1574CFB59882E8] - [17/12/2016 23:41:02] - |A| - [1554944] - C:\WINDOWS\system32\wsp_health.dll [MD5.BBC56FDD21EB4264EEC87EE1E56049D4] - [17/12/2016 23:41:02] - |A| - [947200] - C:\WINDOWS\system32\wsp_sr.dll [MD5.8F8F8FA35F3CED1F869673E16D8A54E4] - [17/12/2016 23:40:52] - |A| - [869888] - C:\WINDOWS\system32\wuapi.dll [MD5.8DC162262762E46F37D89D31B59EF69D] - [17/12/2016 23:40:52] - |A| - [26408] - C:\WINDOWS\system32\wuauclt.exe [MD5.5163F5BABAE1FF8CCC0AFD60B6EDD20A] - [17/12/2016 23:40:52] - |A| - [2317312] - C:\WINDOWS\system32\wuaueng.dll [MD5.37929F180E10D1D277D1E3D22FF886AE] - [17/12/2016 23:40:52] - |A| - [48640] - C:\WINDOWS\system32\wups.dll [MD5.EF4A6C0CD82605DF6575780B99ED78DA] - [17/12/2016 23:40:52] - |A| - [32768] - C:\WINDOWS\system32\wups2.dll [MD5.6B02A2756E4D3D4DB0DF5A71A5A7E1E0] - [17/12/2016 23:40:52] - |A| - [391168] - C:\WINDOWS\system32\wuuhext.dll [MD5.62DB63BA7A9BC04D7BBB83D558797A97] - [17/12/2016 23:40:53] - |A| - [857440] - C:\WINDOWS\system32\WWAHost.exe [MD5.C3D638E0DD7A716F6C8CAC1630286B2F] - [17/12/2016 23:42:15] - |A| - [527808] - C:\WINDOWS\system32\WWanAPI.dll [MD5.56FE23313A840471CF2C7FC8CA7AA637] - [17/12/2016 23:42:15] - |A| - [468992] - C:\WINDOWS\system32\wwanconn.dll [MD5.D14A397FD0DF8DBFEF68F69B16F0160C] - [17/12/2016 23:42:15] - |A| - [6574592] - C:\WINDOWS\system32\wwanmm.dll [MD5.BA071F454E5AF40CE4E7A8540DB0D532] - [17/12/2016 23:42:15] - |A| - [76800] - C:\WINDOWS\system32\wwanprotdim.dll [MD5.E231728BC515A4B85543AF74A1FEDFCB] - [17/12/2016 23:42:15] - |A| - [1282048] - C:\WINDOWS\system32\wwansvc.dll [MD5.B740472F6A76DF422DD557AF957B70BE] - [17/12/2016 23:40:53] - |A| - [157696] - C:\WINDOWS\system32\XamlTileRender.dll [MD5.F39D6915451D9226AC9A5E7AE70E2ABA] - [17/12/2016 23:40:28] - |A| - [1013248] - C:\WINDOWS\system32\XblAuthManager.dll [MD5.5E80576858544345D4CFC61306A0280C] - [17/12/2016 23:42:15] - |A| - [4596224] - C:\WINDOWS\system32\xpsrchvw.exe [MD5.F00D9885A1B3173B75E9C2A954238984] - [17/12/2016 23:41:20] - |A| - [388096] - C:\WINDOWS\system32\zipfldr.dll [MD5.8E6E3C6D32042055F918C457B3CB683C] - [16/12/2016 11:11:26] - |A| - [159360] - C:\WINDOWS\system32\Drivers\83744B8A-CEFA-4A45-A3-B3-10-F5-52-37-39-4B.sys [MD5.323AA1953ED9C01E23F740FA891FE064] - [17/12/2016 23:41:49] - |A| - [584032] - C:\WINDOWS\system32\Drivers\afd.sys [MD5.23522E5D581F7722B1B5B86737CAE39C] - [17/12/2016 23:41:10] - |A| - [227328] - C:\WINDOWS\system32\Drivers\ahcache.sys [MD5.275B6F698CBEC36C42D3ABD7EE049BA1] - [21/12/2016 12:50:07] - |A| - [49448] - C:\WINDOWS\system32\Drivers\amdkmafd.sys [MD5.8C427F35B9A734C284AB8634A9BD8F51] - [21/12/2016 13:02:16] - |A| - [92400] - C:\WINDOWS\system32\Drivers\amd_sata.sys [MD5.E341406226901D67DF5469F1B8146BB3] - [21/12/2016 13:02:17] - |A| - [32496] - C:\WINDOWS\system32\Drivers\amd_xata.sys [MD5.B66ED2CB37F7E4696A51612AFBA08834] - [17/12/2016 23:40:53] - |A| - [127328] - C:\WINDOWS\system32\Drivers\AppVStrm.sys [MD5.9CD2A4821DE379305CACB2E99AD8953A] - [17/12/2016 23:42:05] - |A| - [101888] - C:\WINDOWS\system32\Drivers\bowser.sys [MD5.60EB6A4CE3E21887D302350631C16F26] - [17/12/2016 23:40:18] - |A| - [118272] - C:\WINDOWS\system32\Drivers\capimg.sys [MD5.5008FF3BBB078956C60DCA0044CF175B] - [17/12/2016 23:41:50] - |A| - [379744] - C:\WINDOWS\system32\Drivers\Classpnp.sys [MD5.B72D26074E72A757D788FB1BEF8B2F2E] - [17/12/2016 23:41:10] - |A| - [377184] - C:\WINDOWS\system32\Drivers\clfs.sys [MD5.8833A059270A60CE347FEB9A7951B3F4] - [17/12/2016 23:40:26] - |A| - [681304] - C:\WINDOWS\system32\Drivers\ClipSp.sys [MD5.EFC50A6C4C6B6F9AA09AFAC5C15881B6] - [16/12/2016 11:04:11] - |A| - [40384] - C:\WINDOWS\system32\Drivers\clvad.sys [MD5.0C7626AFB2419207B2ABCB6F8AEA334F] - [16/12/2016 13:07:14] - |A| - [103176] - C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys [MD5.0FBA6EDE873360E0AD44BB74A8B1ED85] - [16/12/2016 11:04:00] - |A| - [55240] - C:\WINDOWS\system32\Drivers\clwvdVM.sys [MD5.964943933D448935595C450AC4E8A5B1] - [17/12/2016 23:41:39] - |A| - [23392] - C:\WINDOWS\system32\Drivers\cmimcext.sys [MD5.B0D9B87B795B7833C9152441CBD55CC4] - [17/12/2016 23:40:37] - |A| - [624048] - C:\WINDOWS\system32\Drivers\cng.sys [MD5.5779731037C856ECDE96328D41742DBF] - [16/12/2016 10:35:56] - |A| - [3550400] - C:\WINDOWS\system32\Drivers\COSService.exe [MD5.3DFBB8B3F8BC0A91297030D0E530BA37] - [17/12/2016 23:41:11] - |A| - [79200] - C:\WINDOWS\system32\Drivers\crashdmp.sys [MD5.039B5A8CBD5C75D1C46DF15F7C74D136] - [17/12/2016 23:41:03] - |A| - [63328] - C:\WINDOWS\system32\Drivers\dam.sys [MD5.0D1D392ED2597F295956D058D33BD7C3] - [17/12/2016 23:41:40] - |A| - [144896] - C:\WINDOWS\system32\Drivers\dfsc.sys [MD5.79B9D7643C9E3AD10B89DF8EF0A9D2FE] - [21/12/2016 12:15:28] - |A| - [276256] - C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys [MD5.FFFBB40B9C7AD811AA6EA74A0A6168B1] - [17/12/2016 23:40:17] - |A| - [187232] - C:\WINDOWS\system32\Drivers\dumpsd.sys [MD5.19F2B54EE8861D90579BD0E3AE5182F9] - [17/12/2016 23:40:39] - |A| - [2189664] - C:\WINDOWS\system32\Drivers\dxgkrnl.sys [MD5.5634BF53BE184314A82E638EAD67DE73] - [17/12/2016 23:40:39] - |A| - [402272] - C:\WINDOWS\system32\Drivers\dxgmms1.sys [MD5.D24345315139AAF6E3DF106344EE9422] - [17/12/2016 23:40:39] - |A| - [658784] - C:\WINDOWS\system32\Drivers\dxgmms2.sys [MD5.2A9817B5A9260D8F60D52E36BEF10443] - [17/12/2016 23:40:18] - |A| - [118112] - C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys [MD5.C5713A2B4C9D9150041FB70C4A2ADE07] - [16/12/2016 10:48:36] - |A| - [65192] - C:\WINDOWS\system32\Drivers\eubakup.sys [MD5.C5713A2B4C9D9150041FB70C4A2ADE07] - [20/12/2016 21:36:13] - |A| - [65192] - C:\WINDOWS\system32\Drivers\EUBAKUP0.sys [MD5.5061B571167E1EE26E8D549CCDBE9CC6] - [16/12/2016 10:48:33] - |A| - [52392] - C:\WINDOWS\system32\Drivers\EUBKMON.sys [MD5.5061B571167E1EE26E8D549CCDBE9CC6] - [20/12/2016 21:36:08] - |A| - [52392] - C:\WINDOWS\system32\Drivers\EUBKMON0.sys [MD5.44A0838432C8A31A5D6CBE0BF348CED6] - [16/12/2016 10:48:38] - |N| - [18472] - C:\WINDOWS\system32\Drivers\eudskacs.sys [MD5.D05585505CB20235E7C665158464551D] - [16/12/2016 10:48:39] - |N| - [192552] - C:\WINDOWS\system32\Drivers\EuFdDisk.sys [MD5.6B133EE401475A72D252D49F8736936E] - [20/12/2016 21:36:17] - |A| - [196776] - C:\WINDOWS\system32\Drivers\EUFDDISK0.sys [MD5.F3960CA85778E5D7611EE0F501972340] - [19/12/2016 13:09:34] - |A| - [102856] - C:\WINDOWS\system32\Drivers\farflt.sys [MD5.FA918EC296EB410FF02867D008D02421] - [17/12/2016 23:40:36] - |A| - [352096] - C:\WINDOWS\system32\Drivers\fastfat.sys [MD5.8EEC4925C03E375C4EC496E45C44139A] - [17/12/2016 23:42:06] - |A| - [649568] - C:\WINDOWS\system32\Drivers\fvevol.sys [MD5.B23596AFC687B5256CCD7DD429E2E6FB] - [17/12/2016 23:42:03] - |A| - [409952] - C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS [MD5.6D1EC569858420237B86E934A914DA2E] - [21/12/2016 13:02:45] - |A| - [185744] - C:\WINDOWS\system32\Drivers\GeneStor.sys [MD5.5157325B17E455D9DF7AFBB4B608E78A] - [17/12/2016 23:40:17] - |A| - [156672] - C:\WINDOWS\system32\Drivers\hidclass.sys [MD5.B9A33B9298BAFCE11E9823B1056D5BB0] - [17/12/2016 23:40:17] - |A| - [40960] - C:\WINDOWS\system32\Drivers\hidparse.sys [MD5.D8536CB438CC4CCDAE047B768EED22B2] - [17/12/2016 23:40:17] - |A| - [38400] - C:\WINDOWS\system32\Drivers\hidusb.sys [MD5.BF958EB7B11F5B2D353B85E0E80D823E] - [21/12/2016 19:25:51] - |A| - [34056] - C:\WINDOWS\system32\Drivers\hotcore3.sys [MD5.A10C7C1E69FC90620C7BF2E51302A01F] - [17/12/2016 23:40:54] - |A| - [1100128] - C:\WINDOWS\system32\Drivers\http.sys [MD5.74FC79C52395B10FFD0B55CF22CF88FC] - [17/12/2016 23:40:39] - |A| - [73568] - C:\WINDOWS\system32\Drivers\hvservice.sys [MD5.0EF1E8299F58E1369B067F7B65D9F773] - [15/12/2016 12:51:45] - |N| - [223464] - C:\WINDOWS\system32\Drivers\idmwfp.sys [MD5.DB32758F3A7F6CCE81A5430080A2EA65] - [17/12/2016 23:40:20] - |A| - [48992] - C:\WINDOWS\system32\Drivers\iorate.sys [MD5.0B779E9FC426CA2268D28181FA6C222F] - [17/12/2016 23:40:17] - |A| - [39424] - C:\WINDOWS\system32\Drivers\kbdhid.sys [MD5.8E6E3C6D32042055F918C457B3CB683C] - [16/12/2016 11:11:26] - |A| - [159360] - C:\WINDOWS\system32\Drivers\KeyCrypt64.sys [MD5.705C0F8BCCEF6E7CB704CCB454192D7E] - [17/12/2016 23:41:50] - |A| - [133472] - C:\WINDOWS\system32\Drivers\ksecdd.sys [MD5.55AD13E2BAFC5AB53A10F8C271F5D242] - [17/12/2016 23:40:37] - |A| - [168800] - C:\WINDOWS\system32\Drivers\ksecpkg.sys [MD5.047244823B2EA707E1F6076CA20DEF90] - [19/12/2016 13:08:01] - |A| - [77408] - C:\WINDOWS\system32\Drivers\mbae64.sys [MD5.88BD122C3A35DE63D75D382DF75554CE] - [19/12/2016 13:09:17] - |A| - [43968] - C:\WINDOWS\system32\Drivers\mbam.sys [MD5.3BEC6134F1E45AEF5E971F69F0D38510] - [19/12/2016 13:09:57] - |A| - [176064] - C:\WINDOWS\system32\Drivers\MBAMChameleon.sys [MD5.ABB371D9AEF728B0489B0E6872B4A1C0] - [19/12/2016 13:09:08] - |A| - [250816] - C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys [MD5.2CF0CB2A0ED68C5455371E84C16F9627] - [17/12/2016 23:40:18] - |A| - [64352] - C:\WINDOWS\system32\Drivers\MegaSas2i.sys [MD5.0D50B3F3AB32D416786B58D4553859CE] - [17/12/2016 23:41:11] - |A| - [42496] - C:\WINDOWS\system32\Drivers\modem.sys [MD5.25D32BE04FE0A23FDF57FD5382757672] - [17/12/2016 23:41:00] - |A| - [143872] - C:\WINDOWS\system32\Drivers\mrxdav.sys [MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - [17/12/2016 23:41:40] - |A| - [450392] - C:\WINDOWS\system32\Drivers\mrxsmb.sys [MD5.D4D12BC29DE0F09280868FDCA65B3474] - [17/12/2016 23:42:14] - |A| - [282624] - C:\WINDOWS\system32\Drivers\mrxsmb10.sys [MD5.93A77008A8932FC84A173C4E97E52874] - [17/12/2016 23:41:40] - |A| - [223584] - C:\WINDOWS\system32\Drivers\mrxsmb20.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/12/2016 00:06:04] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/12/2016 10:55:42] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [MD5.205C2D377E1CA85A4465491DB8064DA9] - [19/12/2016 13:09:34] - |A| - [91584] - C:\WINDOWS\system32\Drivers\mwac.sys [MD5.D5564FC81350458ED570528C4E3B1CCF] - [17/12/2016 23:41:50] - |A| - [1181536] - C:\WINDOWS\system32\Drivers\ndis.sys [MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - [17/12/2016 23:41:50] - |A| - [2255712] - C:\WINDOWS\system32\Drivers\ntfs.sys [MD5.CDBD029BAEC8D09F6FBD404632D9AF28] - [17/12/2016 23:41:50] - |A| - [128352] - C:\WINDOWS\system32\Drivers\partmgr.sys [MD5.E2DD2E5BDCCD225670831B439826065B] - [17/12/2016 23:40:18] - |A| - [335712] - C:\WINDOWS\system32\Drivers\pci.sys [MD5.9EA203A07EFA6D74F07F32EF0DAB5CA6] - [17/12/2016 23:42:04] - |A| - [108384] - C:\WINDOWS\system32\Drivers\pdc.sys [MD5.AF6963414B820B7C45578ED3300438A7] - [17/12/2016 23:41:40] - |A| - [433504] - C:\WINDOWS\system32\Drivers\rdbss.sys [MD5.62893ED791E8E524F243FE59E16D00B0] - [21/12/2016 12:53:21] - |A| - [7890895] - C:\WINDOWS\system32\Drivers\RTAIODAT.DAT [MD5.15F7B5181274ED437DFDEF21B44679A4] - [21/12/2016 13:03:31] - |A| - [418784] - C:\WINDOWS\system32\Drivers\RtsUer.sys [MD5.7C3D10BEC8B0DBA00A78C78EB10B3AE2] - [17/12/2016 23:40:17] - |A| - [279904] - C:\WINDOWS\system32\Drivers\sdbus.sys [MD5.C994DF90427103CCB80F893FFD2B1CE8] - [17/12/2016 23:40:18] - |A| - [557408] - C:\WINDOWS\system32\Drivers\spaceport.sys [MD5.E83830BB74AE8CBECEA0ECD94DE436F9] - [17/12/2016 23:42:14] - |A| - [409088] - C:\WINDOWS\system32\Drivers\srv.sys [MD5.55CA5329D1ADEB8F8034045930147AE4] - [17/12/2016 23:41:40] - |A| - [713216] - C:\WINDOWS\system32\Drivers\srv2.sys [MD5.F13EE0DB1FB1D6946AC3228D7EFCFC8F] - [17/12/2016 23:41:40] - |A| - [248320] - C:\WINDOWS\system32\Drivers\srvnet.sys [MD5.53EB8CE34B55A1EE63424C8DB7388BFC] - [17/12/2016 23:40:17] - |A| - [130912] - C:\WINDOWS\system32\Drivers\storahci.sys [MD5.B66D8C75C9BC59D637177AB3B1C569A6] - [17/12/2016 23:40:18] - |A| - [81760] - C:\WINDOWS\system32\Drivers\stornvme.sys [MD5.DEA44117F9EE53EAFCE555C0A9B108C6] - [17/12/2016 23:40:38] - |A| - [509280] - C:\WINDOWS\system32\Drivers\storport.sys [MD5.C6F59E545B2BC2E1CF858C45B10B8BAD] - [16/12/2016 10:36:36] - |A| - [2575552] - C:\WINDOWS\system32\Drivers\SynchronizationService.exe [MD5.4F25E481124059CC593B4C68BC485640] - [17/12/2016 23:42:03] - |A| - [2537824] - C:\WINDOWS\system32\Drivers\tcpip.sys [MD5.E5E5D9E317739CEE510EAF46C88A7C38] - [17/12/2016 23:41:10] - |A| - [128864] - C:\WINDOWS\system32\Drivers\tm.sys [MD5.46171262D0E806779DEEDFCAB2F830CC] - [17/12/2016 23:40:17] - |A| - [219488] - C:\WINDOWS\system32\Drivers\tpm.sys [MD5.46ADD0CD4473AAEF1C68266A803F704D] - [17/12/2016 23:40:18] - |A| - [714592] - C:\WINDOWS\system32\Drivers\vhdmp.sys [MD5.92F6E3E6D3F1795263EB34B37F74AEF7] - [17/12/2016 23:40:17] - |A| - [74080] - C:\WINDOWS\system32\Drivers\vpci.sys [MD5.E330144B97D493AA886000DCAAA8DAF5] - [17/12/2016 23:40:36] - |A| - [119648] - C:\WINDOWS\system32\Drivers\wcifs.sys [MD5.8CB606A3057355FD5A9DBDD1A0AC94EF] - [17/12/2016 23:42:04] - |A| - [719360] - C:\WINDOWS\system32\Drivers\WdiWiFi.sys [MD5.88B66D75B0D26B449C83D54C87F30553] - [17/12/2016 23:40:27] - |A| - [51712] - C:\WINDOWS\system32\Drivers\winhvr.sys [MD5.43C8D087B31C592163B33A4BDA540E40] - [17/12/2016 23:12:39] - |A| - [199008] - C:\WINDOWS\system32\Drivers\wof.sys [MD5.9627BBAA50878F6833A6A7843EE3B1D9] - [17/12/2016 23:40:17] - |A| - [258560] - C:\WINDOWS\system32\Drivers\xboxgip.sys [MD5.63088A3361D9A308F328F11E9099DD87] - [17/12/2016 23:40:17] - |A| - [43520] - C:\WINDOWS\system32\Drivers\xinputhid.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [16/12/2016 11:11:53] - |A| - [203680] - C:\WINDOWS\system32\Drivers\zam64.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [16/12/2016 11:11:52] - |A| - [203680] - C:\WINDOWS\system32\Drivers\zamguard64.sys [MD5.00000000000000000000000000000000] - [19/12/2016 22:10:34] - |D| - [336225] - C:\WINDOWS\syswow64\1033 [MD5.8F857B2705BECC734B4D979A0D2C0D03] - [17/12/2016 23:40:35] - |A| - [886272] - C:\WINDOWS\syswow64\aadtb.dll [MD5.60022914420DFE9782BEED4FA37FC135] - [17/12/2016 23:41:37] - |A| - [238080] - C:\WINDOWS\syswow64\AboveLockAppHost.dll [MD5.7E1DE305D91428A2AE496EA0BCEFFA3E] - [17/12/2016 23:41:37] - |A| - [5398016] - C:\WINDOWS\syswow64\aclui.dll [MD5.CB6C0BDA744854AAEFC3179958D7723B] - [17/12/2016 23:41:39] - |A| - [549376] - C:\WINDOWS\syswow64\ActionCenterCPL.dll [MD5.2ECE88940B9F7513A6C99D8108FF398A] - [17/12/2016 23:40:28] - |A| - [333312] - C:\WINDOWS\syswow64\ActivationManager.dll [MD5.5CAA3BA7EAE16D621E0854F71165E376] - [17/12/2016 23:40:26] - |A| - [1576448] - C:\WINDOWS\syswow64\actxprxy.dll [MD5.F05624A666CECC5181AD269AEFDAA77C] - [17/12/2016 23:40:52] - |A| - [54784] - C:\WINDOWS\syswow64\AddressParser.dll [MD5.F968F7F6E379371EC2BCCBF1738829B3] - [17/12/2016 23:41:36] - |A| - [89088] - C:\WINDOWS\syswow64\adsmsext.dll [MD5.D0DCEDABBD3843B5B1D6FC7552E91C04] - [21/12/2016 18:37:31] - |A| - [117982] - C:\WINDOWS\syswow64\ADVAPI32.LIB [MD5.993585DD4B3DEB915659A65CA27A6B6E] - [17/12/2016 23:42:18] - |A| - [140288] - C:\WINDOWS\syswow64\AppCapture.dll [MD5.D67B0E9226FBA4C7703B86563863759E] - [17/12/2016 23:40:35] - |A| - [819200] - C:\WINDOWS\syswow64\AppContracts.dll [MD5.4D0BBCC85007F01B1E69B926B97D38FA] - [17/12/2016 23:40:52] - |A| - [118272] - C:\WINDOWS\syswow64\AppointmentActivation.dll [MD5.355B607EF9E48A76B4E262CFDBAD4162] - [17/12/2016 23:40:52] - |A| - [710144] - C:\WINDOWS\syswow64\AppointmentApis.dll [MD5.15966EA1972A55F661FC509FE3074B77] - [17/12/2016 23:41:36] - |A| - [125952] - C:\WINDOWS\syswow64\apprepapi.dll [MD5.21D6D4555C11864CF0328746937ACA05] - [17/12/2016 23:41:36] - |A| - [284672] - C:\WINDOWS\syswow64\apprepsync.dll [MD5.5B7C5CF39C3A4A37B42C40D5CB1F0E89] - [17/12/2016 23:41:38] - |A| - [760832] - C:\WINDOWS\syswow64\appwiz.cpl [MD5.D478AD237CC6925BDC08062A195C5AA7] - [17/12/2016 23:40:20] - |A| - [313856] - C:\WINDOWS\syswow64\AppXDeploymentClient.dll [MD5.1FA30DD7A757FE41B3F5E9ECC6A1C923] - [17/12/2016 23:40:20] - |A| - [1022304] - C:\WINDOWS\syswow64\AppxPackaging.dll [MD5.D3537A60401DFB5DD88E5EBB500D5B19] - [21/12/2016 18:37:26] - |A| - [103184] - C:\WINDOWS\syswow64\asctrls.ocx [MD5.2436E797EBD6F4FBFAAAEED3796658AD] - [17/12/2016 23:41:36] - |A| - [79360] - C:\WINDOWS\syswow64\asycfilt.dll [MD5.7EAA3FDD14CCBF400C1A762D0C305D10] - [17/12/2016 23:40:19] - |A| - [315744] - C:\WINDOWS\syswow64\atmfd.dll [MD5.279A342558DCEB7540459417FC91CA37] - [17/12/2016 23:40:19] - |A| - [37376] - C:\WINDOWS\syswow64\atmlib.dll [MD5.9114BA853A4F6441101CD38246FD4B28] - [17/12/2016 23:42:15] - |A| - [382784] - C:\WINDOWS\syswow64\AUDIOKSE.dll [MD5.24FC2879F6A3E2F92648B8F5058BD21C] - [17/12/2016 23:42:15] - |A| - [484584] - C:\WINDOWS\syswow64\AudioSes.dll [MD5.4A7AD501B449CED36AC774EE6A6FF0B0] - [17/12/2016 23:40:18] - |A| - [117760] - C:\WINDOWS\syswow64\AuthBroker.dll [MD5.3FDA860AF9312A76DB959D2A6BF94FF1] - [17/12/2016 23:41:38] - |A| - [89088] - C:\WINDOWS\syswow64\AuthExt.dll [MD5.A3E9AD90B35B68944CA017E5259613FF] - [17/12/2016 23:41:37] - |A| - [798208] - C:\WINDOWS\syswow64\authui.dll [MD5.F0D7EBAC8AF6083293F2627868BE22B4] - [17/12/2016 23:41:38] - |A| - [152064] - C:\WINDOWS\syswow64\autoplay.dll [MD5.F6E114D3392384C0D7B4004809166D75] - [17/12/2016 23:42:18] - |A| - [1255936] - C:\WINDOWS\syswow64\AzureSettingSyncProvider.dll [MD5.6F3D42F378F6D0CAB2E9429270346555] - [17/12/2016 23:40:26] - |A| - [49664] - C:\WINDOWS\syswow64\BackgroundMediaPolicy.dll [MD5.33F992140B11BF32F08008B7E52631D0] - [17/12/2016 23:42:18] - |A| - [505856] - C:\WINDOWS\syswow64\bcastdvr.exe [MD5.FE65A5BA6720E69BF79A1069F73D946F] - [17/12/2016 23:42:18] - |A| - [156672] - C:\WINDOWS\syswow64\BcastDVRHelper.dll [MD5.C041ED5CE66BEDFA0CEAC973C8E5DAC5] - [17/12/2016 23:40:18] - |A| - [106896] - C:\WINDOWS\syswow64\bcrypt.dll [MD5.00000000000000000000000000000000] - [16/12/2016 07:43:04] - |D| - [1626] - C:\WINDOWS\syswow64\BestPractices [MD5.9D0717ECC88FA1090C675B9308979DE7] - [17/12/2016 23:40:41] - |A| - [5380608] - C:\WINDOWS\syswow64\BingMaps.dll [MD5.12559576CCE18136E18CF41F2FAA02AE] - [17/12/2016 23:40:50] - |A| - [536576] - C:\WINDOWS\syswow64\BingOnlineServices.dll [MD5.69EAF28B7B37F1DEAE7E8E9104C76EAA] - [17/12/2016 23:40:54] - |A| - [152064] - C:\WINDOWS\syswow64\biwinrt.dll [MD5.C3E0142EB96C1401F972A55AE2071C81] - [17/12/2016 23:40:18] - |A| - [95232] - C:\WINDOWS\syswow64\BluetoothApis.dll [MD5.BD6ECE56F430AC6BC29D24433CFC5D9A] - [16/12/2016 08:41:04] - |A| - [61917] - C:\WINDOWS\syswow64\CCCInstall_201612160841042386.log [MD5.2FBB96DC67699B3539C56685D80CE2B4] - [18/12/2016 00:09:44] - |A| - [61917] - C:\WINDOWS\syswow64\CCCInstall_201612180009443131.log [MD5.30FE605338408D1D459012E4ED9B903D] - [17/12/2016 23:40:35] - |A| - [3198464] - C:\WINDOWS\syswow64\cdp.dll [MD5.9D2B100882C4225550374967544779B2] - [17/12/2016 23:40:18] - |A| - [2646016] - C:\WINDOWS\syswow64\CertEnroll.dll [MD5.98F4C3DE98F6C24B74DA6150836BDDC9] - [17/12/2016 23:42:00] - |A| - [6044160] - C:\WINDOWS\syswow64\Chakra.dll [MD5.DF990FE5B6590BB98145BEBCA2C7E721] - [17/12/2016 23:41:59] - |A| - [822784] - C:\WINDOWS\syswow64\Chakradiag.dll [MD5.5750D828D956B7B0247C291540746497] - [17/12/2016 23:42:00] - |A| - [121344] - C:\WINDOWS\syswow64\Chakrathunk.dll [MD5.B3E528C20D922E67A648963C8BEA4245] - [17/12/2016 23:41:36] - |A| - [109568] - C:\WINDOWS\syswow64\chartv.dll [MD5.AA977093E4B741600108FBBDC539EC8F] - [17/12/2016 23:40:52] - |A| - [567808] - C:\WINDOWS\syswow64\ChatApis.dll [MD5.F205CE29B7DE05821E38D4B5123606FC] - [17/12/2016 23:40:35] - |A| - [171520] - C:\WINDOWS\syswow64\ClipboardServer.dll [MD5.BD3CC07916DE6906E95635E8FF7B1CBC] - [17/12/2016 23:42:19] - |A| - [231424] - C:\WINDOWS\syswow64\CloudBackupSettings.dll [MD5.917FA3842E22439BFA78C24C1A1F64D5] - [17/12/2016 23:40:36] - |A| - [116576] - C:\WINDOWS\syswow64\CloudExperienceHostCommon.dll [MD5.53CAEB549848695EFE764887D9F1AA27] - [17/12/2016 23:40:36] - |A| - [136032] - C:\WINDOWS\syswow64\CloudExperienceHostUser.dll [MD5.B896EE88B38810BF83E1A2D08ADDA673] - [17/12/2016 23:42:17] - |A| - [157536] - C:\WINDOWS\syswow64\CloudStorageWizard.exe [MD5.00B45696F9D77E154B1B053CFE06C1EF] - [17/12/2016 23:41:36] - |A| - [558080] - C:\WINDOWS\syswow64\clusapi.dll [MD5.199BB32B8878D8DDDCF7ACD40424ECE9] - [17/12/2016 23:40:18] - |A| - [81408] - C:\WINDOWS\syswow64\cmifw.dll [MD5.09FB1E45C38939B300140F01D14D0E6A] - [17/12/2016 23:40:19] - |A| - [2166752] - C:\WINDOWS\syswow64\combase.dll [MD5.1B63AF252CFEFF520871F0AE37C80C5E] - [21/12/2016 18:37:28] - |A| - [164144] - C:\WINDOWS\syswow64\COMCT232.OCX [MD5.0E86A451C2BF6DD8C550309845473F13] - [17/12/2016 23:41:38] - |A| - [596832] - C:\WINDOWS\syswow64\comctl32.dll [MD5.EB5F811C1F78005B3C147599A0CCCF51] - [21/12/2016 18:37:28] - |A| - [608448] - C:\WINDOWS\syswow64\COMCTL32.OCX [MD5.053B12D5D2E45A7E01E43F008552620C] - [17/12/2016 23:41:37] - |A| - [912896] - C:\WINDOWS\syswow64\comdlg32.dll [MD5.D76F0EAB36F83A31D411AEAF70DA7396] - [21/12/2016 18:37:28] - |A| - [140288] - C:\WINDOWS\syswow64\COMDLG32.OCX [MD5.F02766CB652FA385BCB3A4CBB599CCD1] - [17/12/2016 23:41:36] - |A| - [1320448] - C:\WINDOWS\syswow64\comsvcs.dll [MD5.255DA8853C0D48A5D90CA836E8C6DE1E] - [17/12/2016 23:41:37] - |A| - [58880] - C:\WINDOWS\syswow64\ConfigureExpandedStorage.dll [MD5.29F0526733193BBCEE9611A13BD3450A] - [17/12/2016 23:40:52] - |A| - [48128] - C:\WINDOWS\syswow64\ContactActivation.dll [MD5.426B59A08D30F2EC996AABFEDF994165] - [17/12/2016 23:40:52] - |A| - [850944] - C:\WINDOWS\syswow64\ContactApis.dll [MD5.E5C6864827D5B0E0502F4298B2FFD4BC] - [17/12/2016 23:40:36] - |A| - [226304] - C:\WINDOWS\syswow64\container.dll [MD5.1D090D82282336CD790733FAE33641E9] - [17/12/2016 23:40:18] - |A| - [483840] - C:\WINDOWS\syswow64\CoreMessaging.dll [MD5.7F14E8300CC72C06417D2980F2FBA0FE] - [17/12/2016 23:40:38] - |A| - [2048496] - C:\WINDOWS\syswow64\CoreUIComponents.dll [MD5.B74141855782DF8B4BC10613078D8638] - [17/12/2016 23:42:18] - |A| - [709120] - C:\WINDOWS\syswow64\CPFilters.dll [MD5.56B9442F5B481F1124473651319CE84C] - [17/12/2016 23:41:49] - |A| - [391168] - C:\WINDOWS\syswow64\CredProvDataModel.dll [MD5.3AAA62FE99A777E4509D049FEC0E86AB] - [17/12/2016 23:41:49] - |A| - [203776] - C:\WINDOWS\syswow64\credprovhost.dll [MD5.39809F1A942E32FDFA115944754A180E] - [17/12/2016 23:41:49] - |A| - [137216] - C:\WINDOWS\syswow64\credprovs.dll [MD5.E1707BFA4F8994B457ED3F127CDEDDAA] - [17/12/2016 23:41:37] - |A| - [143872] - C:\WINDOWS\syswow64\credprovslegacy.dll [MD5.5D52820BCF597EAC5B109D1494B149BA] - [17/12/2016 23:40:19] - |A| - [1556712] - C:\WINDOWS\syswow64\crypt32.dll [MD5.906AF6140A5CEADA32E1EA4B972F4E48] - [21/12/2016 18:37:31] - |A| - [147130] - C:\WINDOWS\syswow64\CRYPT32.LIB [MD5.EDD8DCA7F0DC0029E21BD55D2E4372F0] - [17/12/2016 23:40:20] - |A| - [285696] - C:\WINDOWS\syswow64\cryptngc.dll [MD5.7A5508100B6C66E90AEBA459015BE29D] - [17/12/2016 23:40:18] - |A| - [288256] - C:\WINDOWS\syswow64\CryptoWinRT.dll [MD5.646456D5F61E896AB100F07B42FE5630] - [17/12/2016 23:40:18] - |A| - [225280] - C:\WINDOWS\syswow64\C_G18030.DLL [MD5.2540DB1A9F7AD778FDAA8A073CDA3AB9] - [17/12/2016 23:40:18] - |A| - [12800] - C:\WINDOWS\syswow64\c_GSM7.DLL [MD5.682E99D14AEC1ED0874872433FC63C0F] - [17/12/2016 23:40:18] - |A| - [14336] - C:\WINDOWS\syswow64\C_IS2022.DLL [MD5.505DC1F4C21AF1FF96F77629FC2AD67E] - [17/12/2016 23:40:39] - |A| - [5061120] - C:\WINDOWS\syswow64\d2d1.dll [MD5.3E689A2AE38163D67297C87ED7770B9C] - [17/12/2016 23:40:39] - |A| - [2323728] - C:\WINDOWS\syswow64\d3d10warp.dll [MD5.14165F6BC67B1B51DD9F55C339D63CB0] - [17/12/2016 23:40:39] - |A| - [2277248] - C:\WINDOWS\syswow64\d3d11.dll [MD5.3EA6EBC56A17E2B9AF27459179949D56] - [17/12/2016 23:40:39] - |A| - [806400] - C:\WINDOWS\syswow64\D3D12.dll [MD5.5B3B4FBBACE6A551A7A23F2A97A708EE] - [17/12/2016 23:40:19] - |A| - [731136] - C:\WINDOWS\syswow64\d3d8.dll [MD5.17C406D38C3989FF3BDB17D08C1991CE] - [17/12/2016 23:40:20] - |A| - [1425000] - C:\WINDOWS\syswow64\d3d9.dll [MD5.1C9B45E87528B8BB8CFA884EA0099A85] - [18/12/2016 05:54:05] - |A| - [2106216] - C:\WINDOWS\syswow64\D3DCompiler_43.dll [MD5.F8CA7E1DCC958DEE67AB07F3671758F4] - [17/12/2016 23:40:39] - |A| - [3733504] - C:\WINDOWS\syswow64\D3DCompiler_47.dll [MD5.83EBA442F07AAB8D6375D2EEC945C46C] - [18/12/2016 06:02:13] - |A| - [1868128] - C:\WINDOWS\syswow64\d3dcsx_43.dll [MD5.20C835843FCEC4DEDFCD7BFFA3B91641] - [18/12/2016 06:23:00] - |A| - [470880] - C:\WINDOWS\syswow64\d3dx10_43.dll [MD5.8E0BB968FF41D80E5F2C747C04DB79AE] - [18/12/2016 06:32:41] - |A| - [248672] - C:\WINDOWS\syswow64\d3dx11_43.dll [MD5.86E39E9161C3D930D93822F1563C280D] - [18/12/2016 06:14:56] - |A| - [1998168] - C:\WINDOWS\syswow64\D3DX9_43.dll [MD5.7D1CEE0AEC344815661C8C45CEFC1643] - [17/12/2016 23:40:35] - |A| - [257536] - C:\WINDOWS\syswow64\DataExchange.dll [MD5.BB8D21E3DEAA7FB1D77158D4FBCF24D5] - [17/12/2016 23:42:04] - |A| - [327680] - C:\WINDOWS\syswow64\daxexec.dll [MD5.57895C7CFF374517ABC79CCCC3C77716] - [17/12/2016 23:40:19] - |A| - [4557824] - C:\WINDOWS\syswow64\dbgeng.dll [MD5.55AAAA3C2A11EE0F48BFB10D222C4A7F] - [17/12/2016 23:40:19] - |A| - [461312] - C:\WINDOWS\syswow64\DbgModel.dll [MD5.E728FB4102BF63937B40E38B8C3728B1] - [17/12/2016 23:40:19] - |A| - [548352] - C:\WINDOWS\syswow64\ddraw.dll [MD5.8DE2BD969738C7A09B65BB00CE90DC02] - [17/12/2016 23:40:18] - |A| - [20992] - C:\WINDOWS\syswow64\delegatorprovider.dll [MD5.00C916B8ECDCDF87DEA9889EC87F0452] - [17/12/2016 23:40:26] - |A| - [83120] - C:\WINDOWS\syswow64\devenum.dll [MD5.03EDC391936C4CFDEC874E4840CFC22A] - [17/12/2016 23:40:20] - |A| - [35328] - C:\WINDOWS\syswow64\deviceassociation.dll [MD5.C45CC1044D106B59EBC61679D79FCF96] - [17/12/2016 23:40:38] - |A| - [1755136] - C:\WINDOWS\syswow64\DeviceFlows.DataModel.dll [MD5.8A21948CF905F807F478FA87E1823CC4] - [17/12/2016 23:41:38] - |A| - [506880] - C:\WINDOWS\syswow64\DevicePairing.dll [MD5.3D84D07AE55418FCB30E647DF2BB419F] - [17/12/2016 23:40:37] - |A| - [226304] - C:\WINDOWS\syswow64\dhcpcore6.dll [MD5.D0D95F33F633EF118A8E20DF418F81F6] - [17/12/2016 23:42:17] - |A| - [141312] - C:\WINDOWS\syswow64\dialclient.dll [MD5.EF6670C8985109F79E7B4F0546463200] - [21/12/2016 18:37:26] - |A| - [28672] - C:\WINDOWS\syswow64\Disable_X.ocx [MD5.C0E596721A1500F565BF28229158EA6E] - [17/12/2016 23:40:35] - |A| - [138240] - C:\WINDOWS\syswow64\DisplayManager.dll [MD5.73332BE0A5E2F7F04CCCEFD2F82A337C] - [17/12/2016 23:42:02] - |A| - [248832] - C:\WINDOWS\syswow64\dlnashext.dll [MD5.934F47AB68E2D38577E348F497A3BC21] - [17/12/2016 23:42:18] - |A| - [395264] - C:\WINDOWS\syswow64\dmenrollengine.dll [MD5.227CFE3EDA82029AAC1C088A16297CD7] - [17/12/2016 23:40:37] - |A| - [496872] - C:\WINDOWS\syswow64\dnsapi.dll [MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - [18/12/2016 21:24:54] - |A| - [52] - C:\WINDOWS\syswow64\DOErrors.log [MD5.67A6B5E9C56578342FA9A9F3811C3127] - [17/12/2016 23:42:19] - |A| - [455040] - C:\WINDOWS\syswow64\DolbyDecMFT.dll [MD5.49A6050FBE7C8D0B3C5E1A2A55E1BFC4] - [17/12/2016 23:40:19] - |A| - [749920] - C:\WINDOWS\syswow64\drvstore.dll [MD5.6019DC32EC94E1AA3637FFD13DEE5837] - [17/12/2016 23:41:36] - |A| - [141824] - C:\WINDOWS\syswow64\DscCoreConfProv.dll [MD5.CBB5BFC926BAA8764F57504C0CA0FC23] - [17/12/2016 23:40:18] - |A| - [404992] - C:\WINDOWS\syswow64\dsreg.dll [MD5.B7938AAC81C0233A39A11E7FA31BFD55] - [17/12/2016 23:40:51] - |A| - [39424] - C:\WINDOWS\syswow64\dtdump.exe [MD5.A839B2CF099C3F328E6D369E29B14E02] - [17/12/2016 23:40:18] - |A| - [113504] - C:\WINDOWS\syswow64\dwmapi.dll [MD5.7CEB531B7F1D82344DD3F649227F1840] - [17/12/2016 23:40:18] - |A| - [1992704] - C:\WINDOWS\syswow64\dwmcore.dll [MD5.63CF9E094A62A787937B955D654C55DE] - [17/12/2016 23:40:26] - |A| - [2005504] - C:\WINDOWS\syswow64\DWrite.dll [MD5.0FA371C4D87D47E4D2E39655DE14F521] - [17/12/2016 23:40:39] - |A| - [527880] - C:\WINDOWS\syswow64\dxgi.dll [MD5.CC8FAB9F22A20B9C314DF2F1E9247482] - [17/12/2016 23:42:01] - |A| - [5120] - C:\WINDOWS\syswow64\dxmasf.dll [MD5.9ECED4DB6043F22AFC2B44EEE0A3232F] - [17/12/2016 23:42:00] - |A| - [270336] - C:\WINDOWS\syswow64\dxtrans.dll [MD5.F998BC859F9AE1224848D828B9AA6ABD] - [17/12/2016 23:42:04] - |A| - [243712] - C:\WINDOWS\syswow64\eapp3hst.dll [MD5.95CFC05F34079A4B2CE4BBABC05BDEDA] - [17/12/2016 23:42:04] - |A| - [197120] - C:\WINDOWS\syswow64\eappcfg.dll [MD5.1239C51284092F90C31583F699FA1062] - [17/12/2016 23:42:04] - |A| - [91648] - C:\WINDOWS\syswow64\eappgnui.dll [MD5.8FC85E2CFA234AE5857A3AA9CDB109F6] - [17/12/2016 23:42:04] - |A| - [235008] - C:\WINDOWS\syswow64\eapphost.dll [MD5.31CEC1815AF7F92E1C466F49EC944751] - [17/12/2016 23:42:04] - |A| - [57344] - C:\WINDOWS\syswow64\eappprxy.dll [MD5.38000DC06180F3C2F68B7175BC6C6B94] - [17/12/2016 23:41:59] - |A| - [19413504] - C:\WINDOWS\syswow64\edgehtml.dll [MD5.3BFB09E18CE3158070C7CFE0C3DA6DE2] - [17/12/2016 23:40:39] - |A| - [68096] - C:\WINDOWS\syswow64\EditBufferTestHook.dll [MD5.78AE0A7C1C49582534E5C89582E41D6C] - [17/12/2016 23:41:36] - |A| - [32768] - C:\WINDOWS\syswow64\efsext.dll [MD5.CC41DF9EB48F743E5CD747011376D539] - [17/12/2016 23:42:17] - |A| - [431616] - C:\WINDOWS\syswow64\efswrt.dll [MD5.312DC38536876B54D006CD45E6193C78] - [17/12/2016 23:40:52] - |A| - [858112] - C:\WINDOWS\syswow64\EmailApis.dll [MD5.7CEDA4ED28857BC683A3CCD41818EC60] - [17/12/2016 23:40:26] - |A| - [22528] - C:\WINDOWS\syswow64\encapi.dll [MD5.4F513D2133F558DFD9E26154C20B3BE4] - [17/12/2016 23:40:35] - |A| - [134144] - C:\WINDOWS\syswow64\ErrorDetails.dll [MD5.1AE271B3E627F399376451CA2A5425B0] - [17/12/2016 23:40:35] - |A| - [63488] - C:\WINDOWS\syswow64\ErrorDetailsUpdate.dll [MD5.3E8908FCB9B3624901B4C5C4ECEBD687] - [17/12/2016 23:40:19] - |A| - [2708992] - C:\WINDOWS\syswow64\esent.dll [MD5.9D55397B7000228C59836BA5E5B44DFB] - [17/12/2016 23:40:19] - |A| - [306688] - C:\WINDOWS\syswow64\esentutl.exe [MD5.804DCE6D165D93ED74A5472B84B6D429] - [17/12/2016 23:42:03] - |A| - [640976] - C:\WINDOWS\syswow64\evr.dll [MD5.AF46710DDB8B0E304AA4FD2B940CABD8] - [17/12/2016 23:41:38] - |A| - [4311736] - C:\WINDOWS\syswow64\explorer.exe [MD5.F050C5ED0C243759023D91F25C2DA94C] - [17/12/2016 23:41:38] - |A| - [4423680] - C:\WINDOWS\syswow64\ExplorerFrame.dll [MD5.7C24C4B6F34B1DD483858494F0F86780] - [17/12/2016 23:40:52] - |A| - [224256] - C:\WINDOWS\syswow64\ExSMime.dll [MD5.0203CAE673FF9072FEC0B63262D53DB2] - [17/12/2016 23:40:52] - |A| - [18944] - C:\WINDOWS\syswow64\ExtrasXmlParser.dll [MD5.4A0F35BA2C067E26E5EAE4D2AE8F20EF] - [17/12/2016 23:42:05] - |A| - [55296] - C:\WINDOWS\syswow64\findnetprinters.dll [MD5.7247EF8573B8AF6875F31FCE1F51FB7C] - [21/12/2016 18:37:26] - |A| - [1129232] - C:\WINDOWS\syswow64\FM20.DLL [MD5.7D883493B442CB8AE9E0FF7B30543552] - [21/12/2016 18:37:26] - |A| - [26384] - C:\WINDOWS\syswow64\FM20ENU.DLL [MD5.5523F95FE25F50D5F5E36742F31B61CB] - [17/12/2016 23:40:19] - |A| - [545936] - C:\WINDOWS\syswow64\fontdrvhost.exe [MD5.9E0539AA914B272943B8A29D779F1C5F] - [17/12/2016 23:41:38] - |A| - [896512] - C:\WINDOWS\syswow64\fontext.dll [MD5.03756C464D3741481D6A99B067377C7A] - [17/12/2016 23:42:16] - |A| - [198144] - C:\WINDOWS\syswow64\FSClient.dll [MD5.3FE6F1234DBE0C5F3A17CA329C1A9641] - [19/12/2016 22:32:25] - |A| - [69208] - C:\WINDOWS\syswow64\fssres.dll [MD5.EA9D4CD0F30337BC51F50CBAD8097933] - [17/12/2016 23:42:18] - |A| - [592384] - C:\WINDOWS\syswow64\GamePanel.exe [MD5.5BD8F54F125CC5F5E6CD358A98264E23] - [17/12/2016 23:41:38] - |A| - [2484736] - C:\WINDOWS\syswow64\gameux.dll [MD5.A38BCC4DF4DA792C71F6FBA54299F893] - [17/12/2016 23:40:39] - |A| - [170960] - C:\WINDOWS\syswow64\gdi32.dll [MD5.56A1F18F27A325A4C17BF7EA963DBD2B] - [17/12/2016 23:40:20] - |A| - [1415752] - C:\WINDOWS\syswow64\gdi32full.dll [MD5.B0DA5BABD745E9D07DA0B36E46C6CA8F] - [17/12/2016 23:40:19] - |A| - [1456640] - C:\WINDOWS\syswow64\GdiPlus.dll [MD5.59656CB07155EA08E542397AAE1B8CB9] - [21/12/2016 13:03:08] - |A| - [18163] - C:\WINDOWS\syswow64\GeneStor.INF [MD5.84AF13FE61DC95AC2D597FCCDB46EE61] - [17/12/2016 23:41:50] - |A| - [357376] - C:\WINDOWS\syswow64\Geolocation.dll [MD5.24ADF3F61828FEA22D88A3B81E541101] - [17/12/2016 23:40:35] - |A| - [199680] - C:\WINDOWS\syswow64\GlobCollationHost.dll [MD5.1130EF1F3D0F6080ECCAA9DBD4CAB626] - [19/12/2016 22:32:23] - |A| - [147032] - C:\WINDOWS\syswow64\hadrres.dll [MD5.562E97FEB07676FF73F4A3BD8723661B] - [17/12/2016 23:42:17] - |A| - [1969912] - C:\WINDOWS\syswow64\hevcdecoder.dll [MD5.2436051F3FC09F11F3009834D6FF1465] - [17/12/2016 23:41:38] - |A| - [580608] - C:\WINDOWS\syswow64\hgcpl.dll [MD5.105F8E623989E7830FFC45CC96159558] - [21/12/2016 18:37:26] - |A| - [143360] - C:\WINDOWS\syswow64\HLButton.ocx [MD5.4BCF4BE17AB9D9BD5A1D03020BCDAF73] - [21/12/2016 18:37:26] - |A| - [24576] - C:\WINDOWS\syswow64\IBcalendarser.ocx [MD5.064AC7AA2487A7E90685AF7B476A1C6B] - [21/12/2016 18:37:26] - |A| - [94208] - C:\WINDOWS\syswow64\IBColIml.ocx [MD5.5663FE0A7B3A01654659B4B92935FD14] - [21/12/2016 18:37:27] - |A| - [86016] - C:\WINDOWS\syswow64\IBwinUtil.ocx [MD5.8840B10C0A960E4EF6E563881CB430BB] - [21/12/2016 18:38:07] - |A| - [229376] - C:\WINDOWS\syswow64\IDrLocale.dll [MD5.4AEDE41939612BD2F5A3CC73CDFE47F7] - [17/12/2016 23:41:59] - |A| - [1509376] - C:\WINDOWS\syswow64\ieapfltr.dll [MD5.D872EC93DE3F1769B3EEF3136B4D3CBC] - [17/12/2016 23:41:51] - |A| - [340480] - C:\WINDOWS\syswow64\iedkcs32.dll [MD5.464235F5DB3FAF56C594A7B74D3837E3] - [17/12/2016 23:41:51] - |A| - [12177920] - C:\WINDOWS\syswow64\ieframe.dll [MD5.FDE88DD61FACA311742878CCE15657EE] - [17/12/2016 23:41:58] - |A| - [126464] - C:\WINDOWS\syswow64\iepeers.dll [MD5.120FCB09AEBD03A459FA44412106D4FE] - [17/12/2016 23:41:59] - |A| - [306176] - C:\WINDOWS\syswow64\ieproxy.dll [MD5.16A7D35F3BE1CE2D91120AB28257C362] - [17/12/2016 23:41:51] - |A| - [29696] - C:\WINDOWS\syswow64\iernonce.dll [MD5.5E03E98E09A3A8BFA0277B2FE565B296] - [17/12/2016 23:42:18] - |A| - [2257104] - C:\WINDOWS\syswow64\iertutil.dll [MD5.41C1C773DBBF8DC04834CE8263085359] - [17/12/2016 23:41:51] - |A| - [61440] - C:\WINDOWS\syswow64\iesetup.dll [MD5.3413953BCB2081A1D46262B645745C0E] - [17/12/2016 23:40:18] - |A| - [433664] - C:\WINDOWS\syswow64\imapi2.dll [MD5.9E9039ED9DB41DEA49B9B56E38964916] - [17/12/2016 23:41:59] - |A| - [198656] - C:\WINDOWS\syswow64\indexeddbserver.dll [MD5.7E6A2633A085F870C85DD8B765C132D8] - [17/12/2016 23:42:17] - |A| - [884224] - C:\WINDOWS\syswow64\inetcomm.dll [MD5.4D157B9D45038FE44FFB4A8CC310D297] - [17/12/2016 23:41:51] - |A| - [2026496] - C:\WINDOWS\syswow64\inetcpl.cpl [MD5.34D074039E3C28D0241A2FBE52C5E7A6] - [17/12/2016 23:40:19] - |A| - [276832] - C:\WINDOWS\syswow64\input.dll [MD5.2CCBA569613401EA6011EE08E8D36D88] - [17/12/2016 23:40:39] - |A| - [92672] - C:\WINDOWS\syswow64\InputLocaleManager.dll [MD5.46E91FB548882ACFE377FFB1282D052D] - [17/12/2016 23:40:39] - |A| - [2138112] - C:\WINDOWS\syswow64\InputService.dll [MD5.D948FC01C18AB80947DEFDB7E7DDE598] - [17/12/2016 23:40:51] - |A| - [180224] - C:\WINDOWS\syswow64\InstallAgent.exe [MD5.70EE8BA7A3B9AA577EBA6E8B9C9AB37C] - [17/12/2016 23:40:51] - |A| - [223232] - C:\WINDOWS\syswow64\InstallAgentUserBroker.exe [MD5.346BC86522950AC3F2BBE645836BBE04] - [17/12/2016 23:40:18] - |A| - [67584] - C:\WINDOWS\syswow64\iscsiwmi.dll [MD5.8FF2C9FEAEE403366F41FED41EBC6049] - [17/12/2016 23:40:50] - |A| - [838144] - C:\WINDOWS\syswow64\JpMapControl.dll [MD5.92D533895D9D4BFB469083F5221CAE71] - [17/12/2016 23:41:58] - |A| - [3666432] - C:\WINDOWS\syswow64\jscript9.dll [MD5.65B9445D4FDB93ABEB5C62761C229BF6] - [17/12/2016 23:41:58] - |A| - [635904] - C:\WINDOWS\syswow64\jscript9diag.dll [MD5.F34F554AE030BBFDD852A2CA626C1465] - [17/12/2016 23:42:17] - |A| - [45568] - C:\WINDOWS\syswow64\jsproxy.dll [MD5.DCDB83C9FE90EB6390EF0ACDFC83BDA8] - [17/12/2016 23:40:18] - |A| - [755200] - C:\WINDOWS\syswow64\kerberos.dll [MD5.4A0B06DD8211CDA36D209FE61283DB58] - [17/12/2016 23:41:49] - |A| - [1706488] - C:\WINDOWS\syswow64\KernelBase.dll [MD5.F26A1B27FBF49588AFF089539D0CDB0E] - [17/12/2016 23:41:38] - |A| - [34304] - C:\WINDOWS\syswow64\LaunchWinApp.exe [MD5.84B686AFB958D7ECDC2A1FA5D87353E1] - [18/12/2016 00:02:48] - |A| - [52328] - C:\WINDOWS\syswow64\license.rtf [MD5.9B3298D80A2E4DA567C16BF5F88E5150] - [17/12/2016 23:40:51] - |A| - [861024] - C:\WINDOWS\syswow64\LicenseManager.dll [MD5.39F1D5CD489E7CA13B7756B77B2C7F90] - [17/12/2016 23:42:19] - |A| - [57856] - C:\WINDOWS\syswow64\LicenseManagerApi.dll [MD5.2593EAA308B8C99BB9A04A7CECEDDBB1] - [17/12/2016 23:40:19] - |A| - [788624] - C:\WINDOWS\syswow64\locale.nls [MD5.25F8B46103DE47D861456BA98518F6F8] - [17/12/2016 23:41:37] - |A| - [465920] - C:\WINDOWS\syswow64\LockAppBroker.dll [MD5.A8A1972707EDB245529005D4507CD220] - [17/12/2016 23:41:37] - |A| - [321792] - C:\WINDOWS\syswow64\LockAppHost.exe [MD5.031D103A41092A7E8D705A852776E47E] - [21/12/2016 18:37:30] - |A| - [135168] - C:\WINDOWS\syswow64\LogMail.dll [MD5.AAA2134FF68DDD12365011A105C3186A] - [17/12/2016 23:41:37] - |A| - [499200] - C:\WINDOWS\syswow64\LogonController.dll [MD5.C5E96B8A8A97430BA42FCF112DFB76FD] - [17/12/2016 23:40:41] - |A| - [332288] - C:\WINDOWS\syswow64\MapConfiguration.dll [MD5.6C547034D9502FD212651C9C8D0C390E] - [17/12/2016 23:40:50] - |A| - [715264] - C:\WINDOWS\syswow64\MapControlCore.dll [MD5.079208EE62F7D67AA9CB92038C8CB4B1] - [17/12/2016 23:40:50] - |A| - [2560] - C:\WINDOWS\syswow64\MapControlStringsRes.dll [MD5.4B2A806FC406B8F66CE610CC6CC6299A] - [17/12/2016 23:40:41] - |A| - [2109952] - C:\WINDOWS\syswow64\MapGeocoder.dll [MD5.D6469A94E2CA0A33616FE408463918DD] - [17/12/2016 23:40:50] - |A| - [2362880] - C:\WINDOWS\syswow64\MapRouter.dll [MD5.363EC48D319DE030B48C56F3E65DCB84] - [17/12/2016 23:40:41] - |A| - [117248] - C:\WINDOWS\syswow64\MapsBtSvc.dll [MD5.1735D0E82855250EA8D5A49193AEB4BD] - [17/12/2016 23:40:50] - |A| - [654336] - C:\WINDOWS\syswow64\MbaeApiPublic.dll [MD5.264C793F96201B41E107F759562B81E9] - [17/12/2016 23:40:51] - |A| - [498688] - C:\WINDOWS\syswow64\mbsmsapi.dll [MD5.9A2D5638547777085AC41A24D28DE2E5] - [17/12/2016 23:42:17] - |A| - [640000] - C:\WINDOWS\syswow64\MCRecvSrc.dll [MD5.A61F71788BAE3F65FF2DEA42B35E35C9] - [17/12/2016 23:42:18] - |A| - [165376] - C:\WINDOWS\syswow64\mdmregistration.dll [MD5.9B1CE49762BAAB1DB9D02F98CD5CB984] - [17/12/2016 23:40:50] - |A| - [529928] - C:\WINDOWS\syswow64\mf.dll [MD5.F5A9BAC2FD606A4F0909D996CBE8BC78] - [17/12/2016 23:42:17] - |A| - [91936] - C:\WINDOWS\syswow64\mfaudiocnv.dll [MD5.1FD3F9722119BDF7B8CFF0ECD1E84EA6] - [16/12/2016 10:32:10] - |A| - [1060864] - C:\WINDOWS\syswow64\mfc71.dll [MD5.308693585CE30B3ABC804292FA2853FA] - [17/12/2016 23:42:17] - |A| - [3892864] - C:\WINDOWS\syswow64\mfcore.dll [MD5.671E38CF2AD869B6D83A7DD2C91EBDA0] - [17/12/2016 23:40:26] - |A| - [187904] - C:\WINDOWS\syswow64\mfksproxy.dll [MD5.E8FBC76BDC0CC5005110AE38DB6C93F6] - [17/12/2016 23:42:16] - |A| - [3306496] - C:\WINDOWS\syswow64\MFMediaEngine.dll [MD5.2FCEC70D411ED16AFC79FA3711CCB66A] - [17/12/2016 23:42:17] - |A| - [545280] - C:\WINDOWS\syswow64\mfmkvsrcsnk.dll [MD5.6D8AF670995DC432C07C5321DE3967B5] - [17/12/2016 23:42:17] - |A| - [1852720] - C:\WINDOWS\syswow64\mfmp4srcsnk.dll [MD5.B0CD7232C5E2C16090CB00E575BAB01B] - [17/12/2016 23:42:17] - |A| - [1201872] - C:\WINDOWS\syswow64\mfmpeg2srcsnk.dll [MD5.A09950019C01AE9C1BC1CD49958C1DC6] - [17/12/2016 23:42:17] - |A| - [980824] - C:\WINDOWS\syswow64\mfnetcore.dll [MD5.C962B8C0799A37CDEB09CE15BF57B62B] - [17/12/2016 23:42:17] - |A| - [1360456] - C:\WINDOWS\syswow64\mfnetsrc.dll [MD5.A7AA7586A6E1CDD99667BDD8A9AD54BC] - [17/12/2016 23:42:17] - |A| - [1123912] - C:\WINDOWS\syswow64\mfplat.dll [MD5.178835F0334565C9AF5522B9E46E799A] - [17/12/2016 23:42:03] - |A| - [374448] - C:\WINDOWS\syswow64\MFPlay.dll [MD5.4C74CE81E514FEDB1D5FF6676524BF56] - [17/12/2016 23:40:50] - |A| - [36168] - C:\WINDOWS\syswow64\mfpmp.exe [MD5.E8719A43DCBFC9A86374B8F53920D5FC] - [17/12/2016 23:42:17] - |A| - [121368] - C:\WINDOWS\syswow64\mfps.dll [MD5.FF9E058DAC27FCC739884D3DBE43D81F] - [17/12/2016 23:42:17] - |A| - [856872] - C:\WINDOWS\syswow64\mfreadwrite.dll [MD5.ED376C89C132C7DD26051EE9B689E546] - [17/12/2016 23:42:16] - |A| - [182784] - C:\WINDOWS\syswow64\mfsensorgroup.dll [MD5.18F63F35EC3A59D2E6E0AB0AC1C814E4] - [17/12/2016 23:42:17] - |A| - [1343928] - C:\WINDOWS\syswow64\mfsrcsnk.dll [MD5.3EA9BF7D7E9423CAC323CF54F184EF53] - [17/12/2016 23:42:17] - |A| - [952416] - C:\WINDOWS\syswow64\mfsvr.dll [MD5.6656BFCE4868408604C047E839977C93] - [17/12/2016 23:40:50] - |A| - [110080] - C:\WINDOWS\syswow64\Microsoft-Windows-MapControls.dll [MD5.503C1D01A5C52D01E543E32A8C5C4D77] - [17/12/2016 23:40:50] - |A| - [9216] - C:\WINDOWS\syswow64\Microsoft-Windows-MosHost.dll [MD5.D08A3CF28956D952D854E97981BACB92] - [17/12/2016 23:40:50] - |A| - [9728] - C:\WINDOWS\syswow64\Microsoft-Windows-MosTrace.dll [MD5.52B85DFC0E8FE1682F6E8DA83F8C6663] - [17/12/2016 23:41:36] - |A| - [122208] - C:\WINDOWS\syswow64\migisol.dll [MD5.67EA83C5B3763C1A6A0A29D3F7605E6E] - [17/12/2016 23:42:17] - |A| - [795648] - C:\WINDOWS\syswow64\MiracastReceiver.dll [MD5.01C2988C758BD155CA88E018D02C8FA3] - [17/12/2016 23:40:18] - |A| - [2748928] - C:\WINDOWS\syswow64\mispace.dll [MD5.C4043D16BE4B2E9B66866060162B6769] - [17/12/2016 23:40:50] - |A| - [6109184] - C:\WINDOWS\syswow64\mos.dll [MD5.574215F12BFB5EC2A7011C7383BE443A] - [17/12/2016 23:40:50] - |A| - [58880] - C:\WINDOWS\syswow64\MosHostClient.dll [MD5.72BE3687002C4E2BA3A05604EF5EBDB5] - [17/12/2016 23:40:50] - |A| - [409088] - C:\WINDOWS\syswow64\MosResource.dll [MD5.417CB790193F1FB9511923D268133E28] - [17/12/2016 23:40:41] - |A| - [71168] - C:\WINDOWS\syswow64\MosStorage.dll [MD5.A5BF54F4E98F299E661F37F7B4D38545] - [17/12/2016 23:40:18] - |A| - [445952] - C:\WINDOWS\syswow64\mprapi.dll [MD5.E023B64F2EAD9122FB63ED5FF3027820] - [17/12/2016 23:41:36] - |A| - [762368] - C:\WINDOWS\syswow64\mprddm.dll [MD5.35BA17FF927B79EDDEE436ADEB98EF21] - [17/12/2016 23:41:36] - |A| - [431104] - C:\WINDOWS\syswow64\mprdim.dll [MD5.A3C9A12D3B208557EB69D7BC3B2E1EAA] - [17/12/2016 23:40:36] - |A| - [869848] - C:\WINDOWS\syswow64\MrmCoreR.dll [MD5.DB3989935A2F31ED9D8A66CD445C4932] - [17/12/2016 23:42:19] - |A| - [209920] - C:\WINDOWS\syswow64\MSAC3ENC.DLL [MD5.A6F88E43D61C03C7B6CE73F4C498F951] - [17/12/2016 23:40:27] - |A| - [2423296] - C:\WINDOWS\syswow64\MSAJApi.dll [MD5.8FACB683ECAB70FB85B26683F9C742A3] - [21/12/2016 18:37:27] - |A| - [644400] - C:\WINDOWS\syswow64\MSCOMCT2.OCX [MD5.8EE8BDF714D986AC30193FE75478047C] - [17/12/2016 23:40:19] - |A| - [1263856] - C:\WINDOWS\syswow64\msctf.dll [MD5.F3E173252DB9570ACD22306F115FCFF5] - [17/12/2016 23:41:36] - |A| - [746496] - C:\WINDOWS\syswow64\msdtcprx.dll [MD5.3371300D70E83990990D056563C12A03] - [17/12/2016 23:41:39] - |A| - [259584] - C:\WINDOWS\syswow64\msdtcuiu.dll [MD5.CC8FAB9F22A20B9C314DF2F1E9247482] - [17/12/2016 23:42:01] - |A| - [5120] - C:\WINDOWS\syswow64\msdxm.ocx [MD5.FC8718208DEC3C78D639E34312468348] - [17/12/2016 23:41:51] - |A| - [691712] - C:\WINDOWS\syswow64\msfeeds.dll [MD5.00EFFEF27D84B894D4AA7F6BC0E1C116] - [17/12/2016 23:40:36] - |A| - [2740224] - C:\WINDOWS\syswow64\msftedit.dll [MD5.C2A2CC42F71927ABB95AA1F851056638] - [17/12/2016 23:41:58] - |A| - [19417088] - C:\WINDOWS\syswow64\mshtml.dll [MD5.F44F1134552C9B021533F40F46BA1220] - [17/12/2016 23:41:59] - |A| - [2755584] - C:\WINDOWS\syswow64\mshtml.tlb [MD5.A87862892C1C48F499F219E9C6D10E1B] - [17/12/2016 23:42:00] - |A| - [81408] - C:\WINDOWS\syswow64\mshtmled.dll [MD5.D86AD86B05274E6386976FE42A7BA7C0] - [17/12/2016 23:41:36] - |A| - [3689984] - C:\WINDOWS\syswow64\msi.dll [MD5.DDAD9B61722B2A68A437EA6087AF501E] - [17/12/2016 23:41:36] - |A| - [336896] - C:\WINDOWS\syswow64\msinfo32.exe [MD5.F1ED45682DB96B37AF5D8DCD355EAA42] - [17/12/2016 23:42:17] - |A| - [2206496] - C:\WINDOWS\syswow64\msmpeg2vdec.dll [MD5.EA1FE375F92970D1AE3088E9A0D7F74E] - [17/12/2016 23:41:38] - |A| - [6474752] - C:\WINDOWS\syswow64\mspaint.exe [MD5.2E905623144C8435E6374C27E2CAFA5E] - [17/12/2016 23:40:39] - |A| - [1988096] - C:\WINDOWS\syswow64\mssrch.dll [MD5.92B712DF390367BFA4252A48D9D71D51] - [21/12/2016 18:37:30] - |A| - [118784] - C:\WINDOWS\syswow64\Msstdfmt.dll [MD5.D135F72353B63F9329ED648B868AC821] - [17/12/2016 23:40:19] - |A| - [3106304] - C:\WINDOWS\syswow64\mstsc.exe [MD5.BE82A643B205195DE633AB44811C8E0E] - [17/12/2016 23:40:19] - |A| - [7469056] - C:\WINDOWS\syswow64\mstscax.dll [MD5.81F3C9798F141546B2966DD211D32F43] - [17/12/2016 23:40:18] - |A| - [341344] - C:\WINDOWS\syswow64\msv1_0.dll [MD5.CA2F560921B7B8BE1CF555A5A18D54C3] - [16/12/2016 10:32:09] - |A| - [348160] - C:\WINDOWS\syswow64\msvcr71.dll [MD5.AC1E3E0991DFA564BE304F569B01D3F2] - [17/12/2016 23:42:18] - |A| - [2356736] - C:\WINDOWS\syswow64\MSVidCtl.dll [MD5.B1BA71F16535CF6619AEEEFEA302A28B] - [17/12/2016 23:42:17] - |A| - [687936] - C:\WINDOWS\syswow64\msvproc.dll [MD5.C89757EBE61118599E3DFC649C2D94D3] - [17/12/2016 23:42:19] - |A| - [1300480] - C:\WINDOWS\syswow64\MSVPXENC.dll [MD5.3D8FD62D17A44221E07D5C535950449B] - [21/12/2016 18:37:31] - |A| - [109248] - C:\WINDOWS\syswow64\MSWINSCK.OCX [MD5.02B299257EFA78B690E5CDADEE8E17E5] - [17/12/2016 23:40:20] - |A| - [1980768] - C:\WINDOWS\syswow64\msxml6.dll [MD5.5E668EB6662982A4722F9EBBA4FA1087] - [17/12/2016 23:40:20] - |A| - [2560] - C:\WINDOWS\syswow64\msxml6r.dll [MD5.1A87B6398A18BB9EF7207CA3C8B8DBEB] - [17/12/2016 23:41:36] - |A| - [359936] - C:\WINDOWS\syswow64\mtxclu.dll [MD5.040D0566FB8913D08ED0475E94D2C062] - [17/12/2016 23:40:18] - |A| - [816640] - C:\WINDOWS\syswow64\NaturalLanguage6.dll [MD5.A481F2EBBB1B9FCB413CB32BA34A8D13] - [17/12/2016 23:40:18] - |A| - [65024] - C:\WINDOWS\syswow64\NetCfgNotifyObjectHost.exe [MD5.05FE3C95087AC75E302FCD184931B9E9] - [17/12/2016 23:41:36] - |A| - [25600] - C:\WINDOWS\syswow64\netiougc.exe [MD5.39485594314583A36ACDEF356D31D7B7] - [17/12/2016 23:42:04] - |A| - [111968] - C:\WINDOWS\syswow64\NetSetupApi.dll [MD5.FCD239B3E31059A27B8646DA111EE0D9] - [17/12/2016 23:42:04] - |A| - [602464] - C:\WINDOWS\syswow64\NetSetupEngine.dll [MD5.7FC056540E986F37EC8DE0F2C6BE99BA] - [17/12/2016 23:40:18] - |A| - [364544] - C:\WINDOWS\syswow64\NetSetupShim.dll [MD5.1EC580C9F5F111EBC2E08E05AAF3C1EC] - [17/12/2016 23:41:36] - |A| - [2682880] - C:\WINDOWS\syswow64\netshell.dll [MD5.DF80984D9632D1621CDB6597AFC75445] - [17/12/2016 23:41:51] - |A| - [455168] - C:\WINDOWS\syswow64\NetworkCollectionAgent.dll [MD5.0E9B4F6705BB4831D932BEA1922A9399] - [17/12/2016 23:40:20] - |A| - [519168] - C:\WINDOWS\syswow64\ngccredprov.dll [MD5.7A855DC526109A2410EF2D52FC2DF378] - [17/12/2016 23:40:50] - |A| - [760832] - C:\WINDOWS\syswow64\NMAA.dll [MD5.C618D56F8AFBD86427EADB111F3267AF] - [17/12/2016 23:40:50] - |A| - [289280] - C:\WINDOWS\syswow64\NmaDirect.dll [MD5.7A0163029D69E39B5961635D03CA5E03] - [17/12/2016 23:40:51] - |A| - [122368] - C:\WINDOWS\syswow64\NPSM.dll [MD5.B30936CBACA00F0807B59BB244E3038C] - [17/12/2016 23:40:20] - |A| - [575488] - C:\WINDOWS\syswow64\nshwfp.dll [MD5.AA3B16977532312A378B532DB494B653] - [17/12/2016 23:41:50] - |A| - [1572768] - C:\WINDOWS\syswow64\ntdll.dll [MD5.B14EC96F7A15DECF967560E981E592C8] - [17/12/2016 23:41:39] - |A| - [772608] - C:\WINDOWS\syswow64\ntshrui.dll [MD5.EA1FA95711FDA430BBFE2C30DD04DA93] - [17/12/2016 23:40:18] - |A| - [26112] - C:\WINDOWS\syswow64\odbcconf.dll [MD5.B85F0EAD2FE91C3B9FF2D246FC412085] - [17/12/2016 23:40:19] - |A| - [102400] - C:\WINDOWS\syswow64\offlinelsa.dll [MD5.176D2561559683D01F20F8DAA286564F] - [17/12/2016 23:40:19] - |A| - [210432] - C:\WINDOWS\syswow64\offlinesam.dll [MD5.C8D375B53A863F5CDD3220E4F3A232D5] - [17/12/2016 23:41:36] - |A| - [55808] - C:\WINDOWS\syswow64\offreg.dll [MD5.E74F2C29ECF25124BE3DA75FBD6A0E46] - [17/12/2016 23:41:36] - |A| - [959112] - C:\WINDOWS\syswow64\ole32.dll [MD5.AF5121AFE8C7EAA52E869B422162A77C] - [17/12/2016 23:40:20] - |A| - [325120] - C:\WINDOWS\syswow64\oleacc.dll [MD5.ABF355047ECEBFF79FE5224BCFF9A2E5] - [17/12/2016 23:40:18] - |A| - [601712] - C:\WINDOWS\syswow64\oleaut32.dll [MD5.ABA5F3549C922EA6B1BB9F8226C78362] - [21/12/2016 18:37:54] - |A| - [569368] - C:\WINDOWS\syswow64\olelib.tlb [MD5.3A1A6B250AC624777F223A53C5D22B90] - [21/12/2016 18:37:54] - |A| - [22212] - C:\WINDOWS\syswow64\olelib2.tlb [MD5.58E51D527D2B82961A94FCDE12E6FED7] - [17/12/2016 23:41:36] - |A| - [90624] - C:\WINDOWS\syswow64\olepro32.dll [MD5.5ADA9E0F63AA30EE62FFD35D4F171636] - [17/12/2016 23:40:35] - |A| - [426496] - C:\WINDOWS\syswow64\OneDriveSettingSyncProvider.dll [MD5.748C272726FBC78AA29381D110FB5252] - [17/12/2016 23:40:26] - |A| - [262656] - C:\WINDOWS\syswow64\pdh.dll [MD5.3D294C7E2F14DD9EC81DDCE570617F78] - [19/12/2016 22:32:42] - |A| - [83136] - C:\WINDOWS\syswow64\perf-MSSQL$ADK-sqlctr11.2.5058.0.dll [MD5.A788FED9398F94DE330A4D4BD9BCE98A] - [19/12/2016 22:34:07] - |A| - [46272] - C:\WINDOWS\syswow64\perf-MSSQL11.ADK-sqlagtctr.dll [MD5.201038F4CDB86356735B26D5FCA8E32E] - [19/12/2016 22:32:44] - |A| - [1693592] - C:\WINDOWS\syswow64\PerfStringBackup.INI [MD5.397395AF1AF2430E3B98677B5672BAF4] - [17/12/2016 23:40:52] - |A| - [260096] - C:\WINDOWS\syswow64\Phoneutil.dll [MD5.4287D0E235DAAF930FB161825FB610A0] - [17/12/2016 23:40:52] - |A| - [2560] - C:\WINDOWS\syswow64\PhoneutilRes.dll [MD5.AA41F294289B678E23B3C63792E29C79] - [17/12/2016 23:41:03] - |A| - [939872] - C:\WINDOWS\syswow64\pidgenx.dll [MD5.18505EDFB78805A0994CC8F6EA136CFD] - [17/12/2016 23:42:17] - |A| - [343040] - C:\WINDOWS\syswow64\PlayToDevice.dll [MD5.AC335330C3D82A5DC7C2994F63F7A048] - [17/12/2016 23:42:17] - |A| - [400384] - C:\WINDOWS\syswow64\PlayToManager.dll [MD5.6DE95CB8AC04E82716896BDA55B42A5F] - [17/12/2016 23:40:50] - |A| - [220672] - C:\WINDOWS\syswow64\PlayToReceiver.dll [MD5.5B388E2E843FA0F4FA0B79FD477EEB1D] - [17/12/2016 23:42:18] - |A| - [248480] - C:\WINDOWS\syswow64\policymanager.dll [MD5.BDEFEE2A9EA074C3F385E484129FFEED] - [17/12/2016 23:40:52] - |A| - [57344] - C:\WINDOWS\syswow64\POSyncServices.dll [MD5.DBAD85BFE615D3C006D68DC630FACBFD] - [17/12/2016 23:40:18] - |A| - [76800] - C:\WINDOWS\syswow64\powercfg.exe [MD5.D0818657648366B03C7CB4AA2DCED253] - [18/12/2016 00:06:09] - |A| - [2716672] - C:\WINDOWS\syswow64\PrintConfig.dll [MD5.49C338A0415A9DF3B5A8467AE02230E2] - [17/12/2016 23:42:05] - |A| - [525824] - C:\WINDOWS\syswow64\PrintDialogs.dll [MD5.B9E4139A109BDC9B21D8DB7C0D3091B7] - [17/12/2016 23:41:36] - |A| - [71168] - C:\WINDOWS\syswow64\pwrshplugin.dll [MD5.73FDD16B5C87C1C98E310C85D63940CC] - [17/12/2016 23:40:26] - |A| - [575488] - C:\WINDOWS\syswow64\qdvd.dll [MD5.4330AF6614F053DD11985FE6AC037C7D] - [17/12/2016 23:42:18] - |A| - [565248] - C:\WINDOWS\syswow64\rasapi32.dll [MD5.6004CF96404411FB6F28ADC9D20D34A3] - [17/12/2016 23:42:17] - |A| - [2747392] - C:\WINDOWS\syswow64\rdpcore.dll [MD5.318908719BC14CDDCBB0BAD30795C320] - [17/12/2016 23:41:36] - |A| - [965472] - C:\WINDOWS\syswow64\ReAgent.dll [MD5.1E411B75AE947557FC8031B417DC299B] - [17/12/2016 23:41:36] - |A| - [30720] - C:\WINDOWS\syswow64\ReAgentc.exe [MD5.80B0BB9AD48EDFFB1B1933C4A702EDAA] - [21/12/2016 18:37:43] - |A| - [96] - C:\WINDOWS\syswow64\RegisterZABackupDll.bat [MD5.AF3F5EE938656D2F92B2CA512DCB034B] - [17/12/2016 23:40:51] - |A| - [747008] - C:\WINDOWS\syswow64\RemoteNaturalLanguage.dll [MD5.740B1748A7B9F11B5F5852B79EF3302D] - [17/12/2016 23:41:36] - |A| - [298496] - C:\WINDOWS\syswow64\resutils.dll [MD5.20C50C2A40E09D1EF7C90F318C2AA1B7] - [21/12/2016 18:37:28] - |A| - [730] - C:\WINDOWS\syswow64\rootcert.pem [MD5.056E20BF43207E95A92D38B539656E3E] - [17/12/2016 23:41:36] - |A| - [790760] - C:\WINDOWS\syswow64\rpcrt4.dll [MD5.6B818AB7505D81F689567C7C552FA9EA] - [21/12/2016 13:03:33] - |A| - [9891328] - C:\WINDOWS\syswow64\RsCRIcon.dll [MD5.00000000000000000000000000000000] - [18/12/2016 00:07:38] - |D| - [6191224] - C:\WINDOWS\syswow64\RTCOM [MD5.B9C8EB9E640CDC19AF08F95F2132F853] - [17/12/2016 23:40:26] - |A| - [355328] - C:\WINDOWS\syswow64\RTMediaFrame.dll [MD5.5BC2D871EB445A70EB762ECE7C574BBD] - [17/12/2016 23:42:15] - |A| - [152416] - C:\WINDOWS\syswow64\RTWorkQ.dll [MD5.3771CC8B586F6E953073E07735C46D98] - [17/12/2016 23:40:19] - |A| - [86016] - C:\WINDOWS\syswow64\samlib.dll [MD5.A4DE7801642001F4836E9FA6A8128770] - [17/12/2016 23:40:18] - |A| - [389632] - C:\WINDOWS\syswow64\schannel.dll [MD5.00000000000000000000000000000000] - [21/12/2016 13:03:08] - |D| - [134144] - C:\WINDOWS\syswow64\sda [MD5.7D4ED025064030B834B8AADF1BD6E4AC] - [17/12/2016 23:40:39] - |A| - [291840] - C:\WINDOWS\syswow64\Search.ProtocolHandler.MAPI2.dll [MD5.933F3C40C2062AFF47327FA676735DBD] - [17/12/2016 23:42:05] - |A| - [318464] - C:\WINDOWS\syswow64\SearchFolder.dll [MD5.E27C1F78981297D6CA2CEC040158E469] - [17/12/2016 23:40:39] - |A| - [773120] - C:\WINDOWS\syswow64\SearchIndexer.exe [MD5.B8C48512F5A90C73664D9E0E007D77F6] - [17/12/2016 23:40:39] - |A| - [297472] - C:\WINDOWS\syswow64\SearchProtocolHost.exe [MD5.4B8563DA5553EB3D6257D6285AC2D9BA] - [17/12/2016 23:41:38] - |A| - [122880] - C:\WINDOWS\syswow64\sendmail.dll [MD5.DBA39E23ABEC55092B316E70543D12EA] - [21/12/2016 18:37:56] - |A| - [3841] - C:\WINDOWS\syswow64\server.pem [MD5.EB4F3BDE38ABF0AEECDFEA76E2CB1EFF] - [17/12/2016 23:40:19] - |A| - [331776] - C:\WINDOWS\syswow64\SessEnv.dll [MD5.9C2EEE789125E9D68131922ED7CC8B29] - [17/12/2016 23:42:17] - |A| - [444416] - C:\WINDOWS\syswow64\SettingSync.dll [MD5.27AC95586AFF51433B70210F80861C0F] - [17/12/2016 23:40:35] - |A| - [860672] - C:\WINDOWS\syswow64\SettingSyncCore.dll [MD5.7026F563648DDBC9A7D893F1EAF31583] - [17/12/2016 23:40:35] - |A| - [509792] - C:\WINDOWS\syswow64\SettingSyncHost.exe [MD5.BA7E31838CE6BFB3F0DB8DA7A519B47A] - [17/12/2016 23:42:17] - |A| - [68096] - C:\WINDOWS\syswow64\SettingSyncPolicy.dll [MD5.7C13A18901A701202A1DD6514BA4D053] - [17/12/2016 23:41:39] - |A| - [114176] - C:\WINDOWS\syswow64\setupugc.exe [MD5.A1CB32732926340BAC6A79F1BBA6538F] - [17/12/2016 23:40:35] - |A| - [566784] - C:\WINDOWS\syswow64\ShareHost.dll [MD5.90217C2BF22BCACC99E7A11D7FCFA7E0] - [17/12/2016 23:41:39] - |A| - [20969928] - C:\WINDOWS\syswow64\shell32.dll [MD5.CCC20EF7F89FCD11BC809B90C8768182] - [17/12/2016 23:41:36] - |A| - [118272] - C:\WINDOWS\syswow64\slc.dll [MD5.B13834EC0DF49734EDB55B95B291F345] - [17/12/2016 23:41:36] - |A| - [19968] - C:\WINDOWS\syswow64\slcext.dll [MD5.71C635D7796D394138BFFBB8C2559CFB] - [17/12/2016 23:40:18] - |A| - [20992] - C:\WINDOWS\syswow64\smphost.dll [MD5.29B81C330268D77A8B23D697C7CD1CFA] - [17/12/2016 23:42:18] - |A| - [410112] - C:\WINDOWS\syswow64\SndVolSSO.dll [MD5.B968615375D2C4922A0245A9558893BB] - [17/12/2016 23:41:36] - |A| - [105984] - C:\WINDOWS\syswow64\sppc.dll [MD5.BE987870794E884E2DC2E9FB97F9134A] - [17/12/2016 23:41:36] - |A| - [466432] - C:\WINDOWS\syswow64\sppcext.dll [MD5.28220013C6DB1BAC7613E2B55D11B50F] - [17/12/2016 23:42:01] - |A| - [9216] - C:\WINDOWS\syswow64\spwmp.dll [MD5.66B49B7A82F271F469D372A202102F2F] - [21/12/2016 18:37:29] - |A| - [441705] - C:\WINDOWS\syswow64\sqlite3.dll [MD5.ECA62B4161260EEF1BBE2C14FEC1813F] - [19/12/2016 22:51:53] - |A| - [211544] - C:\WINDOWS\syswow64\SQSRVRES.DLL [MD5.1A8E7650017F0BC9AD12A6861B5119ED] - [17/12/2016 23:41:36] - |A| - [117240] - C:\WINDOWS\syswow64\sspicli.dll [MD5.BDF7BDD5D89F09977B6A1BE52FEA41C7] - [17/12/2016 23:40:18] - |A| - [18432] - C:\WINDOWS\syswow64\stdole2.tlb [MD5.DE78C0522296196718D4045BC99948F3] - [17/12/2016 23:41:38] - |A| - [358912] - C:\WINDOWS\syswow64\stobject.dll [MD5.D18A9480D3A50F926E08DB3D927ED8E6] - [17/12/2016 23:40:18] - |A| - [2153984] - C:\WINDOWS\syswow64\storagewmi.dll [MD5.4FEB654E5FA74B089BDD1776DEA4E7EB] - [17/12/2016 23:40:18] - |A| - [20480] - C:\WINDOWS\syswow64\storagewmi_passthru.dll [MD5.C1DCB93B1DB4FD0CC08051373C4EBACA] - [17/12/2016 23:40:51] - |A| - [557568] - C:\WINDOWS\syswow64\StoreAgent.dll [MD5.F600D5960AB95FF661A6DD600B0B4134] - [17/12/2016 23:41:38] - |A| - [632832] - C:\WINDOWS\syswow64\sud.dll [MD5.06130C0BB49B96AC28FE3370CFEC9309] - [17/12/2016 23:42:19] - |A| - [237056] - C:\WINDOWS\syswow64\SyncSettings.dll [MD5.93319B7E502C192C92E0CD2B97617509] - [17/12/2016 23:41:38] - |A| - [288256] - C:\WINDOWS\syswow64\systemcpl.dll [MD5.990E927E27B0FF1191C55472EBEA3DD2] - [17/12/2016 23:41:36] - |A| - [181760] - C:\WINDOWS\syswow64\tcpipcfg.dll [MD5.67F78CED365A114640884FDED6A8E0C5] - [17/12/2016 23:40:26] - |A| - [554496] - C:\WINDOWS\syswow64\tdh.dll [MD5.89E10A5693B42BA18D35783525CB893F] - [17/12/2016 23:42:19] - |A| - [67584] - C:\WINDOWS\syswow64\TempSignedLicenseExchangeTask.dll [MD5.8FE490AF024B3CB6C536FDF8803088BA] - [17/12/2016 23:40:39] - |A| - [353280] - C:\WINDOWS\syswow64\TextInputFramework.dll [MD5.A10377BA84F069F692EDB44D3CB47E65] - [17/12/2016 23:41:38] - |A| - [2458112] - C:\WINDOWS\syswow64\themecpl.dll [MD5.B98A6C01BC02414BC8A5F7F49B9A795C] - [17/12/2016 23:40:18] - |A| - [691200] - C:\WINDOWS\syswow64\TokenBroker.dll [MD5.D7CAA6336723CDAF3446929AA807C40D] - [17/12/2016 23:40:18] - |A| - [448512] - C:\WINDOWS\syswow64\TpmCoreProvisioning.dll [MD5.90DA8E97BA2DF9FD1D8262DD59AF0775] - [17/12/2016 23:40:39] - |A| - [2642944] - C:\WINDOWS\syswow64\tquery.dll [MD5.6D30009326E05BCBC04D1F3C6F011CC8] - [17/12/2016 23:40:19] - |A| - [361104] - C:\WINDOWS\syswow64\tsmf.dll [MD5.2CE3436D4C000FA35D87849665157683] - [17/12/2016 23:40:18] - |A| - [95232] - C:\WINDOWS\syswow64\TSpkg.dll [MD5.046C293B4A3A2FC51CC7152495827F29] - [17/12/2016 23:40:35] - |A| - [975744] - C:\WINDOWS\syswow64\twinapi.appcore.dll [MD5.804E7069B4C6C01B1F4B3A2D8618C77F] - [17/12/2016 23:41:38] - |A| - [422400] - C:\WINDOWS\syswow64\twinapi.dll [MD5.C8BEDBE56B5FA5B128297DD2A1682B4B] - [17/12/2016 23:40:35] - |A| - [827904] - C:\WINDOWS\syswow64\twinui.appcore.dll [MD5.3BC9C1743322B4D73344183C99C411AA] - [17/12/2016 23:41:38] - |A| - [7626752] - C:\WINDOWS\syswow64\twinui.dll [MD5.BD9E37B44AD50E435B0E2B1058F48C89] - [17/12/2016 23:40:18] - |A| - [2560] - C:\WINDOWS\syswow64\tzres.dll [MD5.02D6BCC95BDBD27BCE63972D3CBB1909] - [17/12/2016 23:40:35] - |A| - [236544] - C:\WINDOWS\syswow64\UIAnimation.dll [MD5.87BE502E7B1D3705783C366ED0CBA9F7] - [17/12/2016 23:40:18] - |A| - [1357824] - C:\WINDOWS\syswow64\UIAutomationCore.dll [MD5.1C9D6D7A8056D311F21E3983E7CBF96A] - [17/12/2016 23:41:26] - |A| - [584192] - C:\WINDOWS\syswow64\UIRibbonRes.dll [MD5.FB2251873449D7B9948555DD650CFEA5] - [17/12/2016 23:41:36] - |A| - [255488] - C:\WINDOWS\syswow64\unimdm.tsp [MD5.51D061BEC9CE0B6693B7C21546F58D2C] - [17/12/2016 23:40:26] - |A| - [74752] - C:\WINDOWS\syswow64\updatepolicy.dll [MD5.11D868C39B848F1F5EEE2345FE4D01E3] - [17/12/2016 23:40:19] - |A| - [545792] - C:\WINDOWS\syswow64\uReFS.dll [MD5.771F172114E51FC2DF5838476D97D90A] - [17/12/2016 23:42:17] - |A| - [1595392] - C:\WINDOWS\syswow64\urlmon.dll [MD5.4BEC594A3D4AEAFAC400D88F7E328C7B] - [17/12/2016 23:40:39] - |A| - [1435896] - C:\WINDOWS\syswow64\user32.dll [MD5.24559CE6E21ECC3DD2A597300F6819B2] - [17/12/2016 23:41:39] - |A| - [1228288] - C:\WINDOWS\syswow64\usercpl.dll [MD5.E8F8456B3E763449A80477E790E7D2EB] - [17/12/2016 23:40:52] - |A| - [8192] - C:\WINDOWS\syswow64\UserDataAccessRes.dll [MD5.309953E2C926A475986B0B8D2C945BE0] - [17/12/2016 23:40:52] - |A| - [299520] - C:\WINDOWS\syswow64\UserDataAccountApis.dll [MD5.069737BD87ACD7E070DC1B9FF5E8A40E] - [17/12/2016 23:40:52] - |A| - [37888] - C:\WINDOWS\syswow64\UserDataLanguageUtil.dll [MD5.7125B3879C393E14070E6D262A7C39CA] - [17/12/2016 23:40:52] - |A| - [55808] - C:\WINDOWS\syswow64\UserDataPlatformHelperUtil.dll [MD5.BC00BBCC9D45B581175D0FC8466FCCC6] - [17/12/2016 23:40:52] - |A| - [94720] - C:\WINDOWS\syswow64\UserDataTimeUtil.dll [MD5.79F3B1B6C2AE6A655C57DB32A0DE7A34] - [17/12/2016 23:40:52] - |A| - [38400] - C:\WINDOWS\syswow64\UserDataTypeHelperUtil.dll [MD5.E2A881762265DB7F7B6A5A8E956A399A] - [17/12/2016 23:40:18] - |A| - [156672] - C:\WINDOWS\syswow64\UserDeviceRegistration.dll [MD5.E9B97084F697B86201B806DDCCD61A66] - [17/12/2016 23:40:18] - |A| - [88576] - C:\WINDOWS\syswow64\UserDeviceRegistration.Ngc.dll [MD5.91EFFACD1CBBB4E2F10FC6CEBA1ECC22] - [17/12/2016 23:40:18] - |A| - [184320] - C:\WINDOWS\syswow64\UserMgrProxy.dll [MD5.3A9383E849C3A408391B6AB32E74EFE6] - [17/12/2016 23:42:00] - |A| - [508416] - C:\WINDOWS\syswow64\vbscript.dll [MD5.16D4E494EFE58C5CC837E0C088FFB01E] - [17/12/2016 23:40:52] - |A| - [147456] - C:\WINDOWS\syswow64\VCardParser.dll [MD5.56EAAD601833231995F809A4B671151E] - [17/12/2016 23:42:14] - |A| - [846336] - C:\WINDOWS\syswow64\WebcamUi.dll [MD5.BEFED197AE9153766F7304650368F3D8] - [17/12/2016 23:40:19] - |A| - [461312] - C:\WINDOWS\syswow64\webio.dll [MD5.64016D507616CCFFFE1A6402B9D5706B] - [17/12/2016 23:40:19] - |A| - [576408] - C:\WINDOWS\syswow64\wer.dll [MD5.BD23A751D9C8965D7C81CD98919D6CC7] - [17/12/2016 23:40:19] - |A| - [186424] - C:\WINDOWS\syswow64\weretw.dll [MD5.0D76DAA261682157606F740C96FA6E33] - [17/12/2016 23:40:19] - |A| - [297552] - C:\WINDOWS\syswow64\wevtapi.dll [MD5.EC510ABC727F564F47DE1F7BDD97AE80] - [17/12/2016 23:42:04] - |A| - [38912] - C:\WINDOWS\syswow64\wfdprov.dll [MD5.DF53C40EE6572B64691668277156FA41] - [17/12/2016 23:40:26] - |A| - [147968] - C:\WINDOWS\syswow64\win32k.sys [MD5.5C9A0EDE876D5D63A6EB34BC24384A17] - [17/12/2016 23:40:26] - |A| - [2998272] - C:\WINDOWS\syswow64\win32kfull.sys [MD5.9D8F7BD41657B515DD46C7BF90A26CDB] - [17/12/2016 23:40:26] - |A| - [79536] - C:\WINDOWS\syswow64\win32u.dll [MD5.CC32207A4520FD1956AF2D68D7DA7BDD] - [17/12/2016 23:40:19] - |A| - [288768] - C:\WINDOWS\syswow64\wincorlib.dll [MD5.2FA12C1923E129B6CBAB600F125B4EEF] - [17/12/2016 23:40:27] - |A| - [653312] - C:\WINDOWS\syswow64\Windows.AccountsControl.dll [MD5.155E1183CFC4CD4CE62875F47A745407] - [17/12/2016 23:40:54] - |A| - [92672] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Background.SystemEventsBroker.dll [MD5.56E8B944288B77E3481C24C3A5316294] - [17/12/2016 23:40:35] - |A| - [115712] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Core.dll [MD5.9B198068462F143A7C1DEAA6B9B0993B] - [17/12/2016 23:40:18] - |A| - [284672] - C:\WINDOWS\syswow64\Windows.ApplicationModel.dll [MD5.A9AE442890AA112F8B3AA6692DC7CDE6] - [17/12/2016 23:42:00] - |A| - [231936] - C:\WINDOWS\syswow64\Windows.ApplicationModel.LockScreen.dll [MD5.F969E083B97AE85454390299C4348B32] - [17/12/2016 23:40:52] - |A| - [1430720] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.dll [MD5.623B9892D9BEE09203FF8039908B6D27] - [17/12/2016 23:40:52] - |A| - [253952] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.1B79E6C75FBB444D8DFAFECE2B531533] - [17/12/2016 23:40:52] - |A| - [426496] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Wallet.dll [MD5.B011D0A9593526FBDC99AB0C11B239E0] - [17/12/2016 23:40:35] - |A| - [5685760] - C:\WINDOWS\syswow64\Windows.Data.Pdf.dll [MD5.E2333F2B0B8703DDFE5AD2819F0750F5] - [17/12/2016 23:40:27] - |A| - [483840] - C:\WINDOWS\syswow64\Windows.Devices.AllJoyn.dll [MD5.824E99FAD1B457D1753E3AE0FA41F845] - [17/12/2016 23:40:36] - |A| - [901120] - C:\WINDOWS\syswow64\Windows.Devices.Bluetooth.dll [MD5.7BA90CE32D9A1C6F9A434D9C3705C02A] - [17/12/2016 23:40:18] - |A| - [202752] - C:\WINDOWS\syswow64\Windows.Devices.HumanInterfaceDevice.dll [MD5.E22A6E6424CE5BFFDF9357D4961B7C24] - [17/12/2016 23:40:38] - |A| - [374784] - C:\WINDOWS\syswow64\Windows.Devices.LowLevel.dll [MD5.38546B22920450AEBE747537F3287600] - [17/12/2016 23:42:15] - |A| - [348160] - C:\WINDOWS\syswow64\Windows.Devices.Midi.dll [MD5.776B4137E0A20601C617716B26C2A30D] - [17/12/2016 23:41:49] - |A| - [1656320] - C:\WINDOWS\syswow64\Windows.Devices.Perception.dll [MD5.54A2A854570BCD29D2F04CAD807D9AC1] - [17/12/2016 23:40:38] - |A| - [262144] - C:\WINDOWS\syswow64\Windows.Devices.Picker.dll [MD5.211AD9C29DE67B6FF98EAFCC1A2BCAB8] - [17/12/2016 23:40:51] - |A| - [670208] - C:\WINDOWS\syswow64\Windows.Devices.PointOfService.dll [MD5.67A8E7EBE72E45AEFB3DFF4DA1543487] - [17/12/2016 23:40:35] - |A| - [141824] - C:\WINDOWS\syswow64\Windows.Devices.Radios.dll [MD5.E2C0D5D876A6ACE353471963BBF46FB4] - [17/12/2016 23:42:17] - |A| - [175616] - C:\WINDOWS\syswow64\Windows.Devices.Scanners.dll [MD5.C154CDD5F23922C5FF0BE5F68E281B99] - [17/12/2016 23:42:18] - |A| - [589312] - C:\WINDOWS\syswow64\Windows.Devices.Sensors.dll [MD5.2E0A0404B89E83E15A32C18CA27B8877] - [17/12/2016 23:40:18] - |A| - [129024] - C:\WINDOWS\syswow64\Windows.Devices.SerialCommunication.dll [MD5.3ACFCE37075AEE76B293D9A7485729EB] - [17/12/2016 23:40:18] - |A| - [562176] - C:\WINDOWS\syswow64\Windows.Devices.SmartCards.dll [MD5.6AD23635040706D5E7E375D7B6186E32] - [17/12/2016 23:40:18] - |A| - [314368] - C:\WINDOWS\syswow64\Windows.Devices.Usb.dll [MD5.57D2A617BD2E8663E5B56835EC1BFFF0] - [17/12/2016 23:40:35] - |A| - [142336] - C:\WINDOWS\syswow64\Windows.Devices.WiFi.dll [MD5.DCB93A31F470B3DC4CAAC4DBA0A9EAE3] - [17/12/2016 23:40:35] - |A| - [386048] - C:\WINDOWS\syswow64\Windows.Devices.WiFiDirect.dll [MD5.2A4D9D8DCCE9E92D5DE223AB1D7CAB76] - [17/12/2016 23:40:35] - |A| - [134656] - C:\WINDOWS\syswow64\Windows.Energy.dll [MD5.E0EDD653D07F5F391673204533C8ECD2] - [17/12/2016 23:40:35] - |A| - [392192] - C:\WINDOWS\syswow64\Windows.Gaming.Input.dll [MD5.AF33AF6B6562F43D00AACC520BEDDB20] - [17/12/2016 23:40:38] - |A| - [315904] - C:\WINDOWS\syswow64\Windows.Gaming.XboxLive.Storage.dll [MD5.B46668B5AA4729C795EF749E2A0BA807] - [17/12/2016 23:40:35] - |A| - [1247232] - C:\WINDOWS\syswow64\Windows.Globalization.dll [MD5.73CB6A4551A7566B5FD4C1480FF3F061] - [17/12/2016 23:40:35] - |A| - [1534464] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.3D.dll [MD5.4D83D1C87F958AD448A4D1AE0875D3A2] - [17/12/2016 23:40:35] - |A| - [500224] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.dll [MD5.15B51F7EEE8AA16B045905558114BAB5] - [17/12/2016 23:40:36] - |A| - [332288] - C:\WINDOWS\syswow64\Windows.Internal.Bluetooth.dll [MD5.A185BCC083628A702D61F384B2D37DE3] - [17/12/2016 23:42:18] - |A| - [298496] - C:\WINDOWS\syswow64\Windows.Internal.Management.dll [MD5.B5922C654E13FA2F21DC2879477F7A31] - [17/12/2016 23:41:49] - |A| - [104448] - C:\WINDOWS\syswow64\Windows.Internal.UI.Logon.ProxyStub.dll [MD5.6EAFC2EAB76BEA9A15B54C23E1F71D4A] - [17/12/2016 23:42:16] - |A| - [1220608] - C:\WINDOWS\syswow64\Windows.Media.Audio.dll [MD5.26180577AC7731FB95D0DBEBC9840404] - [17/12/2016 23:40:26] - |A| - [471552] - C:\WINDOWS\syswow64\Windows.Media.BackgroundMediaPlayback.dll [MD5.2A7309FDC7AE938B497AF9B986523EBA] - [17/12/2016 23:42:17] - |A| - [4612608] - C:\WINDOWS\syswow64\Windows.Media.dll [MD5.6CD14904F0BC72877136ABD004FE594A] - [17/12/2016 23:42:17] - |A| - [1077760] - C:\WINDOWS\syswow64\Windows.Media.Editing.dll [MD5.092F0757DBE76132E9C16F1B8466B00E] - [17/12/2016 23:40:26] - |A| - [1243136] - C:\WINDOWS\syswow64\Windows.Media.FaceAnalysis.dll [MD5.3C56B9F75BD3FC947A0715D3C19DE1CD] - [17/12/2016 23:40:35] - |A| - [609280] - C:\WINDOWS\syswow64\Windows.Media.Import.dll [MD5.B4D1D6F1F80E72CA01EA93F00698334F] - [17/12/2016 23:40:26] - |A| - [747520] - C:\WINDOWS\syswow64\Windows.Media.Ocr.dll [MD5.ECA98102FDA036EA3F2852A407FBCC9F] - [17/12/2016 23:40:26] - |A| - [470016] - C:\WINDOWS\syswow64\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.77F0F4BCE23963904F930FE2D99AE7D4] - [17/12/2016 23:40:26] - |A| - [459776] - C:\WINDOWS\syswow64\Windows.Media.Playback.MediaPlayer.dll [MD5.358EB97C59FF33C968FB1333E9876494] - [17/12/2016 23:40:26] - |A| - [6668040] - C:\WINDOWS\syswow64\Windows.Media.Protection.PlayReady.dll [MD5.83563656E52E536D97F7527A9FDD7D0C] - [17/12/2016 23:40:51] - |A| - [1170944] - C:\WINDOWS\syswow64\Windows.Media.Speech.dll [MD5.0EAD3D8A5C2FA2F9FECCAEE761DAB507] - [17/12/2016 23:40:51] - |A| - [568832] - C:\WINDOWS\syswow64\Windows.Media.Speech.UXRes.dll [MD5.F5E677316259341EEE87FD29B82CB73F] - [17/12/2016 23:40:50] - |A| - [895488] - C:\WINDOWS\syswow64\Windows.Media.Streaming.dll [MD5.EE3D4702DC0AEDE708804DEE888E1BEF] - [17/12/2016 23:40:35] - |A| - [91648] - C:\WINDOWS\syswow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll [MD5.7ED19E4C5FE25DA46CBFE9D83510D40D] - [17/12/2016 23:40:35] - |A| - [751104] - C:\WINDOWS\syswow64\Windows.Networking.BackgroundTransfer.dll [MD5.FC815DA31E8EE168F89D29101BE8C1C1] - [17/12/2016 23:40:35] - |A| - [542208] - C:\WINDOWS\syswow64\Windows.Networking.Connectivity.dll [MD5.238C5C54118A7807B2362CB83531182B] - [17/12/2016 23:40:35] - |A| - [675840] - C:\WINDOWS\syswow64\Windows.Networking.dll [MD5.818F687B7E0E3897FB073DB045E19C5C] - [17/12/2016 23:40:35] - |A| - [123904] - C:\WINDOWS\syswow64\Windows.Networking.HostName.dll [MD5.F79810F082DA8542CA7BD7394223FE00] - [17/12/2016 23:40:38] - |A| - [87040] - C:\WINDOWS\syswow64\Windows.Networking.ServiceDiscovery.Dnssd.dll [MD5.C418D3B0A309E883633B41C879958EB8] - [17/12/2016 23:40:27] - |A| - [265728] - C:\WINDOWS\syswow64\Windows.Perception.Stub.dll [MD5.3F65C6125E234FFB19702384B98B55FD] - [17/12/2016 23:40:51] - |A| - [185856] - C:\WINDOWS\syswow64\Windows.Security.Authentication.Identity.Provider.dll [MD5.9E575FF2EF1DCF8625354A80ECDCC577] - [17/12/2016 23:40:36] - |A| - [807424] - C:\WINDOWS\syswow64\Windows.Security.Authentication.OnlineId.dll [MD5.45424A1103724E3834988D9FD56DC731] - [17/12/2016 23:41:37] - |A| - [47104] - C:\WINDOWS\syswow64\Windows.Shell.Search.UriHandler.dll [MD5.937208F90E70A7A415F05932ABD72DFB] - [16/12/2016 07:35:49] - |A| - [34304] - C:\WINDOWS\syswow64\Windows.Speech.Pal.dll [MD5.FE68CCE3D2985526FB00C692E92E0FE2] - [17/12/2016 23:40:20] - |A| - [3370496] - C:\WINDOWS\syswow64\Windows.StateRepository.dll [MD5.504C7DA573CB9065889ECE643746D5F4] - [17/12/2016 23:40:20] - |A| - [94208] - C:\WINDOWS\syswow64\Windows.StateRepositoryClient.dll [MD5.FED441C74C98F346B68BED55CC33DE0A] - [17/12/2016 23:40:35] - |A| - [263472] - C:\WINDOWS\syswow64\Windows.Storage.ApplicationData.dll [MD5.22096A33F31A39599AF270EF6A55230D] - [17/12/2016 23:40:36] - |A| - [5722832] - C:\WINDOWS\syswow64\windows.storage.dll [MD5.8377F990F7240DB76D572EB82E8D6C0A] - [17/12/2016 23:40:18] - |A| - [59904] - C:\WINDOWS\syswow64\Windows.System.UserDeviceAssociation.dll [MD5.4068054803EBC2B3F68972835137C2F3] - [17/12/2016 23:40:54] - |A| - [253952] - C:\WINDOWS\syswow64\Windows.UI.BioFeedback.dll [MD5.6DF99FE819011952117D0C2ECAC46E0E] - [17/12/2016 23:40:54] - |A| - [285184] - C:\WINDOWS\syswow64\Windows.UI.BlockedShutdown.dll [MD5.03B273395EA0BF2E9C56222183217E17] - [17/12/2016 23:40:39] - |A| - [206848] - C:\WINDOWS\syswow64\Windows.UI.Core.TextInput.dll [MD5.7A422699B4D979DCD4253481F50F99B6] - [17/12/2016 23:40:54] - |A| - [866816] - C:\WINDOWS\syswow64\Windows.UI.Cred.dll [MD5.C6B65E0222EDFC4BE949FFFBF299E2DC] - [17/12/2016 23:40:54] - |A| - [213504] - C:\WINDOWS\syswow64\Windows.UI.CredDialogController.dll [MD5.77167E2B35AE046D4F978EE7900675A7] - [17/12/2016 23:40:19] - |A| - [620544] - C:\WINDOWS\syswow64\Windows.UI.dll [MD5.0ECD96BC460CC643B980D111E7F92602] - [17/12/2016 23:41:38] - |A| - [1556480] - C:\WINDOWS\syswow64\Windows.UI.Immersive.dll [MD5.D4EB622F728BBF7BDD4EC45C7FB16884] - [17/12/2016 23:40:39] - |A| - [1004544] - C:\WINDOWS\syswow64\Windows.UI.Input.Inking.dll [MD5.C6A60F72C362565C28F3E0CB825104C7] - [17/12/2016 23:40:54] - |A| - [1880576] - C:\WINDOWS\syswow64\Windows.UI.Logon.dll [MD5.64DF6ECDC75659AC4A42E176957192FD] - [17/12/2016 23:41:37] - |A| - [711680] - C:\WINDOWS\syswow64\Windows.UI.Search.dll [MD5.88DD13B762E3BD681E044A269DC1D57E] - [17/12/2016 23:40:35] - |A| - [13868544] - C:\WINDOWS\syswow64\Windows.UI.Xaml.dll [MD5.994630F1E7463A3C654B5CCD8E6EB5F8] - [17/12/2016 23:40:35] - |A| - [468992] - C:\WINDOWS\syswow64\Windows.UI.Xaml.InkControls.dll [MD5.05DC985D7E1B32A8B58D75191A5A89D7] - [17/12/2016 23:40:35] - |A| - [1232384] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Maps.dll [MD5.CA6703B4EE50E48AE4B0F21B33C5194D] - [17/12/2016 23:40:35] - |A| - [1170944] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Phone.dll [MD5.F2936C785E75757A4241DC9C25C69D25] - [17/12/2016 23:40:35] - |A| - [1631232] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Resources.dll [MD5.A6ED9DDE24E8A8DD91D371C30FB63195] - [17/12/2016 23:40:35] - |A| - [598528] - C:\WINDOWS\syswow64\Windows.Web.dll [MD5.E6675810782667FBA2625507FF212717] - [17/12/2016 23:40:35] - |A| - [1013248] - C:\WINDOWS\syswow64\Windows.Web.Http.dll [MD5.B19A804BC41C276DAF5753BE541A97B4] - [17/12/2016 23:40:26] - |A| - [1503544] - C:\WINDOWS\syswow64\WindowsCodecs.dll [MD5.DF51C1442A3DB8ADE2B78DCDEC2419FD] - [17/12/2016 23:40:19] - |A| - [636928] - C:\WINDOWS\syswow64\winhttp.dll [MD5.0D8CA86B639533ED0A7FE1792C5BE600] - [17/12/2016 23:42:17] - |A| - [2256384] - C:\WINDOWS\syswow64\wininet.dll [MD5.264529BBF1D0F2E468E21CE4BBE0FA77] - [17/12/2016 23:41:50] - |A| - [65536] - C:\WINDOWS\syswow64\wininetlui.dll [MD5.6AAF3F01481C49A6299924A44F4EAA24] - [17/12/2016 23:42:17] - |A| - [1557808] - C:\WINDOWS\syswow64\winmde.dll [MD5.1CD06F3C0D13D21613E8D29B587E4003] - [17/12/2016 23:40:35] - |A| - [136192] - C:\WINDOWS\syswow64\WinRtTracing.dll [MD5.E4BDE75B8A2B008D2F6E3F080FDCF51B] - [17/12/2016 23:40:18] - |A| - [272720] - C:\WINDOWS\syswow64\wintrust.dll [MD5.EBD4C2424DC0C023F82AC7F13970016D] - [17/12/2016 23:40:19] - |A| - [846560] - C:\WINDOWS\syswow64\WinTypes.dll [MD5.4A176D179AC43240482C0C26DA82FEAE] - [17/12/2016 23:42:04] - |A| - [313560] - C:\WINDOWS\syswow64\wlanapi.dll [MD5.AE7114623D386C0FFA252CFA973C1CB6] - [17/12/2016 23:42:04] - |A| - [248832] - C:\WINDOWS\syswow64\wlancfg.dll [MD5.E82E788C7E7B8309C9B460C71C7BC487] - [17/12/2016 23:42:04] - |A| - [15360] - C:\WINDOWS\syswow64\wlanhlp.dll [MD5.E5FA6F82E3DA12FFE79D624231FB6E71] - [17/12/2016 23:42:01] - |A| - [12349952] - C:\WINDOWS\syswow64\wmp.dll [MD5.A16F26BA3232C1FD4529FF990B7C197C] - [17/12/2016 23:42:02] - |A| - [1293312] - C:\WINDOWS\syswow64\WMPDMC.exe [MD5.6CBECADC72DE0693D830648FBC241227] - [17/12/2016 23:42:02] - |A| - [175104] - C:\WINDOWS\syswow64\wmpdxm.dll [MD5.19513A910B600F6FD639BCDD326DDB9D] - [17/12/2016 23:42:01] - |A| - [254656] - C:\WINDOWS\syswow64\wmpeffects.dll [MD5.483BEFF11EB11AB6FDEAB013301754CE] - [17/12/2016 23:42:02] - |A| - [9260032] - C:\WINDOWS\syswow64\wmploc.DLL [MD5.389A5D051A6E5038BA10366968C1D649] - [17/12/2016 23:42:15] - |A| - [1362504] - C:\WINDOWS\syswow64\wmpmde.dll [MD5.E70DD2021CD187351EFE94ACE2B5B2CC] - [17/12/2016 23:42:02] - |A| - [102912] - C:\WINDOWS\syswow64\wmpshell.dll [MD5.76F30D5D38F46DF16AF86B3549046CC8] - [17/12/2016 23:40:39] - |A| - [32768] - C:\WINDOWS\syswow64\WordBreakers.dll [MD5.989DDA548FBD96F5D3637976022CE5D0] - [17/12/2016 23:42:04] - |A| - [661504] - C:\WINDOWS\syswow64\WpcWebFilter.dll [MD5.96AF2C9585EA7A84FD2326002F96D5AD] - [17/12/2016 23:42:05] - |A| - [713216] - C:\WINDOWS\syswow64\wpnapps.dll [MD5.7A262815259F912431813FEF6C2F8E0B] - [17/12/2016 23:41:36] - |A| - [402352] - C:\WINDOWS\syswow64\ws2_32.dll [MD5.BA8D9C7C5381E8BD9438E1E0F38775CB] - [17/12/2016 23:41:35] - |A| - [167848] - C:\WINDOWS\syswow64\wscapi.dll [MD5.0D04F5AF5D4E9025EA7410446BE2AEDF] - [17/12/2016 23:41:35] - |A| - [108544] - C:\WINDOWS\syswow64\wscinterop.dll [MD5.B3BE4F5ACC4E72C204C70CA4CA86D528] - [17/12/2016 23:41:35] - |A| - [1196544] - C:\WINDOWS\syswow64\wscui.cpl [MD5.3A52D6E555AA67029ACF48766163B49A] - [17/12/2016 23:41:36] - |A| - [1336320] - C:\WINDOWS\syswow64\wsecedit.dll [MD5.B5F75AF049EB8CBD884B044CCE14A8BD] - [17/12/2016 23:40:18] - |A| - [33280] - C:\WINDOWS\syswow64\WSManHTTPConfig.exe [MD5.B124B6D66EE6FAB7B59FD114A633A1D1] - [17/12/2016 23:40:18] - |A| - [2333184] - C:\WINDOWS\syswow64\WsmSvc.dll [MD5.D03279F3764B17D469174402FD67F65E] - [17/12/2016 23:41:36] - |A| - [1323008] - C:\WINDOWS\syswow64\wsp_fs.dll [MD5.51022991C13E9AA968424F5F8D25466C] - [17/12/2016 23:41:36] - |A| - [1113600] - C:\WINDOWS\syswow64\wsp_health.dll [MD5.954BE4CC16664CB8A4AF35F2B2CB39A0] - [17/12/2016 23:41:36] - |A| - [719872] - C:\WINDOWS\syswow64\wsp_sr.dll [MD5.564A0E1F9650DAFFDC7A12F1D3C8BC0A] - [17/12/2016 23:40:53] - |A| - [218624] - C:\WINDOWS\syswow64\WwaApi.dll [MD5.EABD32261BCF4591B2E4FD68346A6A10] - [17/12/2016 23:40:53] - |A| - [782176] - C:\WINDOWS\syswow64\WWAHost.exe [MD5.9B0616BDFBAA7342F415A0D66E32486F] - [17/12/2016 23:42:18] - |A| - [433832] - C:\WINDOWS\syswow64\WWanAPI.dll [MD5.47086109DF33378A73E15E25EE6A2D20] - [21/12/2016 18:37:49] - |A| - [526184] - C:\WINDOWS\syswow64\XceedCry.dll [MD5.B7D071365F74E52DDE39C9705A3EFFFD] - [17/12/2016 23:41:36] - |A| - [53248] - C:\WINDOWS\syswow64\xolehlp.dll [MD5.EC564AE201F3DFE6EA84AF0FBB6C784A] - [17/12/2016 23:42:15] - |A| - [3520512] - C:\WINDOWS\syswow64\xpsrchvw.exe [MD5.C5ADF9307E6A1DB385F6A3321B683E7D] - [21/12/2016 18:37:41] - |A| - [1245184] - C:\WINDOWS\syswow64\ZABackupService.dll [MD5.2A9DC2A8781DC1D3F1E3F54CF88B032D] - [21/12/2016 18:37:43] - |A| - [26128] - C:\WINDOWS\syswow64\ZABackupXceedCryReg.exe [MD5.5B5AAD18FE6719A7D1BE169388618391] - [17/12/2016 23:41:37] - |A| - [348672] - C:\WINDOWS\syswow64\zipfldr.dll [MD5.BA845EB55909E3D3899055E81BAB58EB] - [21/12/2016 18:37:30] - |A| - [55808] - C:\WINDOWS\syswow64\zlib1.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [21/12/2016 18:41:11] - |A| - [0] - C:\WINDOWS\syswow64\zonealarm.txt ---------- | Drives E: F: [10/07/2015 05:40:20] - |R| - (.© Microsoft Corporation. - Windows Installer.) - [80576] - (10.0.10240.16384) - F:\setup.exe [18/06/2015 02:15:15] - |R| - (.-.) - [128] - (0.0.0.0) - F:\autorun.inf G: [08/12/2016 20:29:38] - |A| - (.-.) - [1895] - (0.0.0.0) - G:\Wondershare Free YouTube Downloader.lnk [21/02/2016 18:04:14] - |A| - (.Copyright © 1999-2012 - BASS.) - [105528] - (2.4.9.0) - G:\bass.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2005-2012 by radio42: Bernd Niedergesaess, Germany. http://www.bass.radio42.com/ - bn@radio42.com - BASS.NET API for .Net.) - [638976] - (2.4.9.1) - G:\Bass.Net.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2003-2009 - BASSCD.) - [17472] - (2.4.2.0) - G:\basscd.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [24640] - (2.4.0.3) - G:\bassflac.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2005-2009 - BASSmix.) - [16448] - (2.4.2.0) - G:\bassmix.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2012 - BASSOPUS.) - [53816] - (2.4.0.0) - G:\bassopus.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [17472] - (2.4.4.0) - G:\basswma.dll [21/02/2016 18:04:14] - |A| - (.Copyright © 2007-2009 - BASSWV.) - [28224] - (2.4.1.3) - G:\basswv.dll [21/02/2016 18:04:14] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9416] - (2.4.3.0) - G:\bass_alac.dll [21/02/2016 18:04:14] - |A| - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [33624] - (2.4.0.4) - G:\bass_ape.dll [21/02/2016 18:04:14] - |A| - (.2003-2006, MaresWEB - Musepack add-on for the BASS library.) - [21320] - (2.4.1.0) - G:\bass_mpc.dll [15/03/2016 18:18:10] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBXPExt.) - [69120] - (4.5.6.6059) - G:\CDBXP.dll [21/02/2016 18:04:14] - |A| - (.-.) - [337408] - (13.0.0.0) - G:\LogicNP.FolderView.dll [21/02/2016 18:04:14] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2015. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3235200] - (15.5.1.4144) - G:\StarBurn.dll [30/04/2016 19:13:58] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - G:\BitTorrent (1).exe [30/04/2016 19:17:08] - |RA| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - G:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FjSAg97W0).exe [25/02/2015 14:22:15] - |A| - (.ENC Security Systems BV - SanDisk SecureAccessV3.) - [16024600] - (6.0.9.0) - G:\RunSanDiskSecureAccess_Win.exe [28/09/2016 23:15:18] - |A| - (.2004-2016 Rare Ideas, LLC - Start PortableApps.com.) - [1428736] - (14.2.0.0) - G:\Start.exe [16/12/2016 17:26:35] - |A| - (.-.) - [89589712] - (0.0.0.0) - G:\VideoMeetingPlus_1.0.1711.0_Beta_VMX160226-03.exe [09/12/2016 15:18:19] - |A| - (.-.) - [149] - (0.0.0.0) - G:\autorun (1).inf [10/07/2016 18:01:41] - |A| - (.-.) - [4248] - (0.0.0.0) - G:\0x0404.ini [10/07/2016 18:01:41] - |A| - (.-.) - [7094] - (0.0.0.0) - G:\0x0407.ini [10/07/2016 18:01:41] - |A| - (.-.) - [6129] - (0.0.0.0) - G:\0x0409.ini [10/07/2016 18:01:41] - |A| - (.-.) - [7022] - (0.0.0.0) - G:\0x040a.ini [10/07/2016 18:01:41] - |A| - (.-.) - [7242] - (0.0.0.0) - G:\0x040c.ini [10/07/2016 18:01:41] - |A| - (.-.) - [6897] - (0.0.0.0) - G:\0x0410.ini [10/07/2016 18:01:41] - |A| - (.-.) - [6623] - (0.0.0.0) - G:\0x0411.ini [10/07/2016 18:01:42] - |A| - (.-.) - [5724] - (0.0.0.0) - G:\0x0412.ini [10/07/2016 18:01:42] - |A| - (.-.) - [4315] - (0.0.0.0) - G:\0x0804.ini [24/05/2016 06:32:13] - |A| - (.-.) - [5774] - (0.0.0.0) - G:\a2settings.ini [24/05/2016 08:34:30] - |A| - (.-.) - [64] - (0.0.0.0) - G:\a2whitelist.ini [22/09/2016 16:47:37] - |A| - (.-.) - [1370] - (0.0.0.0) - G:\ampa.ini [11/04/2010 12:02:38] - |A| - (.-.) - [24] - (0.0.0.0) - G:\Config.ini [10/07/2016 18:10:42] - |A| - (.-.) - [142] - (0.0.0.0) - G:\Custom.ini [10/07/2016 18:31:48] - |A| - (.-.) - [40] - (0.0.0.0) - G:\Define.ini [18/07/2016 17:18:04] - |A| - (.-.) - [282] - (0.0.0.0) - G:\desktop(1).ini [10/07/2016 18:31:48] - |A| - (.-.) - [282] - (0.0.0.0) - G:\desktop_FromLFS_ULTRA.ini [18/04/2026 18:29:05] - |A| - (.-.) - [2054] - (0.0.0.0) - G:\Framakey.ini [10/07/2016 18:39:27] - |A| - (.-.) - [101] - (0.0.0.0) - G:\info.ini [09/08/2016 15:00:26] - |A| - (.-.) - [44] - (0.0.0.0) - G:\language.ini [11/07/2016 08:24:15] - |A| - (.-.) - [0] - (0.0.0.0) - G:\LogAnalyZer.ini [10/07/2016 18:44:47] - |A| - (.-.) - [1953] - (0.0.0.0) - G:\Setup.ini [05/09/2016 06:00:53] - |A| - (.-.) - [184] - (0.0.0.0) - G:\SFR_Setup.ini [10/07/2016 18:48:12] - |A| - (.-.) - [208] - (0.0.0.0) - G:\ureg.ini [12/05/2016 11:06:17] - |A| - (.-.) - [1598] - (0.0.0.0) - G:\UserSettings.ini [11/07/2016 08:32:19] - |A| - (.-.) - [27] - (0.0.0.0) - G:\VTU.ini H: I: [31/01/2016 11:57:05] - |A| - (.-.) - [983040] - (0.8.0.5) - I:\Framakey.exe [31/01/2016 11:43:52] - |A| - (.-.) - [2141] - (0.0.0.0) - I:\Framakey.ini J: K: [05/11/2016 06:27:07] - |SH| - (.-.) - [0] - (0.0.0.0) - K:\autorun.inf L: M: N: O: P: [30/04/2016 19:13:58] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - P:\BitTorrent (1).exe [30/04/2016 19:17:08] - |RA| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - P:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FjSAg97W0).exe [24/05/2016 08:34:30] - |A| - (.-.) - [64] - (0.0.0.0) - P:\a2whitelist.ini [24/05/2016 06:32:13] - |A| - (.-.) - [5774] - (0.0.0.0) - P:\a2settings.ini Q: R: S: T: U: W: ---------- | C: [17/11/2016 07:26:00] - |D| - [3470353206] - C:\$GetCurrent [05/03/2013 00:30:20] - |SHD| - [1578] - C:\$RECYCLE.BIN [17/07/2016 00:55:15] - |HD| - [5144465035] - C:\$WINDOWS.~BT [16/12/2016 05:16:56] - |HD| - [320703] - C:\$Windows.~WS [16/12/2016 05:09:34] - |D| - [550586] - C:\25402d902460858e0b4c6aa135e3 [17/11/2016 18:59:31] - |D| - [0] - C:\AdsFix [16/11/2016 20:55:43] - |D| - [126954006] - C:\AMD [02/08/2012 03:02:18] - |SHD| - [680815854] - C:\Boot [MD5.21BF183C15AFE62A8D1137BB9007B2A3] - [26/07/2012 09:18:43] - |RASH| - (.-.) - [398156] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [26/07/2012 09:18:43] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [16/12/2016 02:56:14] - |SHD| - [0] - C:\Config.Msi [30/07/2015 22:51:49] - |SD| - [0] - C:\Documents and Settings [16/12/2016 05:53:18] - |D| - [3679045097] - C:\ESD [16/12/2016 11:52:45] - |D| - [0] - C:\EverySync [19/12/2016 09:13:12] - |D| - [0] - C:\FFOutput [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/12/2016 00:21:24] - |ASH| - (.-.) - [1534967808] - (0.0.0.0) - C:\hiberfil.sys [07/01/2013 12:49:41] - |RSD| - [4053335] - C:\hp [27/04/2016 06:53:12] - |D| - [17338368] - C:\Logs [17/11/2016 18:26:36] - |D| - [288902] - C:\Look_my_hardware [16/12/2016 10:22:01] - |D| - [920894] - C:\MARMITON [18/12/2016 06:05:08] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 08:30:46] - |RAS| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/11/2016 18:35:40] - |ASH| - (.-.) - [1073741824] - (0.0.0.0) - C:\pagefile.sys [18/12/2016 09:19:39] - |D| - [331528] - C:\PCPinBackup [17/12/2016 15:52:11] - |D| - [29478659] - C:\PcPinPoint [18/12/2016 09:30:16] - |D| - [287212691] - C:\PcPinPointDL [16/07/2016 12:47:47] - |D| - [0] - C:\PerfLogs [17/11/2016 18:31:47] - |D| - [116346087] - C:\Pre_Scan [MD5.6AD02DA4D104D9FA42652B1DD87F5432] - [17/11/2016 20:36:30] - |RA| - (.-.) - [11516] - (0.0.0.0) - C:\Pre_Scan_17_11_2016_20_36_29.txt [16/07/2016 07:04:24] - |RD| - [5557508456] - C:\Program Files [16/07/2016 07:04:24] - |RD| - [11810103559] - C:\Program Files (x86) [16/07/2016 12:47:48] - |HD| - [8014846242] - C:\ProgramData [17/11/2016 17:13:43] - |D| - [25344085159] - C:\QuickDiag [MD5.CAAB7886A84DE518E9AA798A92C8C682] - [21/12/2016 20:46:34] - |A| - (.-.) - [564008] - (0.0.0.0) - C:\QuickDiag.txt [MD5.02A611C168F5DE2A77D2DCF59D0D6C25] - [17/11/2016 18:21:09] - |RA| - (.-.) - [810089] - (0.0.0.0) - C:\QuickDiag_17_11_2016_18_21_09.txt [18/12/2016 00:02:59] - |SHD| - [2259] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [21/12/2016 20:11:54] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Recovery.txt [MD5.106CD01D12481A26021BDBBD5DFBFFBE] - [19/12/2016 16:21:59] - |A| - (.-.) - [331946] - (0.0.0.0) - C:\Reflect_Install.log [16/12/2016 10:49:32] - |D| - [0] - C:\Sauvegarde Personnelle [MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/11/2016 18:35:41] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [02/08/2012 04:15:28] - |AD| - [1021173952] - C:\SWSETUP [16/11/2016 18:35:39] - |SHD| - [0] - C:\System Volume Information [01/08/2012 10:57:15] - |RASD| - [39985606] - C:\SYSTEM.SAV [17/11/2016 07:19:04] - |D| - [12866104] - C:\UsbFix [16/07/2016 07:04:24] - |RD| - [33146585272] - C:\Users [16/07/2016 07:04:24] - |D| - [20925470229] - C:\Windows [17/11/2016 07:25:22] - |D| - [16169280] - C:\Windows10Upgrade [18/12/2016 10:42:16] - |D| - [0] - C:\WIPEMFT [21/12/2016 18:37:25] - |D| - [29002881] - C:\ZoneAlarmBackup [16/12/2016 13:38:58] - |D| - [2354] - C:\_Backup ---------- | C:\WINDOWS [16/07/2016 12:47:48] - |D| - [802] - C:\WINDOWS\addins [16/07/2016 12:47:48] - |D| - [21784892] - C:\WINDOWS\appcompat [16/07/2016 12:47:48] - |D| - [12471204] - C:\WINDOWS\AppPatch [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\AppReadiness [16/07/2016 12:47:47] - |RD| - [746379508] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/12/2016 00:07:32] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [16/07/2016 12:47:48] - |D| - [281160] - C:\WINDOWS\bcastdvr [MD5.7B465E25ADF5D6DBCE9DCAE3C6545405] - [16/07/2016 12:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61440] - (10.0.14393.0) - C:\WINDOWS\bfsvc.exe [16/07/2016 23:46:17] - |SHD| - [591899] - C:\WINDOWS\BitLockerDiscoveryVolumeContents [16/07/2016 12:47:48] - |D| - [38116033] - C:\WINDOWS\Boot [MD5.2E79FA3CDE16FCF26D30791E1A73FE3A] - [18/12/2016 00:06:21] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [16/07/2016 12:47:48] - |D| - [3715608] - C:\WINDOWS\Branding [16/07/2016 12:36:22] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.18075A456156C824752350A8022EF498] - [18/12/2016 00:25:55] - |A| - (.-.) - [6291] - (0.0.0.0) - C:\WINDOWS\comsetup.log [16/12/2016 07:02:09] - |D| - [0] - C:\WINDOWS\CSC [16/07/2016 12:47:48] - |D| - [8970858] - C:\WINDOWS\Cursors [16/07/2016 12:47:48] - |D| - [2209939] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [18/12/2016 00:44:19] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [16/07/2016 12:47:48] - |D| - [4543876] - C:\WINDOWS\diagnostics [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [18/12/2016 00:44:19] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\DigitalLocker [16/07/2016 12:47:48] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.93D5D524A134029190AB2289F5966939] - [16/07/2016 12:49:13] - |A| - (.-.) - [4176] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [16/07/2016 12:47:48] - |HD| - [44056] - C:\WINDOWS\ELAMBKUP [16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\en-US [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [17/12/2016 23:41:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4673304] - (10.0.14393.479) - C:\WINDOWS\explorer.exe [16/07/2016 12:47:48] - |RSD| - [359518730] - C:\WINDOWS\Fonts [16/07/2016 23:40:08] - |D| - [122368] - C:\WINDOWS\fr-FR [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [16/07/2016 12:47:48] - |D| - [20732976] - C:\WINDOWS\Globalization [16/07/2016 12:47:48] - |D| - [3998741] - C:\WINDOWS\Help [MD5.553DF2ABF34649763324BC5470D04317] - [16/07/2016 12:42:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [975360] - (10.0.14393.0) - C:\WINDOWS\HelpPane.exe [MD5.52AFE6DE5E463B7A08C184B1EB49DD6A] - [16/07/2016 12:42:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.14393.0) - C:\WINDOWS\hh.exe [16/07/2016 12:47:48] - |D| - [173189928] - C:\WINDOWS\IME [16/07/2016 12:47:48] - |RD| - [6842480] - C:\WINDOWS\ImmersiveControlPanel [16/07/2016 12:45:54] - |D| - [79156050] - C:\WINDOWS\INF [16/07/2016 12:47:48] - |D| - [1082161303] - C:\WINDOWS\InfusedApps [16/07/2016 12:47:48] - |D| - [36285422] - C:\WINDOWS\InputMethod [16/07/2016 12:47:48] - |SHD| - [2117474060] - C:\WINDOWS\Installer [16/07/2016 12:47:48] - |D| - [89407] - C:\WINDOWS\L2Schemas [21/12/2016 12:56:23] - |D| - [54162297] - C:\WINDOWS\LastGood.Tmp [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\LiveKernelReports [16/07/2016 07:04:29] - |D| - [45697872] - C:\WINDOWS\Logs [16/07/2016 12:47:48] - |RSD| - [20316123] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [16/07/2016 12:42:12] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [16/07/2016 12:47:47] - |RD| - [622477170] - C:\WINDOWS\Microsoft.NET [16/07/2016 12:47:48] - |D| - [2563] - C:\WINDOWS\Migration [20/12/2016 07:24:18] - |D| - [108136] - C:\WINDOWS\Minidump [16/07/2016 12:47:48] - |RD| - [484593] - C:\WINDOWS\MiracastView [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.3B508CAE5DEBCBA928B5BC355517E2E6] - [16/07/2016 12:43:51] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [243200] - (10.0.14393.0) - C:\WINDOWS\notepad.exe [16/07/2016 23:41:15] - |D| - [199472] - C:\WINDOWS\OCR [16/07/2016 12:47:48] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [18/12/2016 00:02:49] - |DC| - [114813689] - C:\WINDOWS\Panther [16/07/2016 12:47:48] - |D| - [28869300] - C:\WINDOWS\Performance [MD5.EDE84F22B1C0FF0E493B3720DBE9CA6C] - [18/12/2016 07:07:43] - |A| - (.-.) - [8998] - (0.0.0.0) - C:\WINDOWS\PFRO.log [16/07/2016 12:47:48] - |D| - [1136442] - C:\WINDOWS\PLA [16/07/2016 12:47:48] - |D| - [6821483] - C:\WINDOWS\PolicyDefinitions [18/12/2016 00:04:13] - |D| - [34082163] - C:\WINDOWS\Prefetch [16/07/2016 12:47:48] - |RD| - [2036530] - C:\WINDOWS\PrintDialog [MD5.4ACE1A172D35E492443D29527441BB30] - [16/07/2016 23:47:31] - |A| - (.-.) - [33882] - (0.0.0.0) - C:\WINDOWS\Professional.xml [16/07/2016 12:47:48] - |D| - [1415126] - C:\WINDOWS\Provisioning [MD5.EFE3D78833FEDAF7F24C264BF9976301] - [16/07/2016 12:42:17] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.14393.0) - C:\WINDOWS\regedit.exe [16/07/2016 12:47:48] - |D| - [1095144] - C:\WINDOWS\registration [16/07/2016 23:46:17] - |D| - [0] - C:\WINDOWS\RemotePackages [16/07/2016 12:47:48] - |D| - [1924600] - C:\WINDOWS\rescache [16/07/2016 12:47:48] - |D| - [3661206] - C:\WINDOWS\Resources [MD5.0DD3698CBEE8CB6ACEC3379A813F62C1] - [21/12/2016 13:03:42] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - RtCRU.) - [4332032] - (1.13.0.0) - C:\WINDOWS\RtCRU64.exe [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\SchCache [16/07/2016 12:47:48] - |D| - [121229] - C:\WINDOWS\schemas [16/07/2016 12:47:48] - |D| - [5288424] - C:\WINDOWS\security [17/12/2016 23:15:01] - |D| - [50221009] - C:\WINDOWS\ServiceProfiles [16/07/2016 07:04:24] - |D| - [95394864] - C:\WINDOWS\servicing [16/07/2016 12:49:46] - |D| - [42] - C:\WINDOWS\Setup [MD5.4101C1E2E002E187B7755CE53FD80E91] - [18/12/2016 00:06:00] - |A| - (.-.) - [37283] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/12/2016 00:06:00] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [16/07/2016 12:47:48] - |D| - [31190016] - C:\WINDOWS\ShellExperiences [16/12/2016 12:40:17] - |D| - [4839] - C:\WINDOWS\ShellNew [16/07/2016 23:40:46] - |D| - [3070736] - C:\WINDOWS\SKB [27/04/2016 06:55:05] - |D| - [154353465] - C:\WINDOWS\SoftwareDistribution [16/07/2016 12:47:48] - |D| - [86037697] - C:\WINDOWS\Speech [16/07/2016 12:47:48] - |D| - [53541356] - C:\WINDOWS\Speech_OneCore [MD5.BCDB205132974EC3AB6F5C01DD93489B] - [17/12/2016 23:41:14] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.14393.351) - C:\WINDOWS\splwow64.exe [16/07/2016 12:47:48] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [30/10/2015 08:24:29] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [16/07/2016 07:04:24] - |D| - [4453222244] - C:\WINDOWS\System32 [16/07/2016 12:47:48] - |D| - [145571325] - C:\WINDOWS\SystemApps [16/07/2016 12:47:48] - |D| - [17529069] - C:\WINDOWS\SystemResources [16/07/2016 07:04:27] - |D| - [1429260963] - C:\WINDOWS\SysWOW64 [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\TAPI [30/10/2015 08:24:25] - |D| - [7254] - C:\WINDOWS\Tasks [16/07/2016 12:47:48] - |D| - [51682857] - C:\WINDOWS\Temp [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\tracing [16/07/2016 12:47:48] - |D| - [43083340] - C:\WINDOWS\twain_32 [MD5.21F91141B4796108A50733B14850CDF2] - [16/07/2016 12:43:52] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [66560] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [16/07/2016 12:47:48] - |D| - [12420] - C:\WINDOWS\Vss [16/07/2016 12:47:48] - |D| - [15729830] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [30/10/2015 08:24:29] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [16/07/2016 12:42:32] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [16/12/2016 08:04:02] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.9328E170E5407D9DDE7EB1E208A2CBB4] - [16/07/2016 12:42:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.14393.0) - C:\WINDOWS\winhlp32.exe [16/07/2016 07:04:24] - |D| - [8620708854] - C:\WINDOWS\WinSxS [MD5.0CB3E875081096144E4E83431A21F475] - [16/12/2016 10:00:55] - |A| - (.WiseCleaner.com - Wise Folder Hider.) - [14256] - (1.2.5.105) - C:\WINDOWS\WiseFs64.sys [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [16/07/2016 12:43:08] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E87C6A38E61A712C48025A6AD54C1113] - [16/07/2016 12:42:39] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.14393.0) - C:\WINDOWS\write.exe [MD5.28C6E1980860BB377C8A9E463CBD2FF0] - [21/12/2016 20:12:23] - |A| - (.-.) - [29176] - (0.0.0.0) - C:\WINDOWS\ZAM.krnl.trace [MD5.757D2978E87A99971F1FF3720A0A7C54] - [21/12/2016 20:12:23] - |A| - (.-.) - [1195] - (0.0.0.0) - C:\WINDOWS\ZAM_Guard.krnl.trace ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [29/01/2016 12:09:58] - C:\WINDOWS\Installer\1281cf.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/12/2016 19:09:27] - C:\WINDOWS\Installer\14f7b11.msi : (Program - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:26:23] - C:\WINDOWS\Installer\15d8696.msi : (Nero 2017 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:47] - C:\WINDOWS\Installer\15d869c.msi : (NeroControlCenter - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:42] - C:\WINDOWS\Installer\15d86a3.msi : (Nero Core Components - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:54] - C:\WINDOWS\Installer\15d86aa.msi : (Nero 12 Disc Menus Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:48] - C:\WINDOWS\Installer\15d86b1.msi : (Nero 12 Kwik Themes Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:52] - C:\WINDOWS\Installer\15d86b8.msi : (Nero Burning ROM 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:14] - C:\WINDOWS\Installer\15d86bf.msi : (Nero 12 Effects Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:43] - C:\WINDOWS\Installer\15d86c6.msi : (Nero 12 PiP Effects Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:40] - C:\WINDOWS\Installer\15d86cd.msi : (Nero Prerequisites - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:06] - C:\WINDOWS\Installer\15d86d4.msi : (Nero SharedVideoCodecs - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:31] - C:\WINDOWS\Installer\15d86db.msi : (Nero CoverDesigner - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:11] - C:\WINDOWS\Installer\15d86e2.msi : (Nero Express 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:28:04] - C:\WINDOWS\Installer\15d86e9.msi : (Nero MediaHome - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:18] - C:\WINDOWS\Installer\15d86f0.msi : (Nero RescueAgent 2017 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:24] - C:\WINDOWS\Installer\15d86f7.msi : (Nero Recode - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:26:47] - C:\WINDOWS\Installer\15d86fe.msi : (Nero Video 2017 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:14] - C:\WINDOWS\Installer\15d8705.msi : (Nero 12 Video Samples - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:03] - C:\WINDOWS\Installer\15d870b.msi : (Nero Update - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:19] - C:\WINDOWS\Installer\15d8718.msi : (Nero Disc to Device - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:55] - C:\WINDOWS\Installer\15d871f.msi : (Nero BurningCore 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:29:28] - C:\WINDOWS\Installer\15d872d.msi : (Nero Device Updates - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 05:27:03] - C:\WINDOWS\Installer\15d8734.msi : (Music Recorder - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 21:02:42] - C:\WINDOWS\Installer\1c6800f.msi : (HP Support Solutions Framework - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 21:06:05] - C:\WINDOWS\Installer\1c68012.msi : (HP Support Assistant - HP Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 21:14:25] - C:\WINDOWS\Installer\1c68017.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:24] - C:\WINDOWS\Installer\2321bf.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 09:49:56] - C:\WINDOWS\Installer\2321c4.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:16] - C:\WINDOWS\Installer\2321c9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:22] - C:\WINDOWS\Installer\2321ce.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:30] - C:\WINDOWS\Installer\2321d3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:36] - C:\WINDOWS\Installer\2321d8.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:44] - C:\WINDOWS\Installer\2321dd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:52] - C:\WINDOWS\Installer\2321e2.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:00] - C:\WINDOWS\Installer\2321e7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:06] - C:\WINDOWS\Installer\2321ec.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:16] - C:\WINDOWS\Installer\2321f1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:22] - C:\WINDOWS\Installer\2321f6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:30] - C:\WINDOWS\Installer\2321fb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:38] - C:\WINDOWS\Installer\232200.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:46] - C:\WINDOWS\Installer\232205.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:54] - C:\WINDOWS\Installer\23220a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:02] - C:\WINDOWS\Installer\23220f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:10] - C:\WINDOWS\Installer\232214.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:18] - C:\WINDOWS\Installer\232219.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:26] - C:\WINDOWS\Installer\23221e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:34] - C:\WINDOWS\Installer\232223.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:42] - C:\WINDOWS\Installer\232228.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:50] - C:\WINDOWS\Installer\23222d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:58] - C:\WINDOWS\Installer\232232.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:06] - C:\WINDOWS\Installer\232237.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:40] - C:\WINDOWS\Installer\23223c.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:07:30] - C:\WINDOWS\Installer\232241.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:12] - C:\WINDOWS\Installer\232246.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/12/2016 16:45:30] - C:\WINDOWS\Installer\272e1c2.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/04/2016 12:20:00] - C:\WINDOWS\Installer\28dd13.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/03/2016 00:00:00] - C:\WINDOWS\Installer\28dd18.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 08:45:36] - C:\WINDOWS\Installer\28dd22.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:46:47] - C:\WINDOWS\Installer\2d20af.msi : (Nero 2016 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:49:49] - C:\WINDOWS\Installer\2d20b5.msi : (Nero Burning ROM 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:48:04] - C:\WINDOWS\Installer\2d20bc.msi : (Nero Prerequisites - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:48:59] - C:\WINDOWS\Installer\2d20c3.msi : (Nero Express 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:48:28] - C:\WINDOWS\Installer\2d20ca.msi : (Nero MediaHome - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:47:48] - C:\WINDOWS\Installer\2d20d1.msi : (Nero RescueAgent 2016 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:47:52] - C:\WINDOWS\Installer\2d20d8.msi : (Nero Recode 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:47:09] - C:\WINDOWS\Installer\2d20df.msi : (Nero Video 2016 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:48:22] - C:\WINDOWS\Installer\2d20e6.msi : (Nero Launcher - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:49:52] - C:\WINDOWS\Installer\2d20ed.msi : (Nero BurningCore 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:49:15] - C:\WINDOWS\Installer\2d20f4.msi : (Nero Device Updates - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 12:57:11] - C:\WINDOWS\Installer\3f661d.msi : (Blank Project Template - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 12:57:52] - C:\WINDOWS\Installer\3f6621.msi : (AntimalwareEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 13:00:31] - C:\WINDOWS\Installer\3f6625.msi : (FirewallEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 13:01:14] - C:\WINDOWS\Installer\3f6629.msi : (ProxyEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 13:01:59] - C:\WINDOWS\Installer\3f662d.msi : (OnlineThreatsEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 13:02:09] - C:\WINDOWS\Installer\3f6631.msi : (AntispamEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 13:02:21] - C:\WINDOWS\Installer\3f6635.msi : (AvcEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/12/2016 13:03:41] - C:\WINDOWS\Installer\3f6639.msi : (Blank Project Template - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2016 09:24:13] - C:\WINDOWS\Installer\3f663d.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2016 21:00:00] - C:\WINDOWS\Installer\45b8f.msi : (WinZip Compression Utility - Copyright (c) 1991-2016 VAPC (Lux) S.a.r.L.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:24] - C:\WINDOWS\Installer\498ba.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 09:49:56] - C:\WINDOWS\Installer\498bf.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:16] - C:\WINDOWS\Installer\498c4.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:22] - C:\WINDOWS\Installer\498c9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:30] - C:\WINDOWS\Installer\498ce.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:36] - C:\WINDOWS\Installer\498d3.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:44] - C:\WINDOWS\Installer\498d8.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:52] - C:\WINDOWS\Installer\498dd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:00] - C:\WINDOWS\Installer\498e2.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:06] - C:\WINDOWS\Installer\498e7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:16] - C:\WINDOWS\Installer\498ec.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:22] - C:\WINDOWS\Installer\498f1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:30] - C:\WINDOWS\Installer\498f6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:38] - C:\WINDOWS\Installer\498fb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:46] - C:\WINDOWS\Installer\49900.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:04:54] - C:\WINDOWS\Installer\49905.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:02] - C:\WINDOWS\Installer\4990a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:10] - C:\WINDOWS\Installer\4990f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:18] - C:\WINDOWS\Installer\49914.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:26] - C:\WINDOWS\Installer\49919.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:34] - C:\WINDOWS\Installer\4991e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:42] - C:\WINDOWS\Installer\49923.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:50] - C:\WINDOWS\Installer\49928.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:05:58] - C:\WINDOWS\Installer\4992d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:06] - C:\WINDOWS\Installer\49932.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:06:40] - C:\WINDOWS\Installer\49937.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:07:30] - C:\WINDOWS\Installer\4993c.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 19:03:12] - C:\WINDOWS\Installer\49941.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/12/2016 16:19:05] - C:\WINDOWS\Installer\5efd864.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 15:25:21] - C:\WINDOWS\Installer\9137a1.msi : (Nero Info - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 15:25:46] - C:\WINDOWS\Installer\9137cd.msi : (Nero Launcher - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2016 04:44:00] - C:\WINDOWS\Installer\bc36d.msi : (Epson Software Updater - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/09/2015 15:21:54] - C:\WINDOWS\Installer\edb16f.msi : (Jing - TechSmith Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/12/2016 16:18:58] - C:\WINDOWS\Installer\reflect_setupv6.3.1665-x64-00.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:00:00] - [313320] - C:\WINDOWS\Installer\{05C6B128-1B40-4495-9CB9-090B368BFA0A}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:09:05] - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:52] - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:46] - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:34] - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:37] - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe () - () [18/12/2016 06:45:36] - [313328] - C:\WINDOWS\Installer\{1B6F5E51-575E-4693-BCA2-7543570D076D}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:08:43] - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:47] - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe () - () [16/12/2016 12:58:16] - [59640] - C:\WINDOWS\Installer\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 07:00:38] - [231408] - C:\WINDOWS\Installer\{21916D21-F3DD-44F9-952B-FD122CBD1526}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:00:38] - [231400] - C:\WINDOWS\Installer\{21916D21-F3DD-44F9-952B-FD122CBD1526}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:00:38] - [231400] - C:\WINDOWS\Installer\{21916D21-F3DD-44F9-952B-FD122CBD1526}\NeroLauncher.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:08:58] - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe () - () [16/12/2016 13:02:05] - [59640] - C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 06:46:49] - [313328] - C:\WINDOWS\Installer\{29F67D84-3A70-456E-806A-52301B02070B}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 13:02:14] - [59640] - C:\WINDOWS\Installer\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 00:08:48] - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:44] - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe () - () [18/12/2016 00:09:03] - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe () - () [16/12/2016 13:02:38] - [59640] - C:\WINDOWS\Installer\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 21:11:47] - [409600] - C:\WINDOWS\Installer\{4780AF24-213D-4187-86F2-0014A6D6077B}\ARPPRODUCTICON.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [18/12/2016 06:56:25] - [301040] - C:\WINDOWS\Installer\{47C00502-CFAC-42D3-8019-D9C557AD49AD}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:56:25] - [301040] - C:\WINDOWS\Installer\{47C00502-CFAC-42D3-8019-D9C557AD49AD}\ScRecodeStartMenu1_729B957FFE3C40528A62D7F32390F7C3.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:56:25] - [301040] - C:\WINDOWS\Installer\{47C00502-CFAC-42D3-8019-D9C557AD49AD}\ScRecodeStartMenu_563A75F05683422E8C558ED3B6DA617D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [21/12/2016 19:25:19] - [10134] - C:\WINDOWS\Installer\{47E5588F-C3A0-11DE-9857-005056C00008}\ARPPRODUCTICON.exe () - () [21/12/2016 19:25:19] - [90161] - C:\WINDOWS\Installer\{47E5588F-C3A0-11DE-9857-005056C00008}\NewShortcut1_985F828E0E98429F9C05EF3BDE7568F7_1.exe () - () [21/12/2016 19:25:19] - [90161] - C:\WINDOWS\Installer\{47E5588F-C3A0-11DE-9857-005056C00008}\NewShortcut2_985F828E0E98429F9C05EF3BDE7568F7.exe () - () [21/12/2016 19:25:20] - [90161] - C:\WINDOWS\Installer\{47E5588F-C3A0-11DE-9857-005056C00008}\RunProductNameDskt_985F828E0E98429F9C05EF3BDE7568F7.exe () - () [18/12/2016 07:57:32] - [301392] - C:\WINDOWS\Installer\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:57:40] - [587760] - C:\WINDOWS\Installer\{60251665-84B4-41D6-84BF-6D50CE68DD08}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 21:14:34] - [53248] - C:\WINDOWS\Installer\{64228DFB-7450-49B7-935C-B97342CB6659}\ARPPRODUCTICON.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [18/12/2016 00:08:32] - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe () - () [18/12/2016 07:00:14] - [69632] - C:\WINDOWS\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 08:03:21] - [587760] - C:\WINDOWS\Installer\{6861C1AD-9829-4DE4-8647-4785ECEA421A}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:03:21] - [587760] - C:\WINDOWS\Installer\{6861C1AD-9829-4DE4-8647-4785ECEA421A}\ScVisionDestop_7F7E5B0B4C2946E6A57D5A77942B7F3A.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:03:21] - [587760] - C:\WINDOWS\Installer\{6861C1AD-9829-4DE4-8647-4785ECEA421A}\ScVisionStartMenu_88036A9DCD1D412A84701A23A35FB37B.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:43:31] - [301040] - C:\WINDOWS\Installer\{6B81BDC4-3368-4898-8F16-48962F789221}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 12:37:11] - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe (Copyright (C) SEIKO EPSON CORPORATION 2010-2013.) - (E-Web Print Preview) [18/12/2016 07:01:49] - [206832] - C:\WINDOWS\Installer\{6E6D453B-AADE-4F14-97F6-9B464488BC53}\ScDisc2DeviceStart_31C5D7D15DA846FBB6553A0819A0C381.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:08:41] - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe () - () [18/12/2016 00:09:04] - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe () - () [18/12/2016 07:59:34] - [190448] - C:\WINDOWS\Installer\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:59:34] - [190448] - C:\WINDOWS\Installer\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}\ScKwikMediaDesk_DAE4ED9540AC4C38962344CC52ED8A73.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:59:34] - [190448] - C:\WINDOWS\Installer\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}\ScKwikMediaStar_594597E2768645E1995B7F203ACC4488.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:59:34] - [194544] - C:\WINDOWS\Installer\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}\ScMediaBrowser_9BF9A3F46C13407797C1395E985F61EA.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [19/12/2016 14:40:38] - [32625] - C:\WINDOWS\Installer\{7ED8575D-3A56-44CB-9015-513CA301062F}\PA100.exe () - () [19/12/2016 14:40:38] - [65952] - C:\WINDOWS\Installer\{7ED8575D-3A56-44CB-9015-513CA301062F}\POWERARC.exe () - () [19/12/2016 14:40:38] - [45952] - C:\WINDOWS\Installer\{7ED8575D-3A56-44CB-9015-513CA301062F}\POWERARC_2.exe () - () [18/12/2016 08:00:02] - [587760] - C:\WINDOWS\Installer\{7F22DD97-256D-491D-9090-743FADC79BBE}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:00:02] - [587760] - C:\WINDOWS\Installer\{7F22DD97-256D-491D-9090-743FADC79BBE}\NeroRescueAgent.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:00:02] - [587752] - C:\WINDOWS\Installer\{7F22DD97-256D-491D-9090-743FADC79BBE}\ScRescueAgentStart_322CFA6F80AB4438A8748366873E3688.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 13:01:43] - [59640] - C:\WINDOWS\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 00:08:49] - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe () - () [16/12/2016 16:08:29] - [316416] - C:\WINDOWS\Installer\{8C784F8B-89D0-4A59-A000-7EEF129E1574}\IconA17C9A58.exe () - () [18/12/2016 00:09:02] - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:59] - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe () - () [19/12/2016 16:27:35] - [43646] - C:\WINDOWS\Installer\{911949A6-66E6-4C52-8264-CEA4DF6A5A83}\ImgToVHD.exe () - () [19/12/2016 16:27:35] - [19942] - C:\WINDOWS\Installer\{911949A6-66E6-4C52-8264-CEA4DF6A5A83}\xReflect.exe () - () [18/12/2016 06:50:45] - [587760] - C:\WINDOWS\Installer\{991572A1-F8B9-42E5-B485-A79724558A84}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:57:06] - [301040] - C:\WINDOWS\Installer\{9C637A56-4287-487F-95BF-1422FC1AA879}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 12:10:38] - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe (Copyright (C) 2011) - (EProjManager Application) [18/12/2016 06:45:56] - [587760] - C:\WINDOWS\Installer\{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:08:54] - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe () - () [18/12/2016 00:09:01] - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe () - () [16/12/2016 13:00:44] - [59640] - C:\WINDOWS\Installer\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 06:44:01] - [587760] - C:\WINDOWS\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:44:01] - [587760] - C:\WINDOWS\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:47:30] - [313328] - C:\WINDOWS\Installer\{ACE49D50-19CD-44A6-B192-46F985283B26}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 12:57:21] - [415992] - C:\WINDOWS\Installer\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [18/12/2016 00:09:18] - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe () - () [18/12/2016 08:01:11] - [301040] - C:\WINDOWS\Installer\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:01:11] - [301040] - C:\WINDOWS\Installer\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}\ScRecodeStartMenu1_729B957FFE3C40528A62D7F32390F7C3.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:01:11] - [301040] - C:\WINDOWS\Installer\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}\ScRecodeStartMenu_563A75F05683422E8C558ED3B6DA617D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 10:32:52] - [22435552] - C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}\uninstall.exe (� 2008-2010 COMODO Security Solutions, Inc.) - (COMODO BackUp setup) [18/12/2016 00:08:57] - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:50] - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:38] - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe () - () [16/12/2016 13:10:18] - [97873] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:53] - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe () - () [16/12/2016 10:06:24] - [429568] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66111.exe () - () [16/12/2016 10:06:24] - [230400] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66112.exe () - () [16/12/2016 10:06:24] - [316928] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66114.exe () - () [16/12/2016 10:06:24] - [374272] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66117.exe () - () [16/12/2016 10:38:48] - [13840920] - C:\WINDOWS\Installer\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}\uninstall.exe (� 2008-2010 COMODO Security Solutions, Inc.) - (cCloud setup) [18/12/2016 07:57:18] - [587760] - C:\WINDOWS\Installer\{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:54:46] - [587760] - C:\WINDOWS\Installer\{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:54:46] - [587760] - C:\WINDOWS\Installer\{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF}\NeroRescueAgent.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:54:46] - [587760] - C:\WINDOWS\Installer\{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF}\ScRescueAgentStart_322CFA6F80AB4438A8748366873E3688.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/12/2016 13:04:09] - [415992] - C:\WINDOWS\Installer\{D88BC069-BFFF-4442-91EC-198EF2B764FE}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [16/12/2016 13:04:09] - [415992] - C:\WINDOWS\Installer\{D88BC069-BFFF-4442-91EC-198EF2B764FE}\NewShortcut1_B4EBD3E89A394A41B825BC37C011DD6E.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [16/12/2016 13:04:09] - [415992] - C:\WINDOWS\Installer\{D88BC069-BFFF-4442-91EC-198EF2B764FE}\NewShortcut6_465244A5DB8C4392A3D537510D1DB9FE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [19/12/2016 11:46:22] - [669696] - C:\WINDOWS\Installer\{D8A1F37A-B11B-4451-830D-6A243ADE2591}\CamtasiaIcons.exe () - () [18/12/2016 06:50:17] - [587752] - C:\WINDOWS\Installer\{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:53:59] - [190448] - C:\WINDOWS\Installer\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:53:59] - [190448] - C:\WINDOWS\Installer\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B}\ScKwikMediaDesk_DAE4ED9540AC4C38962344CC52ED8A73.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:53:59] - [190448] - C:\WINDOWS\Installer\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B}\ScKwikMediaStar_594597E2768645E1995B7F203ACC4488.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:53:59] - [194544] - C:\WINDOWS\Installer\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B}\ScMediaBrowser_9BF9A3F46C13407797C1395E985F61EA.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:44:57] - [313328] - C:\WINDOWS\Installer\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:09:08] - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:55] - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe () - () [18/12/2016 06:47:41] - [301040] - C:\WINDOWS\Installer\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:59:38] - [587760] - C:\WINDOWS\Installer\{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:59:38] - [587760] - C:\WINDOWS\Installer\{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78}\ScVisionDestop_7F7E5B0B4C2946E6A57D5A77942B7F3A.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 06:59:38] - [587760] - C:\WINDOWS\Installer\{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78}\ScVisionStartMenu_88036A9DCD1D412A84701A23A35FB37B.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:03:44] - [296944] - C:\WINDOWS\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:03:44] - [296944] - C:\WINDOWS\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 08:03:44] - [296944] - C:\WINDOWS\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\NeroLauncher.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 07:03:15] - [296944] - C:\WINDOWS\Installer\{F030BFE8-8476-4C08-A553-233DE80A2BE1}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [18/12/2016 00:08:42] - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe () - () [18/12/2016 00:08:39] - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe () - () ---------- | %System%\*.in* [16/07/2016 12:43:08] - [3458] - C:\WINDOWS\System32\ieuinit.inf [26/10/2012 16:42:24] - [29494] - C:\WINDOWS\System32\lvcoin64.ini [16/12/2016 08:08:21] - [1814540] - C:\WINDOWS\System32\PerfStringBackup.INI [16/07/2016 12:42:39] - [60124] - C:\WINDOWS\System32\tcpmon.ini [16/07/2016 12:42:11] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini [21/12/2016 13:03:08] - [18163] - C:\WINDOWS\Syswow64\GeneStor.INF [16/07/2016 12:43:59] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [19/12/2016 22:32:44] - [1693592] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [16/07/2016 12:42:43] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | [Administrateur] [27/04/2016 06:53:21] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe [27/04/2016 06:44:56] - |SD| - [135931] - C:\Users\Administrateur\AppData\Roaming\Microsoft [27/04/2016 06:47:52] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync [27/04/2016 06:44:57] - |SHD| - [1307498076] - C:\Users\Administrateur\AppData\Local\Application Data [27/04/2016 06:44:57] - |SHD| - [130] - C:\Users\Administrateur\AppData\Local\Historique [27/04/2016 06:55:57] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db [27/04/2016 06:44:56] - |D| - [112982068] - C:\Users\Administrateur\AppData\Local\Microsoft [27/04/2016 06:45:06] - |D| - [3308242] - C:\Users\Administrateur\AppData\Local\Packages [27/04/2016 06:44:56] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp [27/04/2016 06:44:57] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files [27/04/2016 06:45:05] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer [27/04/2016 06:53:23] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [27/04/2016 06:44:57] - |SHD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [27/04/2016 06:44:56] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/04/2016 06:44:56] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [27/04/2016 06:44:56] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [27/04/2016 06:53:23] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/04/2016 06:53:23] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [27/04/2016 06:44:56] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [27/04/2016 06:54:32] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [27/04/2016 06:53:23] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [27/04/2016 06:44:56] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [27/04/2016 06:44:56] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [27/04/2016 06:53:23] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [jean-] [17/12/2016 13:33:02] - |ASH| - [20] - C:\Users\jean-\AppData\Roaming\1816CA7466166.ind [16/12/2016 08:21:46] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Adobe [19/12/2016 08:25:02] - |D| - [10355] - C:\Users\jean-\AppData\Roaming\Apowersoft [21/12/2016 07:17:53] - |D| - [761] - C:\Users\jean-\AppData\Roaming\Ashampoo [16/12/2016 09:56:40] - |D| - [0] - C:\Users\jean-\AppData\Roaming\ATI [16/12/2016 10:38:11] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Auslogics [16/12/2016 11:24:22] - |D| - [285608] - C:\Users\jean-\AppData\Roaming\CyberLink [16/12/2016 10:29:37] - |D| - [0] - C:\Users\jean-\AppData\Roaming\DAEMON Tools Pro [21/12/2016 12:15:08] - |D| - [6672] - C:\Users\jean-\AppData\Roaming\Digiarty [19/12/2016 13:04:21] - |D| - [0] - C:\Users\jean-\AppData\Roaming\DMCache [18/12/2016 14:34:16] - |D| - [2274] - C:\Users\jean-\AppData\Roaming\doraamon-video-cvt-ult [16/12/2016 11:51:29] - |D| - [384] - C:\Users\jean-\AppData\Roaming\EASEUS [21/12/2016 12:21:13] - |D| - [240093264] - C:\Users\jean-\AppData\Roaming\Easeware [16/12/2016 12:32:32] - |D| - [6777] - C:\Users\jean-\AppData\Roaming\Epson [16/12/2016 10:25:13] - |D| - [8419659] - C:\Users\jean-\AppData\Roaming\eufsc [18/12/2016 14:34:18] - |D| - [96] - C:\Users\jean-\AppData\Roaming\fltk.org [16/12/2016 11:17:55] - |D| - [0] - C:\Users\jean-\AppData\Roaming\FreeDownloadManager.ORG [16/12/2016 15:42:27] - |D| - [7690974] - C:\Users\jean-\AppData\Roaming\GlarySoft [18/12/2016 21:21:58] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Hewlett-Packard [18/12/2016 21:08:48] - |D| - [27595] - C:\Users\jean-\AppData\Roaming\hpqLog [18/12/2016 14:35:16] - |D| - [293] - C:\Users\jean-\AppData\Roaming\ivscat.com [16/12/2016 13:09:34] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Lavasoft [16/12/2016 13:04:18] - |D| - [770] - C:\Users\jean-\AppData\Roaming\LavasoftStatistics [16/12/2016 10:01:42] - |D| - [506] - C:\Users\jean-\AppData\Roaming\Macromedia [18/12/2016 00:12:41] - |SD| - [2154759] - C:\Users\jean-\AppData\Roaming\Microsoft [16/12/2016 11:46:29] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Modules [16/12/2016 15:34:55] - |D| - [21005122] - C:\Users\jean-\AppData\Roaming\Mozilla [18/12/2016 15:23:54] - |D| - [118294] - C:\Users\jean-\AppData\Roaming\Nero [17/12/2016 13:33:02] - |ASH| - [20] - C:\Users\jean-\AppData\Roaming\Programs8187ConfigDB.dat [16/12/2016 08:29:33] - |D| - [77] - C:\Users\jean-\AppData\Roaming\Skype [18/12/2016 14:12:50] - |D| - [12492255] - C:\Users\jean-\AppData\Roaming\Software Informer [19/12/2016 13:58:36] - |D| - [6144] - C:\Users\jean-\AppData\Roaming\SUPERAntiSpyware.com [19/12/2016 12:15:27] - |D| - [71] - C:\Users\jean-\AppData\Roaming\TechSmith [16/12/2016 10:46:17] - |D| - [2493] - C:\Users\jean-\AppData\Roaming\TeraCopy [16/12/2016 11:46:24] - |AD| - [90310807] - C:\Users\jean-\AppData\Roaming\UsbFix [16/12/2016 11:56:16] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Wise Care 365 [16/12/2016 10:11:43] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Wise Euask [16/12/2016 10:00:55] - |D| - [165] - C:\Users\jean-\AppData\Roaming\Wise Folder Hider Pro [16/12/2016 10:01:19] - |D| - [1934] - C:\Users\jean-\AppData\Roaming\Wise Hotkey [16/12/2016 11:01:58] - |D| - [3468816] - C:\Users\jean-\AppData\Roaming\WiseUpdate [21/12/2016 19:21:18] - |D| - [0] - C:\Users\jean-\AppData\Roaming\ZHP [16/12/2016 08:24:36] - |D| - [0] - C:\Users\jean-\AppData\Local\ActiveSync [16/12/2016 09:57:11] - |D| - [18553] - C:\Users\jean-\AppData\Local\AMD [19/12/2016 08:24:47] - |D| - [40097190] - C:\Users\jean-\AppData\Local\Apowersoft [18/12/2016 00:12:41] - |SHD| - [53356651136] - C:\Users\jean-\AppData\Local\Application Data [20/12/2016 20:14:00] - |D| - [366364] - C:\Users\jean-\AppData\Local\ashampoo [16/12/2016 09:56:40] - |D| - [66104] - C:\Users\jean-\AppData\Local\ATI [18/12/2016 08:52:19] - |D| - [102972] - C:\Users\jean-\AppData\Local\AVG Netherlands BV [20/12/2016 21:16:00] - |D| - [40] - C:\Users\jean-\AppData\Local\Chromium [16/12/2016 08:25:34] - |D| - [21192808] - C:\Users\jean-\AppData\Local\Comms [18/12/2016 05:06:17] - |D| - [1247202] - C:\Users\jean-\AppData\Local\ConnectedDevicesPlatform [16/12/2016 10:32:56] - |D| - [2873474] - C:\Users\jean-\AppData\Local\Copy Handler [19/12/2016 19:25:02] - |D| - [10543838] - C:\Users\jean-\AppData\Local\CrashDumps [16/12/2016 11:24:00] - |D| - [316887] - C:\Users\jean-\AppData\Local\CyberLink [21/12/2016 19:09:27] - |D| - [38755328] - C:\Users\jean-\AppData\Local\Downloaded Installations [16/12/2016 11:17:49] - |D| - [0] - C:\Users\jean-\AppData\Local\FreeDownloadManager.ORG [18/12/2016 21:28:44] - |D| - [482] - C:\Users\jean-\AppData\Local\Hewlett-Packard [18/12/2016 00:12:41] - |SHD| - [130] - C:\Users\jean-\AppData\Local\Historique [19/12/2016 07:04:30] - |D| - [5745] - C:\Users\jean-\AppData\Local\HP_Development_Company,_L [20/12/2016 20:34:33] - |AH| - [45964] - C:\Users\jean-\AppData\Local\IconCache.db [18/12/2016 00:12:41] - |D| - [415168056] - C:\Users\jean-\AppData\Local\Microsoft [16/12/2016 10:04:31] - |D| - [83515] - C:\Users\jean-\AppData\Local\MicrosoftEdge [16/12/2016 08:21:46] - |D| - [66732772] - C:\Users\jean-\AppData\Local\Packages [16/12/2016 08:23:32] - |D| - [0] - C:\Users\jean-\AppData\Local\PackageStaging [16/12/2016 15:14:10] - |D| - [0] - C:\Users\jean-\AppData\Local\PeerDistRepub [16/12/2016 13:28:39] - |D| - [40960] - C:\Users\jean-\AppData\Local\Power2Go11 [16/12/2016 10:00:33] - |D| - [0] - C:\Users\jean-\AppData\Local\Programs [16/12/2016 08:25:42] - |D| - [0] - C:\Users\jean-\AppData\Local\Publishers [18/12/2016 10:34:04] - |D| - [1096780] - C:\Users\jean-\AppData\Local\SlimWare Utilities Inc [16/12/2016 16:08:44] - |D| - [40052232] - C:\Users\jean-\AppData\Local\TechSmith [18/12/2016 00:12:41] - |D| - [4679997073] - C:\Users\jean-\AppData\Local\Temp [18/12/2016 00:12:41] - |SHD| - [5374114] - C:\Users\jean-\AppData\Local\Temporary Internet Files [16/12/2016 08:21:44] - |D| - [14114816] - C:\Users\jean-\AppData\Local\TileDataLayer [16/12/2016 08:21:55] - |D| - [997] - C:\Users\jean-\AppData\Local\VirtualStore [16/12/2016 10:06:09] - |D| - [46184409] - C:\Users\jean-\AppData\Local\WinZip [16/12/2016 11:16:53] - |D| - [82] - C:\Users\jean-\AppData\Local\Wondershare [16/12/2016 11:10:35] - |D| - [76986299] - C:\Users\jean-\AppData\Local\Zemana [16/12/2016 08:21:47] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [18/12/2016 00:12:41] - |D| - [55259] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [18/12/2016 00:12:41] - |D| - [3888] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [18/12/2016 00:12:41] - |D| - [2931] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [16/12/2016 08:21:47] - |D| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/12/2016 05:06:46] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/12/2016 09:23:35] - |D| - [4452] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [16/12/2016 10:42:49] - |D| - [6022] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KillCopy [18/12/2016 00:12:41] - |D| - [170] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [16/12/2016 08:29:13] - |A| - [2413] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [16/12/2016 10:54:04] - |D| - [5375] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegSeeker [16/12/2016 08:21:47] - |D| - [3199] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [16/12/2016 10:14:17] - |D| - [1706] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier [18/12/2016 00:12:41] - |D| - [5318] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [16/12/2016 10:12:46] - |D| - [1706] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier [16/12/2016 10:47:02] - |D| - [3420] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [18/12/2016 00:12:41] - |D| - [7238] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [21/12/2016 18:37:57] - |D| - [7073] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZoneAlarmBackup [16/12/2016 08:21:47] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [16/12/2016 10:27:02] - |A| - [1396] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EaseUS EverySync.lnk [21/12/2016 18:37:57] - |A| - [1629] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZoneAlarm Backup Tray.lnk ---------- | [MSSQL$ADK] [19/12/2016 22:34:13] - |SD| - [30628] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft [19/12/2016 22:34:16] - |SHD| - [28266642] - C:\Users\MSSQL$ADK\AppData\Local\Application Data [19/12/2016 22:34:16] - |SHD| - [0] - C:\Users\MSSQL$ADK\AppData\Local\Historique [19/12/2016 22:34:14] - |D| - [2364150] - C:\Users\MSSQL$ADK\AppData\Local\Microsoft [19/12/2016 22:34:14] - |D| - [0] - C:\Users\MSSQL$ADK\AppData\Local\Temp [19/12/2016 22:34:16] - |SHD| - [0] - C:\Users\MSSQL$ADK\AppData\Local\Temporary Internet Files [19/12/2016 22:34:16] - |SHD| - [18100] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [19/12/2016 22:34:13] - |D| - [18100] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [19/12/2016 22:34:13] - |RD| - [3888] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [19/12/2016 22:34:13] - |RD| - [1486] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [19/12/2016 22:34:13] - |D| - [170] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [19/12/2016 22:34:13] - |RD| - [5318] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [19/12/2016 22:34:13] - |RD| - [7238] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell ---------- | [Public] ---------- | C:\ProgramData [16/12/2016 08:40:20] - |D| - [0] - C:\ProgramData\AMD [18/12/2016 00:49:29] - |SHD| - [77104836553] - C:\ProgramData\Application Data [16/12/2016 10:39:36] - |D| - [944184] - C:\ProgramData\ashampoo [16/12/2016 09:56:40] - |D| - [186] - C:\ProgramData\ATI [16/12/2016 13:16:23] - |D| - [0] - C:\ProgramData\BitDefender [16/12/2016 07:02:51] - |SHD| - [36451] - C:\ProgramData\Bureau [19/12/2016 14:42:06] - |D| - [2371200] - C:\ProgramData\Caphyon [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\Comms [16/12/2016 10:25:58] - |D| - [534716] - C:\ProgramData\CyberLink [16/12/2016 10:27:08] - |D| - [2348] - C:\ProgramData\DAEMON Tools Pro [18/12/2016 00:49:29] - |SHD| - [232536270] - C:\ProgramData\Documents [18/12/2016 20:31:30] - |D| - [1942061] - C:\ProgramData\DriversCloud.com [16/12/2016 10:53:07] - |D| - [10899533] - C:\ProgramData\EPSON [18/12/2016 14:34:18] - |D| - [96] - C:\ProgramData\fltk.org [18/12/2016 21:13:40] - |D| - [36474] - C:\ProgramData\Hewlett-Packard [19/12/2016 13:04:24] - |D| - [0] - C:\ProgramData\IDM [18/12/2016 14:13:24] - |D| - [0] - C:\ProgramData\Informer Technologies, Inc [16/12/2016 10:23:32] - |D| - [372025] - C:\ProgramData\install_backup [16/12/2016 10:18:58] - |D| - [309503] - C:\ProgramData\install_clap [16/12/2016 10:12:40] - |D| - [153] - C:\ProgramData\IObit [16/12/2016 12:56:39] - |D| - [24265303] - C:\ProgramData\Lavasoft [19/12/2016 15:59:48] - |D| - [466902246] - C:\ProgramData\Macrium [19/12/2016 13:07:29] - |D| - [140073408] - C:\ProgramData\Malwarebytes [16/12/2016 07:02:51] - |SHD| - [297918] - C:\ProgramData\Menu Démarrer [16/07/2016 12:47:48] - |SD| - [1104267973] - C:\ProgramData\Microsoft [18/12/2016 05:11:12] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [16/12/2016 07:02:51] - |SHD| - [0] - C:\ProgramData\Modèles [18/12/2016 06:43:28] - |AD| - [1258547] - C:\ProgramData\Nero [18/12/2016 00:08:15] - |D| - [3863352267] - C:\ProgramData\Package Cache [16/07/2016 12:47:48] - |D| - [1001] - C:\ProgramData\regid.1991-06.com.microsoft [21/12/2016 08:16:41] - |D| - [1925] - C:\ProgramData\RogueKiller [17/12/2016 09:28:08] - |D| - [1902] - C:\ProgramData\RogueKillerPE [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\SoftwareDistribution [16/12/2016 12:39:14] - |D| - [645] - C:\ProgramData\Sony Corporation [19/12/2016 13:56:49] - |D| - [151266629] - C:\ProgramData\SUPERAntiSpyware.com [16/12/2016 10:18:58] - |D| - [139032] - C:\ProgramData\SUPPORTDIR [19/12/2016 11:44:20] - |AD| - [423896774] - C:\ProgramData\TechSmith [16/12/2016 10:21:20] - |D| - [369696] - C:\ProgramData\Temp [16/12/2016 12:39:31] - |D| - [4680] - C:\ProgramData\UDL [16/12/2016 16:10:38] - |D| - [2848] - C:\ProgramData\Unchecky [16/12/2016 10:08:50] - |D| - [294] - C:\ProgramData\UniqueId [16/07/2016 12:47:48] - |D| - [3201] - C:\ProgramData\USOPrivate [18/12/2016 00:48:45] - |D| - [491520] - C:\ProgramData\USOShared [16/12/2016 10:05:56] - |AD| - [1544] - C:\ProgramData\WinZip [16/12/2016 11:18:30] - |D| - [2172284] - C:\ProgramData\Wondershare [16/12/2016 11:13:05] - |D| - [1822074393] - C:\ProgramData\Wondershare Video Editor ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [16/12/2016 10:06:25] - |A| - [2200] - C:\ProgramData\Microsoft\Windows\Start Menu\Notifications de Mises à jour.lnk [16/12/2016 10:06:25] - |A| - [2161] - C:\ProgramData\Microsoft\Windows\Start Menu\Outils d’arrière-plan WinZip.lnk [16/12/2016 07:02:51] - |SHD| - [291250] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [16/07/2016 12:47:48] - |RD| - [291250] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/12/2016 10:06:25] - |A| - [2133] - C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/07/2016 12:47:48] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [16/07/2016 12:47:48] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [16/07/2016 12:47:48] - |RD| - [23012] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/12/2016 00:09:19] - |D| - [4373] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [16/12/2016 10:41:30] - |D| - [2833] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [16/12/2016 10:36:55] - |D| - [2746] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics [18/12/2016 14:12:08] - |D| - [2355] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Power-on & Shut-down [16/12/2016 10:40:44] - |D| - [1608] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau [16/12/2016 10:32:53] - |D| - [6116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [16/12/2016 10:32:49] - |D| - [2968] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copy Handler [16/12/2016 13:07:35] - |A| - [2341] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Desktop Burning Gadget 11.lnk [16/12/2016 13:07:35] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ISO Viewer 11.lnk [16/12/2016 13:10:27] - |A| - [1408] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint2.lnk [16/12/2016 13:07:35] - |A| - [2280] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 11.lnk [16/12/2016 11:03:40] - |A| - [2490] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PresenterLink+.lnk [16/12/2016 17:32:50] - |A| - [2418] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink VideoMeeting+.lnk [16/12/2016 13:07:35] - |A| - [2320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Virtual Drive 11.lnk [16/12/2016 13:12:17] - |A| - [2292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2.lnk [16/12/2016 10:29:41] - |D| - [1910] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [16/07/2016 12:47:50] - |ASH| - [796] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [21/12/2016 12:15:00] - |D| - [3176] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [18/12/2016 14:34:04] - |D| - [1337] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dimo Video Converter Ultimate [21/12/2016 12:21:02] - |D| - [2208] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy [21/12/2016 08:01:03] - |D| - [2973] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [16/12/2016 10:27:02] - |D| - [2838] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS EverySync 3.0 [20/12/2016 21:36:02] - |D| - [2729] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 10.0 [16/12/2016 12:32:45] - |D| - [3212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [16/12/2016 12:01:13] - |D| - [7080] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [16/12/2016 15:39:36] - |D| - [1437] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft [18/12/2016 21:15:07] - |D| - [2324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [16/07/2016 12:43:50] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [16/12/2016 10:12:40] - |D| - [2574] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker [16/12/2016 13:04:03] - |D| - [3637] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft [19/12/2016 16:27:36] - |D| - [2032] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium [16/07/2016 12:47:48] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [19/12/2016 13:08:18] - |D| - [4042] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [19/12/2016 22:14:06] - |D| - [1475] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 [19/12/2016 21:55:50] - |D| - [4934] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 [16/07/2016 12:42:22] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [21/12/2016 19:23:13] - |A| - [1234] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [18/12/2016 06:44:01] - |D| - [13089] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [18/12/2016 07:57:18] - |D| - [17469] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016 [18/12/2016 06:45:56] - |D| - [22528] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017 [21/12/2016 19:25:20] - |D| - [3367] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 14 Free [19/12/2016 14:39:53] - |D| - [2041] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerArchiver 2016 [16/07/2016 12:43:50] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [16/12/2016 10:16:31] - |D| - [2612] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder [21/12/2016 08:18:37] - |D| - [919] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [17/12/2016 09:28:24] - |D| - [943] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKillerPE [20/12/2016 20:12:08] - |D| - [2290] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sketch Drawer [18/12/2016 14:12:55] - |D| - [2026] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer [16/12/2016 15:39:36] - |A| - [1358] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Update Pro.lnk [16/07/2016 12:47:48] - |RD| - [4353] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [19/12/2016 13:57:06] - |D| - [5557] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [16/07/2016 12:47:48] - |RD| - [2670] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [16/12/2016 16:08:29] - |D| - [7777] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [16/12/2016 10:45:57] - |D| - [4249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy [16/12/2016 16:10:38] - |D| - [2236] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [19/12/2016 19:35:56] - |D| - [25788] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits [18/12/2016 00:19:40] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [16/12/2016 10:03:35] - |D| - [2044] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinToUSB [16/12/2016 10:05:16] - |D| - [2145] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0 [16/12/2016 10:00:47] - |D| - [1329] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider Pro [16/12/2016 10:01:12] - |D| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Hotkey [16/12/2016 10:10:05] - |D| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise JetSearch [16/12/2016 11:55:54] - |D| - [1344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer [16/12/2016 10:11:02] - |D| - [1324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Downloader [16/12/2016 11:16:26] - |D| - [16170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [16/12/2016 11:13:55] - |D| - [1170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger [21/12/2016 19:21:32] - |D| - [1942] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [16/12/2016 10:06:25] - |A| - [2212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [16/12/2016 10:06:24] - |A| - [1967] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk ---------- | C:\Program Files (x86) [16/12/2016 10:38:45] - |D| - [258723099] - C:\Program Files (x86)\Ashampoo [18/12/2016 00:08:32] - |AD| - [106367910] - C:\Program Files (x86)\ATI Technologies [16/12/2016 10:36:33] - |D| - [25210737] - C:\Program Files (x86)\Auslogics [18/12/2016 14:12:02] - |AD| - [5533509] - C:\Program Files (x86)\AutoPowerOn [16/07/2016 07:04:24] - |D| - [105497728] - C:\Program Files (x86)\Common Files [16/12/2016 10:30:44] - |D| - [809241436] - C:\Program Files (x86)\CyberLink [16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [18/12/2016 14:33:14] - |AD| - [111606460] - C:\Program Files (x86)\Dimo Video Converter Ultimate [16/12/2016 10:13:57] - |D| - [1482813673] - C:\Program Files (x86)\EaseUS [16/12/2016 12:08:35] - |D| - [17240503] - C:\Program Files (x86)\EPSON [16/12/2016 12:00:54] - |AD| - [233877241] - C:\Program Files (x86)\EPSON Software [19/12/2016 09:01:23] - |D| - [158905565] - C:\Program Files (x86)\FormatFactory [21/12/2016 13:03:07] - |D| - [5654459] - C:\Program Files (x86)\Genesyslogic [16/12/2016 15:39:12] - |D| - [22665454] - C:\Program Files (x86)\Glarysoft [18/12/2016 21:03:35] - |D| - [22638963] - C:\Program Files (x86)\Hewlett-Packard [18/12/2016 21:10:32] - |D| - [8466872] - C:\Program Files (x86)\HP [16/12/2016 11:03:25] - |HD| - [59636133] - C:\Program Files (x86)\InstallShield Installation Information [16/07/2016 12:47:48] - |D| - [1989487] - C:\Program Files (x86)\Internet Explorer [16/12/2016 10:12:11] - |D| - [12348017] - C:\Program Files (x86)\IObit [16/12/2016 11:11:24] - |D| - [199534] - C:\Program Files (x86)\KeyCryptSDK [16/12/2016 10:42:25] - |D| - [1247147] - C:\Program Files (x86)\KillSoft [16/12/2016 10:35:34] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [19/12/2016 21:47:58] - |AD| - [1192839524] - C:\Program Files (x86)\Microsoft SQL Server [19/12/2016 22:23:31] - |D| - [4850] - C:\Program Files (x86)\Microsoft Visual Studio 10.0 [16/07/2016 12:47:48] - |D| - [707647] - C:\Program Files (x86)\Microsoft.NET [21/12/2016 19:20:04] - |D| - [96884816] - C:\Program Files (x86)\Mozilla Firefox [21/12/2016 19:22:57] - |D| - [262595] - C:\Program Files (x86)\Mozilla Maintenance Service [18/12/2016 06:43:55] - |AD| - [2511610446] - C:\Program Files (x86)\Nero [16/12/2016 11:03:16] - |D| - [28953777] - C:\Program Files (x86)\NSIS Uninstall Information [19/12/2016 14:39:53] - |AD| - [169900560] - C:\Program Files (x86)\PowerArchiver [16/12/2016 10:53:59] - |D| - [959392] - C:\Program Files (x86)\RegSeeker [20/12/2016 20:11:59] - |AD| - [84660115] - C:\Program Files (x86)\Sketch Drawer [16/12/2016 16:08:24] - |D| - [11373214] - C:\Program Files (x86)\TechSmith [16/12/2016 11:39:29] - |D| - [807895] - C:\Program Files (x86)\trend micro [16/12/2016 16:10:37] - |AD| - [5425836] - C:\Program Files (x86)\Unchecky [16/07/2016 12:47:48] - |D| - [1941504] - C:\Program Files (x86)\Windows Defender [19/12/2016 19:33:05] - |D| - [4124347674] - C:\Program Files (x86)\Windows Kits [16/07/2016 12:47:48] - |D| - [5958656] - C:\Program Files (x86)\Windows Mail [16/07/2016 12:47:48] - |D| - [3275928] - C:\Program Files (x86)\Windows Media Player [16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Multimedia Platform [16/07/2016 12:47:48] - |D| - [7584962] - C:\Program Files (x86)\Windows NT [16/07/2016 12:47:48] - |D| - [5424832] - C:\Program Files (x86)\Windows Photo Viewer [16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Portable Devices [16/07/2016 12:47:48] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [16/07/2016 12:47:48] - |D| - [3240833] - C:\Program Files (x86)\WindowsPowerShell [16/12/2016 10:00:40] - |D| - [22944523] - C:\Program Files (x86)\Wise [16/12/2016 11:23:38] - |D| - [28780662] - C:\Program Files (x86)\Wondershare [16/12/2016 11:11:03] - |AD| - [16665357] - C:\Program Files (x86)\Zemana AntiLogger [21/12/2016 19:21:18] - |D| - [7233310] - C:\Program Files (x86)\ZHPFix ---------- | C:\Program Files [18/12/2016 00:07:18] - |D| - [96636696] - C:\Program Files\AMD [18/12/2016 00:09:07] - |AD| - [5595872] - C:\Program Files\ATI Technologies [16/07/2016 07:04:24] - |D| - [96265773] - C:\Program Files\Common Files [16/12/2016 10:32:59] - |D| - [67364744] - C:\Program Files\COMODO [16/12/2016 10:32:31] - |AD| - [16610166] - C:\Program Files\Copy Handler [16/12/2016 10:27:40] - |D| - [58076997] - C:\Program Files\DAEMON Tools Pro [16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files\desktop.ini [21/12/2016 12:14:36] - |D| - [51306656] - C:\Program Files\Digiarty [21/12/2016 08:00:58] - |D| - [19748147] - C:\Program Files\DriversCloud.com [21/12/2016 12:20:56] - |D| - [10926075] - C:\Program Files\Easeware [16/12/2016 07:02:51] - |SHD| - [96265773] - C:\Program Files\Fichiers communs [16/07/2016 12:47:47] - |D| - [2581850] - C:\Program Files\Internet Explorer [16/12/2016 10:47:33] - |D| - [192012] - C:\Program Files\KillSoft [16/12/2016 12:58:05] - |D| - [608986959] - C:\Program Files\Lavasoft [19/12/2016 16:27:26] - |AD| - [128025932] - C:\Program Files\Macrium [19/12/2016 13:07:29] - |D| - [131025995] - C:\Program Files\Malwarebytes [19/12/2016 22:10:34] - |AD| - [3000273] - C:\Program Files\Microsoft SQL Server [21/12/2016 19:20:05] - |D| - [69526374] - C:\Program Files\Paragon Software [18/12/2016 00:07:38] - |D| - [44896664] - C:\Program Files\Realtek [21/12/2016 08:18:16] - |D| - [80396359] - C:\Program Files\RogueKiller [17/12/2016 09:28:12] - |AD| - [64257495] - C:\Program Files\RogueKillerPE [18/12/2016 14:12:47] - |AD| - [8206192] - C:\Program Files\Software Informer [19/12/2016 13:56:49] - |AD| - [10979728] - C:\Program Files\SUPERAntiSpyware [16/12/2016 10:14:17] - |D| - [22421724] - C:\Program Files\Supercopier [19/12/2016 11:44:20] - |D| - [192584390] - C:\Program Files\TechSmith [16/12/2016 10:45:26] - |AD| - [6494635] - C:\Program Files\TeraCopy [16/12/2016 10:12:46] - |D| - [26034994] - C:\Program Files\Ultracopier [27/04/2016 06:45:00] - |HD| - [0] - C:\Program Files\Uninstall Information [16/12/2016 10:47:01] - |D| - [266699] - C:\Program Files\Unlocker [16/07/2016 12:47:47] - |RD| - [14913860] - C:\Program Files\Windows Defender [16/07/2016 23:46:17] - |D| - [6283336] - C:\Program Files\Windows Defender Advanced Threat Protection [16/07/2016 12:47:47] - |D| - [6181888] - C:\Program Files\Windows Mail [16/07/2016 12:47:47] - |D| - [4989628] - C:\Program Files\Windows Media Player [16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Multimedia Platform [16/07/2016 12:47:47] - |D| - [7849154] - C:\Program Files\Windows NT [16/07/2016 12:47:47] - |D| - [6223552] - C:\Program Files\Windows Photo Viewer [16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Portable Devices [16/07/2016 12:47:47] - |SHD| - [0] - C:\Program Files\Windows Sidebar [16/07/2016 12:47:47] - |HD| - [1535076211] - C:\Program Files\WindowsApps [16/07/2016 12:47:47] - |HD| - [1489570086] - C:\Program Files\WindowsApps.tmp [16/07/2016 12:47:47] - |D| - [3661506] - C:\Program Files\WindowsPowerShell [16/12/2016 10:03:25] - |AD| - [28528726] - C:\Program Files\WinToUSB [16/12/2016 10:05:16] - |AD| - [293425904] - C:\Program Files\WinZip [16/12/2016 10:01:09] - |D| - [8520152] - C:\Program Files\Wise [16/12/2016 11:13:05] - |D| - [329799310] - C:\Program Files\Wondershare ---------- | C:\Program Files (x86)\Common Files [17/12/2016 09:26:11] - |D| - [946] - C:\Program Files (x86)\Common Files\Adobe [16/12/2016 13:07:28] - |D| - [133400] - C:\Program Files (x86)\Common Files\CyberLink [18/12/2016 00:08:03] - |D| - [337630] - C:\Program Files (x86)\Common Files\logishrd [16/07/2016 12:47:48] - |D| - [15985497] - C:\Program Files (x86)\Common Files\Microsoft Shared [18/12/2016 06:44:23] - |D| - [72470342] - C:\Program Files (x86)\Common Files\Nero [16/07/2016 12:47:48] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [16/07/2016 12:47:48] - |D| - [9639307] - C:\Program Files (x86)\Common Files\System [16/12/2016 11:16:40] - |D| - [6927904] - C:\Program Files (x86)\Common Files\Wondershare ---------- | C:\Program Files\Common files [16/12/2016 10:57:28] - |D| - [152640] - C:\Program Files\Common files\EPSON [16/12/2016 12:57:17] - |D| - [46928226] - C:\Program Files\Common files\Lavasoft [18/12/2016 00:07:55] - |D| - [1022022] - C:\Program Files\Common files\logishrd [16/07/2016 12:47:47] - |D| - [37914156] - C:\Program Files\Common files\microsoft shared [16/07/2016 12:47:47] - |D| - [2702] - C:\Program Files\Common files\Services [16/07/2016 12:47:47] - |D| - [10246027] - C:\Program Files\Common files\System ---------- | Tasks [MD5.0B85CABFFB66E577A138DAE80B936189] - [21/12/2016 20:40:09] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [MD5.1D43D5F68AAA1E1CA9B25656D242180E] - [21/12/2016 12:21:08] - |A| - [438] - C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job [MD5.3DF2BD46E73ED908C381193F5D6E09A8] - [18/12/2016 12:58:50] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {1910CC1B-44B7-4DCE-BEA0-02C242A6919C}.job [MD5.91FB300DA955F9186E49446C1E50D5F6] - [18/12/2016 12:56:04] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {754EE448-3F68-4109-82AE-A7B7280E9584}.job [MD5.E87029F5E7021C56B51C2F30EF11C81D] - [16/12/2016 10:59:11] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {FF03C6CA-5A8E-42FF-AA6A-6AA96DBDECDA}.job [MD5.E2DAF6B4484B9EB73BDA2F34A1D53D86] - [18/12/2016 12:58:48] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {1910CC1B-44B7-4DCE-BEA0-02C242A6919C}.job [MD5.15C665895B66AB714321571C37CF05FA] - [18/12/2016 12:56:03] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {754EE448-3F68-4109-82AE-A7B7280E9584}.job [MD5.4A9C0246D9FF23BDE06F507644BEF128] - [16/12/2016 10:59:08] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {FF03C6CA-5A8E-42FF-AA6A-6AA96DBDECDA}.job [MD5.43CA72B12D8DDDD2C8577C9642DA91C0] - [19/12/2016 07:04:31] - |A| - [364] - C:\WINDOWS\Tasks\HPCeeScheduleForjean-.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [18/12/2016 00:42:48] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.1CE782A6AFCB480B1C01CFB511769411] - [19/12/2016 13:59:48] - |A| - [542] - C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 42976241-291a-4f6c-adc7-12e361a07468.job [MD5.FDE03DF49A5F211FFC4A3180A95141D0] - [19/12/2016 13:59:45] - |A| - [542] - C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 5c66fc25-b49a-4eca-8b4c-6eace5fd1650.job [MD5.5D4CC7205DB411B7E2E471BE4B7BBA75] - [18/12/2016 00:42:43] - |A| - [3010] - C:\WINDOWS\System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan : C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe [MD5.23EA229969A06184A0A9E682BEEF032B] - [18/12/2016 00:42:43] - |A| - [3656] - C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask : C:\WINDOWS\explorer.exe [MD5.D3D9F215BFED77F214D9E99C9D024F76] - [21/12/2016 12:21:09] - |A| - [3912] - C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan : C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [MD5.E849886619EE2E3263687C0F6163227E] - [18/12/2016 12:58:50] - |A| - [3970] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {1910CC1B-44B7-4DCE-BEA0-02C242A6919C} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.6624238F1FE2D5D33D60FD4219856396] - [18/12/2016 12:56:04] - |A| - [3970] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {754EE448-3F68-4109-82AE-A7B7280E9584} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.C671362BAA8D46B516F736ACF016EA5C] - [18/12/2016 00:42:43] - |A| - [3324] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {FF03C6CA-5A8E-42FF-AA6A-6AA96DBDECDA} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.F8AEC7963750626BB098B4F1B5001D3C] - [18/12/2016 12:58:49] - |A| - [4148] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {1910CC1B-44B7-4DCE-BEA0-02C242A6919C} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.C516F165760EC5028E3C35457F6BCE9D] - [18/12/2016 12:56:03] - |A| - [4148] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {754EE448-3F68-4109-82AE-A7B7280E9584} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.85A885016D44612260F608363E471C9B] - [18/12/2016 00:42:43] - |A| - [3502] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {FF03C6CA-5A8E-42FF-AA6A-6AA96DBDECDA} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.00000000000000000000000000000000] - [18/12/2016 21:13:43] - |D| - [21270] - C:\WINDOWS\System32\Tasks\Hewlett-Packard [MD5.6B23C93D64132CC1A624EC66616B18C4] - [19/12/2016 07:04:31] - |A| - [3252] - C:\WINDOWS\System32\Tasks\HPCeeScheduleForjean- : C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [496792] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [18/12/2016 07:03:20] - |D| - [3340] - C:\WINDOWS\System32\Tasks\Nero [MD5.63CEE641367A6365DFF7B7036B5D6320] - [18/12/2016 00:42:48] - |A| - [2772] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.C4FE2D74030824C6BF8EE4BB8033DC5E] - [18/12/2016 14:12:57] - |A| - [3434] - C:\WINDOWS\System32\Tasks\SoftwareInformerService : "C:\Program Files\Software Informer\softinfo.exe" [MD5.1199844D11BC4168723ED26988BE45E2] - [18/12/2016 00:42:48] - |A| - [2628] - C:\WINDOWS\System32\Tasks\SoftwareUpdate Pro : C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe [MD5.AEC309048834F0E4214FE68E9262A7E7] - [19/12/2016 13:59:48] - |A| - [3782] - C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 42976241-291a-4f6c-adc7-12e361a07468 : C:\Program Files\SUPERAntiSpyware\SASTask.exe [MD5.73EFEA60C7E02C232401AB9E24162324] - [19/12/2016 13:59:45] - |A| - [3700] - C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 5c66fc25-b49a-4eca-8b4c-6eace5fd1650 : C:\Program Files\SUPERAntiSpyware\SASTask.exe [MD5.085B2524661232EE8684DD615627D176] - [18/12/2016 00:42:48] - |A| - [3320] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7AD0FFBD-C983-44C4-A6A5-71A8D371AF2D} : C:\WINDOWS\system32\msfeedssync.exe [MD5.78F7732012A1DE050FC1EF456B09001A] - [18/12/2016 00:42:48] - |A| - [2642] - C:\WINDOWS\System32\Tasks\WinZipBackGroundToolsTask : C:\Program Files\WinZip\WzBGTools.exe [MD5.84D13736F1EB7D60EAA2111CB8534753] - [18/12/2016 00:42:48] - |A| - [3040] - C:\WINDOWS\System32\Tasks\Wise Hotkey.job : C:\Program Files\Wise\Wise Hotkey\WiseHotkey.exe [MD5.00000000000000000000000000000000] - [18/12/2016 00:42:48] - |D| - [6196] - C:\WINDOWS\System32\Tasks\WiseCleaner [MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "Netlogon-NamedPipe-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "MDNS-In-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "DeliveryOptimization-TCP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "{A6DE292B-8FE3-445A-A222-2B15081332A0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe|Name=CyberLink VideoMeetingPlus|Desc=CyberLink VideoMeetingPlus| "{05B13B7C-CE05-4B27-A041-75DD65F82058}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{96017954-D76E-4044-BCB5-FCF7A393B615}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{023FDBCC-0FC0-4C20-A149-225C7BB4BB6F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\COMODO\cCloud\cCloud.exe|Name=cCloud.exe| "{2C4761EA-E757-4D87-8D2F-B4BA94C035EE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\COMODO\cCloud\cCloud.exe|Name=cCloud.exe| "{1ABE3F7F-7978-493D-B10D-BADD067308F8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1000|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{54A88C5E-976E-47A4-8FDC-1F248A095468}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1000|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{C6C92DA8-F608-4FDA-9960-830D5592D3C1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{19C60C75-4042-45C2-A932-6A87A9DF24AA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{677780C4-8318-4F80-BB41-FF889D6A0A83}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B60EF120-5D0D-4B23-94DD-F6523928C8F6}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{578373A9-5D0B-4A5E-93F1-A071FC3CC21E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{4076114B-D099-47D6-902C-BB0F66B912E0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{162083A8-00DB-4704-AA98-DBD840D693AB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{8574A6EE-6A4F-400C-A3BB-62F8ED23889E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{E2077EB6-8941-402B-8B4E-FC8E4C93AAE1}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{56FFB5AE-C3FC-4B0D-A64B-97EF9F8E19A8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{0B0ED14C-3460-4398-AD43-31D99DCAE3FA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C8369CEB-4CB3-4179-88A0-8B2724D25A9F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{4B5E5572-8F85-4611-81E3-81F82FA4F1FA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{A9B03050-909C-47A8-9760-37294A8B186C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{BFBB20D1-AADD-4399-8E12-52DE80C75D2B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A3EC0E42-A4E5-4316-9CC3-0D33CD398A34}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{6EF3279A-2060-4F4D-8EB3-C8DC9AEEA5E4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{075EE59C-68A7-4861-BE81-39ECD8B51754}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{01A0C25B-8A77-40D3-AAEF-DB0D9B6CF9EB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{CF67E0A9-F65C-42B9-88E1-A6FE6BD5A38C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{E75FC3D1-6DBE-4B06-896C-C7CBDD362A04}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{EBA8D733-7E65-45D9-B092-C6B658566053}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{0187A58E-EFA3-4B59-BC73-96E51F738843}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{6DA1CFA0-5D9E-433F-843B-7FBC24A852B6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{31AC2AA4-909D-477E-BC50-B2D1E793FE39}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{05D7EF57-E6EF-4DE2-AA27-1FF90E5CD1D7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{98CD5F6E-708A-4B32-9103-7EDE150A05E8}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ShellExperienceHost/resources/PkgDisplayName}|Desc=@{Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ShellExperienceHost/resources/PkgDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708|EmbedCtxt=@{Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ShellExperienceHost/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{E09C3444-C153-4A63-AC64-C5C789C5114A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Desc=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D7A05C12-FC2C-4A47-8231-6636C4CA6B3C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Desc=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1E9160CD-97A9-488C-8A0B-848157C25219}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.14393.576_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.14393.576_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.14393.576_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{42B98E16-A3FE-4C76-BE8D-3BAE1B4228A4}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{0399A2EB-6877-4E7E-ADD3-989111F1CE0A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{2B075EF4-501E-445B-A72C-3849BE9F49C7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{4C455140-52CE-431D-B349-465240D7CC46}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ| "{1483AA03-BB28-4183-BE17-25DE1C092592}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DF378F21-C69D-4ABE-AFE7-F9757870C809}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Public|IFType=Wireless|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{936AA44A-0EAB-48D5-A860-7CF86C55AC18}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Public|IFType=Wireless|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{CF7657AB-2444-4A5C-83C8-7D954C370A73}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Apprep.ChxApp/resources/DisplayName}|Desc=@{Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Apprep.ChxApp/resources/DisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1255970798-2717750985-493741290-1721212560-3530798636-1829112236-3118580706|EmbedCtxt=@{Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Apprep.ChxApp/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{337C5282-FA22-4FC5-8F32-47F06F857705}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D814F912-0923-484E-B891-AF57CCD5465C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A4C71B3B-12FB-4D6C-A727-E0DE36C03995}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.SecureAssessmentBrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.SecureAssessmentBrowser/Resources/PackageDisplayName}|Desc=@{Microsoft.Windows.SecureAssessmentBrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.SecureAssessmentBrowser/Resources/PackageDescription}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3733603082-4179795269-1217541644-381468798-1681740699-3059609168-2054985149|EmbedCtxt=@{Microsoft.Windows.SecureAssessmentBrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.SecureAssessmentBrowser/Resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{1D76FC9C-D135-41ED-B665-4343A403F2C9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{045AD96A-09EA-4D08-9E7A-378E05800DE9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{8CD2EFAD-7DE2-4028-86D0-63BF580CA176}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0C79FD35-BB68-4ADB-AE5B-DCE3D7E0A857}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{D77EDD7B-46A6-4E32-871E-BE70474D0A08}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{CE1938A2-040E-47C9-B3B5-335239187302}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{4898250C-09CB-4C9B-9E36-14D6EE23794F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{733D75B8-2996-4675-957D-0FC7006CB803}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{51F08179-1CB8-46C9-B10F-404806DB4266}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{35A083F1-D67B-4ADB-8AE1-DDAE4DACC085}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BC184F73-5F77-4178-BB1A-8F7158AD79A7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{1806ADDA-1ABF-4A56-BED2-E7C4D63D1E9D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{52316D71-750A-4A43-A480-23E99B64D8D6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{FAE1C010-AACD-436D-AB1D-20F4C46C00AF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{AB493671-1B8C-49C8-9E09-FEFE63DDB541}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{9DED3DDD-A4CE-429C-A9B5-D956530F8615}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{AECE97A1-7BD4-4E21-A37F-CC76519C06FE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe|Name=Nero BurningRom 2017|Desc=StartNBR|EmbedCtxt=Nero BurningRom 2017| "{93049AD4-D18A-40FA-ACBF-855D4A362C8A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe|Name=NMDllHost 2017|Desc=NMDllHost|EmbedCtxt=NMDllHost 2017| "{EB7346CC-1027-4B25-B392-74DD91907C1C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe|Name=MediaHome 2017|Desc=MediaHome|EmbedCtxt=MediaHome 2017| "{ACB7E5E5-CAD6-4D9B-BF89-6605189F0027}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe|Name=Nero BurningCore 2017|Desc=nero|EmbedCtxt=Nero BurningCore 2017| "{231CFDCF-5485-4436-BFB3-861848CC13D5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxIdentityProvider/Resources/DisplayName}|Desc=@{Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxIdentityProvider/Resources/DisplayName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3261124336-967904692-548716175-2724082555-235625598-1533749622-1468861831|EmbedCtxt=@{Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxIdentityProvider/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{6AE2CC46-048B-4DAB-BA81-A4880AED16C7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{D8D9C8AB-63D1-4042-A63C-66845ED83D11}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{5A12A1C9-E6BA-402E-ADAE-CE1A8CDAA9F4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8038D835-7305-4110-AFEB-A2F07FA0C4D0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{FCD14ABF-3E5F-442C-90D9-3242F0E337D8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{F61E6966-C09A-47E1-8806-9E82BE198B9A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{ED1ED7DE-CF5C-4998-AC76-030C0EADC840}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{AB0F608D-2C7B-4380-B7E0-ECB0946B6EE6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Desc=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{38D19F63-DD5C-439D-9239-68E9984FEA9B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Desc=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{95F5115A-FFBA-4AA3-9D04-F7F266314A05}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedbackHub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Desc=@{Microsoft.WindowsFeedbackHub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-599759058-3479938838-1253218824-33263930-1483063708-2104800716-3218279855|EmbedCtxt=@{Microsoft.WindowsFeedbackHub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{9430587A-0F83-40EE-B178-E268F32C787F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsFeedbackHub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Desc=@{Microsoft.WindowsFeedbackHub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-599759058-3479938838-1253218824-33263930-1483063708-2104800716-3218279855|EmbedCtxt=@{Microsoft.WindowsFeedbackHub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{797DC6BC-94D4-4DFF-92B7-4DC1431DAF77}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{DF13B9E7-3DAE-40E9-9728-B5C3FD274A87}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{ADAFD35D-085A-4206-947D-FD39B65CDC5A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{6484206A-75E1-45A1-AD40-78089806E105}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe|Name=StartNBR|Desc=StartNBR|EmbedCtxt=StartNBR| "{4E51E46F-C06D-44D0-ABE3-FD98336697F1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{5BCB85F7-F970-4191-9663-337505A9D1B4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{2748EB00-4D9A-4572-80DE-F972ED2AC718}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\KM\NMDllHost.exe|Name=NMDllHost|Desc=NMDllHost|EmbedCtxt=NMDllHost| "{E0A4E14D-4769-44EE-9CCE-A06189E3EE71}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\KM\MediaHome.exe|Name=MediaHome|Desc=MediaHome|EmbedCtxt=MediaHome| "{5ED467E3-E574-4CAB-8E89-2633129EC161}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{A348FC27-ADA4-47D3-B83B-74A515DEE5ED}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{205381C4-FF3D-4233-A834-38773894A69E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe|Name=nero|Desc=nero|EmbedCtxt=nero| "{D1761C58-63F3-496E-A413-9B56D488A2B4}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{0A8AAF3C-1098-444B-AA3C-8F4157E7CE2E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{B41E4C42-061F-42C4-B34E-388B4047ED48}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{3DDE6D94-EFF8-4AA4-BFAB-6EB474D63F0F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{4382424C-0275-4899-A4E5-5ACB62DDB00E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{F59EA0C8-34BD-4B3E-AE40-989C9CFB62A3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{F5ABAFFF-71F4-48F2-997D-7A5914D98BE9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Desc=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Platform=2:6:2|Platform2=GTEQ| "{150A5755-B15E-4BE8-8C10-DC95A4841B1B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Desc=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Platform=2:6:2|Platform2=GTEQ| "{20DFEFA8-8CBF-4F70-BC24-7BC5AEACA81A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{EC568590-F1F1-4C44-A739-D94853F229FD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8F03769A-B78A-41C6-BA08-D1B6954CBE0B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "{49F0D9F9-9B9A-4917-8136-AE529936BBF9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{C17FC622-C4C9-4725-89BA-1820166153BA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{A2A03AE0-24A8-473F-ACCB-8898809512DD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Desc=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-778011547-1096124574-1799322564-3972718560-253206704-1472347756-15051174|EmbedCtxt=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{B4360FC5-2615-4667-A473-D409DC9293CE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Desc=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-778011547-1096124574-1799322564-3972718560-253206704-1472347756-15051174|EmbedCtxt=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{25ACCD16-054C-44FB-A458-DAC7B0A58596}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{34049E7D-B133-4095-9764-429A63CFC609}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\jean-\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe|Name=Apowersoft Online Launcher| "{B266D391-A831-4A25-A256-1EA5BB77A879}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Users\jean-\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe|Name=Apowersoft Online Launcher| "{F914E6A1-BB06-48CE-9039-8CEC9F08356C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\jean-\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe|Name=Online Video Converter| "{8CDADC6D-AAD6-4787-9D7D-7A62A904E451}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Users\jean-\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe|Name=Online Video Converter| "{854BA6CF-81D5-4B47-BA4E-AF42EBB60A0E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{86F58686-6106-4109-9236-7B0B6C43BBDC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| "{511611FE-F4DF-4015-A474-90AA257C4EB8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| "{0E10C96B-1E53-4AA2-8F23-2E6ABA0CF619}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{9506593F-40FF-483D-88C2-3C1B36EC2655}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| "{BE570AAC-0B28-4322-A8B6-1B08A8A7BEDA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{FC3F79A1-164A-4E75-A933-0AA71CDC4CDF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8318|Name=TechSmith Camtasia 9| "{F85FB369-DACB-488F-AE47-49BD5D92824A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{7B0D00CD-22B2-466F-BCC7-2737C2488C8E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{00BB9507-0BB6-44C7-80D0-11CC249B52E4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{2442AD57-6A78-41D8-9AAC-48868F7627C8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{C6348B9B-833F-4FB2-AD17-4AFDC47F8FBC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{8F35156F-1AD8-4BEA-BCE4-9950B8BAC825}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{E5A0CBB0-4FD8-48E6-BE00-9BB7F4F7A295}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{A9BCADC9-277C-4DA9-B1C2-8D090F0BECE6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{214EE015-F652-4FCB-9612-330FC395FD89}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\Easeware\DriverEasy\DriverEasy.exe|Name=Driver Easy|Desc=Allow Driver Easy Access Internet to Scan and Download Drivers.| "{22164AE2-23A5-40D3-BE00-A09A391D3B7A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Soda Saga|Desc=Candy Crush Soda Saga|LUOwn=S-1-5-21-4137909735-3827719672-2247753569-1001|AppPkgId=S-1-15-2-3055884410-2067824683-223899546-422323478-2359388318-2114876276-1379654078|EmbedCtxt=Candy Crush Soda Saga|Platform=2:6:2|Platform2=GTEQ| "{7451EBF8-63E3-44AF-BB90-74F3B82704ED}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{75D116C9-97D2-4C9E-9D36-E5E6A3DE9D1B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem14.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [16/07/2016 12:41:53] - (10.6.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver) - C:\WINDOWS\System32\drivers\nvraid.sys [16/07/2016 12:41:52] - (7.12.31.105) - (QLogic Corporation - QLogic Gigabit Ethernet VBD) - C:\WINDOWS\System32\drivers\bxvbda.sys [16/07/2016 12:41:52] - (7.13.65.105) - (QLogic Corporation - QLogic 10 GigE VBD) - C:\WINDOWS\System32\drivers\evbda.sys [16/07/2016 12:41:53] - (8.0.9200.8110) - (VIA Corporation - VIA StorX RAID Controller Driver) - C:\WINDOWS\System32\drivers\vstxraid.sys [16/07/2016 12:41:53] - (5.1.0.51) - (LSI - LSI 3ware SCSI Storport Driver) - C:\WINDOWS\System32\drivers\3ware.sys [16/07/2016 12:41:53] - (3.7.1540.43) - (AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform) - C:\WINDOWS\System32\drivers\amdsbs.sys [16/07/2016 12:41:53] - (7.5.0.32048) - (PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver) - C:\WINDOWS\System32\drivers\arcsas.sys [16/07/2016 12:41:53] - (1.34.3.83) - (LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas.sys [16/07/2016 12:41:53] - (2.0.79.80) - (LSI Corporation - LSI SAS Gen2 Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys [16/07/2016 12:41:53] - (2.51.12.80) - (Avago Technologies - Avago SAS Gen3 Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys [16/07/2016 12:41:53] - (2.10.61.81) - (LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sss.sys [16/07/2016 12:41:53] - (6.706.6.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\megasas.sys [16/07/2016 12:41:53] - (15.2.2013.129) - (LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver) - C:\WINDOWS\System32\drivers\megasr.sys [16/07/2016 12:41:53] - (1.0.5.1016) - (Marvell Semiconductor, Inc. - Marvell Flash Controller Driver) - C:\WINDOWS\System32\drivers\mvumis.sys [16/07/2016 12:41:53] - (10.6.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver) - C:\WINDOWS\System32\drivers\nvstor.sys [16/07/2016 12:41:53] - (6.805.3.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\percsas2i.sys [16/07/2016 12:41:53] - (6.603.6.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\percsas3i.sys [16/07/2016 12:41:53] - (5.1.1039.2600) - (Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver) - C:\WINDOWS\System32\drivers\SiSRaid2.sys [16/07/2016 12:41:53] - (5.1.1039.3600) - (Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver) - C:\WINDOWS\System32\drivers\sisraid4.sys [16/07/2016 12:41:53] - (5.1.0.10) - (Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64) - C:\WINDOWS\System32\drivers\stexstor.sys [16/07/2016 12:41:53] - (7.0.9600.6352) - (VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64) - C:\WINDOWS\System32\drivers\vsmraid.sys [16/07/2016 12:41:53] - (1.3.0.10769) - (PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller) - C:\WINDOWS\System32\drivers\ADP80XX.SYS [16/07/2016 12:41:53] - (8.0.4.0) - (Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver) - C:\WINDOWS\System32\drivers\HpSAMD.sys [17/12/2016 23:40:18] - (6.711.10.11) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\MegaSas2i.sys [07/10/2014 12:14:42] - (7.0.0.1618) - (COMODO Security Solutions Inc. - COMODO BackUp Minifilter Driver) - C:\WINDOWS\system32\DRIVERS\CBReparse.sys [21/12/2016 19:25:51] - (10.1.25.377) - (Paragon Software Group - A part of Paragon System Utilities) - C:\WINDOWS\system32\DRIVERS\hotcore3.sys [16/12/2016 10:48:33] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\drivers\EUBKMON.sys [16/12/2016 10:48:36] - (1.0.1.0) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver) - C:\WINDOWS\system32\drivers\eubakup.sys [07/10/2014 12:14:44] - (7.0.0.1619) - (COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Driver) - C:\WINDOWS\system32\DRIVERS\cbvd.sys [07/10/2014 12:14:42] - (1.0.0.975) - (COMODO Security Solutions Inc. - COMODO BackUp Safe FileSystem Driver) - C:\WINDOWS\system32\DRIVERS\CBUFS.sys [07/10/2014 12:14:40] - (1.0.0.972) - (COMODO Security Solutions Inc. - COMODO Backup Disk Driver) - C:\WINDOWS\system32\DRIVERS\bdisk.sys [21/12/2016 13:03:31] - (10.0.14393.31228) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\WINDOWS\system32\Drivers\RtsUer.sys [16/07/2016 12:41:53] - (2.1.0.16) - (Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller) - C:\WINDOWS\System32\drivers\L1C63x64.sys [07/10/2014 12:14:46] - (1.0.0.973) - (COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Bus Driver) - C:\WINDOWS\System32\drivers\vdbus.sys [16/12/2016 13:07:14] - (2.0.0.3505) - (CyberLink - CyberLink Virtual CDROM Bus Enumerator) - C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [16/11/2016 20:52:04] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtproscsibus.sys [16/12/2016 11:11:26] - (1.8.2.328) - (Zemana Ltd. - Zemana AntiLogger Free) - C:\WINDOWS\system32\DRIVERS\KeyCrypt64.sys [16/06/2016 11:36:18] - (7.0.0.16) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\Lavasoft\Ad-Aware Antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [21/12/2016 13:02:45] - (4.5.0.9) - (GenesysLogic - GeneStor) - C:\WINDOWS\system32\DRIVERS\GeneStor.sys [17/12/2016 23:41:24] - (5.1.2.250) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: FCBUFS Activity Monitor - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 77 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="amdkmafd" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amd_sata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amd_xata" LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="AppvStrm" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="AppvVemgr" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="AppvVfs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avc3" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avckf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="bdfwfpf" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bdisk" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="FCBUFS Activity Monitor" - SystemDriver.Name="CBUFS" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="cbvd" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="base" - SystemDriver.Name="clreg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CLVirtualBus01" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="network" - SystemDriver.Name="CSC" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Base" - SystemDriver.Name="dg_ssudbus" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="dtproscsibus" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="CscService" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="hotcore3" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ignis" LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="keycrypt" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="L1C" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MBAMChameleon" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="MBAMProtection" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="MBAMSwissArmy" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MsSecFlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="TDI" - Service.Name="irmon" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Reparse" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="PlugPlay" - Service.Name="RtkAudioService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Trufos" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="tsusbhub" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="UevAgentDriver" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="UevAgentService" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="vdbus" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="WiseFs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="WofAdk" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WSDPrintDevice" LoadOrderGroup.Name="Base" - SystemDriver.Name="WSDScan" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - amdkmafd (@oem21.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter) -> System32\drivers\amdkmafd.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amd_sata () -> System32\drivers\amd_sata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amd_xata () -> System32\drivers\amd_xata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - bdisk (Comodo Disk Raw Access Filter) -> system32\DRIVERS\bdisk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - CBUFS (CBUFS) -> system32\DRIVERS\CBUFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - cbvd (Comodo Backup Virtual Disk) -> system32\DRIVERS\cbvd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorTcgDrv (@EhStorTcgDrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - EUBAKUP (EUBAKUP) -> system32\drivers\eubakup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - EUBKMON (EUBKMON) -> system32\drivers\EUBKMON.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hotcore3 (hc3ServiceName) -> system32\DRIVERS\hotcore3.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ignis (ignis Service) -> system32\drivers\ignis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-100) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - MBAMSwissArmy (MBAMSwissArmy) -> system32\drivers\MBAMSwissArmy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Reparse (Reparse) -> system32\DRIVERS\CBReparse.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\WINDOWS\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - EUDSKACS (EUDSKACS) -> \??\C:\WINDOWS\system32\drivers\eudskacs.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - EUFDDISK (EUFDDISK) -> \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys - AcceptPause: False - AcceptStop: False S1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: False S1 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\system32\drivers\MBAMChameleon.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: False R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - SASDIFSV (SASDIFSV) -> \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - SASKUTIL (SASKUTIL) -> \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS - AcceptPause: False - AcceptStop: False R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - ZAM (ZAM Helper Driver) -> \??\C:\WINDOWS\System32\drivers\zam64.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - ZAM_Guard (ZAM Guard Driver) -> \??\C:\WINDOWS\System32\drivers\zamguard64.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - clreg (@%SystemRoot%\system32\drivers\registry.sys,-100) -> \SystemRoot\System32\drivers\registry.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: False R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: False S2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False S2 - [File System Driver] - WiseFs (WiseFs) -> \??\C:\WINDOWS\WiseFs64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdkmdag () -> \SystemRoot\system32\DRIVERS\atikmdag.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdkmdap () -> \SystemRoot\system32\DRIVERS\atikmpag.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - AppvStrm (@%systemroot%\system32\drivers\AppvStrm.sys,-101) -> \SystemRoot\system32\drivers\AppvStrm.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - AppvVemgr (@%systemroot%\system32\drivers\AppvVemgr.sys,-101) -> \SystemRoot\system32\drivers\AppvVemgr.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - AppvVfs (@%systemroot%\system32\drivers\AppvVfs.sys,-101) -> \SystemRoot\system32\drivers\AppvVfs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - avc3 (avc3) -> system32\DRIVERS\avc3.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - avckf (avckf) -> system32\DRIVERS\avckf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn (@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service) -> \SystemRoot\System32\drivers\bcmfn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - clvad () -> \SystemRoot\system32\drivers\clvad.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CLVirtualBus01 (@oem1.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator) -> \SystemRoot\System32\drivers\CLVirtualBus01.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - clwvdVM (@oem5.inf,%clwvd.DeviceDesc% Service;Camera for VideoMeeting+/PresenterLink+ Service) -> \SystemRoot\system32\DRIVERS\clwvdVM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dg_ssudbus (@oem18.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - DigiartyVirtualCDBus (Digiarty Virtual Driver) -> system32\drivers\DigiartyVirtualCDBus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Pilotes audio approuvés par Microsoft) -> \SystemRoot\system32\DRIVERS\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - dtproscsibus (@oem2.inf,%DTPROSCSIBUS.DeviceDesc%;DAEMON Tools Pro Virtual SCSI Bus) -> \SystemRoot\System32\drivers\dtproscsibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - EUBAKUP0 (EUBAKUP0) -> \??\C:\WINDOWS\system32\drivers\EUBAKUP0.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - EUBKMON0 (EUBKMON0) -> \??\C:\WINDOWS\system32\drivers\EUBKMON0.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - EUFDDISK0 (EUFDDISK0) -> \??\C:\WINDOWS\system32\drivers\EUFDDISK0.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GeneStor (@oem25.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver) -> \SystemRoot\system32\DRIVERS\GeneStor.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - gzflt (gzflt) -> \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Pilote de bus UAA Microsoft pour High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Miniport HID Microsoft Bluetooth) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - i8042prt (@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - keycrypt (keycrypt) -> system32\DRIVERS\KeyCrypt64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - L1C (@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller) -> \SystemRoot\System32\drivers\L1C63x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - lvrs64 (@oem12.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver) -> \SystemRoot\system32\DRIVERS\lvrs64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LVUVC64 (@oem10.inf,%PID_081B_DD%(UVC);Logitech HD Webcam C310(UVC)) -> \SystemRoot\system32\DRIVERS\lvuvc64.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - MBAMProtection () -> \??\C:\WINDOWS\system32\drivers\mbam.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\system32\DRIVERS\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\system32\DRIVERS\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\system32\DRIVERS\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\system32\DRIVERS\MSTEE.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\todo.sys,-101;NDIS Proxy) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - NTFS () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> System32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RTSUER (@oem26.inf,%RtsUER%;Realtek USB Card Reader - UER) -> \SystemRoot\system32\Drivers\RtsUer.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scmdisk0101 (@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver) -> \SystemRoot\System32\drivers\scmdisk0101.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ssudmdm (@oem19.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudmdm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ssudserd (@oem20.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudserd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Trufos (Trufos) -> system32\DRIVERS\Trufos.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tsusbflt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> System32\drivers\TsUsbFlt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tsusbhub (@%SystemRoot%\system32\drivers\tsusbhub.sys,-1) -> system32\drivers\tsusbhub.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;Pilote USB audio (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Pilote parent générique USB Microsoft) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\system32\DRIVERS\usbscan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Pilote série USB Microsoft) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - vdbus (@oem9.inf,%vdbus.SVCDESC%;Virtual Disk Bus Enumerator) -> \SystemRoot\System32\drivers\vdbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WDC_SAM (@oem14.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver) -> \SystemRoot\System32\drivers\wdcsam64.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> \??\C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WofAdk (WofAdk) -> \??\C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WSDPrintDevice (@wsdprint.inf,%WSDPrintDevice.SVCDESC%;WSD Print Support) -> \SystemRoot\System32\drivers\WSDPrint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WSDScan (@sti.inf,%WSDScan.SvcDesc%;Prise en charge de la numérisation WSD) -> \SystemRoot\system32\DRIVERS\WSDScan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> system32\drivers\WudfRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False R4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: True S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False R4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: True S4 - [File System Driver] - UevAgentDriver (@%systemroot%\system32\drivers\UevAgentDriver.sys,-101) -> \SystemRoot\system32\drivers\UevAgentDriver.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft Files whitelisted) [MD5.EE1CCC54F75C24727A218F98FC5349DA] - [16/07/2016 12:41:53] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.8E6E3C6D32042055F918C457B3CB683C] - [16/12/2016 11:11:26] - (.Zemana Ltd. - Zemana AntiLogger Free.) - [155.63 Ko] - (1.8.2.328) - C:\WINDOWS\System32\Drivers\83744B8A-CEFA-4A45-A3-B3-10-F5-52-37-39-4B.sys [MD5.49B9DB97AFC85DCCBDACDAB2E90085B7] - [16/07/2016 12:41:53] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.275B6F698CBEC36C42D3ABD7EE049BA1] - [21/12/2016 12:50:07] - (.Copyright (C) 2012 Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) - [48.29 Ko] - (8.14.1.6003) - C:\WINDOWS\System32\Drivers\amdkmafd.sys [MD5.74FFBC43B4B899C9A8CA06A892F2CE73] - [16/07/2016 12:41:53] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.AAB0F1D8D7E54761ABAB13AF161F1680] - [16/07/2016 12:41:53] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.F91BAAC4237C40352A807000F3B716F9] - [16/07/2016 12:41:53] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.8C427F35B9A734C284AB8634A9BD8F51] - [21/12/2016 13:02:16] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [90.23 Ko] - (1.3.1.276) - C:\WINDOWS\System32\Drivers\amd_sata.sys [MD5.E341406226901D67DF5469F1B8146BB3] - [21/12/2016 13:02:17] - (.Copyright © 2008-2015 AMD, Inc. - Stor Filter Driver.) - [31.73 Ko] - (1.3.1.276) - C:\WINDOWS\System32\Drivers\amd_xata.sys [MD5.E6AB1F0B4C3D4E0D2A88332D76FECD03] - [16/07/2016 12:41:53] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.D1F059A530620DCF71303B525D52CA97] - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [21141.48 Ko] - (8.1.1.1500) - C:\WINDOWS\System32\Drivers\atikmdag.sys [MD5.AD96CC96B6A0CEE8910A13679426C970] - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [658.48 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\Drivers\atikmpag.sys [MD5.DA978AB6E0AAEA82235C943DEED3484C] - [23/11/2016 14:52:40] - (.Copyright © BitDefender - Active Virus Control filter driver.) - [1567.75 Ko] - (3.12.15976.6498) - C:\WINDOWS\System32\Drivers\avc3.sys [MD5.09A3015AEA14CF9A4ECDE1CEA6AFE0AA] - [23/11/2016 14:52:40] - (.Copyright © BitDefender - Active Virus Control Kernel Filtering driver.) - [857.49 Ko] - (3.12.15976.6498) - C:\WINDOWS\System32\Drivers\avckf.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [16/07/2016 12:41:53] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [16/07/2016 12:41:53] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.C7C6393C540A1EE534BCEE74626DE987] - [07/10/2014 12:14:40] - (.© 2014 COMODO Security Solutions Inc. - COMODO Backup Disk Driver.) - [83.48 Ko] - (1.0.0.972) - C:\WINDOWS\System32\Drivers\bdisk.sys [MD5.61BAC67048CA5C1D08C48FCC8012B613] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic Gigabit Ethernet VBD.) - [521.34 Ko] - (7.12.31.105) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.D7F279E28D757821232E7AF1DFDC57BA] - [07/10/2014 12:14:42] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Minifilter Driver.) - [658.36 Ko] - (7.0.0.1618) - C:\WINDOWS\System32\Drivers\CBreparse.sys [MD5.10CDB598B555D2A06DA52A6C2D5F7DFE] - [07/10/2014 12:14:42] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Safe FileSystem Driver.) - [225.3 Ko] - (1.0.0.975) - C:\WINDOWS\System32\Drivers\CBUFS.sys [MD5.8D73FFFD9762EECF7680C4368A38B653] - [07/10/2014 12:14:44] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Driver.) - [661.86 Ko] - (7.0.0.1619) - C:\WINDOWS\System32\Drivers\cbvd.sys [MD5.48BC8B59BF348BD8C8702B93171008F2] - [16/07/2016 12:41:53] - (.Copyright © 2016 Chelsio Communications. - Chelsio iSCSI Crash Dump Driver.) - [100.34 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4dx64.sys [MD5.0AED948DA8D5F08B3D6F12E4E2089736] - [16/07/2016 12:41:53] - (.Copyright © 2016 Chelsio Communications. - Chelsio iSCSI VMiniport Driver.) - [338.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4sx64.sys [MD5.0002A0FDE087C1657AB31CE73077539C] - [16/07/2016 12:41:53] - (.Copyright © 2010 Chelsio Communications. - Virtual Bus Driver for Chelsio ® T4 Chipset.) - [2054.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4vx64.sys [MD5.EFC50A6C4C6B6F9AA09AFAC5C15881B6] - [16/12/2016 11:04:11] - (.Copyright (C) CyberLink 2015- - Virtual Audio-In Device.) - [39.44 Ko] - (1.0.1.1522) - C:\WINDOWS\System32\Drivers\clvad.sys [MD5.0C7626AFB2419207B2ABCB6F8AEA334F] - [16/12/2016 13:07:14] - (.Copyright (C) 2014 CyberLink - CyberLink Virtual CDROM Bus Enumerator.) - [100.76 Ko] - (2.0.0.3505) - C:\WINDOWS\System32\Drivers\CLVirtualBus01.sys [MD5.0FBA6EDE873360E0AD44BB74A8B1ED85] - [16/12/2016 11:04:00] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [53.95 Ko] - (2.0.0.8821) - C:\WINDOWS\System32\Drivers\clwvdVM.sys [MD5.79B9D7643C9E3AD10B89DF8EF0A9D2FE] - [21/12/2016 12:15:28] - (.Digiarty Software, Inc. - Digiarty Virtual CD driver.) - [269.78 Ko] - (1.0.0.0) - C:\WINDOWS\System32\Drivers\DigiartyVirtualCDBus.sys [MD5.726E40B11612664486BB6C6105283C95] - [16/11/2016 20:52:04] - (.Copyright (C) 2000-2015 - DAEMON Tools Pro Virtual SCSI Bus Driver.) - [29.55 Ko] - (5.28.0.0) - C:\WINDOWS\System32\Drivers\dtproscsibus.sys [MD5.C5713A2B4C9D9150041FB70C4A2ADE07] - [16/12/2016 10:48:36] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Driver.) - [63.66 Ko] - (1.0.1.0) - C:\WINDOWS\System32\Drivers\eubakup.sys [MD5.C5713A2B4C9D9150041FB70C4A2ADE07] - [20/12/2016 21:36:13] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Driver.) - [63.66 Ko] - (1.0.1.0) - C:\WINDOWS\System32\Drivers\EUBAKUP0.sys [MD5.5061B571167E1EE26E8D549CCDBE9CC6] - [16/12/2016 10:48:33] - (.-.) - [51.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\EUBKMON.sys [MD5.5061B571167E1EE26E8D549CCDBE9CC6] - [20/12/2016 21:36:08] - (.-.) - [51.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\EUBKMON0.sys [MD5.44A0838432C8A31A5D6CBE0BF348CED6] - [16/12/2016 10:48:38] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Access Driver.) - [18.04 Ko] - (1.2.0.1) - C:\WINDOWS\System32\Drivers\eudskacs.sys [MD5.D05585505CB20235E7C665158464551D] - [16/12/2016 10:48:39] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Image Preview Driver.) - [188.04 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\EuFdDisk.sys [MD5.6B133EE401475A72D252D49F8736936E] - [20/12/2016 21:36:17] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Image Preview Driver.) - [192.16 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\EUFDDISK0.sys [MD5.7EC6FC0266D74BD47ABB130A328B70EC] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic 10 GigE VBD.) - [3338.84 Ko] - (7.13.65.105) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.F3960CA85778E5D7611EE0F501972340] - [19/12/2016 13:09:34] - (.(C) Malwarebytes. - Malwarebytes Anti-Ransomware Protection.) - [100.45 Ko] - (3.0.0.253) - C:\WINDOWS\System32\Drivers\farflt.sys [MD5.6D1EC569858420237B86E934A914DA2E] - [21/12/2016 13:02:45] - (.Copyright (c) 2020 - GeneStor.) - [181.39 Ko] - (4.5.0.9) - C:\WINDOWS\System32\Drivers\GeneStor.sys [MD5.BF958EB7B11F5B2D353B85E0E80D823E] - [21/12/2016 19:25:51] - (.Copyright 1994-2014 Paragon Software Group - A part of Paragon System Utilities.) - [33.26 Ko] - (10.1.25.377) - C:\WINDOWS\System32\Drivers\hotcore3.sys [MD5.F5CA18197B4646E04DB9EB2D6642CC4D] - [16/07/2016 12:41:53] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.C6B8743B213F06AA60943D8366FE968F] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO GPIO Controller Driver.) - [32.5 Ko] - (604.10146.3023.12819) - C:\WINDOWS\System32\Drivers\iagpio.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.5A0E850F8CD17791A3E6A3CF81D0CA28] - [16/07/2016 12:41:54] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Driver v2.) - [63 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_GPIO2.sys [MD5.7508F1096803385D6376BFD0BD473AC4] - [16/07/2016 12:41:54] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [172.25 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [16/07/2016 12:41:52] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [16/07/2016 12:41:50] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.97E553D03219D3D51705C7235D9EAEBD] - [16/07/2016 12:41:53] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.8350FE3BCDE3428BC040877BB7E9EAEB] - [16/07/2016 12:41:53] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.3BA03F7C7700DDF4C383DDE9252F5817] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [513.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.0EF1E8299F58E1369B067F7B65D9F773] - [15/12/2016 12:51:45] - (.Copyright © 1999 - 2016 Tonec Inc. - Internet Download Manager WFP Driver.) - [218.23 Ko] - (6.26.8.69) - C:\WINDOWS\System32\Drivers\idmwfp.sys [MD5.2C3928A343E2F29A7770BD429331DDCF] - [15/08/2016 10:41:02] - (.Copyright © Bitdefender - IGNIS filter driver.) - [293.79 Ko] - (1.0.0.588) - C:\WINDOWS\System32\Drivers\ignis.sys [MD5.8E6E3C6D32042055F918C457B3CB683C] - [16/12/2016 11:11:26] - (.Zemana Ltd. - Zemana AntiLogger Free.) - [155.63 Ko] - (1.8.2.328) - C:\WINDOWS\System32\Drivers\KeyCrypt64.sys [MD5.4E444F41E69BBE2E0BAE34D5DFCB5732] - [16/07/2016 12:41:53] - (.2001-2012 Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller.) - [118.5 Ko] - (2.1.0.16) - C:\WINDOWS\System32\Drivers\L1C63x64.sys [MD5.8E1B0946948CCC0BC1FA3CB70374A795] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.4F68163FC04C973500DC4DA0946917B0] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [103.34 Ko] - (2.0.79.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.E5AC5F2815938651CDCC27F425474673] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [98.84 Ko] - (2.51.12.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.CCF6EC9FB9B8F18E05B4253E81013E48] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.A0A527569856B9814E8920F52EBB67F5] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Kernel Audio Improvement Filter Driver.) - [343.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvrs64.sys [MD5.415E344294D1C0D04627B29146F68481] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Driver.) - [4646.66 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvuvc64.sys [MD5.047244823B2EA707E1F6076CA20DEF90] - [19/12/2016 13:08:01] - (.-.) - [75.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\mbae64.sys [MD5.88BD122C3A35DE63D75D382DF75554CE] - [19/12/2016 13:09:17] - (.(C) Malwarebytes. - Malwarebytes Real-Time Protection.) - [42.94 Ko] - (3.0.0.83) - C:\WINDOWS\System32\Drivers\mbam.sys [MD5.3BEC6134F1E45AEF5E971F69F0D38510] - [19/12/2016 13:09:57] - (.(C) Malwarebytes. - Malwarebytes Chameleon.) - [171.94 Ko] - (3.0.0.149) - C:\WINDOWS\System32\Drivers\MBAMChameleon.sys [MD5.ABB371D9AEF728B0489B0E6872B4A1C0] - [19/12/2016 13:09:08] - (.(C) Malwarebytes. - Malwarebytes SwissArmy.) - [244.94 Ko] - (4.2.0.101) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [MD5.C3CDCCF07486BD2616A7B82946E07AC0] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.2CF0CB2A0ED68C5455371E84C16F9627] - [17/12/2016 23:40:18] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [62.84 Ko] - (6.711.10.11) - C:\WINDOWS\System32\Drivers\MegaSas2i.sys [MD5.FADB2FE017E69EECE0E1BA78661C2E8C] - [16/07/2016 12:41:53] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.FD60818B66B2E8A5415EA840E99A9D8F] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [822.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.3D2C5B4995CA0751D32DEA0DE9FDFE44] - [16/07/2016 12:41:53] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.205C2D377E1CA85A4465491DB8064DA9] - [19/12/2016 13:09:34] - (.(C) Malwarebytes. - Malwarebytes Web Protection.) - [89.44 Ko] - (3.0.0.126) - C:\WINDOWS\System32\Drivers\mwac.sys [MD5.629CB21AC49C8867E0F29DF1C16DB7B4] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [106.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.6C76780A01FC2B885BD6E957B5C36B02] - [16/07/2016 12:42:03] - (.-.) - [88.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\NetAdapterCx.sys [MD5.D261DF41F0840F734856A2B4F5E072C7] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.23B702B555EB0436B9DAA0BC63DA65CE] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.540116170E2135FCD5DDE77702166B67] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.805.3.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.8356F87553BF49C703CF382033815898] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [60.34 Ko] - (6.603.6.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.D06C8A05ABD8B3D0EDCEC1B632396143] - [12/10/2015 14:39:20] - (.Copyright (C) 2014 Paramount Software UK Ltd - Paramount Software Image Mounting Driver.) - [165.01 Ko] - (6.1.865.0) - C:\WINDOWS\System32\Drivers\psmounterex.sys [MD5.436E1F795F0495B2715116A4EC176803] - [21/07/2014 11:36:48] - (.(c) Paramount Software UK Ltd 2010 - Volume Access driver.) - [12.46 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\PSVolAcc.sys [MD5.407AC81C2A6A43DAB69E485AF17FEE02] - [01/08/2013 14:12:34] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [5409.5 Ko] - (6.0.1.8010) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.15F7B5181274ED437DFDEF21B44679A4] - [21/12/2016 13:03:31] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS USB READER Driver.) - [408.97 Ko] - (10.0.14393.31228) - C:\WINDOWS\System32\Drivers\RtsUer.sys [MD5.A34CE1830E45DA98932295FDE4B7908A] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.A7B5C670770E908DA5FEF5BF1136E933] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.9593475FBC857A05D93BFF4FA7323C2B] - [05/09/2016 05:47:06] - (.Copyright ⓒ SAMSUNG - SAMSUNG USB Composite Device Driver.) - [128.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.592FF34A2FD6C6351B8A3AA76B2C0A9E] - [05/09/2016 05:47:12] - (.Copyright ⓒ SAMSUNG - SAMSUNG Android Modem Device Driver.) - [161.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.440A795E605B324BCCDBD082770A349C] - [05/09/2016 05:47:20] - (.Copyright ⓒ SAMSUNG - SAMSUNG USB Mobile Logging Device Driver.) - [161.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudserd.sys [MD5.29D26E1347AE1BBD4201014E19880B2C] - [16/07/2016 12:41:53] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.40A8AB90F3CB342F037B493A8EADE4B9] - [28/04/2016 16:20:32] - (.(c) 2014 BitDefender S.R.L. - Trufos Kernel Module.) - [474.13 Ko] - (2.4.986.39) - C:\WINDOWS\System32\Drivers\Trufos.sys [MD5.7181DACBD6699770F027A049594A3DCF] - [07/10/2014 12:14:46] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Bus Driver.) - [806.68 Ko] - (1.0.0.973) - C:\WINDOWS\System32\Drivers\vdbus.sys [MD5.FD9BCB8920973CEAD4D49DC7A6D8A618] - [16/07/2016 12:41:53] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.0C111F220798CCE80484026E06822379] - [16/07/2016 12:41:53] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.A556768CC1FA4F36022BEE2F0EDE2566] - [12/11/2015 22:50:10] - (.© 2006-2015 Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SAM) driver.) - [26.25 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\wdcsam64.sys [MD5.F95DE20312ACCA7761446DE152BD1F7C] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [31.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.8B9AFF5F08E66A6F1F1063DEC9457FB6] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [63.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [16/12/2016 11:11:53] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zam64.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [16/12/2016 11:11:52] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zamguard64.sys ---------- | Uninstall [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC1] : (.-.) -> [HKU\S-1-5-21-4137909735-3827719672-2247753569-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{628BF902-EB66-4BDB-97CB-AE4AAAAA5A7F}_is1] : (Online Video Converter version 1.0.6.-.APOWERSOFT LIMITED) -> "C:\Users\jean-\AppData\Local\Apowersoft\Online Video Converter\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8B3D7924-ED89-486B-8322-E8594065D5CB_is1] : (RogueKiller version 12.8.6.0.-.Adlice Software) -> "C:\Program Files\RogueKiller\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BEC55C5D-D6D0-4A41-B82C-264EC5EE8052_is1] : (RogueKillerPE version 1.25.0.0.-.Adlice Software) -> "C:\Program Files\RogueKillerPE\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC0] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Pro] : (DAEMON Tools Pro.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Pro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DriverEasy_is1] : (Driver Easy 5.1.5.-.Easeware) -> "C:\Program Files\Easeware\DriverEasy\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON XP-710 Series] : (EPSON XP-710 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSLPE.EXE /R /APD /P:"EPSON XP-710 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MacriumReflect] : (Macrium Reflect Free Edition.-.Paramount Software (UK) Ltd.) -> C:\Program Files\Macrium\Reflect\xReflect.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Software Informer_is1] : (Software Informer 1.5.1321.0.-.Informer Technologies, Inc.) -> "C:\Program Files\Software Informer\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeraCopy_is1] : (TeraCopy 2.3.-.Code Sector) -> "C:\Program Files\TeraCopy\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.2.-.Cedrick Collomb) -> C:\Program Files\Unlocker\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinToUSB_is1] : (WinToUSB version 3.3.-.The EasyUEFI Development Team.) -> "C:\Program Files\WinToUSB\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinX DVD Copy Pro_is1] : (WinX DVD Copy Pro 3.7.1.-.Digiarty Software,Inc.) -> "C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wise Hotkey_is1] : (Wise Hotkey 1.14.-.WiseCleaner.com, Inc.) -> "C:\Program Files\Wise\Wise Hotkey\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Filmora_is1] : (Wondershare Filmora(Build 7.8.6).-.Wondershare Software) -> "C:\Program Files\Wondershare\Filmora\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}] : (AntimalwareEngine.-.Lavasoft) -> MsiExec.exe /I{20334FA5-6CD5-48FC-B5F9-D34D75E07845} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C}] : (OnlineThreatsEngine.-.Lavasoft) -> MsiExec.exe /I{26F31E12-3722-45FD-903B-49012286BB4C} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177}] : (AntispamEngine.-.Lavasoft) -> MsiExec.exe /I{2CAC4882-997E-4F61-8D5F-5E11E3FC7177} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 3.0.4.1269.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68}] : (AvcEngine.-.Lavasoft) -> MsiExec.exe /I{3E5BEF30-3962-4B47-AECA-937B6CBB0A68} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{47E5588F-C3A0-11DE-9857-005056C00008}] : (Paragon Partition Manager™ 14 Free.-.Paragon Software) -> MsiExec.exe /I{47E5588F-C3A0-11DE-9857-005056C00008} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}] : (AdAwareProxyEngine.-.Lavasoft) -> MsiExec.exe /I{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{911949A6-66E6-4C52-8264-CEA4DF6A5A83}] : (Macrium Reflect Free Edition.-.Paramount Software (UK) Ltd.) -> MsiExec.exe /I{911949A6-66E6-4C52-8264-CEA4DF6A5A83} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9CF6A157-F0E8-4216-B229-C0CA8204BE2C}_is1] : (Copy Handler 1.40.-.Józef Starosczyk) -> "C:\Program Files\Copy Handler\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3}] : (FirewallEngine.-.Lavasoft) -> MsiExec.exe /I{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D}] : (AdAwareUpdater.-.Lavasoft) -> MsiExec.exe /I{AD9CEBD6-442D-4979-9D1D-E1050F2E272D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D}_AdAwareUpdater] : (Ad-Aware Antivirus.-.Lavasoft) -> "C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\AdAwareUpdater.exe" --uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}] : (COMODO BackUp.-.COMODO) -> C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}] : (WinZip 21.0.-.WinZip Computing, S.L.) -> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}] : (SUPERAntiSpyware.-.SUPERAntiSpyware.com) -> "C:\Program Files\SUPERAntiSpyware\Uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}] : (cCloud.-.COMODO) -> C:\WINDOWS\Installer\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D3536C71-00CD-457F-8624-CBD51FD43F1C}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{D3536C71-00CD-457F-8624-CBD51FD43F1C} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D88BC069-BFFF-4442-91EC-198EF2B764FE}] : (AdAwareInstaller.-.Lavasoft) -> MsiExec.exe /I{D88BC069-BFFF-4442-91EC-198EF2B764FE} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D8A1F37A-B11B-4451-830D-6A243ADE2591}] : (Camtasia 9.-.TechSmith Corporation) -> MsiExec.exe /I{D8A1F37A-B11B-4451-830D-6A243ADE2591} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7366CA8-7179-77AE-E712-BA18D70A0A07}] : (AMD Fuel.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\8677D383-40FB-4CBA-9393-E7B955BA7F38_DimoVideoConverterUltimate] : (.-.) -> C:\Program Files (x86)\Dimo Video Converter Ultimate\unins000.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Auto Power-on & Shut-down_is1] : (Auto Power-on & Shut-down 2.83.-.LifSoft, Inc.) -> "C:\Program Files (x86)\AutoPowerOn\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC2] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS EverySync_is1] : (EaseUS EverySync 3.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS EverySync\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Todo Backup_is1] : (EaseUS Todo Backup Free 10.0.-.CHENGDU YIWO Tech Development Co., Ltd) -> "C:\Program Files (x86)\EaseUS\Todo Backup\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FormatFactory] : (FormatFactory 4.0.0.0.-.Free Time) -> C:\Program Files (x86)\FormatFactory\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (CyberLink LabelPrint 2.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObit Unlocker_is1] : (IObit Unlocker.-.IObit) -> "C:\Program Files (x86)\IObit\IObit Unlocker\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft SQL Server 11] : (Microsoft SQL Server 2012.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 50.1.0 (x86 fr)] : (Mozilla Firefox 50.1.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyEpson Portal] : (MyEpson Portal.-.SEIKO EPSON Corporation) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PowerArchiver 2016 16.10.24] : (PowerArchiver 2016.-.ConeXware, Inc.) -> C:\ProgramData\Caphyon\Advanced Installer\{B06EB3F5-3AED-4C19-A181-6D0E2C0F3A97}\setup.exe /x {7ED8575D-3A56-44CB-9015-513CA301062F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Protected Folder_is1] : (Protected Folder.-.IObit) -> "C:\Program Files (x86)\IObit\Protected Folder\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RegSeeker] : (RegSeeker.-.HoverDesk) -> C:\Program Files (x86)\RegSeeker\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sketch Drawer_is1] : (Sketch Drawer 4.2.-.SoftOrbits) -> "C:\Program Files (x86)\Sketch Drawer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Software Update Pro] : (Software Update Pro 5.42.0.36.-.Glarysoft Ltd) -> C:\Program Files (x86)\Glarysoft\Software Update Pro\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Supercopier] : (Supercopier 1.2.3.4.-.Supercopier) -> C:\Program Files\Supercopier\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Ultracopier] : (Ultracopier 1.2.3.0.-.Ultracopier) -> C:\Program Files\Ultracopier\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unchecky] : (Unchecky v1.0.1.-.RaMMicHaeL) -> "C:\Program Files (x86)\Unchecky\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Usbfix] : (UsbFix Premium 2016.-.SOSVirus (SOSVirus.Net)) -> C:\Users\jean-\AppData\Roaming\UsbFix\Un-UsbFix.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Folder Hider Pro_is1] : (Wise Folder Hider Pro.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Folder Hider Pro\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise JetSearch_is1] : (Wise JetSearch 2.29.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise JetSearch\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] : (Wise Memory Optimizer 3.48.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Video Downloader_is1] : (Wise Video Downloader 2.41.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Video Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare TidyMyMusic_is1] : (Wondershare TidyMyMusic(Build 1.5.0.1).-.Wondershare Software) -> "C:\Program Files (x86)\Wondershare\TidyMyMusic\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WUCCCApp] : (AMD Catalyst Control Center.-.AMD) -> "C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ZHPFix_is1] : (ZHPFix 2015.-.Nicolas Coolman) -> "C:\Program Files (x86)\ZHPFix\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ZoneAlarm Backup Powered by IDrive_is1] : (ZoneAlarm Backup Powered by IDrive version 1.0.5 March 14, 2013.-.ProSoftnet Corp) -> "C:\ZoneAlarmBackup\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{'appid'}_is1] : (Dimo Video Converter Ultimate version 2.7.2.-.DimoSoft, Inc.) -> "C:\Program Files (x86)\Dimo Video Converter Ultimate\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{05C6B128-1B40-4495-9CB9-090B368BFA0A}] : (Nero Video Samples.-.Nero AG) -> MsiExec.exe /X{05C6B128-1B40-4495-9CB9-090B368BFA0A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07326A3E-02B3-1078-25D7-B8666BA8FE15}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}] : (Epson Easy Photo Print 2.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}\setup.exe" -runfromtemp -l0x040c UNINST -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10AC3DD9-90D5-4560-930A-FFB939849175}] : (CyberLink VideoMeeting+.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{10AC3DD9-90D5-4560-930A-FFB939849175}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{10AC3DD9-90D5-4560-930A-FFB939849175} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1AD99E77-37CC-744E-39CA-67F6FD34565A}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1B6F5E51-575E-4693-BCA2-7543570D076D}] : (Nero Kwik Themes Basic.-.Nero AG) -> MsiExec.exe /X{1B6F5E51-575E-4693-BCA2-7543570D076D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C63279A-BF36-4852-9924-B1978D6585A6}] : (Nero Device Updates.-.Nero AG) -> MsiExec.exe /X{1C63279A-BF36-4852-9924-B1978D6585A6} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1] : (Apowersoft Online Launcher version 1.4.6.-.APOWERSOFT LIMITED) -> "C:\Users\jean-\AppData\Local\Apowersoft\Apowersoft Online Launcher\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21916D21-F3DD-44F9-952B-FD122CBD1526}] : (Nero Launcher.-.Nero AG) -> MsiExec.exe /X{21916D21-F3DD-44F9-952B-FD122CBD1526} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2432E589-6256-4513-B0BF-EFA8E325D5F0}] : (Nero SharedVideoCodecs.-.Nero AG) -> MsiExec.exe /X{2432E589-6256-4513-B0BF-EFA8E325D5F0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29F67D84-3A70-456E-806A-52301B02070B}] : (Nero Effects Basic.-.Nero AG) -> MsiExec.exe /X{29F67D84-3A70-456E-806A-52301B02070B} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}] : (CyberLink WaveEditor 2.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3361D415-BA35-4143-B301-661991BA6219}] : (MyEpson Portal.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4780AF24-213D-4187-86F2-0014A6D6077B}] : (HP Support Assistant.-.HP Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{4780AF24-213D-4187-86F2-0014A6D6077B}\setup.exe" -runfromtemp -l0x0409 -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{47C00502-CFAC-42D3-8019-D9C557AD49AD}] : (Nero Recode.-.Nero AG) -> MsiExec.exe /X{47C00502-CFAC-42D3-8019-D9C557AD49AD} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48cb006a-7b5b-4a48-98fd-fbd7af456b0d}] : (Camtasia 9.-.TechSmith Corporation) -> "C:\ProgramData\Package Cache\{48cb006a-7b5b-4a48-98fd-fbd7af456b0d}\CamtasiaInstaller_ENU.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{521087D5-A9CC-4434-9206-FA011ABBDCF3}] : (Nero Device Updates.-.Nero AG) -> MsiExec.exe /X{521087D5-A9CC-4434-9206-FA011ABBDCF3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1] : (Wondershare Helper Compact 2.5.2.-.Wondershare) -> "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> C:\WINDOWS\RtCRU64.exe /u [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}] : (Prerequisite installer.-.Nero AG) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60251665-84B4-41D6-84BF-6D50CE68DD08}] : (Nero Express.-.Nero AG) -> MsiExec.exe /X{60251665-84B4-41D6-84BF-6D50CE68DD08} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64228DFB-7450-49B7-935C-B97342CB6659}] : (HP Customer Experience Enhancements.-.HP Development Company, L.P.) -> MsiExec.exe /X{64228DFB-7450-49B7-935C-B97342CB6659} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] : (Nero Update.-.Nero AG) -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6861C1AD-9829-4DE4-8647-4785ECEA421A}] : (Nero Video.-.Nero AG) -> MsiExec.exe /X{6861C1AD-9829-4DE4-8647-4785ECEA421A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6B81BDC4-3368-4898-8F16-48962F789221}] : (Nero 2017.-.Nero AG) -> MsiExec.exe /I{6B81BDC4-3368-4898-8F16-48962F789221} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6DAEECA5-8208-47DA-82AA-6B653EC31B97}] : (Nero Burning Core.-.Nero AG) -> MsiExec.exe /X{6DAEECA5-8208-47DA-82AA-6B653EC31B97} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6E6D453B-AADE-4F14-97F6-9B464488BC53}] : (Nero Disc to Device.-.Nero AG) -> MsiExec.exe /X{6E6D453B-AADE-4F14-97F6-9B464488BC53} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A3F32E0-D8E1-40C1-8E1B-1F5693F2ADE0}] : (CyberLink Power2Go 11.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7A3F32E0-D8E1-40C1-8E1B-1F5693F2ADE0}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7A3F32E0-D8E1-40C1-8E1B-1F5693F2ADE0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}] : (CyberLink PresenterLink+.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7A3F3715-7953-4247-8B5C-5D03050B9EA9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7BAC3F7A-B963-468E-982E-B5608A87408D}] : (Epson Software Updater.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{7BAC3F7A-B963-468E-982E-B5608A87408D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}] : (Nero MediaHome.-.Nero AG) -> MsiExec.exe /X{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7ED8575D-3A56-44CB-9015-513CA301062F}] : (PowerArchiver 2016.-.ConeXware, Inc.) -> MsiExec.exe /I{7ED8575D-3A56-44CB-9015-513CA301062F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F22DD97-256D-491D-9090-743FADC79BBE}] : (Nero RescueAgent.-.Nero AG) -> MsiExec.exe /X{7F22DD97-256D-491D-9090-743FADC79BBE} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82CA1714-13EA-F419-91FE-12834424745E}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.SEIKO EPSON CORPORATION) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C784F8B-89D0-4A59-A000-7EEF129E1574}] : (Jing.-.TechSmith Corporation) -> MsiExec.exe /I{8C784F8B-89D0-4A59-A000-7EEF129E1574} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1] : (Zemana AntiLogger.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiLogger\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1] : (Ashampoo Privacy Protector v.1.1.3.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1] : (Ashampoo Burning Studio 2017.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2017\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}] : (Music Recorder.-.Nero AG) -> MsiExec.exe /X{94A4AE85-9F1D-4687-953F-38371C9D1A4F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{991572A1-F8B9-42E5-B485-A79724558A84}] : (Nero Express.-.Nero AG) -> MsiExec.exe /X{991572A1-F8B9-42E5-B485-A79724558A84} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C637A56-4287-487F-95BF-1422FC1AA879}] : (Nero 2016.-.Nero AG) -> MsiExec.exe /I{9C637A56-4287-487F-95BF-1422FC1AA879} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A163159C-B476-4501-B163-3F77809AC833}] : (Nero Burning Core.-.Nero AG) -> MsiExec.exe /X{A163159C-B476-4501-B163-3F77809AC833} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9}] : (Nero Burning ROM.-.Nero AG) -> MsiExec.exe /X{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABC88553-8770-4B97-B43E-5A90647A5B63}] : (Nero ControlCenter.-.Nero AG) -> MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACE49D50-19CD-44A6-B192-46F985283B26}] : (Nero PiP Effects Basic.-.Nero AG) -> MsiExec.exe /X{ACE49D50-19CD-44A6-B192-46F985283B26} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B11FEAD6-F19E-473E-A8B1-AE58C058F575}] : (HP Support Solutions Framework.-.HP Inc.) -> MsiExec.exe /X{B11FEAD6-F19E-473E-A8B1-AE58C058F575} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}] : (Nero Recode.-.Nero AG) -> MsiExec.exe /X{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6AEA771-9737-41A2-AA07-772CB1A1CC27}_is1] : (Auslogics BitReplica.-.Auslogics Software Pty Ltd) -> "C:\Program Files (x86)\Auslogics\BitReplica\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B839153C-D4D2-F89C-5033-0A160C62706B}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}] : (Nero Core Components.-.Nero AG) -> MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1EA3764-1138-AE27-AD63-549BAD99BA15}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (CyberLink LabelPrint 2.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9}] : (Nero Burning ROM.-.Nero AG) -> MsiExec.exe /X{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D16A31F9-276D-4968-A753-FFEAC56995D0}] : (Epson Print CD.-.Seiko Epson Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{D16A31F9-276D-4968-A753-FFEAC56995D0}\setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF}] : (Nero RescueAgent.-.Nero AG) -> MsiExec.exe /X{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5}] : (Nero CoverDesigner.-.Nero AG) -> MsiExec.exe /X{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B}] : (Nero MediaHome.-.Nero AG) -> MsiExec.exe /X{DF4748D8-2FC2-4D51-87D0-95A81CCA962B} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}] : (Nero Disc Menus Basic.-.Nero AG) -> MsiExec.exe /X{E17BCB76-9924-4BD5-B6D6-50D3407B4E74} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E817E580-6318-AFC8-2102-322C73117EC4}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}] : (Prerequisite installer.-.Nero AG) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78}] : (Nero Video.-.Nero AG) -> MsiExec.exe /X{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF0BA418-AF37-471E-9594-EAE5913F4681}] : (Nero Launcher.-.Nero AG) -> MsiExec.exe /X{EF0BA418-AF37-471E-9594-EAE5913F4681} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F030BFE8-8476-4C08-A553-233DE80A2BE1}] : (Nero Info.-.Nero AG) -> MsiExec.exe /X{F030BFE8-8476-4C08-A553-233DE80A2BE1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F77474EE-EB6C-C87B-88AF-3310C848E068}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Microsoft Specifications CheckID: AutoPlay999{21916D21-F3DD-44F9-952B-FD122CBD1526} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{21916D21-F3DD-44F9-952B-FD122CBD1526} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{991572A1-F8B9-42E5-B485-A79724558A84} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{991572A1-F8B9-42E5-B485-A79724558A84} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{47C00502-CFAC-42D3-8019-D9C557AD49AD} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{47C00502-CFAC-42D3-8019-D9C557AD49AD} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: FileAssociations999{ABC88553-8770-4B97-B43E-5A90647A5B63} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: CASL999{4780AF24-213D-4187-86F2-0014A6D6077B} - INSTALLCASL=false -> CASL CheckID: AutoPlay999{60251665-84B4-41D6-84BF-6D50CE68DD08} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{60251665-84B4-41D6-84BF-6D50CE68DD08} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{94A4AE85-9F1D-4687-953F-38371C9D1A4F} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{94A4AE85-9F1D-4687-953F-38371C9D1A4F} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{6DAEECA5-8208-47DA-82AA-6B653EC31B97} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{6DAEECA5-8208-47DA-82AA-6B653EC31B97} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{521087D5-A9CC-4434-9206-FA011ABBDCF3} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{521087D5-A9CC-4434-9206-FA011ABBDCF3} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{7F22DD97-256D-491D-9090-743FADC79BBE} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{7F22DD97-256D-491D-9090-743FADC79BBE} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{EF0BA418-AF37-471E-9594-EAE5913F4681} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{EF0BA418-AF37-471E-9594-EAE5913F4681} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{DF4748D8-2FC2-4D51-87D0-95A81CCA962B} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{DF4748D8-2FC2-4D51-87D0-95A81CCA962B} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{F030BFE8-8476-4C08-A553-233DE80A2BE1} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{F030BFE8-8476-4C08-A553-233DE80A2BE1} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: fe1559e6e1022144a8b5b0ae14281475a31{97B6FAD9-6F14-CC46-3165-F1785ECCE255} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe1559e6e1022144a8b5b0ae14281475a3 CheckID: Options_Files_320{D8A1F37A-B11B-4451-830D-6A243ADE2591} - NOT VersionNT64 -> Options_Files_32 CheckID: AutoPlay999{1C63279A-BF36-4852-9924-B1978D6585A6} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{1C63279A-BF36-4852-9924-B1978D6585A6} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{6E6D453B-AADE-4F14-97F6-9B464488BC53} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{6E6D453B-AADE-4F14-97F6-9B464488BC53} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{A163159C-B476-4501-B163-3F77809AC833} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{A163159C-B476-4501-B163-3F77809AC833} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{6861C1AD-9829-4DE4-8647-4785ECEA421A} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{6861C1AD-9829-4DE4-8647-4785ECEA421A} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: hotcore1{47E5588F-C3A0-11DE-9857-005056C00008} - VersionNT <= 500 -> hotcore ---------- | CLSID ---------- | Listing No Microsoft signed files | system32 (Not necessary Malwares) [MD5.82C37C3E27020AF6C2E018E944284676] - |D| - [16/07/2016 12:42:35] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |D| - [16/07/2016 12:42:05] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@BackgroundAccessToastIcon.png [MD5.C65F3DD5C512B0E73984DB406B5512F7] - |D| - [16/07/2016 12:42:19] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@edptoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |D| - [16/07/2016 12:42:38] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@EnrollmentToastIcon.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |D| - [16/07/2016 12:42:41] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@language_notification_icon.png [MD5.46DACDA5036EBECEDF08427407E3017C] - |D| - [16/07/2016 12:42:40] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |D| - [16/07/2016 12:42:38] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |D| - [16/07/2016 12:42:38] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@WiFiNotificationIcon.png [MD5.58B6CB6A8528BA1B267CFAE325E6B834] - |D| - [16/07/2016 12:42:23] - (.-.) - [20.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@WindowsHelloFaceToastIcon.png [MD5.4B10D8998C824DD84AD597F9E058F6F0] - |D| - [30/07/2015 21:58:04] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amde31a.dat [MD5.C7628FE6341B7919D2F62DB9057DB4FC] - |D| - [21/10/2015 02:14:42] - (.-.) - [208.48 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdgfxinfo64.dll [MD5.AF1928F5E15921A29877C2E18626F80E] - |D| - [21/10/2015 02:14:42] - (.-.) - [139.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdhdl64.dll [MD5.DDEB20626133878B0CE79CCE29B031B9] - |D| - [23/07/2015 11:52:32] - (.-.) - [814.26 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdicdxx.dat [MD5.82CAB4EAF1E1CBA85AE5DEBB4C068EE2] - |D| - [21/10/2015 02:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [616.48 Ko] - (1.0.3.8) - C:\WINDOWS\system32\amdlvr64.dll [MD5.C366C5A2EE8F1F586691E4511AB56040] - |D| - [21/10/2015 02:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [6529.48 Ko] - (9.1.10.83) - C:\WINDOWS\system32\amdmantle64.dll [MD5.3960C946E67311C9831550AEDC649C3A] - |D| - [21/10/2015 02:14:54] - (.-.) - [460.27 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdmiracast.dll [MD5.4CA9A0DF33972919623BBFF8FBD1A501] - |D| - [21/10/2015 02:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [57.98 Ko] - (1.6.0.0) - C:\WINDOWS\system32\amdmmcl6.dll [MD5.7BA9A6BBF176D945D7B201865897E158] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26898.98 Ko] - (0.8.0.0) - C:\WINDOWS\system32\amdocl12cl64.dll [MD5.AFF92249DA8E62FF8C6D2B89977D3245] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46673.98 Ko] - (10.0.1800.11) - C:\WINDOWS\system32\amdocl64.dll [MD5.8305AA2FEBE5CAD45AB8D208C17DA930] - |D| - [21/10/2015 02:14:44] - (.-.) - [1168 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdocl_as64.exe [MD5.187EB6A72565FAAF01AAE0CDD63DE56F] - |D| - [21/10/2015 02:14:44] - (.-.) - [1045.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdocl_ld64.exe [MD5.2B79CD2445F85D54959702583ECBCC04] - |D| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\system32\amdpcom64.dll [MD5.971819F3DD0996BCCB9E4330C52C4207] - |D| - [17/12/2016 23:42:15] - (.-.) - [436.42 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ApnDatabase.xml [MD5.F94192B47ACA96AFFEBC1073891EBB42] - |D| - [16/07/2016 12:43:20] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\AppVStreamingUX.exe.config [MD5.567BF499D25205A659A059184B458DB7] - |D| - [16/07/2016 12:42:34] - (.-.) - [2.65 Ko] - (0.0.0.0) - C:\WINDOWS\system32\AppxProvisioning.xml [MD5.28DF09388444100467873AC906FD6CB2] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1226.98 Ko] - (7.15.20.1301) - C:\WINDOWS\system32\atiadlxx.dll [MD5.53650482B8E621276DC55E50C9FB2FEE] - |D| - [22/08/2015 01:53:34] - (.-.) - [646.87 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiapfxx.blb [MD5.CC2470CA903EA355A24F05520D79BDB8] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [366.98 Ko] - (6.14.10.1001) - C:\WINDOWS\system32\atiapfxx.exe [MD5.279066332FA267076E3BEE81C4297F87] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [62.98 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticalcl64.dll [MD5.3A0F17C7C8E37DCEAE1DA76B7D761702] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15356.98 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticaldd64.dll [MD5.D22A08EE217DE15B6A41AE518B4F4FBE] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [69.48 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticalrt64.dll [MD5.BE92AD0155D4A23D0073AF51BE808B29] - |D| - [21/10/2015 02:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1445.13 Ko] - (8.17.10.1404) - C:\WINDOWS\system32\aticfx64.dll [MD5.B565601728AF96EEFCF7E9CDE3CDD2BE] - |D| - [21/10/2015 02:14:46] - (.2002-2012 - Graphics DEM.) - [440.48 Ko] - (4.5.5711.37472) - C:\WINDOWS\system32\atidemgy.dll [MD5.8700278344BED8D4A3A5AC2875359584] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11804.69 Ko] - (8.17.10.625) - C:\WINDOWS\system32\atidxx64.dll [MD5.69F82C40A189962A65F6D5A02DF8599F] - |D| - [21/10/2015 02:14:46] - (.-.) - [164.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atieah64.exe [MD5.B96BD9F5B2B0CD6549EE59FD242A6D56] - |D| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [667.48 Ko] - (6.14.11.1199) - C:\WINDOWS\system32\atieclxx.exe [MD5.521248FA26458669BAAE6AB7DB21F3AC] - |D| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [249.48 Ko] - (6.14.11.1199) - C:\WINDOWS\system32\atiesrxx.exe [MD5.E4F96DFF0501430BF7C6E90841A7282D] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [81.98 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atig6pxx.dll [MD5.86F2AE002AF9222F34937823B98753C2] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [161.48 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atig6txx.dll [MD5.0C3156664885AF41100B63853EBCE037] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiglpxx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |D| - [06/11/2014 10:53:26] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiicdxx.dat [MD5.FE4E7138E51DA7EF01E51F28128A7F53] - |D| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\system32\atimpc64.dll [MD5.C84C24F13663EF5A59C1E598A350C8C3] - |D| - [21/10/2015 02:14:46] - (.Copyright ฉ 2009 AMD - Multi-language DPPE DLL.) - [37.48 Ko] - (6.14.10.1002) - C:\WINDOWS\system32\atimuixx.dll [MD5.7D9CCB5DD8837D6AC954956A5812112C] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30054.98 Ko] - (6.14.10.13399) - C:\WINDOWS\system32\atio6axx.dll [MD5.0E89795F721B2BC02D0A12C470750DF6] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODCLI Application.) - [58.48 Ko] - (1.0.0.1) - C:\WINDOWS\system32\ATIODCLI.exe [MD5.C7A506822BE45CD42415710979CDAE7F] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODE Application.) - [333.48 Ko] - (1.0.0.1) - C:\WINDOWS\system32\ATIODE.exe [MD5.3FE40633FC3BC5AE41EACDA0E1BA72FE] - |D| - [21/10/2015 02:14:46] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [194.98 Ko] - (6.14.11.25) - C:\WINDOWS\system32\atitmm64.dll [MD5.067CED045532C58B46E6527BCE3CB47F] - |D| - [21/10/2015 02:14:54] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [127.02 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiu9p64.dll [MD5.AC6970C74B7457B291BB2C0035AA7DAE] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8657.15 Ko] - (9.14.10.1128) - C:\WINDOWS\system32\atiumd64.dll [MD5.486D6985E7B7826DBBEAE12755851027] - |D| - [22/08/2015 01:55:34] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiumd6a.cap [MD5.0A9CA09952D768F768D2903F984102DC] - |D| - [21/10/2015 02:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8771.91 Ko] - (8.14.10.513) - C:\WINDOWS\system32\atiumd6a.dll [MD5.AE81C76C930DD6875E5D9C6BEA2F0966] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [158.43 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiuxp64.dll [MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |D| - [24/07/2015 21:44:06] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativce02.dat [MD5.B974290EEE645249EE212FF62DD0824A] - |D| - [30/07/2015 22:00:06] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |D| - [29/05/2015 01:00:42] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |D| - [29/05/2015 00:58:32] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |D| - [29/05/2015 01:21:32] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |D| - [29/05/2015 01:17:24] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |D| - [29/05/2015 01:15:12] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |D| - [29/05/2015 01:10:58] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |D| - [29/05/2015 01:08:18] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |D| - [22/08/2015 01:54:10] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |D| - [22/08/2015 01:54:10] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvsvl.dat [MD5.22D9945B4AAE36DD59620A918F2E65F4] - |D| - [16/07/2016 12:42:16] - (.-.) - [3096 Ko] - (0.0.0.0) - C:\WINDOWS\system32\boot.sdi [MD5.405E1EF8E3C88E9BCD2853382BB12430] - |D| - [16/07/2016 12:43:51] - (.-.) - [22.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\bopomofo.uce [MD5.31ABC8C02F1CCE0DA39550D763384184] - |D| - [16/07/2016 12:42:12] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\WINDOWS\system32\BthpanContextHandler.dll [MD5.D648218198F82322FC1FED1DA95AD749] - |D| - [16/07/2016 12:42:40] - (.Copyright (C) 2008 - Application ContextH.) - [62 Ko] - (1.0.0.1) - C:\WINDOWS\system32\BWContextHandler.dll [MD5.CCEAEFAA4DF2F399E9A179D942FEB23C] - |D| - [16/07/2016 12:42:09] - (.-.) - [163.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\chs_singlechar_pinyin.dat [MD5.F2D598B11C294EE360FDA0D3E81DA7EC] - |D| - [21/10/2015 02:14:48] - (.-.) - [237.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\clinfo.exe [MD5.A0E91D21C945781D03EA0BA1C95F821E] - |D| - [21/10/2015 02:14:48] - (.AMD. - CoInstaller DLL.) - [853.98 Ko] - (1.0.5.9) - C:\WINDOWS\system32\coinst_15.20.dll [MD5.62B53E06F95506669CCB6D3810A88E51] - |D| - [21/12/2016 12:51:31] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll [MD5.8D7AC60330B3E96C4D00E682437868D0] - |D| - [17/12/2016 23:40:38] - (.-.) - [2618.36 Ko] - (0.0.0.0) - C:\WINDOWS\system32\CoreUIComponents.dll [MD5.D8597B34447DB8E8631BB3F3A13A5B8C] - |D| - [21/12/2016 12:53:35] - (.©Conexant Systems Inc. - Conexant APO.) - [1577.79 Ko] - (1.68.0.0) - C:\WINDOWS\system32\CX64APO.dll [MD5.F59A4946F017AC8EFEB044E7901A9181] - |D| - [21/12/2016 12:53:36] - (.©Conexant Systems Inc. - Conexant MFX APO Proxy.) - [1493.3 Ko] - (1.2.0.0) - C:\WINDOWS\system32\CX64Proxy.dll [MD5.306B90493D00011EB635E161C6C024B8] - |D| - [16/07/2016 12:42:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |D| - [16/07/2016 12:47:52] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DefaultQuestions.json [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |D| - [26/10/2012 16:42:24] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\system32\DevManagerCore.dll [MD5.8B5F7B8C2EFE38CA571FBE24658DF11F] - |D| - [16/07/2016 12:42:36] - (.-.) - [90.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DiskSnapshot.conf [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - |D| - [16/07/2016 12:47:52] - (.-.) - [210.88 Ko] - (0.0.0.0) - C:\WINDOWS\system32\dssec.dat [MD5.38F5BB371027851DE180EF436C3A5F28] - |D| - [18/12/2016 00:28:56] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\emptyregdb.dat [MD5.93E76CF7B04EC33A1E9E0FD7546D3603] - |D| - [16/07/2016 12:42:13] - (.-.) - [17.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EventViewer_EventDetails.xsl [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |D| - [16/12/2016 10:50:57] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\system32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |D| - [16/12/2016 10:50:35] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\system32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - |D| - [16/12/2016 10:50:41] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2013. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.4.0.0) - C:\WINDOWS\system32\E_ILMBLPE.DLL [MD5.DFBDC24417B2EDE6513F5570E6CD24C8] - |D| - [20/12/2016 21:29:59] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - EaseUS Todo Backup Application.) - [25.69 Ko] - (3.0.0.1) - C:\WINDOWS\system32\fbnative.exe [MD5.8DA03B6C1BD218282B69B78EF9876B4D] - |D| - [18/12/2016 00:04:43] - (.-.) - [210.97 Ko] - (0.0.0.0) - C:\WINDOWS\system32\FNTCACHE.DAT [MD5.8E7AFBED04DAF976A9E46D3724A93284] - |D| - [16/07/2016 12:42:35] - (.-.) - [24.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\GamePanelExternalHook.dll [MD5.D07F2281427BD098356EE74B6CB26B86] - |D| - [16/07/2016 12:42:12] - (.-.) - [89 Ko] - (0.0.0.0) - C:\WINDOWS\system32\gatherNetworkInfo.vbs [MD5.4FDED87068052EEB9B72A97FDBC141DB] - |D| - [16/07/2016 12:43:51] - (.-.) - [23.44 Ko] - (0.0.0.0) - C:\WINDOWS\system32\gb2312.uce [MD5.21B36038414CBD12B5B957B6D76781F7] - |D| - [21/12/2016 13:02:47] - (.Copyright c 2003 - GeneIcon.) - [5504.2 Ko] - (1.2.0.0) - C:\WINDOWS\system32\GeneIcon.dll [MD5.59239886A7B4053259DA0F91F6571B88] - |D| - [21/12/2016 13:02:46] - (.Copyright (C) 2015 - GeneStor co-installer.) - [165.77 Ko] - (2.0.0.1) - C:\WINDOWS\system32\GSCoinst.dll [MD5.12F3190C25CFFB03A5CA58E949AE3E55] - |D| - [16/07/2016 12:42:22] - (.-.) - [353.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\HrtfApo.dll [MD5.77071BF934BEF16D5F02E31624258A91] - |D| - [21/10/2015 02:14:48] - (.-.) - [108.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\hsa-thunk64.dll [MD5.2A571B7728F23E83A800527879105180] - |D| - [16/07/2016 12:42:04] - (.-.) - [44.17 Ko] - (0.0.0.0) - C:\WINDOWS\system32\hypervisor.mof [MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - |D| - [16/07/2016 12:43:51] - (.-.) - [59.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ideograf.uce [MD5.6B31D08801D3A3F51B59FB1DB14E4A01] - |D| - [16/07/2016 12:43:08] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ieuinit.inf [MD5.8898B09A8D08E138F238224648DF0739] - |D| - [16/07/2016 12:42:35] - (.-.) - [170.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\IHDS.dll [MD5.5EA855B4A875E08AD93FF901B5D9E275] - |D| - [16/07/2016 12:42:09] - (.-.) - [226 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ism32k.dll [MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - |D| - [16/07/2016 12:43:51] - (.-.) - [6.79 Ko] - (0.0.0.0) - C:\WINDOWS\system32\kanji_1.uce [MD5.529BBD63519BBD654EF328454019693F] - |D| - [16/07/2016 12:43:51] - (.-.) - [8.29 Ko] - (0.0.0.0) - C:\WINDOWS\system32\kanji_2.uce [MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - |D| - [16/07/2016 12:43:51] - (.-.) - [12.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\korean.uce [MD5.49F46049D3729F9CD510CCFF1E091F90] - |D| - [16/07/2016 12:42:02] - (.Copyright © 1996-1999 Fraunhofer Institut Integrierte Schaltungen IIS - MPEG Layer-3 Audio Codec for MSACM.) - [85 Ko] - (1.9.0.401) - C:\WINDOWS\system32\l3codeca.acm [MD5.F720CF1C7BCBC3B9897F2F36EBE96136] - |D| - [16/07/2016 12:42:02] - (.Copyright © 2004 Fraunhofer IIS - MPEG Audio Layer-3 Codec for MSACM.) - [179 Ko] - (3.4.0.0) - C:\WINDOWS\system32\l3codecp.acm [MD5.050BC9351A3386458B696F8BCA78B27B] - |D| - [16/07/2016 12:42:22] - (.-.) - [145.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\LargeRoom.bin [MD5.531FE5A2634D87A078017259F21D9736] - |D| - [16/07/2016 12:42:43] - (.-.) - [206.97 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lcphrase.tbl [MD5.D3C85593F8C4576FCF9B42AC48CA4368] - |D| - [16/07/2016 12:42:43] - (.-.) - [23.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lcptr.tbl [MD5.84B686AFB958D7ECDC2A1FA5D87353E1] - |D| - [18/12/2016 00:02:48] - (.-.) - [51.1 Ko] - (0.0.0.0) - C:\WINDOWS\system32\license.rtf [MD5.B65E8E52916A527F88486875EE291AA8] - |D| - [26/10/2012 16:42:22] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |D| - [26/10/2012 16:42:22] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LogiDPPApp.exe [MD5.4D4248F6D008D86D5575EE5B154971AE] - |D| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\lvco1380853.dll [MD5.FF510CF2A7FA73192E7DB06D7C311799] - |D| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Video Codec.) - [171.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\lvcod64.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |D| - [26/10/2012 16:42:24] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lvcoin64.ini [MD5.FD4A8B2F7E2CDABF7A33F9EF73EEA172] - |D| - [18/12/2016 00:07:55] - (.-.) - [8.25 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lvcoinst.log [MD5.B4CD287DFAA6578AC763A3800F0C2DC8] - |D| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LVUI64.dll [MD5.CCFDDF84B42198B0AAD27D11ACFD254E] - |D| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LVUIRC64.dll [MD5.7A495CA1402C2F9F5D035092AD808669] - |D| - [16/07/2016 12:44:03] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\system32\manage-bde.wsf [MD5.D3F4E00C322EDA78873848BE75ACC8A4] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [132.98 Ko] - (9.1.10.83) - C:\WINDOWS\system32\mantle64.dll [MD5.EA33454E28EE1F3CA432DA87203DA24F] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [100.98 Ko] - (9.1.10.83) - C:\WINDOWS\system32\mantleaxl64.dll [MD5.BC74BDA8DC53F722C2CA686071600AE2] - |D| - [16/07/2016 12:42:22] - (.-.) - [107.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MediumRoom.bin [MD5.ED434A3EBE29070A7E0138C42482EB93] - |D| - [16/07/2016 12:42:27] - (.-.) - [657.31 Ko] - (0.0.0.0) - C:\WINDOWS\system32\mlang.dat [MD5.86166DAA04A6C154826508304CC6D4AC] - |D| - [16/07/2016 12:42:12] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NdfEventView.xml [MD5.28914EA249602EB87089CFE2B77A14CD] - |D| - [18/12/2016 00:04:57] - (.-.) - [16.76 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |D| - [16/07/2016 12:42:12] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - |D| - [16/07/2016 12:47:53] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NOISE.DAT [MD5.5D27362AF3BCAA75A418F5416A35934E] - |D| - [16/07/2016 12:42:20] - (.-.) - [0.26 Ko] - (0.0.0.0) - C:\WINDOWS\system32\odbcconf.rsp [MD5.F54598052A618ADC0231853D870A22BE] - |D| - [16/07/2016 12:47:53] - (.-.) - [15.06 Ko] - (0.0.0.0) - C:\WINDOWS\system32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |D| - [16/07/2016 12:42:11] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\system32\onlinesetup.cmd [MD5.F192E1998A5F6826BE6955F6EAE7CDA1] - |D| - [21/10/2015 02:14:42] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [71.98 Ko] - (2.0.4.0) - C:\WINDOWS\system32\OpenCL.dll [MD5.42D2360079B1DF3230024AE920737367] - |D| - [16/07/2016 12:42:22] - (.-.) - [45.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\OutdoorAudioEnvironment.bin [MD5.66D58077CC739E4B8166E33AB0BA4639] - |D| - [16/07/2016 12:42:39] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pcl.sep [MD5.0DD378CE939847B818A50F11EF62484F] - |D| - [16/07/2016 12:49:31] - (.-.) - [189.21 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfc009.dat [MD5.23B32F73263555669B6AB518944A35C7] - |D| - [16/07/2016 23:40:24] - (.-.) - [134.28 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |D| - [16/07/2016 12:49:35] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |D| - [16/07/2016 23:40:24] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfd00C.dat [MD5.1E6FC492584146CA2C28FE068B85C760] - |D| - [16/07/2016 12:49:31] - (.-.) - [797.48 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfh009.dat [MD5.8F52939BC2F395EC9079C4B41E4132CB] - |D| - [16/07/2016 23:40:24] - (.-.) - [652.54 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfh00C.dat [MD5.D2F6C8BF55D99E6B2EAAC615510FA360] - |D| - [16/12/2016 08:08:21] - (.-.) - [1772.01 Ko] - (0.0.0.0) - C:\WINDOWS\system32\PerfStringBackup.INI [MD5.C09741B9886EF0D15EC3B1443352FB62] - |D| - [16/07/2016 12:42:39] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pscript.sep [MD5.007893E8374C766471239EB291BA8C17] - |D| - [16/07/2016 12:42:31] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\psmodulediscoveryprovider.mof [MD5.3A77C18665A4C8428768CE186A5BC1EF] - |D| - [16/07/2016 12:42:12] - (.-.) - [1.78 Ko] - (0.0.0.0) - C:\WINDOWS\system32\rasctrnm.h [MD5.5D9616D2A76F38EF94866248CA4EDB2C] - |D| - [16/07/2016 12:43:18] - (.Copyright (C) 2009 - RemoteFX Helper.) - [106 Ko] - (1.1.0.0) - C:\WINDOWS\system32\RDVGHelper.exe [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |D| - [16/07/2016 12:42:04] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\removehypervisor.mof [MD5.C6CA43573C21CA6392F57F238C8391FC] - |D| - [26/10/2012 16:42:22] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\Repository.reg [MD5.D67CDB8D2584AAC165A77488C5A7A987] - |D| - [16/07/2016 12:42:37] - (.-.) - [8.92 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ResPriHMImageList [MD5.4FE9CE56EFA89779D81B988698D2454C] - |D| - [16/07/2016 12:42:37] - (.-.) - [8.4 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ResPriImageList [MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - |D| - [16/07/2016 12:42:15] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\system32\RestartManager.mof [MD5.3F75A221A01F68D6CE67FE99A868BD8F] - |D| - [16/07/2016 12:42:15] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\system32\RestartManagerUninstall.mof [MD5.24B2ADA395883FA03260D6DEB1B39869] - |D| - [21/12/2016 12:52:58] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\system32\RP3DAA64.dll [MD5.6241068A334C45059492867DF7890588] - |D| - [21/12/2016 12:52:58] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\system32\RP3DHT64.dll [MD5.D7CFCE6811519582690065C21088E9A5] - |D| - [21/12/2016 13:03:39] - (.Copyright (C) 2014 - RtCRX.) - [82.5 Ko] - (1.11.9600.0) - C:\WINDOWS\system32\RtCRX64.dll [MD5.793408DA550E60C0CF1C760F4C49C1E1] - |D| - [21/12/2016 12:53:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.79 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEED64A.dll [MD5.6C41CFD7D8437E6DD597439164418BE9] - |D| - [21/12/2016 12:53:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEG64A.dll [MD5.28D25F2764B6DB8CE3E2B0707119E9C7] - |D| - [21/12/2016 12:53:04] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEL64A.dll [MD5.B817DB4E2172DA73044E7D64304363D8] - |D| - [21/12/2016 12:53:05] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |D| - [16/07/2016 12:43:50] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ScavengeSpace.xml [MD5.00E5FCFD833151F7CBDE607E2F7AFEB4] - |D| - [16/07/2016 12:43:51] - (.-.) - [5.66 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance.png [MD5.5719BFC9CFDA7A9C059A71A47A0E6383] - |D| - [16/07/2016 12:43:51] - (.-.) - [2.56 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance_Alert.png [MD5.099BA37F81C044F6B2609537FDB7D872] - |D| - [16/07/2016 12:43:51] - (.-.) - [6.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance_Error.png [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |D| - [16/07/2016 12:42:34] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\settings.dat [MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - |D| - [16/07/2016 12:43:51] - (.-.) - [16.35 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ShiftJIS.uce [MD5.6588A3773E2E0B4F9BAFE86BCDEFD65A] - |D| - [21/12/2016 12:53:43] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [961.83 Ko] - (3.5.13.0) - C:\WINDOWS\system32\sl3apo64.dll [MD5.CA977CC9B9CA96539C6EAC29BE955248] - |D| - [21/12/2016 12:53:44] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [2924.8 Ko] - (3.5.13.0) - C:\WINDOWS\system32\slcnt64.dll [MD5.3903BCAB32A4A853DFA54962112D4D02] - |D| - [16/07/2016 12:42:20] - (.-.) - [139.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\slmgr.vbs [MD5.FB05A4275AD6D1E66915BA2CBD014ED5] - |D| - [21/12/2016 12:53:44] - (.TODO: (c) . - TODO: .) - [252.8 Ko] - (1.0.0.1) - C:\WINDOWS\system32\slprp64.dll [MD5.ED13863F3406096F84EEDFA76F8CF117] - |D| - [21/12/2016 12:53:46] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [2643.41 Ko] - (3.5.13.0) - C:\WINDOWS\system32\sltech64.dll [MD5.1C6F12AA3D178A0A953E8005B3CD4CDE] - |D| - [16/07/2016 12:42:22] - (.-.) - [68.14 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SmallRoom.bin [MD5.0CD98E08C4E3D303385D8C3DD0991290] - |D| - [21/12/2016 12:53:39] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.2 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRAPO64.dll [MD5.C51C9A9E4918C0484BEBEF9AE5EE2210] - |D| - [21/12/2016 12:53:41] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.15 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRCOM.dll [MD5.EBBE92B5C58425A1CED97676D41893AF] - |D| - [21/12/2016 12:53:39] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.47 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRCOM64.dll [MD5.C1AA14DBA23EB5AE5044727DF182FE5C] - |D| - [16/07/2016 12:42:16] - (.-.) - [54.8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\srms.dat [MD5.606F38FFC396640DF385F1E696BC4ADD] - |D| - [21/12/2016 12:53:40] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.5 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRRPTR64.dll [MD5.69DEC334A320C6B6D9B3A09570741FAA] - |D| - [21/12/2016 12:52:49] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\WINDOWS\system32\SRSHP64.dll [MD5.5951E1D28E558C338408DDDC02497B9D] - |D| - [21/12/2016 12:52:49] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.76 Ko] - (1.1.4.0) - C:\WINDOWS\system32\SRSTSH64.dll [MD5.DCFEBC12609F7605EAEB2514ADEE16AD] - |D| - [21/12/2016 12:52:48] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\WINDOWS\system32\SRSTSX64.dll [MD5.3D5F9EF9749AC9BFEE28C00E49FB689A] - |D| - [21/12/2016 12:52:49] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\WINDOWS\system32\SRSWOW64.dll [MD5.30F5568679A54042F99CA9EC1102EBCD] - |D| - [16/07/2016 12:43:51] - (.-.) - [91.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SubRange.uce [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |D| - [16/07/2016 12:43:20] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SyncAppvPublishingServer.vbs [MD5.81B14F1AD906AC1CF9102796C97A54FE] - |D| - [16/07/2016 12:42:39] - (.-.) - [3.24 Ko] - (0.0.0.0) - C:\WINDOWS\system32\sysprint.sep [MD5.58A67EC6B00A54A69DC364194CA171E0] - |D| - [16/07/2016 12:42:39] - (.-.) - [3.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\sysprtj.sep [MD5.31B010EF50D54D548B4B8B211F421318] - |D| - [16/07/2016 12:42:39] - (.-.) - [1.63 Ko] - (0.0.0.0) - C:\WINDOWS\system32\tcpbidi.xml [MD5.D602CA245CC6774A0981B607F0675609] - |D| - [16/07/2016 12:42:39] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\tcpmon.ini [MD5.C8F2952DAE3971614DBD0C509F35BE93] - |D| - [16/07/2016 12:42:38] - (.-.) - [10.29 Ko] - (0.0.0.0) - C:\WINDOWS\system32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |D| - [16/07/2016 12:42:38] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt [MD5.D200497DD3A24F138123F0EB6C385D1D] - |D| - [16/07/2016 12:43:20] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\system32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |D| - [16/07/2016 12:43:20] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\system32\UevCustomActionTypes.tlb [MD5.E7482D1D449217C8641762F5C38E157C] - |D| - [16/07/2016 12:42:12] - (.-.) - [9.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\VpnSohDesktop.dll [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |D| - [16/07/2016 12:42:11] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WdsUnattendTemplate.xml [MD5.BB2D1DF427C9284DE64DC66A6F1CC2AD] - |D| - [16/07/2016 12:42:11] - (.-.) - [2.25 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WimBootCompress.ini [MD5.BAB2F86DE0219361898F99B710E33FBF] - |D| - [17/12/2016 23:40:27] - (.-.) - [408.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\Windows.Perception.Stub.dll [MD5.E0974EE3F592223A950B3B0C04797212] - |D| - [16/07/2016 12:44:01] - (.-.) - [1.61 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WindowsCodecsRaw.txt [MD5.7EF8F3CADE2DE177F96B5A5B581D73FF] - |D| - [16/07/2016 12:42:31] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\winrm.cmd [MD5.9D7684F978EBD77E6A3EA7EF1330B946] - |D| - [16/07/2016 12:42:31] - (.-.) - [199.32 Ko] - (0.0.0.0) - C:\WINDOWS\system32\winrm.vbs [MD5.96C4CBD3C8DF0FA34591FEE057AF3E1F] - |D| - [16/07/2016 12:42:05] - (.http://www.sqlite.org/copyright.html - SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - [754.46 Ko] - (3.12.2.0) - C:\WINDOWS\system32\winsqlite3.dll [MD5.C30C621748C66CE751B19B2788559A3E] - |D| - [16/07/2016 12:42:35] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wpcmon.png [MD5.B6B479B04C64AF5EF36C24EBDF278302] - |D| - [16/07/2016 12:42:27] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wpr.config.xml [MD5.930423065AB3F5DB52D5726C7FC66385] - |D| - [16/07/2016 12:42:31] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wsmanconfig_schema.xml [MD5.D6CBFA113B69C491DE370E85EBAC80E9] - |D| - [16/07/2016 12:42:31] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WsmPty.xsl [MD5.B2EDF82825D979928AE07CBE9C7A2160] - |D| - [16/07/2016 12:42:31] - (.-.) - [2.37 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WsmTxt.xsl [MD5.9D6B8FC71167D22849424084F0F3D9E9] - |D| - [16/07/2016 12:44:03] - (.-.) - [74.28 Ko] - (0.0.0.0) - C:\WINDOWS\system32\xpsrchvw.xml [MD5.684DDBD6ED4066B10660A3A06655B59A] - |D| - [16/07/2016 12:42:11] - (.-.) - [3.92 Ko] - (0.0.0.0) - C:\WINDOWS\system32\xwizard.dtd ---------- | Installer [HKCR\Installer\Products\026F45BF555911A362BC0B724CDD2F06] : Imaging Designer [HKCR\Installer\Products\03FEB5E3269374B4EAAC39B7C6BBA086] : AvcEngine -> C:\WINDOWS\Installer\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68}\ARPPRODUCTICON.exe [HKCR\Installer\Products\05D94ECADC916A441B29649F5882B362] : Nero PiP Effects Basic -> C:\WINDOWS\Installer\{ACE49D50-19CD-44A6-B192-46F985283B26}\ARPPRODUCTICON.exe [HKCR\Installer\Products\085E718E81368CFA122023C23711E74C] : CCC Help Polish -> C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0BE6E9B4DEE047E449979F283C52F417] : SQL Server Browser for SQL Server 2012 -> C:\WINDOWS\Installer\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}\ARPIco [HKCR\Installer\Products\0D4A6A5A500250A2E212948580FC59DE] : CCC Help Norwegian -> C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0E23F3A71E8D1C04E8B1F165392FDA0E] : [HKCR\Installer\Products\0EA8C7F7B169DEA49BA99DEB920C2FC4] : AdAwareProxyEngine -> C:\WINDOWS\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0F76E360892CA2A8F06A481C35224A0E] : ccc-utility64 -> C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\12D61912DD3F9F4459B2DF21C2DB5162] : Nero Launcher -> C:\WINDOWS\Installer\{21916D21-F3DD-44F9-952B-FD122CBD1526}\ARPPRODUCTICON.exe [HKCR\Installer\Products\15E5F6B1E5753964CB2A573475D070D6] : Nero Kwik Themes Basic -> C:\WINDOWS\Installer\{1B6F5E51-575E-4693-BCA2-7543570D076D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\166F59DC4C5A5F446AAACEDD192C14B0] : WinZip 21.0 [HKCR\Installer\Products\17C6353DDC00F7546842BC5DF14DF3C1] : DriversCloud.com (64 bits) -> C:\WINDOWS\Installer\{D3536C71-00CD-457F-8624-CBD51FD43F1C}\maconfico [HKCR\Installer\Products\1A15D4212C3FEA548B213DAC17420739] : SQL Server 2012 Common Files [HKCR\Installer\Products\1A2751999B8F5E244B587A794255A848] : Nero Express -> C:\WINDOWS\Installer\{991572A1-F8B9-42E5-B485-A79724558A84}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1C2B4FAA72E2FE64B9E9B212030F653F] : FirewallEngine -> C:\WINDOWS\Installer\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1D5F27E1E3559FFC603AC8A55F70DDC1] : CCC Help French -> C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1DC115BEC78CD0947A1B6D4CF77528F0] : Prerequisite installer -> C:\WINDOWS\Installer\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1E6AF1658349876ED2A2AC998FDDBF0C] : Windows Assessment Services - Client (AMD64 Architecture Specific, Client SKU) [HKCR\Installer\Products\20500C74CAFC3D2408919D5C75DA94DA] : Nero Recode -> C:\WINDOWS\Installer\{47C00502-CFAC-42D3-8019-D9C557AD49AD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\21E13F622273DF5409B394102268BBC4] : OnlineThreatsEngine -> C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\234989D47D950A67DD159B46226FFFF7] : Windows Phone Common Packaging and Test Tools (NT_x86_fre) [HKCR\Installer\Products\241A5D4605DBE627DEE92D05D8A2712E] : Catalyst Control Center InstallProxy -> C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\25E8C8C9A2A4D674B9C07CFE43048F0F] : [HKCR\Installer\Products\2884CAC2E79916F4D8F5E5113ECF1777] : AntispamEngine -> C:\WINDOWS\Installer\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2C31622C4A7C16749A6011E6DCE44777] : SQL Server 2012 Database Engine Services [HKCR\Installer\Products\2F12AC03A109BD444AF3CF13DCF04239] : Sql Server Customer Experience Improvement Program -> C:\WINDOWS\Installer\{30CA21F2-901A-44DB-A43F-FC31CD0F2493}\ARPIco [HKCR\Installer\Products\33305D78435EA394E889A094CB826FB4] : SQL Server 2012 Database Engine Services [HKCR\Installer\Products\35588CBA077879B44BE3A50946A7B536] : Nero ControlCenter -> C:\WINDOWS\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe [HKCR\Installer\Products\36DE92D79F487CE44BF999A4A313592B] : SQL Server 2012 Common Files [HKCR\Installer\Products\37E58BB129D0A406A0FA7CAA5D3E3A6C] : CCC Help English -> C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\384482F5D8EEE744EBEBB21FB3804CFB] : Prerequisite installer -> C:\WINDOWS\Installer\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\39753950C43A27243316A79FEAEE6594] : Imaging And Configuration Designer [HKCR\Installer\Products\3978828F6B15FE74F2393D777666F35C] : Assessments on Client [HKCR\Installer\Products\3A56CBC8BA0456EDC21B99A7DB8ADF86] : CCC Help Turkish -> C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3C1BCDF6CDE9CBC374C3DD58DEE54049] : CCC Help German -> C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3D4250324BDACC96A287698D973E22B1] : Windows PE x86 x64 [HKCR\Installer\Products\401EEA7469FB704E3DEF08BB4D72234F] : Windows PE x86 x64 wims [HKCR\Installer\Products\4171AC28AE31914F19EF2138444247E5] : CCC Help Italian -> C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42D78011D76588D7966C7D0AB8F5C474] : Catalyst Control Center - Branding -> C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42FA0874D3127814682F00416A6D70B7] : HP Support Assistant -> C:\WINDOWS\Installer\{4780AF24-213D-4187-86F2-0014A6D6077B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4673AE1C831172EADA3645B9DA99AB51] : CCC Help Japanese -> C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\47B800D0226053F770197C3624F79396] : Volume Activation Management Tool [HKCR\Installer\Products\48D76F9207A3E65408A62503B12070B0] : Nero Effects Basic -> C:\WINDOWS\Installer\{29F67D84-3A70-456E-806A-52301B02070B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\496A34161EF56FDB7FE8F4B73F9E14B9] : Toolkit Documentation [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\4CDB18B686338984F8618469F2872912] : Nero 2017 -> C:\WINDOWS\Installer\{6B81BDC4-3368-4898-8F16-48962F789221}\ARPPRODUCTICON.exe [HKCR\Installer\Products\50848F456110F764783198D9CF742253] : SQL Server 2012 Database Engine Shared [HKCR\Installer\Products\514D163353AB34143B10669119AB2691] : MyEpson Portal [HKCR\Installer\Products\5173F3A735977424B8C5D53050B0E99A] : [HKCR\Installer\Products\554590D7179DC4D4E9DFA96F6A85F4A3] : Bing Bureau -> C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}\icon.ico [HKCR\Installer\Products\566152064B486D1448FBD605EC86DD80] : Nero Express -> C:\WINDOWS\Installer\{60251665-84B4-41D6-84BF-6D50CE68DD08}\ARPPRODUCTICON.exe [HKCR\Installer\Products\58EA4A49D1F9786459F38373C1D9A1F4] : Music Recorder [HKCR\Installer\Products\59EBDD8FEBCD5B303595ED631041E612] : CCC Help Danish -> C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5ACEEAD68028AD7428AAB656E33CB179] : Nero Burning Core [HKCR\Installer\Products\5AF433025DC6CF845B9F3DD4570E8754] : AntimalwareEngine -> C:\WINDOWS\Installer\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5D780125CC9A43442960AF10A1BBCD3F] : Nero Device Updates [HKCR\Installer\Products\5E16E053C2C6C3F2A341E790A46B3D0A] : CCC Help Spanish -> C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\65A736C97824F78459FB4122CFA18A97] : Nero 2016 -> C:\WINDOWS\Installer\{9C637A56-4287-487F-95BF-1422FC1AA879}\ARPPRODUCTICON.exe [HKCR\Installer\Products\66122D971C874DA2407EDB22DB85DF64] : CCC Help Chinese Traditional -> C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe [HKCR\Installer\Products\66F055D925D5AC92825BEEC0C2C0FDEB] : Windows Deployment Customizations [HKCR\Installer\Products\67BCB71E42995DB46B6D053D04B7E447] : Nero Disc Menus Basic -> C:\WINDOWS\Installer\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68ADF0FAB7E6C6A1154D34FA0581E12D] : AMD Catalyst Control Center -> C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6A9491196E6625C42846EC4AFDA6A538] : Macrium Reflect Free Edition -> C:\WINDOWS\Installer\{911949A6-66E6-4C52-8264-CEA4DF6A5A83}\Reflect.ico [HKCR\Installer\Products\6AC6FB4ABA81A1C4E8E2BF495841D99C] : Nero Burning ROM -> C:\WINDOWS\Installer\{A4BF6CA6-18AB-4C1A-8E2E-FB9485149DC9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6DAEF11BE91FE3748A1BEA850C855F57] : HP Support Solutions Framework -> C:\WINDOWS\Installer\{B11FEAD6-F19E-473E-A8B1-AE58C058F575}\icon.ico [HKCR\Installer\Products\6DBEC9DAD2449794D9D11E50F0E272D2] : AdAwareUpdater -> C:\WINDOWS\Installer\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7040BB568CC47CD459E2E3FEFD5006A2] : Nero Update -> C:\WINDOWS\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\72BCCFF8D2EEF85DA5DBDEC5609BE118] : CCC Help Swedish -> C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe [HKCR\Installer\Products\73C44F0DB22A3374BB7A689C4F897852] : SQL Server 2012 Database Engine Shared [HKCR\Installer\Products\77E99DA1CC73E44793AC766FDF4365A5] : Catalyst Control Center Localization All -> C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\797ECA52ADBEB4E090F6F99EA7E1A2F6] : CCC Help Russian -> C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\79DD22F7D652D194090947F3DA7CB9EB] : Nero RescueAgent -> C:\WINDOWS\Installer\{7F22DD97-256D-491D-9090-743FADC79BBE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\814AB0FE73FAE1745949AE5E19F36418] : Nero Launcher -> C:\WINDOWS\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\ARPPRODUCTICON.exe [HKCR\Installer\Products\815BF5C8C87E0F8FFBCEE8CA565F0130] : Windows Assessment Services - Client (Client SKU) [HKCR\Installer\Products\81CF047D2BAF1ED49A5F7E8BA175C8FC] : Nero RescueAgent -> C:\WINDOWS\Installer\{D740FC18-FAB2-4DE1-A9F5-E7B81A578CCF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\821B6C5004B15944C99B90B063B8AFA0] : Nero Video Samples -> C:\WINDOWS\Installer\{05C6B128-1B40-4495-9CB9-090B368BFA0A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\849FBE4FE00FFE9298C41DA017F889D1] : Windows Assessment Toolkit [HKCR\Installer\Products\8AC6637E9717EA777E21AB817DA0A070] : AMD Fuel -> C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BA31D3CA8644710D160BDA9EAA831B1] : CCC Help Czech -> C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8D8474FD2CF215D4780D598AC1AC69B2] : Nero MediaHome -> C:\WINDOWS\Installer\{DF4748D8-2FC2-4D51-87D0-95A81CCA962B}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe [HKCR\Installer\Products\8EFB030F674880C45A3532D38EA0B21E] : Nero Info -> C:\WINDOWS\Installer\{F030BFE8-8476-4C08-A553-233DE80A2BE1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F79C7A66B6E340891CF57BF970194E1] : Appman Sequencer on amd64 [HKCR\Installer\Products\960CB88DFFFB244419CE91E82F7B46EF] : AdAwareInstaller -> C:\WINDOWS\Installer\{D88BC069-BFFF-4442-91EC-198EF2B764FE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\985E2342652631540BFBFE8A3E525D0F] : Nero SharedVideoCodecs [HKCR\Installer\Products\9A6ACC8DAC0E9854AB71459C901B8C5B] : Nero CoverDesigner -> C:\WINDOWS\Installer\{D8CCA6A9-E0CA-4589-BA17-54C909B1C8B5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9DAF6B7941F664CC13561F87E5CC2E55] : WPTx64 [HKCR\Installer\Products\9DD3CA015D09065439A0FF9B93481957] : [HKCR\Installer\Products\A2B16319147F195E03B3E49F753FAB1F] : Windows Assessment Toolkit (AMD64 Architecture Specific) [HKCR\Installer\Products\A73F1A8DB11B154438D0A642A3ED5219] : Camtasia 9 -> C:\WINDOWS\Installer\{D8A1F37A-B11B-4451-830D-6A243ADE2591}\CamStudio.ico [HKCR\Installer\Products\A748067A9D4CFE7E17F6706CBC6F1B74] : CCC Help Thai -> C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A7F3CAB7369BE86489E25B06A87804D8] : Epson Software Updater -> C:\WINDOWS\Installer\{7BAC3F7A-B963-468E-982E-B5608A87408D}\icon.ico [HKCR\Installer\Products\A927A03CAB9E8F73C38546DAF9D16449] : Imaging Tools Support [HKCR\Installer\Products\A97236C163FB258499421B79D856586A] : Nero Device Updates [HKCR\Installer\Products\ADEDAA7FA3329701DC5130EA0B050F6C] : User State Migration Tool [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B354D6E6EDAA41F4796FB9644488CB35] : Nero Disc to Device [HKCR\Installer\Products\B54B166CA2D1C7FA720D4BFF6D074AEF] : Kits Configuration Installer [HKCR\Installer\Products\B7E5D71BDDAF4BE45B73BCE73B33D379] : Nero Recode -> C:\WINDOWS\Installer\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B8F487C80D9895A40A00E7FE21E95147] : Jing [HKCR\Installer\Products\BFD8224605477B9439C59B3724BC6695] : HP Customer Experience Enhancements -> C:\WINDOWS\Installer\{64228DFB-7450-49B7-935C-B97342CB6659}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C0DBE580E42F49BED633A222FE465CFC] : CCC Help Finnish -> C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C351938B2D4DC98F0533A061C02607B6] : CCC Help Portuguese -> C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C51E70D24A9A6D8D3D1729CE78975E78] : CCC Help Hungarian -> C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C951361A674B10541B36F37708A98C33] : Nero Burning Core [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC67F423DD8D78D47BD74DFAE5A17A3B] : [HKCR\Installer\Products\CE67D3639B5BB7D5F0951C39FFF630CF] : Windows System Image Manager on amd64 [HKCR\Installer\Products\D2DAD9455052C402CE859508F76E0E73] : WPT Redistributables [HKCR\Installer\Products\D43EEBEB2A48DDE4B8AE69CC45732136] : Nero Core Components [HKCR\Installer\Products\D5758DE765A3BC44095115C33A1060F2] : PowerArchiver 2016 -> C:\WINDOWS\Installer\{7ED8575D-3A56-44CB-9015-513CA301062F}\PA100.exe [HKCR\Installer\Products\D73F0BFC7E2273F4F8EA3B915AA85C9B] : Nero Burning ROM -> C:\WINDOWS\Installer\{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DA1C168692894ED468747458CEAE24A1] : Nero Video -> C:\WINDOWS\Installer\{6861C1AD-9829-4DE4-8647-4785ECEA421A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DED17A5318AD313153A2CEA8B072FDB3] : CCC Help Chinese Standard -> C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E065AE25F05EF8CD41D6B1365184AB92] : Windows Deployment Tools [HKCR\Installer\Products\E3A623703B208701527D8B66B68AEF51] : CCC Help Korean -> C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E4AF4541CB851FE2A99141B7E094E930] : UEV Tools on amd64 [HKCR\Installer\Products\E5AE57E7AF9DBD546964EE5A5CFB164D] : Nero MediaHome -> C:\WINDOWS\Installer\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe [HKCR\Installer\Products\EA58071E856963AAEA36A29785D1B846] : MXAx64 [HKCR\Installer\Products\EC9283ECB955AFB3AB7EF047F5FADC82] : Application Compatibility Toolkit [HKCR\Installer\Products\EE47477FC6BEB78C88FA33018C840E86] : CCC Help Greek -> C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EEF4BFBEBE2C3EE48A23BD58D05EF487] : Nero Video -> C:\WINDOWS\Installer\{EBFB4FEE-C2EB-4EE3-A832-DB850DE54F78}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F75D59AC3CF97DD0C76363F2478D0CE4] : CCC Help Dutch -> C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F8855E740A3CED1189750005650C0080] : Paragon Partition Manager™ 14 Free -> C:\WINDOWS\Installer\{47E5588F-C3A0-11DE-9857-005056C00008}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Professional Windows Information: (build 9200), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: AMI System Manufacturer: Hewlett-Packard System Product Name: CQ2904EF Logical Drives Mask: 0x00fffffc Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Nom du module défaillant : DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000081df ID du processus défaillant : 0x35c Heure de début de l’application défaillante : 0x01d25bc2e67fcbda Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : c98361e9-f47e-4adb-9cba-b5217ccb4cb7 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Nom du module défaillant : DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000081df ID du processus défaillant : 0x9ec Heure de début de l’application défaillante : 0x01d25bc2cd7ea3e5 Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 364c78e4-fd48-49b1-87bb-b337cdeaa6c2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Nom du module défaillant : DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000081df ID du processus défaillant : 0x85c Heure de début de l’application défaillante : 0x01d25bc256dec923 Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 34caddba-67d2-4352-95ed-3ce1533ecb8d Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Nom du module défaillant : DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000081df ID du processus défaillant : 0x698 Heure de début de l’application défaillante : 0x01d25bc2437c165d Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 0177a3a9-c456-4c5c-a006-6573aba325ba Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Nom du module défaillant : DTShellHlp.exe, version : 8.1.0.654, horodatage : 0x5836e141 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000081df ID du processus défaillant : 0xb18 Heure de début de l’application défaillante : 0x01d25bc221de1c05 Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 49e85a81-636a-4121-b52a-0db3f2778c8f Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000022e27 ID du processus défaillant : 0x2bbc Heure de début de l’application défaillante : 0x01d25bbaa587d430 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : a91ed2ee-5d41-43d3-af8d-b7e1d0b1b2e8 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Nom du module défaillant : SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001756a7 ID du processus défaillant : 0x2910 Heure de début de l’application défaillante : 0x01d25bba90326001 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : f3996af4-37c0-4383-8b69-d734523702e6 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000022e27 ID du processus défaillant : 0x28dc Heure de début de l’application défaillante : 0x01d25bba5f73a85c Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : 88c39789-e337-448d-97b2-4dfd76147fd8 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Nom du module défaillant : SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001756a7 ID du processus défaillant : 0x1ab0 Heure de début de l’application défaillante : 0x01d25bba4493d04c Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : a31134a0-1d20-4ba9-a258-b42aff96870f Nom complet du package défaillant : Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Nom du module défaillant : SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001756a7 ID du processus défaillant : 0xc0c Heure de début de l’application défaillante : 0x01d25bb9f28bf47d Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : b0ec013a-268a-4bb9-b3c8-a33f78a8cb15 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Nom du module défaillant : SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001756a7 ID du processus défaillant : 0x20bc Heure de début de l’application défaillante : 0x01d25bb9c6bae4ff Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : b6cbecd5-8ca7-484b-bace-9387c342e4c0 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Nom du module défaillant : SearchUI.exe, version : 10.0.14393.447, horodatage : 0x5819bdb2 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000001756a7 ID du processus défaillant : 0x1ef4 Heure de début de l’application défaillante : 0x01d25bb98a827bb5 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe ID de rapport : d1358f88-87cc-4943-8ba2-35652e42463a Nom complet du package défaillant : Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000022e27 ID du processus défaillant : 0x1ac4 Heure de début de l’application défaillante : 0x01d25bb95c14c34f Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : dc4c9c59-54c9-4bcb-9d2d-e5b10c174bb8 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante MicrosoftEdge.exe, version : 11.0.14393.576, horodatage : 0x584a7815 Nom du module défaillant : MicrosoftEdge.exe, version : 11.0.14393.576, horodatage : 0x584a7815 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000102337 ID du processus défaillant : 0xd60 Heure de début de l’application défaillante : 0x01d25bb81528aac6 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe ID de rapport : a6d194ee-6219-4f7d-91af-a9f0207300cf Nom complet du package défaillant : Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe ID de l’application relative au package défaillant : MicrosoftEdge ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Nom du module défaillant : ShellExperienceHost.exe, version : 10.0.14393.447, horodatage : 0x5819bf85 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000022e27 ID du processus défaillant : 0xcf0 Heure de début de l’application défaillante : 0x01d25bb6a3b315b8 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : c4b8b203-dea3-4d2b-9040-7ec5b6ccb99d Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Opera, Portable Edition Legacy (PortableApps.com Launcher) en raison de cette erreur. Programme : Opera, Portable Edition Legacy (PortableApps.com Launcher) Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante OperaPortable.exe, version : 2.2.0.0, horodatage : 0x4f47e2df Nom du module défaillant : OperaPortable.exe, version : 2.2.0.0, horodatage : 0x4f47e2df Code d’exception : 0xc0000006 Décalage d’erreur : 0x0000702c ID du processus défaillant : 0x2484 Heure de début de l’application défaillante : 0x01d25bae274fec30 Chemin d’accès de l’application défaillante : G:\PortableApps\OperaPortableLegacy12\OperaPortable.exe Chemin d’accès du module défaillant: G:\PortableApps\OperaPortableLegacy12\OperaPortable.exe ID de rapport : 44849ca9-f641-4bb4-b556-c2f0ae30e8ae Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Opera Internet Browser en raison de cette erreur. Programme : Opera Internet Browser Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ ----------( EOF)---------- - 8599 | 21:24:38