--------------- QuickDiag | g3n-h@ckm@n | 2_28.07.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 30/07/2016 19:01:37 Updated 28/07/2016 | 00.10 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Jean-Marie (Administrator)] - [100P100_S_FIN] (S-1-5-21-333624727-3628993747-300940260-1001) System: Microsoft Windows 10 Famille - - (10.0.10586) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : SafeMode with network PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Extended ---------- | SoundDevice HD Webcam C310 - Status: Unknown - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_081B&MI_02\8&4D0A220&0&0002 Realtek High Definition Audio - Status: Unknown - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34632 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25344 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27136 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:61 % CPU #2 value:83 % Total Overall CPU Usage value:72 % ---------- | Network Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) - Ethernet 802.3 - Qualcomm Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_2AE3103C&REV_C1\4&186C6B44&0&00A9 Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 3748 | Free (MB) : 2146 Pagefile = Total (MB) : 4157 | Free (MB) : 2528 Virtual = Total (MB) : 4194 | Free (MB) : 3976 Physical Memory 0 : Capacity: 4294967296 - A1_DIMM0 - Posit.: 0 - Manufacturer: Micron - PartNumber: 8JTF51264AZ-1G6E1 - S/N: DEA02E9 ---------- | SID Users Administrateur : [S-1-5-21-333624727-3628993747-300940260-500] DefaultAccount : [S-1-5-21-333624727-3628993747-300940260-503] HomeGroupUser$ : [S-1-5-21-333624727-3628993747-300940260-1005] Invité : [S-1-5-21-333624727-3628993747-300940260-501] Jean-Marie : [S-1-5-21-333624727-3628993747-300940260-1001] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-333624727-3628993747-300940260-1006] HomeUsers : [S-1-5-21-333624727-3628993747-300940260-1004] WinRMRemoteWMIUsers__ : [S-1-5-21-333624727-3628993747-300940260-1000] ---------- | Drives V:\ -> [Removable] | [AUTORAD] | Total : 14.83 Go | Free : 14.57 Go -> FAT32 [USB] S:\ -> [Fixed] | [My Passport] | Total : 2794.49 Go | Free : 878.76 Go -> NTFS [USB] R:\ -> [Removable] | [NO NAME] | Total : 59.48 Go | Free : 17.37 Go -> FAT32 [USB] M:\ -> [Removable] | [] | Total : 30.02 Go | Free : 2.11 Go -> FAT32 [USB] L:\ -> [Removable] | [HITMANPRO] | Total : 28.78 Go | Free : 27.27 Go -> FAT32 [USB] K:\ -> [Removable] | [FramaLive] | Total : 14.41 Go | Free : 8.51 Go -> FAT32 [USB] J:\ -> [Removable] | [BLIND] | Total : 1.86 Go | Free : 0.25 Go -> FAT [USB] H:\ -> [Removable] | [FRAMAKEY UB] | Total : 57.64 Go | Free : 51.43 Go -> FAT32 [USB] D:\ -> [Fixed] | [Recovery Image] | Total : 13.06 Go | Free : 1.6 Go -> NTFS [SATA] C:\ -> [Fixed] | [OS] | Total : 916.54 Go | Free : 875.59 Go -> NTFS [SATA] Disk Usage Information [14 total Physical Disks] Physical Drive #0 [C:, D:] : Read:2,609,633 bytes/sec, Written:4,896,250 bytes/sec Max Read:2,609,633 bytes/sec, Max Write:4,896,250 bytes/sec Physical Drive #1 [E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [S:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [L:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [J:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #7 [K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #8 [M:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #9 [O:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, P:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, Q:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, R:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, V:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:2,609,633 bytes/sec, Write Maximum:4,896,250 bytes/sec DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_STORE_N_GO&REV_5.00\070B559AA120B087&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_MULTI-CARD&REV_1.00\20071114173400000&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - External hard disk media - 1 Part. - PnPID : USBSTOR\DISK&VEN_WD&PROD_MY_PASSPORT_0827&REV_1012\575831314438354450483744&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-60ZF5A0\4&32E8E4A0&0&000000 DeviceID: \\.\PHYSICALDRIVE13 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0815\000000000004&0 DeviceID: \\.\PHYSICALDRIVE10 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-SM/XD&REV_2.10\50000007EDC1&1 DeviceID: \\.\PHYSICALDRIVE12 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-MS&REV_2.10\50000007EDC1&3 DeviceID: \\.\PHYSICALDRIVE11 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-SD&REV_2.10\50000007EDC1&2 DeviceID: \\.\PHYSICALDRIVE7 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_3.0&REV_PMAP\AC220B280C8CB030D9732DE0&0 DeviceID: \\.\PHYSICALDRIVE9 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-CF&REV_2.10\50000007EDC1&0 DeviceID: \\.\PHYSICALDRIVE8 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1100\0116000000008682&0 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_&PROD_FIXMESTICK&REV_8.07\D2BF4C401E2763FP1289&0 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_9451\7&1BF356A7&0 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_STORE_N_GO&REV_PMAP\071055D329387500&0 ---------- | Windows updates No detected update !!! ---------- | Browsers IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" %1 ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.209 ---------- | Security AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 340 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe [30/10/2015 09:18:03] CPU Usage:0 % 508 | [Owner : | Parent : 444() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe [29/07/2016 22:12:29] CPU Usage:0 % 592 | [Owner : | Parent : 500() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe [29/07/2016 22:10:04] CPU Usage:0 % 632 | [Owner : | Parent : 508(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe [27/04/2016 07:16:35] CPU Usage:0 % 640 | [Owner : | Parent : 508(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe [30/10/2015 09:18:03] CPU Usage:0 % 716 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 768 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 940 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1004 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 76 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 384 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 424 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1064 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1216 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1328 | [Owner : | Parent : 632(services.exe) | ?????] - (.-.) - (11.12.945.9202) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [18/07/2016 20:22:36] CPU Usage:0 % 1364 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1376 | [Owner : | Parent : 632(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.9.10586.494) = C:\Program Files\Windows Defender\MsMpEng.exe [29/07/2016 22:12:12] CPU Usage:0 % 2160 | [Owner : Jean-Marie | Parent : 76(svchost.exe) | 19.92 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe [30/10/2015 09:18:01] CPU Usage:0 % 2292 | [Owner : Jean-Marie | Parent : 2256() | 85.2 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [29/07/2016 22:12:44] CPU Usage:0 % 2436 | [Owner : Jean-Marie | Parent : 2292(explorer.exe) | 5.43 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.10586.0) = C:\Windows\System32\ctfmon.exe [30/10/2015 09:18:18] CPU Usage:0 % 2712 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 11.18 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.10586.0) = C:\Windows\System32\dllhost.exe [30/10/2015 09:17:51] CPU Usage:0 % 2760 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 55.79 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.10586.494) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [29/07/2016 22:14:16] CPU Usage:0 % 2820 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 23.99 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe [30/10/2015 09:17:51] CPU Usage:0 % 2876 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 85.57 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.10586.494) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [29/07/2016 22:09:00] CPU Usage:0 % 2968 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 9.89 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.10586.0) = C:\Windows\System32\dllhost.exe [30/10/2015 09:17:51] CPU Usage:0 % 776 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 20.9 Mo] - (.Microsoft Corporation - Aide et support Microsoft.) - (10.0.10586.494) = C:\Windows\HelpPane.exe [29/07/2016 22:10:49] CPU Usage:0 % 3236 | [Owner : Jean-Marie | Parent : 716(svchost.exe) | 18.51 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10586.0) = C:\Windows\System32\ApplicationFrameHost.exe [30/10/2015 09:18:16] CPU Usage:0 % 3444 | [Owner : Jean-Marie | Parent : 2292(explorer.exe) | 30.86 Mo] - (.SosVirus - QuickDiag.) - (28.7.2016.1) = C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe [30/07/2016 18:37:22] CPU Usage:0 % ---------- | MD5 [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [29/07/2016 22:12:44] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.494) : C:\WINDOWS\Explorer.exe [MD5.41E25E514D90E9C8BC570484DBAFF62B] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [228.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [27/04/2016 07:16:35] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\WINDOWS\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [29/07/2016 22:13:32] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [29/07/2016 22:12:29] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [29/07/2016 22:10:04] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [27/04/2016 07:16:39] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [29/07/2016 22:08:23] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [27/04/2016 07:16:38] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [29/07/2016 22:09:35] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [29/07/2016 22:11:04] - (.© Microsoft Corporation. - MBT Transport driver.) - [272 Ko] - (10.0.10586.420) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [29/07/2016 22:12:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [27/04/2016 07:16:36] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [29/07/2016 22:08:24] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2346.84 Ko] - (10.0.10586.494) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [27/04/2016 07:16:42] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\CoreUIComponents.dll (..-..) - (11.12.945.9202) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareShellExtension.dll (.Cyberlink.-.Cyberlink Shell Extension dynamic link library.) - (8.0.0.1813) -- C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll (..-..) - (1.0.0.0) -- C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDrive - ("C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-333624727-3628993747-300940260-1001\...\Run]) - User: 100P100_S_FIN\Jean-Marie ZAM - ("C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized [HKLM\...\Run]) - User: Public - ( [HKLM\...\Run]) - User: Public AdAwareTray - ("C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe" [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=notepad\1 "MRUList"=a [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "ZAM"="C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized ""= "AdAwareTray"="C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe" [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R "Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [29/07/2016 17:12:44] "ZALFree"="C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe" /MINIMIZED "BingDesktop"=C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] ""= [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=26eeb8c3-bb21-4422-a44d-8d2c8fe "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN SAFEBOOT:NETWORK NOGUIBOOT BOOTLOGO "SystemBootDevice"=multi(0)disk(0)rdisk(4)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(4)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "fullprivilegeauditing"=0x00 "LsaPid"=640 "SamConnectedAccountsExist"=1 "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp ---------- | .LNK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk (/SendTo) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (/e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\Public\Desktop\Manuels EPSON.lnk ( /LA "FR" /FR "DESKTOP") C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk (/ReinstallApp) C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk (/DelRP) C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk (/ReinstallDriver) C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk (/RecoveryReport) C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk (/CDCreator) C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{227680FF-28CE-48EE-AADF-8D009B2813A9}\PlayTasks\0\web.lnk (/src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{22A975C0-D22F-482C-A387-637EEC15870F}\PlayTasks\0\web.lnk (/src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk (/id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{2D080D0F-37EF-433E-90F1-CE36EB0205F6}\PlayTasks\0\web.lnk (/src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{5f828e7a-066c-4d4a-ada6-8b2494b859db}\PlayTasks\0\web.lnk (/src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{e923cba5-ed90-4670-bf07-064d14a1cd55}\PlayTasks\0\web.lnk (/src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk (Start Help -help) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON Software Updater.lnk (/ST) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Manuels EPSON.lnk ( /LA "FR" /FR "STARTMENU") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk (/id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\WSG.lnk (P004H7B2 WSG) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\OPS.lnk (P004GZB2 OPS) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\SCG.lnk (P004GZB2 SCG) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\SRI.lnk (P004GZB2 SRI) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\TMG.lnk (P004GZB2 TMG) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Snapfish.lnk (http://www.snapfish.com/hp_desktop_desktopicon_2012_fr) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services\eBay.lnk (http://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=fr_fr&bd=all&c=124) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free\Generate Log File\Generate Log File.lnk (/CRASH) ---------- | AppCertDlls | AppInit_DLLs [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "AutoColorization"=1 "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC301008750050080070000B0040000515A81B731EAD10143003A005C00550073006500720073005C004A00650061006E002D004D0061007200690065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00420069006E0067004400650073006B0074006F0070005C007400680065006D00650073005C0032003000310036002D00300037002D00330030002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2950486850 "ScreenSaverIsSecure"=1 "Wallpaper"=C:\Users\Jean-Marie\AppData\Local\Microsoft\BingDesktop\themes\2016-07-30.jpg [30/07/2016 09:12:21] "Win8DpiScaling"=0 "DpiScalingVer"=4096 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003E28000000000000000000000000000001000000130000000000000063000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x0D24645B365B9F4BA75F4925B6A53D5B95230000BD0E0C47735D584D9CEDE91E22E23282EFB8000040C7A47B819ECF1199D300AA004AE837D40900006078A409B011A54DAFA526D86198A7804A0B000062B06A59D2B415429F74E9109B0A8153AD750000 "TelemetrySalt"=2 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "GlobalAssocChangedCounter"=46 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=328 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=11 "ReindexedProfile"=1 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarGlomLevel"=0 "StoreAppsOnTaskbar"=1 "EnableStartMenu"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=9 "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=3 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=10586 "FirstLogon"=0 "PUUActive"=0x53A5712D0200000001000500F01B0000121C000068970000D000000006000600E84297206F9800006F980000480A0000DC060000870300000000000061980000E400000024000000B1053A7D83EAD101 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "ShutdownStartTime"=131143714639431207 "UserSessionShutdownStopTime"=131143714641462481 "ShutdownFlags"=2147484711 "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\jean-marie.carribon@wanadoo.fr "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [29/07/2016 22:11:02] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [29/07/2016 22:11:02] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\Jean-Marie\Desktop\ZHPDiag3.exe"=0x534143500100000000000000070000002800000000162200EAAB2200010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000009C3D1100000000000100000001000000 "S:\pc-decrapifier-3.0.0.exe"=0x5341435001000000000000000700000028000000848A1E0000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000A0C01100000000000100000001000000 "S:\PowerCam\Norton_Removal_Tool.exe"=0x5341435001000000000000000700000028000000989E0E003A6F0F00010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000009BF7C200000000000100000001000000 "S:\power2go 11 & m-disc ppencc archives to burn\iobit important lfsu,b2,w apps (drweb quarant restore).exe"=0x5341435001000000000000000700000028000000F3097A0066480200010000000000000000000206712000002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000092D0100000000000100000001000000 "S:\iobit lock unlock applications\IObitUnlockerPortable_1.1.paf.exe"=0x53414350010000000000000007000000280000003660160000000000010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000063570100000000000300000003000000 "S:\barrow 2 & widen 100% sécurisé\FastCopyPortable_3.13_Rev_2.paf.exe"=0x5341435001000000000000000700000028000000203610009A5A1000010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000000ABF0000000000000100000001000000 "S:\PortableApps\IObitUninstallerPortable\IObitUninstallerPortable.exe"=0x534143500100000000000000070000002800000060870300A9000400010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000002A30400000000000100000001000000 "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe"=0x534143500100000000000000070000002800000010CA0200B18E0300010000000000000000000106712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000200000000000000000000000000D7401800000000000100000001000000 "SIGN.MEDIA=6F0B9 Framakey\Virtualbox-install\VitrualBox-install.exe"=0x53414350010000000000000007000000280000001B60060000000000010000000000000000000006710200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000064790600000000000100000001000000 "S:\barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\filmora_setup_full1084.exe"=0x5341435001000000000000000700000028000000906812003E4D1300010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000721F0500000000000100000001000000 "S:\barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\filmora_resource.exe"=0x5341435001000000000000000700000028000000C066511643475216010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000009BA60100000000000100000001000000 "S:\LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\WVDSetup.exe"=0x5341435001000000000000000700000028000000C89D1E0034021F00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000AE2E0000000000000100000001000000 "S:\LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\WMOSetup.exe"=0x5341435001000000000000000700000028000000B83C130029DA1300010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000035260000000000000100000001000000 "S:\LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\ashampoo_privacy_protector_e1.0.2_sm.exe"=0x5341435001000000000000000700000028000000F0085901ACBD5901010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000CCE50300000000000100000001000000 "C:\Users\Jean-Marie\Desktop\lfs ultra suite\Ajustages Finalisation LFS Ultra & 100% Sécurisé\Ajustages lfs ultra & 100% sécurisé finalisés\Zemana.AntiMalware.Setup.exe"=0x534143500100000000000000070000002800000040DA500002BE7D02010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000025D80000000000000100000001000000 "C:\Users\Jean-Marie\Desktop\lfs ultra suite\Ajustages Finalisation LFS Ultra & 100% Sécurisé\Ajustages lfs ultra & 100% sécurisé finalisés\AntiLoggerFree_Setup_1.8.2.320.exe"=0x5341435001000000000000000700000028000000F8C238009D573900010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000078874200000000000100000001000000 "S:\LFS Ultra & 100% Sécurisé\ashampoo_privacy_protector_2015_19866.exe"=0x5341435001000000000000000700000028000000188F4B019A244C01010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000057170100000000000100000001000000 "S:\GetWindows10-Web_Default_Attr.exe"=0x53414350010000000000000007000000280000001082740022807500010000000000000000000206710000002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000EFC03E00000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C03802000BA5020001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C8F0890013408A0001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000 "S:\BingDesktopSetup.exe"=0x5341435001000000000000000700000028000000D86AA00040A2A0000100000000000000000001057100000019B4C529E312D1010000000000000000020000002800000000000000800900400000000000000000000000000000000034C50000000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\Temp\SoftwareUpdate_Temp\Data\Setup.exe"=0x5341435001000000000000000700000028000000685905004D4706000100000000000000000003060021000019B4C529E312D10100000080000000000200000028000000000000000000004000000000000000000000000000000000B62F0100000000000100000001000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x534143500100000000000000070000002800000018DE2900D53E2A000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C47A5B00000000000100000001000000 "SIGN.MEDIA=1FEFB5 VirtualBox\VirtualBox.exe"=0x5341435001000000000000000700000028000000F3030A0091440A000100000000000000000001067122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CEC80000000000000100000001000000 "S:\Ad-Aware Personal Security\Adaware_Installer.exe"=0x534143500100000000000000070000002800000088521A00794B1B000100000000000000000002067102000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000094521400000000000100000001000000 "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"=0x5341435001000000000000000700000028000000E00C9200363D920001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000ED561000000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector 2015\PrivacyProtector2015.exe"=0x5341435001000000000000000700000028000000784F2700FC5E270001000000000000000000000AF522000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000010FD9A00000000000100000001000000 "S:\PortableApps\FirefoxPortable\FirefoxPortable.exe"=0x534143500100000000000000070000002800000068370300CC4103000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EC860800000000000300000003000000 "C:\Users\Jean-Marie\Desktop\UsbFix_2016_8.248.exe"=0x53414350010000000000000007000000280000002CAD2F00000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000680BEA00000000000100000001000000 "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDesktop.exe"=0x5341435001000000000000000700000028000000E8C62601C886270101000000000000000000000A0021000059193B14E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000088911900000000000100000001000000 "C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe"=0x534143500100000000000000070000002800000000CC2000C163210001000000000000000000000A0021000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003C590000000000000200000002000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=0 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131062095539121844 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "DisableAntiSpyware"=0 "TrustedImageIdentifier"=P004N3-B2V "InstallTime"=0xC269572A7AE9D101 "DisableAntiVirus"=0 "OOBEInstallTime"=0xCAEAC19FBDE9D101 "OneTimeSqmDataSent"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | @ [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Start Page"=http://fr.yahoo.com?fr=fp-comodo&type=33220001005_1.2.392126.236_u_hp "Default_Page_URL"=http://g.uk.msn.com/CQDSK13/3 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\Windows\system32\blank.htm "NoUpdateCheck"=1 "Play_Background_Sounds"=yes "Play_Animations"=yes "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000004100000083086B075225C5012F3C7BDFEBD7170C54B0E7157192B3480AD56DEAEE248F7845AF6B576D81B8739380DE88F138376966965E5FE9B06ECEEC9A0E8B15DCC291E302000000100000007663585725326233636639496F253364 "OperationalData"=1 "CompatibilityFlags"=0 "IE10TourNoShow"=1 "FullScreen"=no "IconCache"=hxaljlr "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF240000002400000044030000A4020000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x61BFFDF792E9D101 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "First Home Page"=http://g.uk.msn.com/CQDSK13/3 "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "ImageStoreRandomFolder"=h7krlhd "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160223-1728 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ZonesSecurityUpgrade"=0xADB8C954B5E9D101 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "WarnonZoneCrossing"=0 "GlobalUserOffline"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Default_Page_URL"=http://g.uk.msn.com/CQDSK13/3 "Start Page"=http://g.uk.msn.com/CQDSK13/3 "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=0xE3EFEB7F196B494398D2FFB09D4B49CA00F4020000 "ITBar7Layout"=0x13000000000000000000000020000000100001002F00000001000000000700005E010000060000004101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E3EFEB7F196B494398D2FFB09D4B49CA0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0xB41916FC92E9D101 "Version"=3 "UpgradeTime"=0xF322FCFC92E9D101 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102) - [] ---------- | SearchScopes [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS : [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}] - (Ask.com) - http://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF : [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D}] - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} : [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}] - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF : [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] - (eBay) - http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}] - (Ask.com) - http://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D}] - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}] - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] - (eBay) - http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}] - (Ask.com) - http://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{5BD8BA7A-83E9-4F8F-B045-4ACBBE3EDF7D}] - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}] - (Yahoo) - http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}] - (eBay) - http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\4DDD5300-D063-473A-9D82-96B009619DA5] - (C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources) - HPSALauncher.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] - (C:\Program Files\Internet Explorer) - iexplore.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041a5213-ea64-4c45-99af-70d7d8e902ec}] - (C:\Program Files\Internet Explorer) - ielowutil.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] - (C:\Windows\System32) - winfxdocobj.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\System32) - msdt.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2986f91b-530f-4717-b92d-1c011ed832bd}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IARNLPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{717f9b5f-7e18-48e7-b515-21f1e3b576c6}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IPRELPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\4DDD5300-D063-473A-9D82-96B009619DA5] - (C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources) - HPSALauncher.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] - (C:\Program Files (x86)\Internet Explorer) - iexplore.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041a5213-ea64-4c45-99af-70d7d8e902ec}] - (C:\Program Files (x86)\Internet Explorer) - ielowutil.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] - (C:\Windows\SysWOW64) - winfxdocobj.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\SysWOW64) - msdt.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34372DD3-19BF-454f-BF23-8761F26CFFD2}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewps.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{380689D0-AFAA-47E6-B80E-A33436FE314B}] - (C:\Program Files (x86)\Windows Live\Contacts\) - wlcomm.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{886D9852-A9A8-4b88-83D4-50FC6616C21D}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewpsbw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9019d14b-638d-4383-bb95-441b7f57eafb}] - (C:\Program Files (x86)\Windows Live\Installer\) - wlstartup.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings ---------- | Ext\Stats [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] : : [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 11:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> () : ---------- | Chrome ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll ---------- | Active Connections TCP 127.0.0.1:49668 100p100_s_fin:49669 ESTABLISHED 1328 TCP 127.0.0.1:49669 100p100_s_fin:49668 ESTABLISHED 1328 TCP 127.0.0.1:49670 100p100_s_fin:49671 ESTABLISHED 1328 TCP 127.0.0.1:49671 100p100_s_fin:49670 ESTABLISHED 1328 TCP 127.0.0.1:49672 100p100_s_fin:49673 ESTABLISHED 1328 TCP 127.0.0.1:49673 100p100_s_fin:49672 ESTABLISHED 1328 TCP 127.0.0.1:49674 100p100_s_fin:49675 ESTABLISHED 1328 TCP 127.0.0.1:49675 100p100_s_fin:49674 ESTABLISHED 1328 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{b389ab24-c362-4fab-b29c-601c91b5a911}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b389ab24-c362-4fab-b29c-601c91b5a911}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - [1,1,1,9] - -> [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - [10,0,10586,0] - -> [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - [12,0,10011,16384] - -> [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - [10,0,10586,494] - -> [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [11,71,10586,0] - -> [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,10586,0] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\inf\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,10011,16384] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - [1,1,1,9] - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [10,0,10586,0] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{583AC46A-4A6F-39BC-AEFD-1BC2759FFA51}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [10,0,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - [10,0,10586,494] - @%SystemRoot%\system32\shell32.dll,-32969 -> U [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - [11,71,10586,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [10,0,10586,71] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,10011,16384] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [10,0,10586,0] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{600AC0DF-B614-36F9-9E10-28896BD4ACCA}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [10,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - [2,0,50727,1] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [10,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: hpqwmiex - AppID: {0018752E-7735-4B30-9DA9-4A01F024F270} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: PhotoAcqDropTargetEventHandler - AppID: {06A2568A-CED6-4187-BB20-400B8C02BE5A} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: wpnservice - AppID: {077869D3-D0DE-4586-882B-359F80009D0C} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: QuickTimeShellExt - AppID: {0A18A436-2A7A-49F3-A488-30538A2F6323} Name: SwapAPODll - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: IIS W3 Control - AppID: {119817C9-666D-4053-AEDA-627D0E25CCEF} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: InstallAgent - AppID: {260eb9de-5cbe-4bff-a99a-3710af55bf1e} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: Exchange Active Sync Policies Broker - AppID: {26795871-6B8F-4115-89DD-986213012798} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: Windows Live Photo Gallery Autoplay Drop Target - AppID: {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CContactDb - AppID: {380689D0-AFAA-47E6-B80E-A33436FE314B} Name: LivePhotoAcqHWEventHandler - AppID: {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: PIFUAC - AppID: {45CB30B1-B453-488a-9E8F-CE3C2ABFAAA7} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: RadioManagement Lib Class - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: Watson subscriber for SENS Network Events - AppID: {58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Video Capture Wizard - AppID: {5AB7566D-F75B-4A53-9615-115B6CB1D59B} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: %SystemRoot%\System32\wsclient.dll - AppID: {5C917E9C-0B2F-40D6-928B-5C43FDB16DF4} Name: WLXMP4ParserThumbnailProvider - AppID: {5D6E8BC8-01F3-41CC-BF7D-D7EEF436896E} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: CLMLSvc_P2G8 - AppID: {64260897-BFB4-451c-A60E-89377BAC66D3} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Out of proc server to enable Insider Hub and Feedback App scenarios to be reached from inside of its appcontainer - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: Dispatch - AppID: {7D7B609B-D089-4687-9606-264A9AA2FBB2} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: AdAwareShellExtension - AppID: {815E3070-A914-4A36-BC40-2F35AAD1C91E} Name: hputils - AppID: {8195693E-0C55-4BE2-A2DB-32376ABC24C4} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {8B8C2776-594E-41EA-90D0-8013CACBB9A7} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: WLXAutoPlayMgr - AppID: {9B5CDBB0-6D57-4816-BD04-CA9E68DF5610} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: ahadmin - AppID: {9fa5c497-f46d-447f-8011-05d03d7d7ddc} Name: CDP Reference Host - AppID: {A0316E2D-8793-4E74-AA48-8CE2ED05BA57} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: Out of proc server to enable Insider Hub scenarios to be reached from inside of its appcontainer - AppID: {ac0fd47a-37f4-4502-bfee-6b317e479d41} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: Windows Live Social Object Extractor Engine - AppID: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: Dispatch - AppID: {B1463312-25D9-4de4-96DC-FE9213084065} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: WLX Thumbnail Cache Out of Proc Server - AppID: {B8A2E14E-290D-4122-B092-1A7D86198CCE} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: ewpsie_tb - AppID: {BBFE69BB-2EA4-49A6-99F3-9408974D0684} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: LockScreen Application Notification Broker - AppID: {C89FC3EF-A0DC-4feb-BFBC-F13A9C334D4F} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: EPTBL - AppID: {CACC252F-95A7-4741-BBE8-FB1F18C2826F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: BingDesktopUpdater - AppID: {CE41EBCF-17C0-4307-971E-03FEBCBB7D39} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: TokenBroker Out Of Proc COM Server - AppID: {E73A797B-24CE-424A-AD4F-48E98B1E95B8} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: iisctl - AppID: {E8FB8615-588F-11D2-9D61-00C04F79C5FE} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Immersive Print Dialog Surrogate - AppID: {EB28E902-728E-42C4-97DC-DA89E144C744} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {F7CDD0DF-887D-463F-AF57-0E442B5C233B} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{119817C9-666D-4053-AEDA-627D0E25CCEF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{119817C9-666D-4053-AEDA-627D0E25CCEF}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7D7B609B-D089-4687-9606-264A9AA2FBB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7D7B609B-D089-4687-9606-264A9AA2FBB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A0316E2D-8793-4E74-AA48-8CE2ED05BA57}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B1463312-25D9-4de4-96DC-FE9213084065}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B1463312-25D9-4de4-96DC-FE9213084065}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ---------- | Software [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\AppDataLow] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Ashampoo] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\ATI] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\BugSplat] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\CyberLink] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\EPSON] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Mine] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Norton] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Policies] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\RegisteredApplications] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\SyncEngines] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\sysinternals] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\UsbFix] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Wondershare] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Wow6432Node] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Zemana] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\AppDataLow\Software\adawarebp] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-333624727-3628993747-300940260-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AMD] [HKLM\Software\Ashampoo] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\AVC3] [HKLM\Software\Bitdefender] [HKLM\Software\Clients] [HKLM\Software\EPSON] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Intel] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\Lavasoft] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\Software\Zemana] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\Ashampoo] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\Lavasoft] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\SEIKO EPSON CORPORATION] [HKLM\Software\WOW6432Node\SOSVirus] [HKLM\Software\WOW6432Node\SymNRT] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | FeatureControl [HKU\S-1-5-21-333624727-3628993747-300940260-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "pc-decrapifier.exe"="9999" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "WindowsAnytimeUpgradeUI.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "Filmora.exe"="9999" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [29/07/2016 17:17:37] - |D| - [101010959] - C:\Program Files (x86)\Ashampoo [MD5.00000000000000000000000000000000] - [30/07/2016 06:11:35] - |D| - [2947568] - C:\Program Files (x86)\EPSON [MD5.00000000000000000000000000000000] - [30/07/2016 06:02:36] - |D| - [233871446] - C:\Program Files (x86)\EPSON Software [MD5.00000000000000000000000000000000] - [29/07/2016 17:19:52] - |D| - [197482] - C:\Program Files (x86)\KeyCryptSDK [MD5.00000000000000000000000000000000] - [29/07/2016 19:35:13] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:59] - |D| - [25757] - C:\Program Files (x86)\MSBuild [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:59] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [MD5.00000000000000000000000000000000] - [29/07/2016 17:15:36] - |D| - [8010179] - C:\Program Files (x86)\Wise [MD5.00000000000000000000000000000000] - [29/07/2016 17:15:42] - |D| - [0] - C:\Program Files (x86)\Wondershare [MD5.00000000000000000000000000000000] - [29/07/2016 17:19:51] - |AD| - [10323227] - C:\Program Files (x86)\Zemana AntiLogger Free [MD5.00000000000000000000000000000000] - [29/07/2016 17:20:17] - |AD| - [16306803] - C:\Program Files (x86)\Zemana AntiMalware [MD5.203F8C2CA4C6BD8E4D79564E581380A7] - [29/07/2016 18:21:49] - |A| - [6554] - C:\WINDOWS\comsetup.log [MD5.E3F4BF3FC55D97314DC1DD650C83F2C1] - [29/07/2016 18:06:34] - |A| - [10449] - C:\WINDOWS\diagerr.xml [MD5.692CA5EBC9E0CEF0A8D0BE4DF7400CEE] - [29/07/2016 18:06:34] - |A| - [9528] - C:\WINDOWS\diagwrn.xml [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [29/07/2016 22:12:44] - |A| - [4515256] - C:\WINDOWS\explorer.exe [MD5.430DE1635CE173440D34ABA1676113D7] - [29/07/2016 22:10:49] - |A| - [994816] - C:\WINDOWS\HelpPane.exe [MD5.2EB26B9B1FD61752BE302ABE84165A9E] - [29/07/2016 19:00:42] - |A| - [13431] - C:\WINDOWS\iis.log [MD5.9AEECE909BBC1C0C5A292354286D764A] - [30/07/2016 18:59:36] - |A| - [81980] - C:\WINDOWS\ntbtlog.txt [MD5.00000000000000000000000000000000] - [29/07/2016 19:54:14] - |DC| - [119977268] - C:\WINDOWS\Panther [MD5.D52DEED43D177CFC246703622269B527] - [30/07/2016 18:59:36] - |A| - [802] - C:\WINDOWS\PFRO.log [MD5.00000000000000000000000000000000] - [29/07/2016 18:56:12] - |D| - [30005479] - C:\WINDOWS\Prefetch [MD5.00000000000000000000000000000000] - [29/07/2016 14:02:12] - |D| - [7859852987] - C:\WINDOWS\SoftwareDistribution [MD5.038356387332650843BCB352BB89A101] - [29/07/2016 14:02:12] - |A| - [275] - C:\WINDOWS\WindowsUpdate.log [MD5.6F06EA56C23E87D9D1CCC1B5C26E20CE] - [29/07/2016 17:20:27] - |A| - [149532] - C:\WINDOWS\ZAM.krnl.trace [MD5.3B1A8EB80E96129ADFFC6A12C64BEFC2] - [29/07/2016 17:20:26] - |A| - [119944] - C:\WINDOWS\ZAM_Guard.krnl.trace [MD5.F205BCF4B5340B567735E6C6D059F5D4] - [01/07/2016 04:42:00] - |A| - [5963776] - C:\WINDOWS\Installer\254c8c0.msi [MD5.17985C3677F79166E843435C0F60D2E6] - [30/07/2016 07:20:40] - |A| - [19233280] - C:\WINDOWS\Installer\29c4fe8.msi [MD5.74D5A321172558E571976F023F840D64] - [30/07/2016 07:21:30] - |A| - [17523200] - C:\WINDOWS\Installer\29c4fed.msi [MD5.74A3E8A89094956BEC9552DC0402DA28] - [30/07/2016 07:22:41] - |A| - [3851264] - C:\WINDOWS\Installer\29c4ff2.msi [MD5.1D12B65C6A650DE6D98D94DFEA10C22D] - [30/07/2016 07:22:50] - |A| - [2303488] - C:\WINDOWS\Installer\29c4ff7.msi [MD5.05C92119A68EEEE2F3D229D1D06DA482] - [30/07/2016 07:23:01] - |A| - [2295296] - C:\WINDOWS\Installer\29c4ffc.msi [MD5.5BACDA7799EFE9F6207E0DDCC9F5809E] - [30/07/2016 07:23:14] - |A| - [5042176] - C:\WINDOWS\Installer\29c5001.msi [MD5.09331E4FDC23ABEE0D287856DD02E9EE] - [30/07/2016 07:24:03] - |A| - [43476480] - C:\WINDOWS\Installer\29c5006.msi [MD5.55BFFCBD6A971631EF1C84295705E3BF] - [29/07/2016 19:44:21] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{063E67F0-C298-8A2A-0FA6-84C15322A4E0} [MD5.68AF7D0EDE9EF0876C68567E8F257D72] - [29/07/2016 19:44:06] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{07326A3E-02B3-1078-25D7-B8666BA8FE15} [MD5.9BF6FABA0A1F426FB12FD9C87BBCAD92] - [29/07/2016 19:44:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF} [MD5.CF32036DDBF3E9674B7F254CA9F2F0B0] - [29/07/2016 19:43:47] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{11087D24-567D-7D88-69C6-D7A08B5F4C47} [MD5.946B5CD1FE3CDC08A3D0FD51E6FE670B] - [29/07/2016 19:43:49] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1AD99E77-37CC-744E-39CA-67F6FD34565A} [MD5.BF676975B450541F647FE6FB522DE174] - [29/07/2016 19:43:57] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6} [MD5.65F8A5F8D4B3EF4A3B58E9F3B30B0A2A] - [29/07/2016 19:44:01] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C} [MD5.B62CE982D72A21C9A8A94C464D509FE7] - [29/07/2016 19:44:14] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F} [MD5.1DC3DB6A1F2A9DB2DD831094092794FA] - [29/07/2016 19:44:02] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2D07E15C-A9A4-D8D6-D371-92EC8779E587} [MD5.62AC438ED115B163049BB3636CC8ADD0] - [29/07/2016 19:43:27] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36} [MD5.50866DA06BA36B42818B84D95DC35EDC] - [29/07/2016 19:43:59] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0} [MD5.F0AF75EC35D140D1EF27457CFC8FA5AB] - [29/07/2016 19:44:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{35A71DED-DA81-1313-352A-EC8A0B27DF3B} [MD5.9720BC27AA6F2F0C7CE9DAAEC6F38414] - [30/07/2016 06:13:53] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{402ED4A1-8F5B-387A-8688-997ABF58B8F2} [MD5.719CE2923572C813A44F1445DAFB6DE6] - [29/07/2016 19:43:44] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{64D5A142-BD50-726E-ED9E-D2508D2A17E2} [MD5.3ADE752C92F5EDAD15990ECE9D378BC6] - [30/07/2016 06:13:57] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.FF6D8E03F44E08010E23C345F35AFB5C] - [30/07/2016 06:02:36] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6DBD132B-7F42-4594-BBE7-0BB677EB2926} [MD5.7AEFC81E0DCBDEEA3A5AAFE446346CEF] - [29/07/2016 19:43:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494} [MD5.7DB3DEB29D3D1A2B0C3B1A9F5730B2F4] - [29/07/2016 19:44:20] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{79D22166-78C1-2AD4-04E7-BD22BD58FD46} [MD5.D464D080A22E427427065950A1580371] - [29/07/2016 19:35:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7D095455-D971-4D4C-9EFD-9AF6A6584F3A} [MD5.6E8BB23E3B87DF87B4ACCE22CA2B16BA] - [29/07/2016 19:44:04] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{82CA1714-13EA-F419-91FE-12834424745E} [MD5.B9473F17ED04DC376AEA49535FD52474] - [30/07/2016 06:13:44] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.D8AFE986ED0CB5C81F522554781E06E1] - [29/07/2016 19:44:17] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68} [MD5.0157688A165AC11F99E57FADB16D4FC7] - [29/07/2016 19:44:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81} [MD5.1C1D1E5FC6B8EF423B272ACFA684F552] - [30/07/2016 06:11:25] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9F205E94-9E42-4486-A92A-DF3F6CB85444} [MD5.2DFF5DE86B5D57EB632AC8E734894014] - [29/07/2016 19:43:38] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A2CB1ACB-94A2-32BA-A15E-7D80319F7589} [MD5.40435A5AB515ED46DA42D0B2524F8CB3] - [29/07/2016 19:44:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A5A6A4D0-2005-2A05-2E21-495808CF95ED} [MD5.6A44B69056242500136BFC6696A00FA5] - [29/07/2016 19:44:16] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A760847A-C4D9-E7EF-716F-07C6CBF6B147} [MD5.37BA8A643CE79246A17CD18817455DE5] - [29/07/2016 19:43:41] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{AC53FC8B-EE18-3F9C-9B59-60937D0B182C} [MD5.92751C2B290BAED7A7DDFC1610F35959] - [29/07/2016 19:44:28] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2} [MD5.DB91CDA661CA2099148C596B97F75CBE] - [29/07/2016 19:44:13] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B839153C-D4D2-F89C-5033-0A160C62706B} [MD5.58A2B92AE6FFC36FC64AB80C05635F2C] - [29/07/2016 19:44:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C1EA3764-1138-AE27-AD63-549BAD99BA15} [MD5.1FFCE12B62B1CF312F2EE10B2F5AE8B5] - [29/07/2016 19:43:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C3D13AB8-468A-0174-1D06-DB9AAE8A131B} [MD5.85F6ADE820389909811C560F8204C8AD] - [29/07/2016 19:44:09] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E} [MD5.8868F33D4F1550121A445B0E3FB57171] - [29/07/2016 19:44:22] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E7366CA8-7179-77AE-E712-BA18D70A0A07} [MD5.91559779D65E8E459C2C3D8E0751413A] - [29/07/2016 19:44:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E817E580-6318-AFC8-2102-322C73117EC4} [MD5.416A17761A2B47C05FAFDA02915C02D5] - [29/07/2016 19:43:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F77474EE-EB6C-C87B-88AF-3310C848E068} [MD5.B8AA8B65C31F614BB13BA13F473B9DA7] - [29/07/2016 19:43:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F8DDBE95-DCBE-03B5-5359-DE3601146E21} [MD5.A1B9C78E3EC196AA40FECE56A4D80166] - [29/07/2016 19:43:30] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607} [MD5.00000000000000000000000000000000] - [30/07/2016 07:24:13] - |D| - [1247880] - C:\WINDOWS\Installer\{05B0CF4A-564C-4549-913E-AE3EDA16971A} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:21] - |D| - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:06] - |D| - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:00] - |D| - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF} [MD5.00000000000000000000000000000000] - [30/07/2016 07:23:10] - |D| - [59608] - C:\WINDOWS\Installer\{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:48] - |D| - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47} [MD5.00000000000000000000000000000000] - [30/07/2016 07:22:47] - |D| - [59608] - C:\WINDOWS\Installer\{115C1C6A-15A2-48B1-A599-79F1AA1A03F6} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:51] - |D| - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:58] - |D| - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:02] - |D| - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C} [MD5.00000000000000000000000000000000] - [30/07/2016 07:22:12] - |D| - [59608] - C:\WINDOWS\Installer\{20334FA5-6CD5-48FC-B5F9-D34D75E07845} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:14] - |D| - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F} [MD5.00000000000000000000000000000000] - [30/07/2016 07:22:59] - |D| - [59608] - C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C} [MD5.00000000000000000000000000000000] - [30/07/2016 07:23:22] - |D| - [59608] - C:\WINDOWS\Installer\{28349A67-1D99-45A6-A1C1-C5B6D1DF937A} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:03] - |D| - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:59] - |D| - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:19] - |D| - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B} [MD5.00000000000000000000000000000000] - [30/07/2016 07:20:48] - |D| - [415960] - C:\WINDOWS\Installer\{36036827-FA38-4A74-8333-26BC4EEC9308} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:45] - |D| - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2} [MD5.00000000000000000000000000000000] - [30/07/2016 06:14:00] - |D| - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.00000000000000000000000000000000] - [30/07/2016 06:02:37] - |D| - [50659] - C:\WINDOWS\Installer\{6DBD132B-7F42-4594-BBE7-0BB677EB2926} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:55] - |D| - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:20] - |D| - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46} [MD5.00000000000000000000000000000000] - [29/07/2016 19:53:57] - |D| - [123570] - C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:04] - |D| - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E} [MD5.00000000000000000000000000000000] - [30/07/2016 06:13:45] - |D| - [72888] - C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:18] - |D| - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:15] - |D| - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81} [MD5.00000000000000000000000000000000] - [30/07/2016 06:11:53] - |D| - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:11] - |D| - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:17] - |D| - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:50] - |D| - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:13] - |D| - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:05] - |D| - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:53] - |D| - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:09] - |D| - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:24] - |D| - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07} [MD5.00000000000000000000000000000000] - [29/07/2016 19:44:12] - |D| - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:57] - |D| - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068} [MD5.00000000000000000000000000000000] - [29/07/2016 19:43:54] - |D| - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21} [MD5.9F0D0E63D6B10C2222B4FCC784AA3A4E] - [29/07/2016 22:13:04] - |A| - [315392] - C:\WINDOWS\system32\aadcloudap.dll [MD5.17D3651E968F5E7712110FC70BFC973D] - [29/07/2016 22:13:39] - |A| - [853504] - C:\WINDOWS\system32\aadtb.dll [MD5.D3406F98BD98633780820C5EDBA9A5B4] - [29/07/2016 22:12:25] - |A| - [166400] - C:\WINDOWS\system32\AboveLockAppHost.dll [MD5.5CB565C1A0A30D76D7B099EEF9654297] - [29/07/2016 22:11:06] - |A| - [256000] - C:\WINDOWS\system32\accountaccessor.dll [MD5.1F3D69B0AE210874DDC300C3EF1C9CCD] - [29/07/2016 22:11:21] - |A| - [438784] - C:\WINDOWS\system32\AccountsRt.dll [MD5.F785587BCA673FB606BD3618EB767EEE] - [29/07/2016 22:08:45] - |A| - [92352] - C:\WINDOWS\system32\acmigration.dll [MD5.827B2A2F64465D19DF9F655FE7F10384] - [29/07/2016 22:09:21] - |A| - [565760] - C:\WINDOWS\system32\ActionCenterCPL.dll [MD5.8F533910E5D0A63500B17F486331259F] - [29/07/2016 22:11:14] - |A| - [356864] - C:\WINDOWS\system32\ActivationManager.dll [MD5.C49E5A83F5454A06A1306A8B1589B928] - [29/07/2016 22:11:38] - |A| - [1996288] - C:\WINDOWS\system32\ActiveSyncProvider.dll [MD5.A499B4A9A1F4989BD37F812BC6DC0298] - [29/07/2016 22:08:17] - |A| - [4775424] - C:\WINDOWS\system32\actxprxy.dll [MD5.003A0EA097767462F3417B7857DCE1CC] - [29/07/2016 22:10:36] - |A| - [79360] - C:\WINDOWS\system32\adhsvc.dll [MD5.EF6BD61D1F7B3E4C20EEC44F9B07E06D] - [29/07/2016 22:08:45] - |A| - [1223872] - C:\WINDOWS\system32\aeinv.dll [MD5.83A5F89896E625650148CEFCABD8418D] - [29/07/2016 22:08:29] - |A| - [219136] - C:\WINDOWS\system32\aepic.dll [MD5.FDDC75FDB8F9B581E3D6513FB85256E8] - [29/07/2016 22:11:01] - |A| - [342016] - C:\WINDOWS\system32\APHostService.dll [MD5.7B2FEC36A1166CBAB50135FCE044D9CE] - [29/07/2016 22:11:25] - |A| - [86528] - C:\WINDOWS\system32\AppCapture.dll [MD5.D56E06BE971D9AE99400D435D28D56ED] - [29/07/2016 22:09:59] - |A| - [592896] - C:\WINDOWS\system32\AppContracts.dll [MD5.177306E7F752A627A82D1F362A01FADE] - [29/07/2016 22:12:13] - |A| - [1159168] - C:\WINDOWS\system32\ApplicationFrame.dll [MD5.B6C299CDD0D76D3A8073D934E00C8400] - [29/07/2016 22:08:44] - |A| - [1505984] - C:\WINDOWS\system32\appraiser.dll [MD5.682F73D86501D75B131A1D59539A475D] - [29/07/2016 22:08:23] - |A| - [504320] - C:\WINDOWS\system32\AppReadiness.dll [MD5.ACF6FB6941AAF8EEBFF3C2B9C79C3F14] - [29/07/2016 22:10:54] - |A| - [287744] - C:\WINDOWS\system32\apprepapi.dll [MD5.1F1C41F53373FCD4DA82C5A16E748E05] - [29/07/2016 22:10:33] - |A| - [381952] - C:\WINDOWS\system32\apprepsync.dll [MD5.E7A27A6CD6CC6EA66342482FAAA8A2A7] - [29/07/2016 22:12:13] - |A| - [814080] - C:\WINDOWS\system32\appwiz.cpl [MD5.37E893F5A0BB0DCF89D8464F4D5E0C3D] - [29/07/2016 22:11:12] - |A| - [217440] - C:\WINDOWS\system32\AppxAllUserStore.dll [MD5.33931A5F8E8B4446C547B020409D66C4] - [29/07/2016 22:13:05] - |A| - [436736] - C:\WINDOWS\system32\AppXDeploymentClient.dll [MD5.7B8C0E8D6B84BB841D50779D643C2A22] - [29/07/2016 22:11:35] - |A| - [2066432] - C:\WINDOWS\system32\AppXDeploymentExtensions.dll [MD5.AA27A3DF5CDA714F0DD47A48FE7CA8C3] - [29/07/2016 22:11:35] - |A| - [2168320] - C:\WINDOWS\system32\AppXDeploymentServer.dll [MD5.1A7C3451A5BD863F9FC4D7421D353374] - [29/07/2016 22:12:28] - |A| - [982016] - C:\WINDOWS\system32\AppxPackaging.dll [MD5.9B034D049D1C6EC9BED55D2F27D86ED9] - [29/07/2016 22:10:29] - |A| - [2186] - C:\WINDOWS\system32\AppxProvisioning.xml [MD5.03416DA86664FF2141A5820868B0B9B1] - [29/07/2016 22:11:36] - |A| - [88576] - C:\WINDOWS\system32\AppxSysprep.dll [MD5.5CE34C981833706A0B6051572AC5B6CE] - [29/07/2016 22:14:41] - |A| - [379232] - C:\WINDOWS\system32\atmfd.dll [MD5.7A654D6E586FDE14C8B805BED03D74B7] - [29/07/2016 22:14:28] - |A| - [45568] - C:\WINDOWS\system32\atmlib.dll [MD5.834D1648124F0F2729462BF79DB0C2CD] - [29/07/2016 22:12:44] - |A| - [369912] - C:\WINDOWS\system32\audiodg.exe [MD5.5C6F3312EACE1409DC2C4C2AD5D2719D] - [29/07/2016 22:12:53] - |A| - [1054208] - C:\WINDOWS\system32\audiosrv.dll [MD5.B2FD8E42044B7A2C18AE54A60ACDDE6B] - [29/07/2016 22:13:45] - |A| - [2352128] - C:\WINDOWS\system32\authui.dll [MD5.63E75187FFFA108A78C67E14122C45B0] - [29/07/2016 22:13:40] - |A| - [865792] - C:\WINDOWS\system32\AzureSettingSyncProvider.dll [MD5.82E25186617BA6C15010F0D47C705705] - [29/07/2016 22:12:03] - |A| - [65536] - C:\WINDOWS\system32\basesrv.dll [MD5.7A809AC3187F404168EAD29FB96A7854] - [29/07/2016 22:11:24] - |A| - [414720] - C:\WINDOWS\system32\bcastdvr.exe [MD5.BEE99FBB55E3BFFCF85D0C0A8D26261F] - [29/07/2016 22:12:17] - |A| - [431296] - C:\WINDOWS\system32\bcryptprimitives.dll [MD5.CA24B0764C9DFE243D15A8708580673B] - [29/07/2016 22:10:32] - |A| - [107520] - C:\WINDOWS\system32\BdeHdCfgLib.dll [MD5.F374C27099807E99A156953F8416D34A] - [29/07/2016 22:09:57] - |A| - [361472] - C:\WINDOWS\system32\bdesvc.dll [MD5.8AB8CC8200DF2148BEA11FD7F520EA3A] - [30/07/2016 07:24:32] - |A| - [209984] - C:\WINDOWS\system32\BdFirewallSDK.dll [MD5.E32E201688F60CBEF10439F568F94DF5] - [30/07/2016 07:24:32] - |A| - [156936] - C:\WINDOWS\system32\bdfwcore.dll [MD5.73D9B14B7C8621500675F8123043C864] - [30/07/2016 07:24:33] - |A| - [155912] - C:\WINDOWS\system32\bdpop3p.dll [MD5.5A60405B7D88A6B6DF933DCCE778DD99] - [30/07/2016 07:24:32] - |A| - [96160] - C:\WINDOWS\system32\bdpredir.dll [MD5.44CF1CE6512CA6B54083156DF7DE3359] - [30/07/2016 07:24:32] - |A| - [1061776] - C:\WINDOWS\system32\bdsmtpp.dll [MD5.37F5E2385CB4D10AB42186974B9C241A] - [29/07/2016 22:12:04] - |A| - [794112] - C:\WINDOWS\system32\BFE.DLL [MD5.20CD3B9C674909CCB1966F58A778DC68] - [29/07/2016 22:11:30] - |A| - [7200256] - C:\WINDOWS\system32\BingMaps.dll [MD5.453207816AB95A0376887BE01FAE30E1] - [29/07/2016 22:12:50] - |A| - [587776] - C:\WINDOWS\system32\bisrv.dll [MD5.E34A89A196F45473D61CCDAB193293D1] - [29/07/2016 22:13:22] - |A| - [119808] - C:\WINDOWS\system32\BitLockerDeviceEncryption.exe [MD5.C417C35D0B714320708A1C18673ACE6C] - [29/07/2016 22:09:29] - |A| - [104448] - C:\WINDOWS\system32\BluetoothApis.dll [MD5.861DE49C2ACE112CE1A83DF5E6A7AB97] - [29/07/2016 22:11:06] - |A| - [239104] - C:\WINDOWS\system32\BrokerLib.dll [MD5.F0BBBF8807D5725102A9EB06AEB9C1C5] - [29/07/2016 22:12:01] - |A| - [58368] - C:\WINDOWS\system32\browcli.dll [MD5.A617BE5E429A035A1CA8217C1B16F0BB] - [29/07/2016 22:13:10] - |A| - [134656] - C:\WINDOWS\system32\browser.dll [MD5.C063C35A67FBECF53E4F31D44D253170] - [29/07/2016 22:07:57] - |A| - [91136] - C:\WINDOWS\system32\browserbroker.dll [MD5.C1FCA0AED814F1E814700833EF8E0616] - [29/07/2016 22:11:05] - |A| - [179712] - C:\WINDOWS\system32\BrowserSettingSync.dll [MD5.ED309332DA910BE791F40F09F6FC50B5] - [29/07/2016 22:11:58] - |A| - [38400] - C:\WINDOWS\system32\ByteCodeGenerator.exe [MD5.04F404D7F9CAC583ED45DCA0C496E893] - [29/07/2016 22:13:12] - |A| - [218624] - C:\WINDOWS\system32\cdd.dll [MD5.E8720AD5391738C5EBCCCF696B46C000] - [29/07/2016 22:11:47] - |A| - [59392] - C:\WINDOWS\system32\cdpreference.exe [MD5.88E3BA684A7B1247762E1D401076D4C2] - [29/07/2016 22:12:12] - |A| - [287744] - C:\WINDOWS\system32\cdpsvc.dll [MD5.150EB8C1C9AE50F354A4CB5778E5951E] - [29/07/2016 22:09:32] - |A| - [459776] - C:\WINDOWS\system32\certcli.dll [MD5.F432A642F2C6266788080704C63C7427] - [29/07/2016 22:10:57] - |A| - [2912256] - C:\WINDOWS\system32\CertEnroll.dll [MD5.1F4AB277DB73A3C731B669D33C560405] - [29/07/2016 22:14:30] - |A| - [7832576] - C:\WINDOWS\system32\Chakra.dll [MD5.C7ACF177D1EB5C3F00D4FC728BBF9DFD] - [29/07/2016 22:14:29] - |A| - [764928] - C:\WINDOWS\system32\Chakradiag.dll [MD5.DF85A7B895A73421A50E955B94719F2F] - [29/07/2016 22:09:26] - |A| - [78040] - C:\WINDOWS\system32\Clipc.dll [MD5.E72BB94A4010EBA7074DFEB25D67BDC3] - [29/07/2016 22:09:26] - |A| - [625000] - C:\WINDOWS\system32\ClipSVC.dll [MD5.20688A78EC7B410B2C099C80C5F758D8] - [29/07/2016 22:10:58] - |A| - [1128104] - C:\WINDOWS\system32\ClipUp.exe [MD5.B985F4CC9D63594D8D3DCADAC07F257E] - [29/07/2016 22:12:22] - |A| - [130560] - C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll [MD5.603A69A513DCDDBF0DA209395071BA0C] - [29/07/2016 22:13:16] - |A| - [1063936] - C:\WINDOWS\system32\comdlg32.dll [MD5.65952E564FABBE1348E8DDBC9E85A5BC] - [29/07/2016 22:08:45] - |A| - [50368] - C:\WINDOWS\system32\CompatTelRunner.exe [MD5.86BE19C6A177AEB93302EA5C4FBE2D11] - [29/07/2016 22:08:36] - |A| - [754664] - C:\WINDOWS\system32\CoreMessaging.dll [MD5.A71D446195E2B8090621C884D5DC3532] - [29/07/2016 22:08:55] - |A| - [2656408] - C:\WINDOWS\system32\CoreUIComponents.dll [MD5.B0296912EC10003945B68D19E9F4BC53] - [29/07/2016 22:08:33] - |A| - [440320] - C:\WINDOWS\system32\CredProvDataModel.dll [MD5.E5E09ABD5171EB8622821059D8757F43] - [29/07/2016 22:08:17] - |A| - [239616] - C:\WINDOWS\system32\credprovhost.dll [MD5.BF224299C98EA48FC9E4D3607C3148FB] - [29/07/2016 22:11:59] - |A| - [258560] - C:\WINDOWS\system32\credprovs.dll [MD5.244116AB9BC360772163F995CAF7FB8D] - [29/07/2016 22:12:29] - |A| - [1848584] - C:\WINDOWS\system32\crypt32.dll [MD5.D0F9C288251907FD44B96837DBDF0A50] - [29/07/2016 22:13:10] - |A| - [320000] - C:\WINDOWS\system32\cryptngc.dll [MD5.9E79A2208A9ED205A7383CBC92C28053] - [29/07/2016 22:12:07] - |A| - [79872] - C:\WINDOWS\system32\cryptsvc.dll [MD5.FD8FBE19342CF2032F32C303B7D93A05] - [29/07/2016 22:13:52] - |A| - [5503488] - C:\WINDOWS\system32\d2d1.dll [MD5.957FA4FB89B1BE9D699C9927B0F3C384] - [29/07/2016 22:13:08] - |A| - [1240064] - C:\WINDOWS\system32\d3d10.dll [MD5.5470B002C5E5D4DC8C4C330EAE8A685D] - [29/07/2016 22:13:34] - |A| - [619296] - C:\WINDOWS\system32\d3d10level9.dll [MD5.186F9035AEF7E15C4D3F15C3536AB24C] - [29/07/2016 22:13:36] - |A| - [2548944] - C:\WINDOWS\system32\d3d10warp.dll [MD5.780B8E002BC11116E3C28DBEC6A3847D] - [29/07/2016 22:13:01] - |A| - [185856] - C:\WINDOWS\system32\d3d10_1.dll [MD5.584B28F7DA74E26FF45B83CFABABB599] - [29/07/2016 22:14:26] - |A| - [2773096] - C:\WINDOWS\system32\d3d11.dll [MD5.556E7C9734B9D2581022C56A23C96B78] - [29/07/2016 22:13:37] - |A| - [2145032] - C:\WINDOWS\system32\d3d9.dll [MD5.7FD5DC5E567910FD3B8F6FEA9A80DD4E] - [29/07/2016 22:13:24] - |A| - [4456448] - C:\WINDOWS\system32\D3DCompiler_47.dll [MD5.2F0FA6F60BC9A971BFBF31D1D2C8AF08] - [29/07/2016 22:09:35] - |A| - [167936] - C:\WINDOWS\system32\dafBth.dll [MD5.4BE54893EC2A3B26140DF44E7B6D4E99] - [29/07/2016 22:13:29] - |A| - [230400] - C:\WINDOWS\system32\DAFWSD.dll [MD5.5CD61D0822FCAC328DE501357445577D] - [29/07/2016 22:12:25] - |A| - [484352] - C:\WINDOWS\system32\DataSenseHandlers.dll [MD5.2AE0CAA966E0FA3ED4DC193A3DD71D3A] - [29/07/2016 22:08:31] - |A| - [5123072] - C:\WINDOWS\system32\dbgeng.dll [MD5.63EA8167E8F4FC8388E6F95D4D724917] - [29/07/2016 22:12:32] - |A| - [911648] - C:\WINDOWS\system32\dcomp.dll [MD5.B5FF07AFF96EFB80B930985B5B1A7CAB] - [29/07/2016 22:07:51] - |A| - [286720] - C:\WINDOWS\system32\deviceaccess.dll [MD5.283269F7F32FDF5835B1FB2233013735] - [29/07/2016 22:13:44] - |A| - [284352] - C:\WINDOWS\system32\DeviceCensus.exe [MD5.F818A7A8BA20F9E20087248FFF1717C8] - [29/07/2016 22:12:21] - |A| - [90624] - C:\WINDOWS\system32\DeviceEnroller.exe [MD5.A3024762D19A31B0CDC361097E73294D] - [29/07/2016 22:12:05] - |A| - [564224] - C:\WINDOWS\system32\DevicePairing.dll [MD5.A2BE69243B678C4FD05DFD4AEC83A725] - [29/07/2016 22:08:46] - |A| - [559808] - C:\WINDOWS\system32\devinv.dll [MD5.D461D2BECEFA661291EB1B748A8D2CCB] - [29/07/2016 22:10:49] - |A| - [355840] - C:\WINDOWS\system32\dhcpcore.dll [MD5.26E9FC9FFDEF863021D3C18A30B4373F] - [29/07/2016 22:10:53] - |A| - [267264] - C:\WINDOWS\system32\dhcpcore6.dll [MD5.163A6E3A267DBE416679A76D1FA57C4B] - [29/07/2016 22:10:41] - |A| - [86016] - C:\WINDOWS\system32\dhcpcsvc.dll [MD5.FA0CCA622E2046BC47A81D9A2630F5E9] - [29/07/2016 22:10:43] - |A| - [67072] - C:\WINDOWS\system32\dhcpcsvc6.dll [MD5.6D63B50C49E869AF2F5B189FDD6CE784] - [29/07/2016 22:11:17] - |A| - [1443840] - C:\WINDOWS\system32\diagperf.dll [MD5.5F1CAF0E823BADD5576555CC876F1067] - [29/07/2016 22:09:49] - |A| - [1613664] - C:\WINDOWS\system32\diagtrack.dll [MD5.B40875B8854291BD6919527ABB8DD8AE] - [29/07/2016 22:10:34] - |A| - [368640] - C:\WINDOWS\system32\diagtrack_win.dll [MD5.EED30CDEAB6E4B45CBF1BD5298952049] - [29/07/2016 22:13:34] - |A| - [550656] - C:\WINDOWS\system32\directmanipulation.dll [MD5.F78D7C2D5139D658817A2823FCD6037A] - [29/07/2016 22:12:03] - |A| - [775168] - C:\WINDOWS\system32\Display.dll [MD5.E995CBD7C59AB97414489C7CC3B7E09C] - [29/07/2016 22:08:13] - |A| - [504832] - C:\WINDOWS\system32\dlnashext.dll [MD5.519E5DB2F227B7293EF94D18D5753738] - [29/07/2016 22:12:00] - |A| - [157184] - C:\WINDOWS\system32\dmcertinst.exe [MD5.16455536238D9F0920E0AF07037D9434] - [29/07/2016 22:12:15] - |A| - [128000] - C:\WINDOWS\system32\dmcsps.dll [MD5.6A9D3DD35E13B1009E7A712E6D164B8A] - [29/07/2016 22:09:22] - |A| - [274432] - C:\WINDOWS\system32\dmdskmgr.dll [MD5.2E6EBC6F331900D943EB5F58C1835AFB] - [29/07/2016 22:12:55] - |A| - [417792] - C:\WINDOWS\system32\dmenrollengine.dll [MD5.91F08041D932816D0D9607F68578A87E] - [29/07/2016 22:11:50] - |A| - [34816] - C:\WINDOWS\system32\dmenterprisediagnostics.dll [MD5.D9B2EDDCC1EE10A31389EE62B4CDDEC2] - [29/07/2016 22:12:16] - |A| - [503600] - C:\WINDOWS\system32\DMRServer.dll [MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - [29/07/2016 22:11:06] - |A| - [686976] - C:\WINDOWS\system32\dnsapi.dll [MD5.5839A317C25F70979433E0905DFABB1B] - [29/07/2016 22:11:08] - |A| - [284672] - C:\WINDOWS\system32\dnsrslvr.dll [MD5.6FFA21CD6166BB456262BDEFC2C5E3DE] - [29/07/2016 22:10:31] - |A| - [318976] - C:\WINDOWS\system32\domgmt.dll [MD5.13F1408690E108A987CA77141C4358E5] - [29/07/2016 22:11:39] - |A| - [1097216] - C:\WINDOWS\system32\dosvc.dll [MD5.C8E72A76B943CEF7A6C830BDB51E7B50] - [29/07/2016 22:08:01] - |A| - [319488] - C:\WINDOWS\system32\dot3ui.dll [MD5.CE12FF056FBB4D78970A5D695D8C00BB] - [29/07/2016 22:13:25] - |A| - [1755648] - C:\WINDOWS\system32\dui70.dll [MD5.EFFFC67D0F0D2608BC294E01700FB4A3] - [29/07/2016 22:13:09] - |A| - [599040] - C:\WINDOWS\system32\duser.dll [MD5.ED922E0D9B4F1E4821B680EDEEE147EC] - [29/07/2016 22:12:49] - |A| - [1946112] - C:\WINDOWS\system32\dwmcore.dll [MD5.EDF39F56DDF4116DCC8779A65EF8D6C5] - [29/07/2016 22:08:08] - |A| - [58208] - C:\WINDOWS\system32\dwminit.dll [MD5.402CA5304470A5034EAA1FEDBB7564A7] - [29/07/2016 22:08:29] - |A| - [2445312] - C:\WINDOWS\system32\DWrite.dll [MD5.BD7E2F50A8C984500358E1AE1D1B89FC] - [29/07/2016 22:13:43] - |A| - [648256] - C:\WINDOWS\system32\dxgi.dll [MD5.55A6448A7AC0ACB238D56DFF7C280ABE] - [29/07/2016 22:13:12] - |A| - [290816] - C:\WINDOWS\system32\dxtrans.dll [MD5.D9D652506DD07CD49F3D20A3BBDD613B] - [29/07/2016 22:09:28] - |A| - [333312] - C:\WINDOWS\system32\eapp3hst.dll [MD5.AE4655837703FFA4AB079B22B66BB3C2] - [29/07/2016 22:09:48] - |A| - [352256] - C:\WINDOWS\system32\eappcfg.dll [MD5.FE87844A9D75F2D6D0752DF25EBF776B] - [29/07/2016 22:09:21] - |A| - [113152] - C:\WINDOWS\system32\eappgnui.dll [MD5.EB7C132D02CC40FB6538D53447447B2A] - [29/07/2016 22:09:15] - |A| - [308736] - C:\WINDOWS\system32\eapphost.dll [MD5.ACEDA3F655270B39586A7E8D37F1ADC2] - [29/07/2016 22:09:15] - |A| - [72192] - C:\WINDOWS\system32\eappprxy.dll [MD5.AEBD5FCFBFF0294A2D87048D4F5417CB] - [29/07/2016 22:10:54] - |A| - [74424] - C:\WINDOWS\system32\easinvoker.exe [MD5.40A9F59FD6B24C045F1D6076E6489CE6] - [29/07/2016 22:10:50] - |A| - [174592] - C:\WINDOWS\system32\easwrt.dll [MD5.F823DAB5F96CC6A966DF0F1B487C51A0] - [29/07/2016 22:14:31] - |A| - [22379520] - C:\WINDOWS\system32\edgehtml.dll [MD5.97AF27209BA7058F21C8879E773CED86] - [29/07/2016 22:10:53] - |A| - [305152] - C:\WINDOWS\system32\edputil.dll [MD5.F8E7D71D4E1E57EF304805D2D770ED0A] - [29/07/2016 22:12:03] - |A| - [619520] - C:\WINDOWS\system32\efswrt.dll [MD5.4A73C017D5CF58F2FD764F5D3B0E81E4] - [29/07/2016 19:15:51] - |A| - [23108] - C:\WINDOWS\system32\emptyregdb.dat [MD5.F605380B537201BD3BC0CDFB5AD53530] - [29/07/2016 22:12:23] - |A| - [162816] - C:\WINDOWS\system32\enrollmentapi.dll [MD5.3182FCAF6AAF478791DE5B430C912D4D] - [29/07/2016 22:08:15] - |A| - [314368] - C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [MD5.DFCC151C6AC8E5D50D27ACB34286835C] - [29/07/2016 22:12:39] - |A| - [642048] - C:\WINDOWS\system32\enterprisecsps.dll [MD5.981F6C7FB2338CC7889BA4D37C1A9DCE] - [29/07/2016 22:12:17] - |A| - [69632] - C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll [MD5.D315FF43E23DF424ECEC2F6C930203E4] - [30/07/2016 06:13:31] - |A| - [144560] - C:\WINDOWS\system32\escsvc64.exe [MD5.DB0C2721BE0E21EAA0C4C70B07F481DE] - [29/07/2016 22:10:15] - |A| - [3078144] - C:\WINDOWS\system32\esent.dll [MD5.88369A29F105499230C78B162BB04F32] - [30/07/2016 06:13:31] - |A| - [466432] - C:\WINDOWS\system32\esxw2ud.dll [MD5.3E9CD04F3FB54D4C3CEF3393ABF743BC] - [29/07/2016 22:09:26] - |A| - [254464] - C:\WINDOWS\system32\ExecModelClient.dll [MD5.D29BE449B728CD126D5ACA3E823C8907] - [29/07/2016 22:08:37] - |A| - [4827136] - C:\WINDOWS\system32\ExplorerFrame.dll [MD5.BAC5074667751F72A9CE48CDC31BAC48] - [29/07/2016 19:31:57] - |A| - [10752] - C:\WINDOWS\system32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - [29/07/2016 19:31:54] - |A| - [83968] - C:\WINDOWS\system32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - [29/07/2016 19:31:55] - |A| - [179712] - C:\WINDOWS\system32\E_ILMBLPE.DLL [MD5.4176712BADB6903C8419B66E678CE816] - [29/07/2016 22:10:57] - |A| - [440320] - C:\WINDOWS\system32\fhcfg.dll [MD5.89C78489A7F929362858F4DFD86746E7] - [29/07/2016 22:10:44] - |A| - [252928] - C:\WINDOWS\system32\fhengine.dll [MD5.45521E32AB1D383F9E85674D0F035543] - [29/07/2016 22:10:47] - |A| - [469504] - C:\WINDOWS\system32\fhsettingsprovider.dll [MD5.E3D83E92FB3FAFD2E89A89850A0D9355] - [29/07/2016 22:11:51] - |A| - [90624] - C:\WINDOWS\system32\FingerprintEnrollment.dll [MD5.F1BA85CF2AEE08860C8D5BF82C342F44] - [29/07/2016 22:13:06] - |A| - [1671168] - C:\WINDOWS\system32\FntCache.dll [MD5.F0DF375130CF8A135D9BF5459BD7691D] - [29/07/2016 22:14:35] - |A| - [636304] - C:\WINDOWS\system32\fontdrvhost.exe [MD5.0D9E0BDCCCE10F07A7B66A61B27C1F71] - [29/07/2016 22:13:04] - |A| - [116224] - C:\WINDOWS\system32\FontProvider.dll [MD5.AA2D40D4C045D014FD481BC17308A09A] - [29/07/2016 22:13:38] - |A| - [118272] - C:\WINDOWS\system32\fontsub.dll [MD5.728146F5877FD08DE65B21817ABB19A8] - [29/07/2016 22:11:17] - |A| - [765952] - C:\WINDOWS\system32\fveapi.dll [MD5.5118193C56A2F8D07554395B78A6FDCC] - [29/07/2016 22:10:32] - |A| - [223232] - C:\WINDOWS\system32\fveapibase.dll [MD5.A15D9F32A84660FA62F9D27577B0F105] - [29/07/2016 22:10:51] - |A| - [324608] - C:\WINDOWS\system32\fvecpl.dll [MD5.091D5AE5E663A66EE73B539AF7C32EC5] - [29/07/2016 22:13:10] - |A| - [69632] - C:\WINDOWS\system32\fveskybackup.dll [MD5.FDBDA93BA9CD3B78060705B41BFCF92D] - [29/07/2016 22:09:50] - |A| - [288256] - C:\WINDOWS\system32\fveui.dll [MD5.712AE16ED8FC7F2363F7EA1D8F6D546A] - [29/07/2016 22:10:48] - |A| - [821248] - C:\WINDOWS\system32\fvewiz.dll [MD5.F72F137EEFF89D0B5A2FB8867B4ACEED] - [29/07/2016 22:12:13] - |A| - [402432] - C:\WINDOWS\system32\FWPUCLNT.DLL [MD5.0F98F18445707A9141F74B3C48F919A6] - [29/07/2016 22:09:09] - |A| - [90112] - C:\WINDOWS\system32\FwRemoteSvr.dll [MD5.81F9278A83AD6F42C5DE6FEAAFBEA8AB] - [29/07/2016 22:10:44] - |A| - [715776] - C:\WINDOWS\system32\GamePanel.exe [MD5.79E567E98D8F2BA20E52EBFAD92C20ED] - [29/07/2016 22:12:14] - |A| - [2731008] - C:\WINDOWS\system32\gameux.dll [MD5.E7522EFA8A09808046F88BCF3F1B8827] - [29/07/2016 22:13:40] - |A| - [1594416] - C:\WINDOWS\system32\gdi32.dll [MD5.E54FA914CF17AE4AFB18291F31BA3063] - [29/07/2016 22:13:25] - |A| - [1717248] - C:\WINDOWS\system32\GdiPlus.dll [MD5.08EF12456EDFB557DC424AFD9CF4AAE1] - [29/07/2016 22:11:28] - |A| - [587456] - C:\WINDOWS\system32\generaltel.dll [MD5.531662DC0764C1A1E333BD05D4485333] - [29/07/2016 22:09:11] - |A| - [321536] - C:\WINDOWS\system32\GlobCollationHost.dll [MD5.672694F7708B6531F7B3219D9FAE2845] - [29/07/2016 22:09:26] - |A| - [199168] - C:\WINDOWS\system32\GnssAdapter.dll [MD5.FEAFB991662BF0AD233CC090E83E4FD3] - [29/07/2016 22:09:28] - |A| - [131248] - C:\WINDOWS\system32\gpapi.dll [MD5.B89C353AFC8F56D961D07FF1FE7B4BCD] - [29/07/2016 22:10:07] - |A| - [1339904] - C:\WINDOWS\system32\gpsvc.dll [MD5.39231A451D553196A909D02C05945CED] - [29/07/2016 22:13:18] - |A| - [428896] - C:\WINDOWS\system32\hal.dll [MD5.511198CBBA38AE0D733553B0F31C770C] - [29/07/2016 22:12:10] - |A| - [636928] - C:\WINDOWS\system32\hgcpl.dll [MD5.5DBA65D48CB7B17E241BB7430745C2E0] - [29/07/2016 22:08:08] - |A| - [59392] - C:\WINDOWS\system32\hmkd.dll [MD5.E37D5E1BB9F53BD499125B3F0F27E94E] - [29/07/2016 22:10:33] - |A| - [128512] - C:\WINDOWS\system32\httpprxm.dll [MD5.3CFDA42F5C7914509CD660D1062A8E55] - [29/07/2016 22:10:39] - |A| - [19456] - C:\WINDOWS\system32\httpprxp.dll [MD5.FD4C613364F59BAAC59A2C4F5F0EE52B] - [30/07/2016 07:24:33] - |A| - [195016] - C:\WINDOWS\system32\httproxy.dll [MD5.632C3792D2BFC67E2F8B2A2CFC09CEEF] - [29/07/2016 22:09:13] - |A| - [14848] - C:\WINDOWS\system32\IconCodecService.dll [MD5.771BC991BEB5DFD93B9347B18F62F216] - [29/07/2016 22:11:58] - |A| - [110080] - C:\WINDOWS\system32\IdCtrls.dll [MD5.69FB22CE0A11E8D55B0BA43D515B854B] - [29/07/2016 22:13:08] - |A| - [1752576] - C:\WINDOWS\system32\ieapfltr.dll [MD5.B4EF28C61CE2755D7F1842BFA122B60E] - [29/07/2016 22:14:33] - |A| - [13385728] - C:\WINDOWS\system32\ieframe.dll [MD5.1D7F891D7ADCE1A6824FCB57D6768E14] - [29/07/2016 22:13:38] - |A| - [689152] - C:\WINDOWS\system32\ieproxy.dll [MD5.FD93D230DAF156F0EAF41C7C039C8D71] - [29/07/2016 22:12:51] - |A| - [3675512] - C:\WINDOWS\system32\iertutil.dll [MD5.416CB546F36D3E5A5B5286E0066ED285] - [29/07/2016 22:09:14] - |A| - [585728] - C:\WINDOWS\system32\ieui.dll [MD5.5E5BEC886CC2503C4F18AF2153B169AF] - [29/07/2016 22:12:03] - |A| - [957952] - C:\WINDOWS\system32\IKEEXT.DLL [MD5.4C21A65A6ACDF10B181D45E08DC15D24] - [29/07/2016 22:13:30] - |A| - [2127360] - C:\WINDOWS\system32\inetcpl.cpl [MD5.5B646920CE059478EED19BC7EFF72C7E] - [29/07/2016 22:13:11] - |A| - [167936] - C:\WINDOWS\system32\inetpp.dll [MD5.77981E6F98F4A8743D3AEB1A8AF4DE09] - [29/07/2016 22:08:58] - |A| - [108544] - C:\WINDOWS\system32\InputLocaleManager.dll [MD5.99D5C132D5085DACBFF909C3AAF832AC] - [29/07/2016 22:08:56] - |A| - [2624512] - C:\WINDOWS\system32\InputService.dll [MD5.A1E25DFE54E3D41CB528ACA5CE9480F7] - [29/07/2016 22:10:02] - |A| - [199168] - C:\WINDOWS\system32\InstallAgent.exe [MD5.6B585B45402B04EF80CB81969682DBE6] - [29/07/2016 22:10:57] - |A| - [693760] - C:\WINDOWS\system32\internetmail.dll [MD5.5CB0052CBF1DBF36071AD520245F32D6] - [29/07/2016 22:08:45] - |A| - [310464] - C:\WINDOWS\system32\invagent.dll [MD5.5AAB28A6AC2AAC9F66D4EAB6695D0474] - [29/07/2016 22:11:16] - |A| - [963072] - C:\WINDOWS\system32\iphlpsvc.dll [MD5.D67052BD0DA9C17BCBBF8AB5B6D354EE] - [29/07/2016 22:09:29] - |A| - [392192] - C:\WINDOWS\system32\IPSECSVC.DLL [MD5.CFF415024C353DA284731CB72FE3F8FF] - [29/07/2016 22:08:04] - |A| - [770640] - C:\WINDOWS\system32\iuilp.dll [MD5.3AFCB780F17144A42F99128AD7E55A02] - [29/07/2016 22:11:13] - |A| - [1056256] - C:\WINDOWS\system32\JpMapControl.dll [MD5.85A676350B7A349B1DFB47654FBF8C71] - [29/07/2016 22:13:37] - |A| - [804352] - C:\WINDOWS\system32\jscript.dll [MD5.3CC983011177A815A94218EB38E13241] - [29/07/2016 22:14:37] - |A| - [4895232] - C:\WINDOWS\system32\jscript9.dll [MD5.7A0E065E46156F9288AE32B1E0399247] - [29/07/2016 22:12:54] - |A| - [52224] - C:\WINDOWS\system32\jsproxy.dll [MD5.A1144CA95D4C30449331D3DF39F295F9] - [29/07/2016 22:10:18] - |A| - [970752] - C:\WINDOWS\system32\kerberos.dll [MD5.9B2BFADCB00CF39F0EBD3D690FC56220] - [29/07/2016 22:10:08] - |A| - [1997328] - C:\WINDOWS\system32\KernelBase.dll [MD5.2F022C0682885EFF4CFB0B62143482B5] - [29/07/2016 22:07:56] - |A| - [71168] - C:\WINDOWS\system32\LegacyNetUX.dll [MD5.1AD6967BB8F7D4495271715DC3E38CEB] - [29/07/2016 22:07:55] - |A| - [206848] - C:\WINDOWS\system32\LegacyNetUXHost.exe [MD5.10B2D2D402319E647C90A2E1908C8DBB] - [29/07/2016 19:54:13] - |A| - [50653] - C:\WINDOWS\system32\license.rtf [MD5.D0CCDC8D0D00DA363F9D87C2E9A803EF] - [29/07/2016 22:10:12] - |A| - [1297752] - C:\WINDOWS\system32\LicenseManager.dll [MD5.8FFFDB163436D790369E39700B8A7DC1] - [29/07/2016 22:09:23] - |A| - [27648] - C:\WINDOWS\system32\LicenseManagerShellext.exe [MD5.196E3B5FB1D1A76D41A0C9A9A0B2F698] - [29/07/2016 22:09:22] - |A| - [236032] - C:\WINDOWS\system32\licensingdiag.exe [MD5.EDE31817FC0A574E7CC3AF7E544C8951] - [29/07/2016 22:12:09] - |A| - [279040] - C:\WINDOWS\system32\ListSvc.dll [MD5.28B5AB1D9C97737A3801658F12BDBCB6] - [29/07/2016 22:13:44] - |A| - [1121792] - C:\WINDOWS\system32\localspl.dll [MD5.87E1EE471F559E5F9C4519B46382CDEB] - [29/07/2016 22:10:08] - |A| - [1534464] - C:\WINDOWS\system32\LocationFramework.dll [MD5.6FDD8828032595D90AEB946A809089D8] - [29/07/2016 22:12:18] - |A| - [480768] - C:\WINDOWS\system32\LockAppBroker.dll [MD5.3AE63804B34BC99FFD101DFD54012EB8] - [29/07/2016 22:12:31] - |A| - [303216] - C:\WINDOWS\system32\LockAppHost.exe [MD5.72BE361C64D50557765CB9C8E56BB9B6] - [29/07/2016 22:12:37] - |A| - [529920] - C:\WINDOWS\system32\LogonController.dll [MD5.C8B840675B83DC8A257B075BFE5F9357] - [29/07/2016 22:09:45] - |A| - [261376] - C:\WINDOWS\system32\LsaIso.exe [MD5.92FB4032354D2074DA0DC9E70D8305B1] - [29/07/2016 22:12:45] - |A| - [1388032] - C:\WINDOWS\system32\lsasrv.dll [MD5.48CFFF644B6DD9EBB523E878792557AD] - [29/07/2016 18:58:23] - |A| - [7838] - C:\WINDOWS\system32\lvcoinst.log [MD5.05A027F27937EB29B89743A51B1313EA] - [29/07/2016 22:11:22] - |A| - [460800] - C:\WINDOWS\system32\MapConfiguration.dll [MD5.76BA7FDD3EA3764C0CADB522FF3F4715] - [29/07/2016 22:11:22] - |A| - [939520] - C:\WINDOWS\system32\MapControlCore.dll [MD5.923EC7EA1E8BE1C7706A2AC5DD28FF5B] - [29/07/2016 22:10:33] - |A| - [120320] - C:\WINDOWS\system32\MapsBtSvc.dll [MD5.5BDBA05692A03279E2EB9F26DB53E148] - [29/07/2016 22:10:33] - |A| - [89088] - C:\WINDOWS\system32\MapsCSP.dll [MD5.1D077E04EA82EF6D2E389182FF8C9A31] - [29/07/2016 22:11:22] - |A| - [853504] - C:\WINDOWS\system32\MapsStore.dll [MD5.DA3572238188A1145DC11800F581A30E] - [29/07/2016 22:10:36] - |A| - [28672] - C:\WINDOWS\system32\mapsupdatetask.dll [MD5.65A7997831D78845FDA12E2C87491670] - [29/07/2016 22:11:12] - |A| - [896512] - C:\WINDOWS\system32\MbaeApiPublic.dll [MD5.C9CF27CF340A5909B1C1953776957C87] - [29/07/2016 22:10:10] - |A| - [567808] - C:\WINDOWS\system32\MBMediaManager.dll [MD5.4EAE9C70DAB294850557E0A2B13DC3C2] - [29/07/2016 22:10:52] - |A| - [674304] - C:\WINDOWS\system32\mbsmsapi.dll [MD5.3655A59A1E16307F2F6475AC037C1EE4] - [29/07/2016 22:12:19] - |A| - [87040] - C:\WINDOWS\system32\MDMAppInstaller.exe [MD5.F3E636B2A747493206336114208918FB] - [29/07/2016 22:12:40] - |A| - [173056] - C:\WINDOWS\system32\mdmmigrator.dll [MD5.1F933CB5AECF7484A0589633A75132A2] - [29/07/2016 22:12:14] - |A| - [176640] - C:\WINDOWS\system32\mdmregistration.dll [MD5.CAB0FCF4F680E552329366614C83A808] - [29/07/2016 22:13:35] - |A| - [630784] - C:\WINDOWS\system32\MessagingDataModel2.dll [MD5.EBF31825A4C505188DC598F28C4E25F5] - [29/07/2016 22:11:15] - |A| - [586208] - C:\WINDOWS\system32\mf.dll [MD5.510702AC9FD86E3A5CDB68AC3DC14928] - [29/07/2016 22:13:48] - |A| - [498960] - C:\WINDOWS\system32\MFCaptureEngine.dll [MD5.64168D292D236456C6F5E6D48DE90528] - [29/07/2016 22:14:39] - |A| - [2582016] - C:\WINDOWS\system32\MFMediaEngine.dll [MD5.C64FA0D0AAF5EEE0E65EFB34DDDD2918] - [29/07/2016 22:13:44] - |A| - [1299504] - C:\WINDOWS\system32\mfnetsrc.dll [MD5.E3BF6CDE2DDE478E88667F1C9F33DBBC] - [29/07/2016 22:13:41] - |A| - [1092464] - C:\WINDOWS\system32\mfplat.dll [MD5.3801440364B05BDFA96CF6071D45CD7C] - [29/07/2016 22:10:54] - |A| - [35656] - C:\WINDOWS\system32\mfpmp.exe [MD5.409A46FE4B2A6133400572D2B26C6152] - [29/07/2016 22:13:40] - |A| - [847656] - C:\WINDOWS\system32\mfsvr.dll [MD5.980258BAC6A086976DADB45D2A2233BC] - [29/07/2016 22:12:11] - |A| - [941568] - C:\WINDOWS\system32\MiracastReceiver.dll [MD5.9516AE004E3A945BA090B2CD7754B8AE] - [29/07/2016 22:10:14] - |A| - [870400] - C:\WINDOWS\system32\modernexecserver.dll [MD5.1FD91D9B6FA03C97DC8C1DD29775BBA5] - [29/07/2016 22:11:37] - |A| - [7977472] - C:\WINDOWS\system32\mos.dll [MD5.98E3D2BB421424B0457F8B7C46113110] - [29/07/2016 22:11:06] - |A| - [72704] - C:\WINDOWS\system32\moshost.dll [MD5.8EC8ECAB9AF9A5F23872031391AE6BB3] - [29/07/2016 22:11:04] - |A| - [66560] - C:\WINDOWS\system32\MosHostClient.dll [MD5.C0ADEBE6980D501C0D5B2FD321F78D19] - [29/07/2016 22:11:13] - |A| - [270848] - C:\WINDOWS\system32\moshostcore.dll [MD5.B3880D0DB160EDC7903B9F32C833812F] - [29/07/2016 22:11:02] - |A| - [74752] - C:\WINDOWS\system32\MosStorage.dll [MD5.8D1765328902CE63392055F5451C3480] - [29/07/2016 21:24:33] - |N| - [504488] - C:\WINDOWS\system32\MpSigStub.exe [MD5.0B28F2ACE5103586D322AD98FAA01309] - [29/07/2016 22:10:04] - |A| - [870912] - C:\WINDOWS\system32\MPSSVC.dll [MD5.00000000000000000000000000000000] - [29/07/2016 22:16:48] - |D| - [0] - C:\WINDOWS\system32\MRT [MD5.B0D02EB2EA0DBF7E5B6E04484D887335] - [29/07/2016 22:16:46] - |A| - [144749672] - C:\WINDOWS\system32\MRT.exe [MD5.02122FD1A32C205DAA2EEC6462E60226] - [29/07/2016 22:13:36] - |A| - [784384] - C:\WINDOWS\system32\msfeeds.dll [MD5.4EB384E80857EC28F54766042D3BAB1E] - [29/07/2016 22:13:49] - |A| - [3355136] - C:\WINDOWS\system32\msftedit.dll [MD5.D5BDFD4F497EE8A2859E72809046CE89] - [29/07/2016 22:14:25] - |A| - [24610304] - C:\WINDOWS\system32\mshtml.dll [MD5.B82C04128A96A05139F9F58ED07D0DB2] - [29/07/2016 22:08:40] - |A| - [3351040] - C:\WINDOWS\system32\msi.dll [MD5.8B46C06B69A8AB4636539783FEACE54F] - [29/07/2016 22:11:57] - |A| - [316928] - C:\WINDOWS\system32\msieftp.dll [MD5.EA4B8BDD3CFFA0B5C7A605189D79184A] - [29/07/2016 22:11:51] - |A| - [6675968] - C:\WINDOWS\system32\mspaint.exe [MD5.7B5D06BDED5DFDF28597A9C5F72E85CE] - [29/07/2016 22:10:36] - |A| - [40960] - C:\WINDOWS\system32\msscntrs.dll [MD5.B9A5A35B9EB23AD507A3BABB35C5B67D] - [29/07/2016 22:11:13] - |A| - [1051648] - C:\WINDOWS\system32\MsSpellCheckingFacility.dll [MD5.D627ED29A07745EB1A5A7405FBFA2381] - [29/07/2016 22:10:42] - |A| - [147456] - C:\WINDOWS\system32\mssph.dll [MD5.5EE16195544A95C09FB12B5594D229FE] - [29/07/2016 22:11:00] - |A| - [247296] - C:\WINDOWS\system32\mssphtb.dll [MD5.028CE336DC0BD5D258716403C277674E] - [29/07/2016 22:11:21] - |A| - [2597888] - C:\WINDOWS\system32\mssrch.dll [MD5.749BEA2C23422B51F5340F42784F817D] - [29/07/2016 22:10:17] - |A| - [7533568] - C:\WINDOWS\system32\mstscax.dll [MD5.B7C13F4BE0263F3A8303404A96F4246D] - [29/07/2016 22:09:53] - |A| - [358752] - C:\WINDOWS\system32\msv1_0.dll [MD5.199298181CB86E5056D82BD1F86C8A97] - [29/07/2016 22:11:01] - |A| - [357216] - C:\WINDOWS\system32\mswsock.dll [MD5.8559C1E30B9404590783497563A7A8AA] - [29/07/2016 22:12:27] - |A| - [1902592] - C:\WINDOWS\system32\msxml3.dll [MD5.AB416599057FFDC84E28BBB6DA69EADC] - [29/07/2016 22:11:46] - |A| - [235008] - C:\WINDOWS\system32\MTF.dll [MD5.F4F6D943E788447DAE29DA217B6743E6] - [29/07/2016 22:09:09] - |A| - [147456] - C:\WINDOWS\system32\mtxoci.dll [MD5.C4DF2DEF5283FB1C44C6920F2FDD83BC] - [29/07/2016 22:12:07] - |A| - [44032] - C:\WINDOWS\system32\musdialoghandlers.dll [MD5.8CA9FBB305EFB04585BAC36B7B29C14B] - [29/07/2016 22:08:22] - |A| - [172032] - C:\WINDOWS\system32\MusNotification.exe [MD5.9DC794AC6F27E96F976990C6C7FC4862] - [29/07/2016 22:08:09] - |A| - [57344] - C:\WINDOWS\system32\MusNotificationUx.exe [MD5.0AC905009A2ED68715675E086B805316] - [29/07/2016 22:09:50] - |A| - [407552] - C:\WINDOWS\system32\MusUpdateHandlers.dll [MD5.24146738C422814EEB2A98FF1FC5C6E1] - [29/07/2016 22:08:28] - |A| - [338432] - C:\WINDOWS\system32\ncbservice.dll [MD5.6655228B16A6371BE3B45E7913B52250] - [29/07/2016 22:12:10] - |A| - [111064] - C:\WINDOWS\system32\ncryptsslp.dll [MD5.B3B3BF36976D72C06C2D3524AC040643] - [29/07/2016 22:09:30] - |A| - [81144] - C:\WINDOWS\system32\netapi32.dll [MD5.C93639FAB08F564D92AB5CFF29C2BFCD] - [29/07/2016 22:08:04] - |A| - [1216512] - C:\WINDOWS\system32\netcenter.dll [MD5.C3BB5D3E3DD24AC0BFA9223F2877F136] - [29/07/2016 22:09:09] - |A| - [76800] - C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe [MD5.B9F994EA5B90838A7B10DEDCC4E41C2B] - [29/07/2016 22:09:19] - |A| - [270336] - C:\WINDOWS\system32\netplwiz.dll [MD5.A83B4BBA591A3243C61DB825201BA024] - [29/07/2016 22:13:14] - |A| - [115040] - C:\WINDOWS\system32\NetSetupApi.dll [MD5.131547B1C1D2ABD355C5DFE945BCB9A4] - [29/07/2016 22:14:34] - |A| - [693600] - C:\WINDOWS\system32\NetSetupEngine.dll [MD5.D10B6580768E0248CC758AE59AA22D8A] - [29/07/2016 18:55:47] - |A| - [25222] - C:\WINDOWS\system32\NetSetupMig.log [MD5.ACC6B16066D073AA0E20B044BFEF9CD1] - [29/07/2016 22:10:07] - |A| - [471552] - C:\WINDOWS\system32\NetSetupShim.dll [MD5.A3AA03C0C5002F3D89397637B770A1BA] - [29/07/2016 22:13:51] - |A| - [207360] - C:\WINDOWS\system32\NetSetupSvc.dll [MD5.329E7ACF649A721B8A5B3F0A9976F91F] - [29/07/2016 22:09:30] - |A| - [2800128] - C:\WINDOWS\system32\netshell.dll [MD5.FAAC4810F40849AB551C0B5557DF9D4B] - [29/07/2016 22:12:05] - |A| - [237056] - C:\WINDOWS\system32\NetworkDesktopSettings.dll [MD5.240F6A0AAEEAB059BC0B7D8B72637F72] - [29/07/2016 22:12:43] - |A| - [2609664] - C:\WINDOWS\system32\NetworkMobileSettings.dll [MD5.D7C68ADAF1DA79072A44620CD3042E44] - [29/07/2016 22:13:12] - |A| - [170848] - C:\WINDOWS\system32\NetworkUXBroker.exe [MD5.C91D271837F2A7DE9875CF50068BF503] - [29/07/2016 22:10:52] - |A| - [511488] - C:\WINDOWS\system32\newdev.dll [MD5.66989014C94A5AE3600DAFEA225C4DB8] - [29/07/2016 22:13:00] - |A| - [89600] - C:\WINDOWS\system32\NFCProvisioningPlugin.dll [MD5.679DD4763AA8028B2F26651D3D02A2E1] - [29/07/2016 22:13:28] - |A| - [582656] - C:\WINDOWS\system32\ngccredprov.dll [MD5.33C215D1F36A184FB0C0F83ECBE12B5B] - [29/07/2016 22:13:31] - |A| - [351232] - C:\WINDOWS\system32\NgcCtnr.dll [MD5.0FB83658FBB2C5A18AB98C5C94DB9FAF] - [29/07/2016 22:13:30] - |A| - [289792] - C:\WINDOWS\system32\NgcCtnrSvc.dll [MD5.8561E653AEB0EFCAD88DE082C282E831] - [29/07/2016 22:13:19] - |A| - [76800] - C:\WINDOWS\system32\ngcpopkeysrv.dll [MD5.7AAA9916AA10F4B0E9743798A5BA6549] - [29/07/2016 22:13:20] - |A| - [649216] - C:\WINDOWS\system32\ngcsvc.dll [MD5.F648E0821CACC7E547562321332E12B1] - [29/07/2016 22:11:16] - |A| - [988160] - C:\WINDOWS\system32\NMAA.dll [MD5.DA7B203B42D2F32FB03AE8DFEB56F326] - [29/07/2016 22:11:07] - |A| - [529408] - C:\WINDOWS\system32\NotificationController.dll [MD5.94612B9F7FC2B1A5C6D337C649B346F1] - [29/07/2016 22:09:22] - |A| - [278528] - C:\WINDOWS\system32\NotificationObjFactory.dll [MD5.03DE6DE0019FFC0DE60759A893BD8B3F] - [29/07/2016 22:12:46] - |A| - [1819208] - C:\WINDOWS\system32\ntdll.dll [MD5.95E5BA5E26BE4A4097458E1F316A8616] - [29/07/2016 22:14:28] - |A| - [7469408] - C:\WINDOWS\system32\ntoskrnl.exe [MD5.1D5D1656DF134068A04480DB4B1E1753] - [29/07/2016 22:13:09] - |A| - [349184] - C:\WINDOWS\system32\ntprint.dll [MD5.F747C037C6CC055E664235BF0EA9A30C] - [29/07/2016 22:08:05] - |A| - [882688] - C:\WINDOWS\system32\ntshrui.dll [MD5.0A13D6818BCBF860EDCEC1ED1E7B9698] - [30/07/2016 07:24:32] - |A| - [122928] - C:\WINDOWS\system32\OEMbdpredir.dll [MD5.F8D77A486B78DB6FA44F2F7DF5D7F65C] - [29/07/2016 22:09:16] - |A| - [285184] - C:\WINDOWS\system32\oemlicense.dll [MD5.642D4E1DE69A3D180D4962D6977AAAB3] - [29/07/2016 22:13:38] - |A| - [1322248] - C:\WINDOWS\system32\ole32.dll [MD5.0C8955B4BB1E9D588B4B62D0BD2E5E78] - [29/07/2016 22:13:28] - |A| - [411648] - C:\WINDOWS\system32\oleacc.dll [MD5.A4CA6FE3F02C6299EED8B7296DC902D6] - [29/07/2016 22:13:00] - |A| - [12800] - C:\WINDOWS\system32\oleacchooks.dll [MD5.11C782F631D915895E56FC1CD8214E51] - [29/07/2016 22:12:14] - |A| - [100232] - C:\WINDOWS\system32\omadmapi.dll [MD5.FFFDA814EE04E06DA9F0BADAA22ABBFD] - [29/07/2016 22:12:17] - |A| - [145920] - C:\WINDOWS\system32\omadmclient.exe [MD5.D22A2DEC01300ECEB41D22AB60B1E4B3] - [29/07/2016 22:11:58] - |A| - [66048] - C:\WINDOWS\system32\OnDemandConnRouteHelper.dll [MD5.354D204E888E96FC12E0D1F94A98D300] - [29/07/2016 22:12:11] - |A| - [364032] - C:\WINDOWS\system32\OneBackupHandler.dll [MD5.7EA42087AEE36B39F2758475B91AD5F3] - [29/07/2016 22:11:07] - |A| - [515072] - C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll [MD5.A4BC389CAEA0203FD33849FA8431AA88] - [29/07/2016 22:07:46] - |A| - [224256] - C:\WINDOWS\system32\PackageStateRoaming.dll [MD5.ED0C02CB0193763BB1445EB0CE167F9D] - [29/07/2016 19:01:29] - |A| - [2049398] - C:\WINDOWS\system32\PerfStringBackup.INI [MD5.1435F76294D5E1D1017D5C6D47CA3F80] - [29/07/2016 22:10:55] - |A| - [106928] - C:\WINDOWS\system32\phoneactivate.exe [MD5.A1BFD44C6343BDF582828EAB6B4CBDE5] - [29/07/2016 22:10:05] - |A| - [630784] - C:\WINDOWS\system32\PhoneProviders.dll [MD5.FC749BCC3387CBBEE57539F414B24EB9] - [29/07/2016 22:09:14] - |A| - [583680] - C:\WINDOWS\system32\PhotoScreensaver.scr [MD5.B2F6749368EEE07AF0B09755B1636F4F] - [29/07/2016 22:12:01] - |A| - [458752] - C:\WINDOWS\system32\PlayToDevice.dll [MD5.1CA267651F0295A6B809EFCED2846F70] - [29/07/2016 22:12:36] - |A| - [697856] - C:\WINDOWS\system32\PlayToManager.dll [MD5.2A64B3002165F3842EDCFA048624284F] - [29/07/2016 22:11:52] - |A| - [283648] - C:\WINDOWS\system32\PlayToReceiver.dll [MD5.7324FB4B99D7485728862DE165946846] - [29/07/2016 22:09:46] - |A| - [1814528] - C:\WINDOWS\system32\pnidui.dll [MD5.F432ACF44EABBE3EB98F613E1573DA6F] - [29/07/2016 22:12:13] - |A| - [334736] - C:\WINDOWS\system32\policymanager.dll [MD5.B232CE503C6666873E7B9E4BA769C524] - [29/07/2016 22:12:16] - |A| - [92160] - C:\WINDOWS\system32\policymanagerprecheck.dll [MD5.4F99255A964A4009D434338D87A3610D] - [29/07/2016 22:09:30] - |A| - [332288] - C:\WINDOWS\system32\polstore.dll [MD5.C5FEF4B4A7FB961ECDB0AB07DBCF379E] - [29/07/2016 19:43:17] - |A| - [124624] - C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll [MD5.E2296A6174894682DF8F0FF29FDDCC82] - [29/07/2016 19:43:17] - |A| - [1166520] - C:\WINDOWS\system32\PresentationNative_v0300.dll [MD5.19348CC554A839CDFE5F79A42EBBBFAB] - [29/07/2016 22:07:57] - |A| - [589824] - C:\WINDOWS\system32\PrintDialogs.dll [MD5.DC61C9AF4B96DB3CAB08168B8E9D3455] - [29/07/2016 22:08:28] - |A| - [2050560] - C:\WINDOWS\system32\PrintDialogs3D.dll [MD5.7E0078F1EFEB6F8F47CF85C1D73C7EBC] - [29/07/2016 22:12:31] - |A| - [328192] - C:\WINDOWS\system32\profsvc.dll [MD5.F6A078D3FC7853D5A220413A239660CC] - [29/07/2016 22:13:28] - |A| - [1603224] - C:\WINDOWS\system32\propsys.dll [MD5.C9B1B0285A5AA53774BF3D91891072E2] - [29/07/2016 22:13:33] - |A| - [296960] - C:\WINDOWS\system32\provengine.dll [MD5.C9AC70AC6FEBDCFE585436FD9E3901B1] - [29/07/2016 22:13:32] - |A| - [287232] - C:\WINDOWS\system32\provhandlers.dll [MD5.D08B38F8E8A995FC673E8D5ADABBFD13] - [29/07/2016 22:13:12] - |A| - [192000] - C:\WINDOWS\system32\provisioningcsp.dll [MD5.3F4BDBBA1F3BBECBA656503BD0C16BEA] - [29/07/2016 22:13:30] - |A| - [168960] - C:\WINDOWS\system32\provops.dll [MD5.09291D797572201BF39B685E57B7C73B] - [29/07/2016 22:12:53] - |A| - [556032] - C:\WINDOWS\system32\PsmServiceExtHost.dll [MD5.F9941B95928AB5717C6AE871941A8F44] - [29/07/2016 22:11:52] - |A| - [387072] - C:\WINDOWS\system32\qdvd.dll [MD5.34D17C28C8B8DC7F98365A60300B40B4] - [29/07/2016 22:13:02] - |A| - [341504] - C:\WINDOWS\system32\RADCUI.dll [MD5.4148FE81CAA1383F97FA4F8A21A4700C] - [29/07/2016 22:09:34] - |A| - [733184] - C:\WINDOWS\system32\rasapi32.dll [MD5.FCC66CE466375869F873C9DA3A3C9453] - [29/07/2016 22:07:56] - |A| - [947200] - C:\WINDOWS\system32\rasgcw.dll [MD5.DD285F10B3AB2588FED953E559ABEADD] - [29/07/2016 22:09:45] - |A| - [610816] - C:\WINDOWS\system32\rastls.dll [MD5.757F9AA7EA001014DC9352C6144301BF] - [29/07/2016 22:11:00] - |A| - [3053568] - C:\WINDOWS\system32\rdpcore.dll [MD5.00B6D59BBA3D3061EE5210970ACC758C] - [29/07/2016 22:09:52] - |A| - [4171264] - C:\WINDOWS\system32\rdpcorets.dll [MD5.9430C60EBCAE82C0D27050C3FA231D1D] - [29/07/2016 22:09:16] - |A| - [84480] - C:\WINDOWS\system32\rdpudd.dll [MD5.C439E5B6E3EB38C9C7611C393348503B] - [29/07/2016 22:12:20] - |A| - [1073152] - C:\WINDOWS\system32\RDXService.dll [MD5.B204C799C5903272284D802DBFCF8F37] - [29/07/2016 22:12:18] - |A| - [315392] - C:\WINDOWS\system32\RDXTaskFactory.dll [MD5.C59CF7385D070450643D61C8ADEFFE3C] - [29/07/2016 22:12:37] - |A| - [958976] - C:\WINDOWS\system32\RemoteNaturalLanguage.dll [MD5.2786EAC53204EC98E5DD85C1A9DBA965] - [29/07/2016 22:10:34] - |A| - [1087488] - C:\WINDOWS\system32\reseteng.dll [MD5.1997A751EF0FB9889E6642428DC4CAB2] - [29/07/2016 22:10:03] - |A| - [1161120] - C:\WINDOWS\system32\rpcrt4.dll [MD5.72229D3836EA9697F5E13AAEA85F8688] - [29/07/2016 22:12:21] - |A| - [204048] - C:\WINDOWS\system32\rsaenh.dll [MD5.D9A795240A84C9E3DA78BC1B9E239FCF] - [29/07/2016 22:11:55] - |A| - [95744] - C:\WINDOWS\system32\samlib.dll [MD5.5E3427306DC41D80467C9B4ACDE7A9B5] - [29/07/2016 22:12:21] - |A| - [849920] - C:\WINDOWS\system32\samsrv.dll [MD5.EB9699F8F050E41A2661E56090FB9988] - [29/07/2016 22:10:53] - |A| - [992256] - C:\WINDOWS\system32\sbe.dll [MD5.82C4028BABC9BADCD89600F5084E4543] - [29/07/2016 22:09:53] - |A| - [479232] - C:\WINDOWS\system32\schannel.dll [MD5.4D82582733D9F437F544D3F8F98CE159] - [29/07/2016 22:08:36] - |A| - [1001472] - C:\WINDOWS\system32\schedsvc.dll [MD5.F34470B288B2EF590B3ECA8BA4C90D95] - [29/07/2016 22:09:33] - |A| - [233984] - C:\WINDOWS\system32\schtasks.exe [MD5.309B981F0EB10916BD0BF2972BB33841] - [29/07/2016 22:08:02] - |A| - [1213440] - C:\WINDOWS\system32\sdengin2.dll [MD5.723C6C3DE056D3EB76F7520BEF5947B4] - [29/07/2016 22:07:49] - |A| - [150528] - C:\WINDOWS\system32\sdrsvc.dll [MD5.C56BFF5D26E3CD34EEB79213B6220C14] - [29/07/2016 22:07:48] - |A| - [129536] - C:\WINDOWS\system32\sdshext.dll [MD5.8FB500C462988EE33368E6E099638384] - [29/07/2016 22:10:47] - |A| - [394240] - C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll [MD5.4E762D96FA52AB55A796E373C0557361] - [29/07/2016 22:10:37] - |A| - [203776] - C:\WINDOWS\system32\SearchFilterHost.exe [MD5.A5AE758495A6F7BAB269CCDC960CAAD6] - [29/07/2016 22:10:59] - |A| - [549888] - C:\WINDOWS\system32\SearchFolder.dll [MD5.38F120F3E9F4C87A4825F12B33849BA5] - [29/07/2016 22:11:15] - |A| - [938496] - C:\WINDOWS\system32\SearchIndexer.exe [MD5.877EAB65117EF1A49C28F815F10E3A87] - [29/07/2016 22:10:57] - |A| - [334848] - C:\WINDOWS\system32\SearchProtocolHost.exe [MD5.258BCD1FE978849EDB02D131FD1F7893] - [29/07/2016 22:10:00] - |A| - [989536] - C:\WINDOWS\system32\SecConfig.efi [MD5.45D26646E3AD737E5DE3DB91CCCE7DBA] - [29/07/2016 22:10:00] - |A| - [339968] - C:\WINDOWS\system32\SensorService.dll [MD5.DA4F2FBA02ADB65797953219ABEF0C44] - [29/07/2016 22:09:25] - |A| - [58400] - C:\WINDOWS\system32\SensorsNativeApi.dll [MD5.3F4461644840A3C5572DDC726C36BDF7] - [29/07/2016 22:09:14] - |A| - [92160] - C:\WINDOWS\system32\SensorsNativeApi.V2.dll [MD5.21E74A7A50345F64A2E494C6B6AE0DF2] - [29/07/2016 22:10:53] - |A| - [243712] - C:\WINDOWS\system32\SettingMonitor.dll [MD5.B66654D85A6C6F915E7D4827317739FA] - [29/07/2016 22:12:34] - |A| - [2125312] - C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll [MD5.318C685A15E02A8573DC3A2772804B21] - [29/07/2016 22:12:19] - |A| - [253440] - C:\WINDOWS\system32\SettingsHandlers_Maps.dll [MD5.1CFFDC8E62372CBD2C4C1AB9ADAA0C35] - [29/07/2016 22:12:52] - |A| - [3994624] - C:\WINDOWS\system32\SettingsHandlers_nt.dll [MD5.537CC506D45C691CD1FFF2D918E8C27C] - [29/07/2016 22:12:07] - |A| - [174080] - C:\WINDOWS\system32\SettingsHandlers_Privacy.dll [MD5.D2DAA7F5299D1612ACEF0C282BE4F47C] - [29/07/2016 22:11:52] - |A| - [492544] - C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll [MD5.7DF705D181132AAB5AE5B25A8FF32215] - [29/07/2016 22:11:20] - |A| - [613376] - C:\WINDOWS\system32\SettingSync.dll [MD5.6E8F12E9EF754A715D62B5EEA045BE62] - [29/07/2016 22:11:26] - |A| - [984576] - C:\WINDOWS\system32\SettingSyncCore.dll [MD5.9F1B8A631FD76E9702A58904D4F249BE] - [29/07/2016 22:11:04] - |A| - [566104] - C:\WINDOWS\system32\SettingSyncHost.exe [MD5.4973B94DE96E78AF1128A557846E8411] - [29/07/2016 22:11:08] - |A| - [4387680] - C:\WINDOWS\system32\setupapi.dll [MD5.C49BB15138D9A7AE2901692CA30E11D1] - [29/07/2016 22:13:32] - |A| - [181248] - C:\WINDOWS\system32\shacct.dll [MD5.70B0FB34458FCA020297A595205FC82F] - [29/07/2016 22:12:41] - |A| - [990208] - C:\WINDOWS\system32\SharedStartModel.dll [MD5.C821BB49409012C6CD024F21959CC051] - [29/07/2016 22:11:12] - |A| - [638976] - C:\WINDOWS\system32\ShareHost.dll [MD5.FD0F8299FDBEC22C8DBFA66CB4BD5B1B] - [29/07/2016 22:13:32] - |A| - [725776] - C:\WINDOWS\system32\SHCore.dll [MD5.6ADFA862EDA342F416C05C9E88A69899] - [29/07/2016 22:08:53] - |A| - [22561256] - C:\WINDOWS\system32\shell32.dll [MD5.509589754EDDE7F1EE879366F5692990] - [29/07/2016 22:12:17] - |A| - [182784] - C:\WINDOWS\system32\shutdownux.dll [MD5.C5D55EF423F535D5A6766DB727BEB7E5] - [29/07/2016 22:09:33] - |A| - [160768] - C:\WINDOWS\system32\SimAuth.dll [MD5.6CA35CF766C04B30BBE9F99CB70D1DE1] - [29/07/2016 22:09:34] - |A| - [193024] - C:\WINDOWS\system32\SimCfg.dll [MD5.00000000000000000000000000000000] - [30/07/2016 06:57:48] - |D| - [0] - C:\WINDOWS\system32\SleepStudy [MD5.9F77B66EC74300D30720B1001E2CD044] - [29/07/2016 22:09:54] - |A| - [1037824] - C:\WINDOWS\system32\SmartcardCredentialProvider.dll [MD5.9E2BC2A7D1E3862327B5626CEE56C46E] - [29/07/2016 22:11:20] - |A| - [1487872] - C:\WINDOWS\system32\SpeechPal.dll [MD5.939D80772D59831E50B03CDBD99049DF] - [29/07/2016 22:13:53] - |A| - [1540224] - C:\WINDOWS\system32\sppobjs.dll [MD5.49B666BCCF59226549F64656584318EA] - [29/07/2016 22:09:03] - |A| - [6536256] - C:\WINDOWS\system32\sppsvc.exe [MD5.B5D83BCE06D70B120D8AC889EEE4A14A] - [29/07/2016 22:13:35] - |A| - [692136] - C:\WINDOWS\system32\sppwinob.dll [MD5.995974222B873687A88C25FFCDB644F7] - [29/07/2016 22:11:32] - |A| - [965632] - C:\WINDOWS\system32\SRH.dll [MD5.04ABF2BA35F85E88076A44B6FF19D3EE] - [29/07/2016 22:11:35] - |A| - [1716736] - C:\WINDOWS\system32\SRHInproc.dll [MD5.2804ACDD73835F051CE71DA4DB25337D] - [29/07/2016 22:12:11] - |A| - [110584] - C:\WINDOWS\system32\srvcli.dll [MD5.40B3D3F1F3DFF9C839F2FDAAB070D877] - [29/07/2016 22:13:12] - |A| - [465920] - C:\WINDOWS\system32\StikyNot.exe [MD5.58BC9F0C8D92AD7E45F03596BE2E68B4] - [29/07/2016 22:10:00] - |A| - [550912] - C:\WINDOWS\system32\StoreAgent.dll [MD5.F7391A45172C10D8B79A239CDD8BA88B] - [29/07/2016 22:10:25] - |A| - [209408] - C:\WINDOWS\system32\storewuauth.dll [MD5.FE42F8A07885E518ED1E846C93E4B78C] - [29/07/2016 22:10:11] - |A| - [617984] - C:\WINDOWS\system32\StorSvc.dll [MD5.F69610C2C741B025CE28BBAA7DA8A9EA] - [29/07/2016 22:09:47] - |A| - [684544] - C:\WINDOWS\system32\StructuredQuery.dll [MD5.0CFE0F27EC828D9659FD8BF3A529F7B1] - [29/07/2016 22:12:25] - |A| - [166400] - C:\WINDOWS\system32\SubscriptionMgr.dll [MD5.96576465D2259ADDE056451DBCBEAF3D] - [29/07/2016 22:11:58] - |A| - [656896] - C:\WINDOWS\system32\sud.dll [MD5.681C50548D26B77E32C5A0ED3054A0C5] - [29/07/2016 22:12:10] - |A| - [3415040] - C:\WINDOWS\system32\SyncCenter.dll [MD5.9A293A4EE7C2283AD9689AB268B6CBA5] - [29/07/2016 22:11:26] - |A| - [555520] - C:\WINDOWS\system32\SyncController.dll [MD5.FA8E0A9C648035CA1B47C9DA77EDB7EA] - [29/07/2016 22:11:13] - |A| - [380416] - C:\WINDOWS\system32\SystemEventsBrokerServer.dll [MD5.E083BE4900FCBB6BC42943438DCF2CAD] - [29/07/2016 22:13:05] - |A| - [176128] - C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll [MD5.7E6CF2485E67AE7AA84B0556612F22CA] - [29/07/2016 22:12:17] - |A| - [714240] - C:\WINDOWS\system32\SystemSettings.Handlers.dll [MD5.CAEF382AD301DB79D004254E400719B2] - [29/07/2016 22:12:04] - |A| - [492544] - C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll [MD5.7DE46FA7E3A14535E5D971C977F874D9] - [29/07/2016 22:12:11] - |A| - [374008] - C:\WINDOWS\system32\SystemSettingsAdminFlows.exe [MD5.FEC2E3FF1F1D79E569DE372A020D1909] - [29/07/2016 22:12:42] - |A| - [3585536] - C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll [MD5.064EDB04AB15F985E5E9DE0D9B236958] - [29/07/2016 22:08:01] - |A| - [429056] - C:\WINDOWS\system32\taskcomp.dll [MD5.2D27946C8EC1AA93A26FEC2C7909CD05] - [29/07/2016 22:08:15] - |A| - [299520] - C:\WINDOWS\system32\taskeng.exe [MD5.F86A7E3BA31FB9AEF5E6EF29B65E202E] - [29/07/2016 22:11:08] - |A| - [1238584] - C:\WINDOWS\system32\Taskmgr.exe [MD5.594FDF2DB7568C73C282B282845E30CF] - [29/07/2016 22:13:06] - |A| - [36352] - C:\WINDOWS\system32\tbauth.dll [MD5.3704397D35001B56B371B3395BD8B876] - [29/07/2016 22:10:01] - |A| - [123392] - C:\WINDOWS\system32\tdlrecover.exe [MD5.57C88C15CEC97318F580D7F4327AAA46] - [29/07/2016 22:08:19] - |A| - [163328] - C:\WINDOWS\system32\tetheringservice.dll [MD5.26EDABD6AF6678D299852CB624EDE85B] - [29/07/2016 22:08:58] - |A| - [345600] - C:\WINDOWS\system32\TextInputFramework.dll [MD5.5A1580ADA5F4F38DC1CD0E9C1B98C6BF] - [29/07/2016 22:12:05] - |A| - [2563584] - C:\WINDOWS\system32\themecpl.dll [MD5.B7BA7030B50FC782F44D28B63C28B535] - [29/07/2016 22:09:25] - |A| - [2902528] - C:\WINDOWS\system32\themeui.dll [MD5.7ECACE6D0B4C2D323408EB00FD93C682] - [29/07/2016 22:10:03] - |A| - [503808] - C:\WINDOWS\system32\tileobjserver.dll [MD5.00110FDAF3380A23D360AEA5551B8D03] - [29/07/2016 22:13:38] - |A| - [821760] - C:\WINDOWS\system32\TokenBroker.dll [MD5.63939B50C5C103FA71A419BCEA5B1CF0] - [29/07/2016 22:13:02] - |A| - [26112] - C:\WINDOWS\system32\TokenBrokerCookies.exe [MD5.F6222E15A014A6026CD7F860006407C4] - [29/07/2016 22:10:58] - |A| - [47616] - C:\WINDOWS\system32\TpmTasks.dll [MD5.E7AF5609667C0BF1BC80A9D2E2303C35] - [29/07/2016 22:11:28] - |A| - [3577344] - C:\WINDOWS\system32\tquery.dll [MD5.E91942A0D00C6AA014B2EA33EE0ED0A3] - [29/07/2016 19:43:17] - |A| - [35480] - C:\WINDOWS\system32\TsWpfWrp.exe [MD5.35548DDC03345511E3B3F6C1237FFD6F] - [29/07/2016 22:08:27] - |A| - [1040800] - C:\WINDOWS\system32\twinapi.appcore.dll [MD5.0C66FD155A553C3C1775F9EEE4C52F91] - [29/07/2016 22:13:23] - |A| - [701952] - C:\WINDOWS\system32\twinapi.dll [MD5.06A6BED5044BFA97C1988568DD628777] - [29/07/2016 22:10:13] - |A| - [2444800] - C:\WINDOWS\system32\twinui.appcore.dll [MD5.73B90D7C3DEF1941F783BE0391C0F057] - [29/07/2016 22:12:48] - |A| - [11545088] - C:\WINDOWS\system32\twinui.dll [MD5.127925766866C52F147A2FFC0C0358A5] - [29/07/2016 22:10:10] - |A| - [87040] - C:\WINDOWS\system32\tzautoupdate.dll [MD5.6DF9F08ED418A400857E5570E842A559] - [29/07/2016 22:08:18] - |A| - [838144] - C:\WINDOWS\system32\uDWM.dll [MD5.E8A201E7ACF39359D99EEDD3D059E5AC] - [29/07/2016 22:13:42] - |A| - [1395712] - C:\WINDOWS\system32\UIAutomationCore.dll [MD5.FA01865117A7529561E1F19FD0354D2E] - [29/07/2016 22:09:58] - |A| - [4170240] - C:\WINDOWS\system32\UIRibbon.dll [MD5.ECDD8B72980581EF23F5BA0AFF04767F] - [29/07/2016 22:09:29] - |A| - [584704] - C:\WINDOWS\system32\UIRibbonRes.dll [MD5.A09C212408747F8074D957375B9C486C] - [29/07/2016 22:08:19] - |A| - [268288] - C:\WINDOWS\system32\updatehandlers.dll [MD5.EFE15754302A2188C933164CFF9AEFD1] - [29/07/2016 22:10:53] - |A| - [111104] - C:\WINDOWS\system32\updatepolicy.dll [MD5.231099370F84D4AA4B373B0BD0B71D8F] - [29/07/2016 22:12:54] - |A| - [1729024] - C:\WINDOWS\system32\urlmon.dll [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [29/07/2016 22:13:32] - |A| - [1399224] - C:\WINDOWS\system32\user32.dll [MD5.02DF62B54CEDC85DAC946FF3F01171F5] - [29/07/2016 22:09:31] - |A| - [1385472] - C:\WINDOWS\system32\usercpl.dll [MD5.210F58F5F18D1DBF0B6F75BE33D8B06C] - [29/07/2016 22:08:08] - |A| - [651776] - C:\WINDOWS\system32\UserLanguagesCpl.dll [MD5.50F7B408700BF28CF9986821E0486A16] - [29/07/2016 22:08:24] - |A| - [379392] - C:\WINDOWS\system32\usocore.dll [MD5.5D339458DA9FEA6E314817B7DDD4D351] - [29/07/2016 22:13:39] - |A| - [605184] - C:\WINDOWS\system32\vbscript.dll [MD5.E706406D61508D207F6B41CA4AD30891] - [29/07/2016 22:09:48] - |A| - [127488] - C:\WINDOWS\system32\VEDataLayerHelpers.dll [MD5.E3B8996D970DB8926A817A4BFC3DA5FD] - [29/07/2016 22:09:48] - |A| - [285184] - C:\WINDOWS\system32\VEEventDispatcher.dll [MD5.315CFB6974B5111E3E62E9A512C92B25] - [29/07/2016 22:09:27] - |A| - [151040] - C:\WINDOWS\system32\VEStoreEventHandlers.dll [MD5.9547F6675FB25D558BB0F10F1EC9DDD8] - [29/07/2016 22:09:33] - |A| - [591360] - C:\WINDOWS\system32\vpnike.dll [MD5.F00A2E895B61858DBB3FE870495E37FA] - [29/07/2016 22:09:51] - |A| - [210432] - C:\WINDOWS\system32\wcmcsp.dll [MD5.0BF8D8C7EC9FB15D6480A12101E88B71] - [29/07/2016 22:10:13] - |A| - [606720] - C:\WINDOWS\system32\wcmsvc.dll [MD5.F2503C00653F06AD926553E2C4F69376] - [29/07/2016 22:12:09] - |A| - [1294336] - C:\WINDOWS\system32\wcnwiz.dll [MD5.CFD91D429BA902F1E3EF09434BFEAF53] - [29/07/2016 22:09:23] - |A| - [1048576] - C:\WINDOWS\system32\WebcamUi.dll [MD5.F3EB6A22AFB3893ACD4E7C1B02382A3F] - [29/07/2016 22:13:06] - |A| - [262144] - C:\WINDOWS\system32\webcheck.dll [MD5.D41EC066D915E4825121AE2687596BC2] - [29/07/2016 22:13:13] - |A| - [496640] - C:\WINDOWS\system32\webio.dll [MD5.871DB0260278B46C50D17C5CF4AEB12F] - [29/07/2016 22:08:22] - |A| - [1291776] - C:\WINDOWS\system32\werconcpl.dll [MD5.B86D30AE36165FC84E56AAD4EFBCF527] - [29/07/2016 22:11:47] - |A| - [451584] - C:\WINDOWS\system32\werui.dll [MD5.8C837B999EE2D443E8C19677C4BB7F60] - [29/07/2016 22:07:48] - |A| - [677376] - C:\WINDOWS\system32\wiaaut.dll [MD5.BD3F339FE542C30BB4A88F34A597728C] - [29/07/2016 22:11:47] - |A| - [134656] - C:\WINDOWS\system32\wificonnapi.dll [MD5.F172E5709824756634091047826E7A9F] - [29/07/2016 22:12:38] - |A| - [1319424] - C:\WINDOWS\system32\wifinetworkmanager.dll [MD5.6EA247B3631FE0181583566B9D828B22] - [29/07/2016 22:12:32] - |A| - [413536] - C:\WINDOWS\system32\wifitask.exe [MD5.ED82578312E8B2D2D1D2F87CD77695AC] - [29/07/2016 22:14:26] - |A| - [1387520] - C:\WINDOWS\system32\win32kbase.sys [MD5.4EC98235B7BFCA3705279A9E9242C648] - [29/07/2016 22:14:27] - |A| - [3589632] - C:\WINDOWS\system32\win32kfull.sys [MD5.02B2863417FF2E5E34BD42EBF8B49528] - [29/07/2016 22:13:18] - |A| - [841728] - C:\WINDOWS\system32\win32spl.dll [MD5.CBCA5650B97DFE6D86E4F4DC0D3DD86B] - [29/07/2016 22:13:23] - |A| - [828928] - C:\WINDOWS\system32\Windows.AccountsControl.dll [MD5.A143C34D5DFADCDDBB88CC396DC1F802] - [29/07/2016 22:10:12] - |A| - [859136] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll [MD5.E9CEE634054C1EE9D3112A2E86190FEC] - [29/07/2016 22:10:12] - |A| - [330240] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.4F56CB4CE94272928D1F884A5798456C] - [29/07/2016 22:10:54] - |A| - [538112] - C:\WINDOWS\system32\Windows.Cortana.Desktop.dll [MD5.29BB9364FD70012F169516312CAB0FB7] - [29/07/2016 22:12:02] - |A| - [317440] - C:\WINDOWS\system32\Windows.Cortana.OneCore.dll [MD5.1849F8CCD27258F69EAABC334A87846C] - [29/07/2016 22:11:39] - |A| - [6973952] - C:\WINDOWS\system32\Windows.Data.Pdf.dll [MD5.AB3F697651DDAE1C424C9B2412EFBB59] - [29/07/2016 22:11:18] - |A| - [1239552] - C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll [MD5.7E6FCD52B7EE309145A51A286ED18224] - [29/07/2016 22:09:16] - |A| - [344064] - C:\WINDOWS\system32\Windows.Devices.Picker.dll [MD5.82AC452307257A4B3F08856EE84EE2EC] - [29/07/2016 22:13:19] - |A| - [892416] - C:\WINDOWS\system32\Windows.Devices.SmartCards.dll [MD5.7A576DA811BCF5843C909D9BC9AEC351] - [29/07/2016 22:09:20] - |A| - [522240] - C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll [MD5.E6AA08DC29AA637E861DAF0AB3E21888] - [29/07/2016 22:09:55] - |A| - [1567744] - C:\WINDOWS\system32\Windows.Globalization.dll [MD5.E17447519BC01492E3234C90890800D4] - [29/07/2016 22:08:08] - |A| - [368128] - C:\WINDOWS\system32\Windows.Graphics.dll [MD5.5E126FBE705D91361A3A26DAF9A55838] - [29/07/2016 22:11:17] - |A| - [2103296] - C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll [MD5.DEB8CA5DE728ECB09706765DFAC90DBA] - [29/07/2016 22:09:33] - |A| - [596480] - C:\WINDOWS\system32\Windows.Graphics.Printing.dll [MD5.56A8197D9FAE5D63ED0CED92BD03F4F8] - [29/07/2016 22:11:00] - |A| - [450048] - C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll [MD5.E32F15E26724F3BB6423FB29FF3E2A8F] - [29/07/2016 22:11:53] - |A| - [278016] - C:\WINDOWS\system32\Windows.Internal.Management.dll [MD5.D907D75D41B373D2F8DBD9E0E8B041C1] - [29/07/2016 22:12:25] - |A| - [730352] - C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll [MD5.AF13258A6E8FD57CE0B9C6BEDCDF80CB] - [29/07/2016 22:12:20] - |A| - [144896] - C:\WINDOWS\system32\Windows.Media.Devices.dll [MD5.0E52D076B5FDCD59AEC112BD7665E2E7] - [29/07/2016 22:14:34] - |A| - [3428864] - C:\WINDOWS\system32\Windows.Media.dll [MD5.950575747FCDCAF5CD7692664DBFE903] - [29/07/2016 22:13:18] - |A| - [1434112] - C:\WINDOWS\system32\Windows.Media.Editing.dll [MD5.024199E28832EEF1418AC3E93894FB75] - [29/07/2016 22:10:55] - |A| - [376536] - C:\WINDOWS\system32\Windows.Media.MediaControl.dll [MD5.5712B5F645838BFC583AB4A5E9684572] - [29/07/2016 22:12:33] - |A| - [1575936] - C:\WINDOWS\system32\Windows.Media.Speech.dll [MD5.4DDF78E93CF079FD19D80CB45DA9611D] - [29/07/2016 22:11:06] - |A| - [1036288] - C:\WINDOWS\system32\Windows.Media.Streaming.dll [MD5.E7DA2262B7A9C793FEBD14088AE4C72F] - [29/07/2016 22:08:07] - |A| - [900608] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll [MD5.DB2911201B4AAC79AF712C5551F0C41D] - [29/07/2016 22:12:34] - |A| - [688640] - C:\WINDOWS\system32\Windows.Networking.Connectivity.dll [MD5.A6969BAD3166EDA1C79988DD782A87CF] - [29/07/2016 22:12:30] - |A| - [888320] - C:\WINDOWS\system32\Windows.Networking.dll [MD5.FC0F06DFE5FD20CCFCE17F3180746D24] - [29/07/2016 22:13:39] - |A| - [576000] - C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll [MD5.4FE86093AE50EDBB2C51F719AE366AA2] - [29/07/2016 22:13:22] - |A| - [697344] - C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll [MD5.720627CBA30152DFA93E8438BCEAA167] - [29/07/2016 22:13:19] - |A| - [708608] - C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll [MD5.E274C4B6C496B72CCE171CB56C51C41A] - [29/07/2016 22:10:44] - |A| - [51200] - C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll [MD5.7FA43A7587D5D6AA8FFE42A271CF2585] - [29/07/2016 22:10:36] - |A| - [45056] - C:\WINDOWS\system32\Windows.Speech.Pal.dll [MD5.17139E61D556444B6FCE67920E71D369] - [29/07/2016 22:12:27] - |A| - [2745856] - C:\WINDOWS\system32\Windows.StateRepository.dll [MD5.0B1DA49D8F816ED7CF44B112B2F348DD] - [29/07/2016 22:11:52] - |A| - [59904] - C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll [MD5.86236B9417AA659DF48C45162C148167] - [29/07/2016 22:11:57] - |A| - [64000] - C:\WINDOWS\system32\Windows.StateRepositoryClient.dll [MD5.12FEFF0CACF65E3FB5531E2D19728FB0] - [29/07/2016 22:13:21] - |A| - [337336] - C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll [MD5.4B80239138EB21B50A1FBA54FDB15860] - [29/07/2016 22:08:50] - |A| - [6605544] - C:\WINDOWS\system32\windows.storage.dll [MD5.D62B0829530BBBA204ECA98B57FC4C58] - [29/07/2016 22:09:19] - |A| - [817152] - C:\WINDOWS\system32\Windows.Storage.Search.dll [MD5.F35D067F84D5F8EE3ACEEC3188FF3B40] - [29/07/2016 22:12:04] - |A| - [414720] - C:\WINDOWS\system32\Windows.UI.BioFeedback.dll [MD5.324F99E7B2B6739370D398D3C79A6DFD] - [29/07/2016 22:12:00] - |A| - [475648] - C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll [MD5.46E51F35566F8B73540D56EAA0A97E46] - [29/07/2016 22:08:58] - |A| - [175616] - C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll [MD5.1EF7B8D9AF97BA18A61E6256300A2E78] - [29/07/2016 22:12:35] - |A| - [1211904] - C:\WINDOWS\system32\Windows.UI.Cred.dll [MD5.E772B8EEE1D142622192ADFF4DA1618B] - [29/07/2016 22:08:34] - |A| - [673280] - C:\WINDOWS\system32\Windows.UI.dll [MD5.F099E147846A9CFF5D26E9292D77F8A9] - [29/07/2016 22:13:34] - |A| - [1797120] - C:\WINDOWS\system32\Windows.UI.Immersive.dll [MD5.5066575F39AEECAA7A9E03C0FA007A90] - [29/07/2016 22:13:35] - |A| - [881664] - C:\WINDOWS\system32\Windows.UI.Input.Inking.dll [MD5.C731DF7843CA87A97969FC182298D8F0] - [29/07/2016 22:12:46] - |A| - [2635776] - C:\WINDOWS\system32\Windows.UI.Logon.dll [MD5.AA39F6642940FD8D4781701AD73776AD] - [29/07/2016 22:11:55] - |A| - [188416] - C:\WINDOWS\system32\Windows.UI.PicturePassword.dll [MD5.552E1A170B36D372CA67A5990E95BF13] - [29/07/2016 22:11:33] - |A| - [6312448] - C:\WINDOWS\system32\Windows.UI.Search.dll [MD5.E269E5AE6F0B70FC5093DF5D438C5FD2] - [29/07/2016 22:12:35] - |A| - [1390080] - C:\WINDOWS\system32\Windows.UI.Shell.dll [MD5.2DEED9D59520DD7DF44C4D4F58C3B046] - [29/07/2016 22:09:02] - |A| - [16985088] - C:\WINDOWS\system32\Windows.UI.Xaml.dll [MD5.51449675B00C62F970B497A2FBF1BC46] - [29/07/2016 22:12:35] - |A| - [787456] - C:\WINDOWS\system32\Windows.Web.dll [MD5.87F0EA669FB37C03207A8870C3B91174] - [29/07/2016 22:12:37] - |A| - [1410560] - C:\WINDOWS\system32\Windows.Web.Http.dll [MD5.63660131B3B6F976F28E75F37DFB2F5F] - [29/07/2016 22:08:26] - |A| - [1776768] - C:\WINDOWS\system32\WindowsCodecs.dll [MD5.E249D7A2B7998EF00990E56190D738B1] - [29/07/2016 22:13:11] - |A| - [276480] - C:\WINDOWS\system32\WindowsCodecsExt.dll [MD5.4FBF7735D43C338B9F6A1F86116451E5] - [29/07/2016 22:09:43] - |A| - [28851224] - C:\WINDOWS\system32\WindowsCodecsRaw.dll [MD5.D4B30E23A3B373648F61290DAF432CB2] - [29/07/2016 22:13:41] - |A| - [794624] - C:\WINDOWS\system32\winhttp.dll [MD5.1EEBC6859473037A1A671738AD083C7D] - [29/07/2016 22:12:52] - |A| - [3026944] - C:\WINDOWS\system32\wininet.dll [MD5.CD885F960066DDD538CD1BBD509A0EC0] - [29/07/2016 22:12:55] - |A| - [69632] - C:\WINDOWS\system32\wininetlui.dll [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [29/07/2016 22:12:29] - |A| - [291360] - C:\WINDOWS\system32\wininit.exe [MD5.BB46F924BAF7128D44B25783ED785A18] - [29/07/2016 22:12:13] - |A| - [448000] - C:\WINDOWS\system32\winipcfile.dll [MD5.C1257DCFD6031469F154CF44E0769613] - [29/07/2016 22:12:14] - |A| - [1141248] - C:\WINDOWS\system32\winipcsecproc.dll [MD5.BB861E878479CCBCF55D4242AC400E36] - [29/07/2016 22:08:47] - |A| - [1317640] - C:\WINDOWS\system32\winload.efi [MD5.8C01DAF52F9923A4B9DF31F1D9331567] - [29/07/2016 22:08:47] - |A| - [1141504] - C:\WINDOWS\system32\winload.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [29/07/2016 22:10:04] - |A| - [585728] - C:\WINDOWS\system32\winlogon.exe [MD5.96D121188D91FB4C9C878F30A3F7086F] - [29/07/2016 22:13:35] - |A| - [1552104] - C:\WINDOWS\system32\winmde.dll [MD5.5DB913462AD1D5EB8766E5A51922D661] - [29/07/2016 22:11:53] - |A| - [2012672] - C:\WINDOWS\system32\winmsipc.dll [MD5.C55144832FF73830BBBC0B5B6EED6383] - [29/07/2016 22:08:47] - |A| - [1030416] - C:\WINDOWS\system32\winresume.efi [MD5.11FB4531482E461A71E5303F53FFDC92] - [29/07/2016 22:08:48] - |A| - [874968] - C:\WINDOWS\system32\winresume.exe [MD5.6C647A171ACA3838441206BBE715B0D7] - [29/07/2016 22:13:06] - |A| - [198144] - C:\WINDOWS\system32\winsrv.dll [MD5.998015F786B2B9EE029FB556393CF848] - [29/07/2016 22:12:08] - |A| - [78040] - C:\WINDOWS\system32\wkscli.dll [MD5.C991F0E48492D1550279F901AB2332B0] - [29/07/2016 22:12:19] - |A| - [390496] - C:\WINDOWS\system32\wlanapi.dll [MD5.B26725818ECD6486A3FEB0509ED66CB3] - [29/07/2016 22:12:18] - |A| - [519680] - C:\WINDOWS\system32\WLanConn.dll [MD5.9E5D0971925AF8E8EBAB3A98991500BD] - [29/07/2016 22:12:06] - |A| - [510464] - C:\WINDOWS\system32\WlanMediaManager.dll [MD5.D3C6155DF570181F97488A3186E4E8E2] - [29/07/2016 22:11:59] - |A| - [412672] - C:\WINDOWS\system32\wlanui.dll [MD5.D78D829952282676116A92E1C5C3A89F] - [29/07/2016 22:10:59] - |A| - [37232] - C:\WINDOWS\system32\wldp.dll [MD5.E5830830FB987CB46C18AB55ECC7763A] - [29/07/2016 22:08:15] - |A| - [341504] - C:\WINDOWS\system32\wmicmiplugin.dll [MD5.6E415D9BFD8D1BC0354C3B0E4A0E1C56] - [29/07/2016 22:14:07] - |A| - [14252544] - C:\WINDOWS\system32\wmp.dll [MD5.E750AFEDBCC48016787CB4F6644923E4] - [29/07/2016 22:08:21] - |A| - [1847808] - C:\WINDOWS\system32\WMPDMC.exe [MD5.C9BB741EB879D6B5A6CDBE88315B030B] - [29/07/2016 22:11:58] - |A| - [373248] - C:\WINDOWS\system32\WmpDui.dll [MD5.9D86BE6C15D60535AE36AA0D8DECFC51] - [29/07/2016 22:10:46] - |A| - [394752] - C:\WINDOWS\system32\WMPhoto.dll [MD5.79F5E0E53F4D42D1DB0D83D719C551C9] - [29/07/2016 22:12:26] - |A| - [1554152] - C:\WINDOWS\system32\wmpmde.dll [MD5.FC3D54BD8FBD8A053223D1EC6E9103A4] - [29/07/2016 22:13:17] - |A| - [388896] - C:\WINDOWS\system32\wmpps.dll [MD5.3B6CCFF7AD385842A9638DCF654ABCD4] - [29/07/2016 22:09:46] - |A| - [1872896] - C:\WINDOWS\system32\workfolderssvc.dll [MD5.6D6E9C9C70E196F6833A96C267327368] - [29/07/2016 22:12:39] - |A| - [2876928] - C:\WINDOWS\system32\Wpc.dll [MD5.08C501FB351842DC6B5A34DFA705C28C] - [29/07/2016 22:12:32] - |A| - [1750440] - C:\WINDOWS\system32\WpcMon.exe [MD5.9E625D3F5AAC433191CF4F16174DDE05] - [29/07/2016 22:11:49] - |A| - [824320] - C:\WINDOWS\system32\WpcWebFilter.dll [MD5.1AC7CA0E0DA703106B6DFACD2C84E520] - [29/07/2016 22:12:28] - |A| - [2285568] - C:\WINDOWS\system32\WpcWebSync.dll [MD5.45FA01F8B7971ACB65202038E34D04A3] - [29/07/2016 22:13:23] - |A| - [86528] - C:\WINDOWS\system32\wpdbusenum.dll [MD5.80625D0A23E439BCAA2C3021042A5EBF] - [29/07/2016 22:13:21] - |A| - [2088960] - C:\WINDOWS\system32\wpdshext.dll [MD5.C2F73C1C869B72BF897379A6B02CB5C2] - [29/07/2016 22:13:07] - |A| - [69120] - C:\WINDOWS\system32\WPDShServiceObj.dll [MD5.634E0909C598C5BA50E0890D7CAFD795] - [29/07/2016 22:11:18] - |A| - [870400] - C:\WINDOWS\system32\wpncore.dll [MD5.F68AD4ACC7535D811F94A52233AE0457] - [29/07/2016 22:09:47] - |A| - [430312] - C:\WINDOWS\system32\ws2_32.dll [MD5.BA46DFBCD3D906776F0F803B6C0B5690] - [29/07/2016 22:10:45] - |A| - [185344] - C:\WINDOWS\system32\WSClient.dll [MD5.5B813FADEA5BE9195F01C83287F823F7] - [29/07/2016 22:12:26] - |A| - [190464] - C:\WINDOWS\system32\wscsvc.dll [MD5.38C87ECB57CB973AA5DA633B91778670] - [29/07/2016 22:12:02] - |A| - [676352] - C:\WINDOWS\system32\WSDApi.dll [MD5.12D83590FEF1C8C28DBF3323C61E831A] - [29/07/2016 22:13:14] - |A| - [31232] - C:\WINDOWS\system32\wsdchngr.dll [MD5.C3534256AF526A16AADBA335AA99D58F] - [29/07/2016 22:09:08] - |A| - [63488] - C:\WINDOWS\system32\wshbth.dll [MD5.1E099AE79C6D58063E0B4F538732B87F] - [29/07/2016 22:10:55] - |A| - [3449168] - C:\WINDOWS\system32\WSService.dll [MD5.518ABEC8D3C1EEB1C64FDC3B77CD428C] - [29/07/2016 22:11:01] - |A| - [961536] - C:\WINDOWS\system32\WSShared.dll [MD5.8E908E944599C9134A209D5876884C07] - [29/07/2016 22:10:46] - |A| - [183808] - C:\WINDOWS\system32\WSSync.dll [MD5.F1DF87BCF5429D48484E78FB1933326B] - [29/07/2016 22:10:00] - |A| - [848896] - C:\WINDOWS\system32\wuapi.dll [MD5.CC270562CC41D32D118D9EA75E966FE5] - [29/07/2016 22:09:26] - |A| - [26408] - C:\WINDOWS\system32\wuauclt.exe [MD5.F2A9089A715EC55EA8A5C660F724A7B3] - [29/07/2016 22:10:24] - |A| - [2280448] - C:\WINDOWS\system32\wuaueng.dll [MD5.F5B8CC586CE9D6187F412B5DFE932468] - [29/07/2016 22:09:26] - |A| - [33280] - C:\WINDOWS\system32\wuautoappupdate.dll [MD5.862FCF0385E0D94A2CD2FB4604096CDB] - [29/07/2016 22:10:42] - |A| - [200192] - C:\WINDOWS\system32\WUDFPlatform.dll [MD5.90A52EBAC043CFCA92E5F3DEAD4BBB4C] - [29/07/2016 22:09:27] - |A| - [48128] - C:\WINDOWS\system32\wups.dll [MD5.FA913C83823C2BA250E80AAE2E3905D1] - [29/07/2016 22:13:33] - |A| - [381952] - C:\WINDOWS\system32\wuuhext.dll [MD5.0C41EA00D56409637B157DAA3C7ECDE0] - [29/07/2016 22:12:50] - |A| - [808288] - C:\WINDOWS\system32\WWAHost.exe [MD5.6630413C9F5E87F0C097D77AD96CBBC3] - [29/07/2016 22:12:22] - |A| - [465920] - C:\WINDOWS\system32\wwanconn.dll [MD5.FB468F3E01B83C0878F024B8B15F8A78] - [29/07/2016 22:12:06] - |A| - [6572032] - C:\WINDOWS\system32\wwanmm.dll [MD5.5DA95027DF2317174E8C39B4A8D1FCD8] - [29/07/2016 22:12:45] - |A| - [1213440] - C:\WINDOWS\system32\wwansvc.dll [MD5.5DFAF8BE5A3CABAABF6795BC09EB7876] - [29/07/2016 22:13:50] - |A| - [948736] - C:\WINDOWS\system32\XblAuthManager.dll [MD5.928C7B3D285CD3485267E6B819748DA4] - [29/07/2016 22:09:56] - |A| - [4646912] - C:\WINDOWS\system32\xpsrchvw.exe [MD5.5FCE18E28E0439C147A16323961CD1FA] - [29/07/2016 22:08:26] - |A| - [3046400] - C:\WINDOWS\system32\xpsservices.dll [MD5.E57B9A2BBBBB39F369A1141472A3DDFD] - [29/07/2016 22:12:00] - |A| - [392192] - C:\WINDOWS\system32\zipfldr.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 14:06:01] - |RASH| - [0] - C:\WINDOWS\system32\Drivers\103C_HP_cPC_CQ2904EF_Y53316J_0U_Q4CH3100VPJ_E12WE3RR8607_4A_I2AE3_SHP_V1.02_B8.17_T130125_W8101-0_L40C_M3660_J62_7AMD_8BFF_91.40_#130304_N19692062_Z_G10029809.MRK [MD5.309E3CFC5309CECD9317A69990716A87] - [29/07/2016 22:12:40] - |A| - [604928] - C:\WINDOWS\system32\Drivers\cng.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [29/07/2016 22:08:23] - |A| - [148480] - C:\WINDOWS\system32\Drivers\dfsc.sys [MD5.8359F776CA899E761852F2293B724EAE] - [29/07/2016 22:09:58] - |A| - [185184] - C:\WINDOWS\system32\Drivers\dumpsd.sys [MD5.3996DF4D52FD6273750C7033D1447C0A] - [29/07/2016 22:14:35] - |A| - [31744] - C:\WINDOWS\system32\Drivers\dumpsdport.sys [MD5.97BFC3BD9F910B24EB956FF3387C71CF] - [29/07/2016 22:13:50] - |A| - [1987936] - C:\WINDOWS\system32\Drivers\dxgkrnl.sys [MD5.66FDDD2004332EED0A8262E9762EB457] - [29/07/2016 22:13:30] - |A| - [393568] - C:\WINDOWS\system32\Drivers\dxgmms1.sys [MD5.91A2D07C017068FD2F11414E8D676EC5] - [29/07/2016 22:13:39] - |A| - [577376] - C:\WINDOWS\system32\Drivers\dxgmms2.sys [MD5.C330883C06E2D4CE4F6982F048265D37] - [29/07/2016 22:12:24] - |A| - [335712] - C:\WINDOWS\system32\Drivers\fastfat.sys [MD5.8F2523C9D8F1448FF2156452AF60FA00] - [29/07/2016 22:09:33] - |A| - [87552] - C:\WINDOWS\system32\Drivers\filecrypt.sys [MD5.50DFE05C698E9B0A63D95E3D669A105C] - [29/07/2016 22:11:11] - |A| - [638816] - C:\WINDOWS\system32\Drivers\fvevol.sys [MD5.020F3FD207AFEDAC8E05E4C567547A78] - [29/07/2016 22:12:08] - |A| - [155136] - C:\WINDOWS\system32\Drivers\hidclass.sys [MD5.63C3F74DC398A1C1A77E39DFB9C312CA] - [29/07/2016 22:09:57] - |A| - [1089888] - C:\WINDOWS\system32\Drivers\http.sys [MD5.547E9B25B4407A125D5F187E918BC217] - [29/07/2016 17:19:53] - |A| - [143904] - C:\WINDOWS\system32\Drivers\KeyCrypt64.sys [MD5.5DFF4CF4DF7FD11AE5A1DAD8C67619D2] - [29/07/2016 22:12:20] - |A| - [161632] - C:\WINDOWS\system32\Drivers\ksecpkg.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [30/07/2016 07:23:35] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 18:56:45] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 18:57:16] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [MD5.E582DA849A58524E645545FB68B6625D] - [29/07/2016 22:09:35] - |A| - [1152864] - C:\WINDOWS\system32\Drivers\ndis.sys [MD5.883A36E2FF7FA3E1281CB575579FE3AF] - [29/07/2016 22:09:18] - |A| - [124928] - C:\WINDOWS\system32\Drivers\Ndu.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [29/07/2016 22:11:04] - |A| - [278528] - C:\WINDOWS\system32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [29/07/2016 22:12:47] - |A| - [2152280] - C:\WINDOWS\system32\Drivers\ntfs.sys [MD5.549DFD8240CF20BFBD88AD9D89325DBF] - [29/07/2016 22:12:08] - |A| - [530432] - C:\WINDOWS\system32\Drivers\nwifi.sys [MD5.D330D74B5F99309B5CCA30AE41C57CDE] - [29/07/2016 22:12:07] - |A| - [118624] - C:\WINDOWS\system32\Drivers\partmgr.sys [MD5.EF94E21C3220AE3F8539542EC0B3FF06] - [29/07/2016 22:12:25] - |A| - [331616] - C:\WINDOWS\system32\Drivers\pci.sys [MD5.67B9684B8272D5EBD1CCBB1DBD425EC8] - [29/07/2016 22:08:06] - |A| - [99680] - C:\WINDOWS\system32\Drivers\pdc.sys [MD5.0731E8F4D8D3B8D3FD98A46A8ABFE0A0] - [29/07/2016 22:10:36] - |A| - [333824] - C:\WINDOWS\system32\Drivers\portcls.sys [MD5.1CDA6D0A2345AA589949AE9C83853913] - [29/07/2016 22:08:57] - |A| - [277856] - C:\WINDOWS\system32\Drivers\sdbus.sys [MD5.B880BE37452AB1D4AA93845F58EF7960] - [29/07/2016 22:08:23] - |A| - [95072] - C:\WINDOWS\system32\Drivers\sdport.sys [MD5.249A563C48DFD9E42A37587653E003BB] - [29/07/2016 22:12:01] - |A| - [83968] - C:\WINDOWS\system32\Drivers\serial.sys [MD5.BE88248427A6AA548A904FD867667F70] - [29/07/2016 22:13:20] - |A| - [406528] - C:\WINDOWS\system32\Drivers\srv.sys [MD5.2568B86F6A50D254324CB89022CA9EFC] - [29/07/2016 22:11:04] - |A| - [690176] - C:\WINDOWS\system32\Drivers\srv2.sys [MD5.6E520D6B16EA8AE23D1F81C1194F00C8] - [29/07/2016 22:10:58] - |A| - [237056] - C:\WINDOWS\system32\Drivers\srvnet.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [29/07/2016 22:08:24] - |A| - [2403168] - C:\WINDOWS\system32\Drivers\tcpip.sys [MD5.87B9ABB965F7AF987D52791F0DD1663D] - [29/07/2016 22:13:14] - |A| - [211296] - C:\WINDOWS\system32\Drivers\tpm.sys [MD5.82D3B1F4D80057826AA649D78147DE36] - [29/07/2016 22:11:03] - |A| - [63488] - C:\WINDOWS\system32\Drivers\UcmCx.sys [MD5.05DD22294A4F3F89E52351C7721E6D2C] - [29/07/2016 22:08:15] - |A| - [258912] - C:\WINDOWS\system32\Drivers\ufx01000.sys [MD5.2A87EA182EA333D79AA0B03833EA67F2] - [29/07/2016 22:12:20] - |A| - [131424] - C:\WINDOWS\system32\Drivers\ufxsynopsys.sys [MD5.E7463CE8579A0418A98BE9BE42C647D7] - [29/07/2016 22:12:31] - |A| - [534872] - C:\WINDOWS\system32\Drivers\USBHUB3.SYS [MD5.4AAD6547953D373A1EB5B2DF583D868B] - [29/07/2016 22:12:00] - |A| - [67072] - C:\WINDOWS\system32\Drivers\usbser.sys [MD5.9E9D58F5E1702955B2F4D62996F80E8E] - [29/07/2016 22:12:30] - |A| - [378208] - C:\WINDOWS\system32\Drivers\USBXHCI.SYS [MD5.2BC2E99623119521EEF7910A11D0FDE0] - [29/07/2016 22:12:26] - |A| - [694784] - C:\WINDOWS\system32\Drivers\WdiWiFi.sys [MD5.DA0807D87A62D076C29C4E30F1E84F46] - [29/07/2016 22:13:17] - |A| - [26112] - C:\WINDOWS\system32\Drivers\xinputhid.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [29/07/2016 17:20:22] - |A| - [203680] - C:\WINDOWS\system32\Drivers\zam64.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [29/07/2016 17:20:21] - |A| - [203680] - C:\WINDOWS\system32\Drivers\zamguard64.sys [MD5.7D276C5DF303462091092C3311027D30] - [29/07/2016 22:11:10] - |A| - [129024] - C:\WINDOWS\syswow64\AboveLockAppHost.dll [MD5.B1D8636E375413D57B50BDE20CA5E710] - [29/07/2016 22:11:20] - |A| - [358400] - C:\WINDOWS\syswow64\AccountsRt.dll [MD5.19157418D05756492D3F54751EC5B041] - [29/07/2016 22:13:09] - |A| - [546816] - C:\WINDOWS\syswow64\ActionCenterCPL.dll [MD5.B981A07C0A0CCE68BD90DF3E3EC520DE] - [29/07/2016 22:11:38] - |A| - [1707520] - C:\WINDOWS\syswow64\ActiveSyncProvider.dll [MD5.98DA8D97E83C73E7AD7A142A801E1898] - [29/07/2016 22:10:01] - |A| - [2193408] - C:\WINDOWS\syswow64\actxprxy.dll [MD5.BBB9376A3D8764A6763183340625FCEA] - [29/07/2016 22:11:47] - |A| - [70656] - C:\WINDOWS\syswow64\AppCapture.dll [MD5.836DF245362A9E09CC050EB107E85D74] - [29/07/2016 22:08:23] - |A| - [467456] - C:\WINDOWS\syswow64\AppContracts.dll [MD5.E48A7C15B395A8F1537CE249183D508F] - [29/07/2016 22:09:20] - |A| - [190464] - C:\WINDOWS\syswow64\apprepapi.dll [MD5.8686191CF27D6707FC890A6CD4CB552A] - [29/07/2016 22:09:09] - |A| - [260096] - C:\WINDOWS\syswow64\apprepsync.dll [MD5.AE3444858CB88D033427C1E9D6FE749E] - [29/07/2016 22:10:51] - |A| - [738816] - C:\WINDOWS\syswow64\appwiz.cpl [MD5.1B26C71109A2EA27DD6684719BF493EC] - [29/07/2016 22:11:13] - |A| - [188256] - C:\WINDOWS\syswow64\AppxAllUserStore.dll [MD5.8E8FBA400CD678AB46D46BB24921A051] - [29/07/2016 22:08:17] - |A| - [342528] - C:\WINDOWS\syswow64\AppXDeploymentClient.dll [MD5.A495EA4706387D12C00641D8C48BA527] - [29/07/2016 22:12:31] - |A| - [890368] - C:\WINDOWS\syswow64\AppxPackaging.dll [MD5.9B034D049D1C6EC9BED55D2F27D86ED9] - [29/07/2016 22:10:29] - |A| - [2186] - C:\WINDOWS\syswow64\AppxProvisioning.xml [MD5.5922C03A67F868265E5AB176DB6D641D] - [29/07/2016 22:12:57] - |A| - [316256] - C:\WINDOWS\syswow64\atmfd.dll [MD5.FB68B81CBD3F79D09E3EA1D0DFB424B6] - [29/07/2016 22:12:56] - |A| - [37376] - C:\WINDOWS\syswow64\atmlib.dll [MD5.96E0F50ABD43C92B4B66154113C701DE] - [29/07/2016 22:11:22] - |A| - [2155008] - C:\WINDOWS\syswow64\authui.dll [MD5.56BBCFD02C4C5248CAF8EAF8236A4674] - [29/07/2016 22:12:23] - |A| - [667648] - C:\WINDOWS\syswow64\AzureSettingSyncProvider.dll [MD5.312472050BECE16F51493C95CCE91B57] - [29/07/2016 22:11:47] - |A| - [334336] - C:\WINDOWS\syswow64\bcastdvr.exe [MD5.2FDF5001427D457AC43942FADC742404] - [29/07/2016 22:12:06] - |A| - [360480] - C:\WINDOWS\syswow64\bcryptprimitives.dll [MD5.3BFBC5158CC4CA508FEC8284DB6727FD] - [29/07/2016 22:13:54] - |A| - [5205504] - C:\WINDOWS\syswow64\BingMaps.dll [MD5.DA97C8A8C517210E4ACA90E45C836E80] - [29/07/2016 22:13:13] - |A| - [80896] - C:\WINDOWS\syswow64\BluetoothApis.dll [MD5.3EB91A44E6BCD05CA257E113FCA1DA0C] - [29/07/2016 22:09:24] - |A| - [43520] - C:\WINDOWS\syswow64\browcli.dll [MD5.359765C7C700F7CED909A69C5DBBD943] - [29/07/2016 22:10:46] - |A| - [140800] - C:\WINDOWS\syswow64\BrowserSettingSync.dll [MD5.89C06DA6E3B3C06F69E2CAFB3431CAF5] - [29/07/2016 22:13:06] - |A| - [31232] - C:\WINDOWS\syswow64\ByteCodeGenerator.exe [MD5.098B24AC8A32CA4EFBF06FCEDB0CA3B6] - [29/07/2016 19:45:05] - |A| - [61917] - C:\WINDOWS\syswow64\CCCInstall_201607291945057799.log [MD5.4907E0A9216A6DCEAB351F534A97FAFC] - [29/07/2016 22:11:57] - |A| - [339456] - C:\WINDOWS\syswow64\certcli.dll [MD5.C34CC619C1F747F81D2C2C47D5C1B095] - [29/07/2016 22:11:26] - |A| - [2604032] - C:\WINDOWS\syswow64\CertEnroll.dll [MD5.31AC81040FBFB538619282F47C3ED884] - [29/07/2016 22:14:36] - |A| - [5660672] - C:\WINDOWS\syswow64\Chakra.dll [MD5.DFB970BC93678AFA2F95A51BF1506049] - [29/07/2016 22:10:54] - |A| - [64584] - C:\WINDOWS\syswow64\Clipc.dll [MD5.03BF64E3FD79A5C4FD0B51659B164EDC] - [29/07/2016 22:11:53] - |A| - [965120] - C:\WINDOWS\syswow64\comdlg32.dll [MD5.460CDD92C5283DCB9E35AF2B8DB7F200] - [29/07/2016 22:08:27] - |A| - [461824] - C:\WINDOWS\syswow64\CoreMessaging.dll [MD5.766F809BC576BC57FF3B7C343D1E8881] - [29/07/2016 22:11:41] - |A| - [1862008] - C:\WINDOWS\syswow64\CoreUIComponents.dll [MD5.ADCC41AF6513D5192E0C1A250D2ED4A1] - [29/07/2016 22:11:21] - |A| - [348672] - C:\WINDOWS\syswow64\CredProvDataModel.dll [MD5.B4643C990D071EE99D9713336052F97B] - [29/07/2016 22:11:02] - |A| - [193024] - C:\WINDOWS\syswow64\credprovhost.dll [MD5.2E7375FB616E7F729B077628F9BF2537] - [29/07/2016 22:07:54] - |A| - [220672] - C:\WINDOWS\syswow64\credprovs.dll [MD5.E247EAA09FE6397200205FA90BF87C1D] - [29/07/2016 22:09:53] - |A| - [1536600] - C:\WINDOWS\syswow64\crypt32.dll [MD5.AB48B90C4DB88D2F31D1A6F460F76D29] - [29/07/2016 22:08:05] - |A| - [241664] - C:\WINDOWS\syswow64\cryptngc.dll [MD5.00C8B201BE1C9705906A484DBE5D6332] - [29/07/2016 22:10:13] - |A| - [4759040] - C:\WINDOWS\syswow64\d2d1.dll [MD5.A825405D442EB9A2526468E16296DD58] - [29/07/2016 22:09:55] - |A| - [513368] - C:\WINDOWS\syswow64\d3d10level9.dll [MD5.92A252E7DAF67D36BC81758A0F8596EB] - [29/07/2016 22:09:54] - |A| - [2195632] - C:\WINDOWS\syswow64\d3d10warp.dll [MD5.4963662B1CBB0035FD5D6832824DC7B6] - [29/07/2016 22:10:22] - |A| - [2186864] - C:\WINDOWS\syswow64\d3d11.dll [MD5.4102898869C3F72FBD50E7A7D003F530] - [29/07/2016 22:11:16] - |A| - [1866104] - C:\WINDOWS\syswow64\d3d9.dll [MD5.9FFEF91F0BEE39FAE2305ACE3C11B4A8] - [29/07/2016 22:12:02] - |A| - [3695104] - C:\WINDOWS\syswow64\D3DCompiler_47.dll [MD5.7CF445915FC12FA890EFE5D43AD8B2F9] - [29/07/2016 22:11:14] - |A| - [4078080] - C:\WINDOWS\syswow64\dbgeng.dll [MD5.83CF09D8FE73DC8FA7374C98B32243DF] - [29/07/2016 22:10:01] - |A| - [675064] - C:\WINDOWS\syswow64\dcomp.dll [MD5.1E00F1B16E727B3D23F6516988F2E7EA] - [29/07/2016 22:10:40] - |A| - [502272] - C:\WINDOWS\syswow64\DevicePairing.dll [MD5.CEF14DB231B344BBDBF7C04A12D8336B] - [29/07/2016 22:11:51] - |A| - [293888] - C:\WINDOWS\syswow64\dhcpcore.dll [MD5.8000FB1D40149AC05F6BDE9248A6B956] - [29/07/2016 22:12:05] - |A| - [230400] - C:\WINDOWS\syswow64\dhcpcore6.dll [MD5.88A3958213B43EED8402D4496149924A] - [29/07/2016 22:11:55] - |A| - [64000] - C:\WINDOWS\syswow64\dhcpcsvc.dll [MD5.4F34CCC76E60CCE8BA12663A747EC05B] - [29/07/2016 22:11:55] - |A| - [57344] - C:\WINDOWS\syswow64\dhcpcsvc6.dll [MD5.A1A9DDD5C6A335C0B97423A2F75C9299] - [29/07/2016 22:09:54] - |A| - [453472] - C:\WINDOWS\syswow64\directmanipulation.dll [MD5.1E506E10685E8774F12BF5E2F10197F1] - [29/07/2016 22:10:43] - |A| - [736768] - C:\WINDOWS\syswow64\Display.dll [MD5.A3F164387FAF9C571959C73361317F04] - [29/07/2016 22:09:16] - |A| - [442368] - C:\WINDOWS\syswow64\dlnashext.dll [MD5.415F514AA00B37A1772639F7B22BC305] - [29/07/2016 22:08:03] - |A| - [217600] - C:\WINDOWS\syswow64\dmdskmgr.dll [MD5.6A7ACABAE92C837F5C1330188EAE36AE] - [29/07/2016 22:13:29] - |A| - [535080] - C:\WINDOWS\syswow64\dnsapi.dll [MD5.29C26A25041DC901A01A021D31B0FDD8] - [29/07/2016 22:13:01] - |A| - [292864] - C:\WINDOWS\syswow64\dot3ui.dll [MD5.332384C9BF8D46044F3A5189A2E7C6FE] - [29/07/2016 22:08:12] - |A| - [1448960] - C:\WINDOWS\syswow64\dui70.dll [MD5.737FC213AB9B3494E8677D12F08B8703] - [29/07/2016 22:07:55] - |A| - [482816] - C:\WINDOWS\syswow64\duser.dll [MD5.0313658DF0E7A0F28F9580AF15B37531] - [29/07/2016 22:10:21] - |A| - [1626112] - C:\WINDOWS\syswow64\dwmcore.dll [MD5.DE4C532C704002ED07B523208327629C] - [29/07/2016 22:13:21] - |A| - [1987072] - C:\WINDOWS\syswow64\DWrite.dll [MD5.7CDA291CF22B91DDBB88B5089EBE25CE] - [29/07/2016 22:10:06] - |A| - [521152] - C:\WINDOWS\syswow64\dxgi.dll [MD5.6AA3C6E88196938932ADE02296C33458] - [29/07/2016 22:13:12] - |A| - [268800] - C:\WINDOWS\syswow64\dxtrans.dll [MD5.733B5C5DCFEB74A288F69272A79FCBF7] - [29/07/2016 22:09:13] - |A| - [248320] - C:\WINDOWS\syswow64\eapp3hst.dll [MD5.19D8F7D29B8B94071DAC6453690BB5CA] - [29/07/2016 22:09:27] - |A| - [284160] - C:\WINDOWS\syswow64\eappcfg.dll [MD5.5642D8C9041FF6F1EE88E42C90639CA8] - [29/07/2016 22:09:11] - |A| - [96256] - C:\WINDOWS\syswow64\eappgnui.dll [MD5.4FAB17214FC37489C59B19CED55D4B7F] - [29/07/2016 22:09:13] - |A| - [238592] - C:\WINDOWS\syswow64\eapphost.dll [MD5.9160F82BF248F5CD2A5CA4C109369D41] - [29/07/2016 22:09:15] - |A| - [55808] - C:\WINDOWS\syswow64\eappprxy.dll [MD5.F297B1F54D3FF42732C89C738AEC041F] - [29/07/2016 22:09:17] - |A| - [141824] - C:\WINDOWS\syswow64\easwrt.dll [MD5.21CB86D69B268182994F981471FCBB82] - [29/07/2016 22:14:52] - |A| - [18674176] - C:\WINDOWS\syswow64\edgehtml.dll [MD5.EA11A61E656D6CC6F5001F8366B2BA08] - [29/07/2016 22:09:12] - |A| - [279040] - C:\WINDOWS\syswow64\edputil.dll [MD5.051FDE1463E8468FACFC38C63B4D8FE3] - [29/07/2016 22:07:52] - |A| - [442880] - C:\WINDOWS\syswow64\efswrt.dll [MD5.402A33FCE08200518FB0012A6BF2E966] - [29/07/2016 22:13:51] - |A| - [2722816] - C:\WINDOWS\syswow64\esent.dll [MD5.BC98A3374DAB7CE9E600A667FDCD9F96] - [29/07/2016 22:07:56] - |A| - [193536] - C:\WINDOWS\syswow64\ExecModelClient.dll [MD5.B6113983ED77D6FE99BDEE461E7BE004] - [29/07/2016 22:11:29] - |A| - [4074160] - C:\WINDOWS\syswow64\explorer.exe [MD5.23D61B1CFA38F287D8C31A4816315454] - [29/07/2016 22:12:41] - |A| - [4413440] - C:\WINDOWS\syswow64\ExplorerFrame.dll [MD5.E391DD57E6965C8D2DB05A4A52F80EC8] - [29/07/2016 22:12:56] - |A| - [546456] - C:\WINDOWS\syswow64\fontdrvhost.exe [MD5.9BD17D372080234722C1139DAC039C9D] - [29/07/2016 22:12:31] - |A| - [93696] - C:\WINDOWS\syswow64\fontsub.dll [MD5.9A9CDAB4049BDB383C5CA8746F44E4CB] - [29/07/2016 22:09:22] - |A| - [269824] - C:\WINDOWS\syswow64\FWPUCLNT.DLL [MD5.4C6145BBEFDD7092ABFA5F7614BA2E66] - [29/07/2016 22:07:46] - |A| - [53760] - C:\WINDOWS\syswow64\FwRemoteSvr.dll [MD5.64B619A6CE464E494651950794CE8264] - [29/07/2016 22:11:49] - |A| - [541184] - C:\WINDOWS\syswow64\GamePanel.exe [MD5.67BA16BD6265C9E401A3814137ECF8F4] - [29/07/2016 22:11:02] - |A| - [2578432] - C:\WINDOWS\syswow64\gameux.dll [MD5.F58B6B20BB45E99C99D0F2B73B9EE373] - [29/07/2016 22:08:32] - |A| - [1372312] - C:\WINDOWS\syswow64\gdi32.dll [MD5.4F79496B51E1A67B496FF6A407D22D30] - [29/07/2016 22:12:15] - |A| - [1467392] - C:\WINDOWS\syswow64\GdiPlus.dll [MD5.7BB466A82CD38CCBEE666D475BB2F3D2] - [29/07/2016 22:07:48] - |A| - [199680] - C:\WINDOWS\syswow64\GlobCollationHost.dll [MD5.C0D3B98EB0C657DDEB0C033D01C6D9E7] - [29/07/2016 22:10:52] - |A| - [574976] - C:\WINDOWS\syswow64\hgcpl.dll [MD5.0D19695F93813C63B4656E42536892FA] - [29/07/2016 22:12:09] - |A| - [47104] - C:\WINDOWS\syswow64\hmkd.dll [MD5.9E2490246907BC5DFF0D06E975A98FE9] - [29/07/2016 22:11:48] - |A| - [12288] - C:\WINDOWS\syswow64\IconCodecService.dll [MD5.9459503897809956B533141003277298] - [29/07/2016 22:10:44] - |A| - [92160] - C:\WINDOWS\syswow64\IdCtrls.dll [MD5.973057A6623492B1620B0167D320BD4D] - [29/07/2016 22:13:10] - |A| - [1526272] - C:\WINDOWS\syswow64\ieapfltr.dll [MD5.350ED2186E2C0E80ABCE270C9A52647E] - [29/07/2016 22:14:40] - |A| - [12128256] - C:\WINDOWS\syswow64\ieframe.dll [MD5.9CAC58EBAFB3E32711920568810CDCD7] - [29/07/2016 22:13:28] - |A| - [307200] - C:\WINDOWS\syswow64\ieproxy.dll [MD5.608F7830161D98DBDD6324F74E9165C4] - [29/07/2016 22:12:54] - |A| - [2921880] - C:\WINDOWS\syswow64\iertutil.dll [MD5.8A62CEED5A0DD6C76C921F8B47187CA3] - [29/07/2016 22:09:10] - |A| - [477184] - C:\WINDOWS\syswow64\ieui.dll [MD5.447D69BB274546D00C8DBF23C2DBDBCE] - [29/07/2016 22:13:31] - |A| - [2050048] - C:\WINDOWS\syswow64\inetcpl.cpl [MD5.6D062C6E2C47B3DCDE8F4C3FDB634DEE] - [29/07/2016 22:14:02] - |A| - [83456] - C:\WINDOWS\syswow64\InputLocaleManager.dll [MD5.408AF8141C4A44BC120F4204F8F79A75] - [29/07/2016 22:14:02] - |A| - [1944576] - C:\WINDOWS\syswow64\InputService.dll [MD5.69E1CFC67F4A4043F01AD3513A73ED02] - [29/07/2016 22:13:37] - |A| - [161280] - C:\WINDOWS\syswow64\InstallAgent.exe [MD5.0B6A790F69FC2D67EEFF6F015EF24C5B] - [29/07/2016 22:13:32] - |A| - [800768] - C:\WINDOWS\syswow64\JpMapControl.dll [MD5.30E3DC9ED2C6641709AC961CB7CE72BB] - [29/07/2016 22:12:33] - |A| - [647680] - C:\WINDOWS\syswow64\jscript.dll [MD5.79C50C86572AF5891D1196569C9D2EB1] - [29/07/2016 22:14:41] - |A| - [3663360] - C:\WINDOWS\syswow64\jscript9.dll [MD5.49A21B514FC10B2D55499D58DC78E862] - [29/07/2016 22:10:26] - |A| - [45568] - C:\WINDOWS\syswow64\jsproxy.dll [MD5.15F732C297CE4B169D85214A96A16559] - [29/07/2016 22:12:56] - |A| - [792064] - C:\WINDOWS\syswow64\kerberos.dll [MD5.F45E83301A6C99D342C600B5B29BCD71] - [29/07/2016 22:10:09] - |A| - [1557776] - C:\WINDOWS\syswow64\KernelBase.dll [MD5.10B2D2D402319E647C90A2E1908C8DBB] - [29/07/2016 19:54:13] - |A| - [50653] - C:\WINDOWS\syswow64\license.rtf [MD5.265DB46FE368D8F701A74976D3823ADC] - [29/07/2016 22:13:48] - |A| - [986976] - C:\WINDOWS\syswow64\LicenseManager.dll [MD5.EEB99F0E02F9243F18691C75CD16AEE4] - [29/07/2016 22:10:45] - |A| - [207872] - C:\WINDOWS\syswow64\licensingdiag.exe [MD5.53C369D0405DFB420EF6FF967A90960B] - [29/07/2016 22:11:20] - |A| - [1185280] - C:\WINDOWS\syswow64\LocationFramework.dll [MD5.D7BDD6C833746E64F1652D6CDE47701F] - [29/07/2016 22:11:03] - |A| - [372224] - C:\WINDOWS\syswow64\LockAppBroker.dll [MD5.236FB0CAF33B0EB94893BF7299F3D00D] - [29/07/2016 22:11:15] - |A| - [254656] - C:\WINDOWS\syswow64\LockAppHost.exe [MD5.644CE64AB3ED902711CB0B86CF4ECA22] - [29/07/2016 22:08:32] - |A| - [434688] - C:\WINDOWS\syswow64\LogonController.dll [MD5.3F695F3A23A019E6DF7BAC57276B1E77] - [29/07/2016 22:13:36] - |A| - [349696] - C:\WINDOWS\syswow64\MapConfiguration.dll [MD5.CB84B6382E21D875D0EC9665CD6908B8] - [29/07/2016 22:13:41] - |A| - [711680] - C:\WINDOWS\syswow64\MapControlCore.dll [MD5.B7299EF9D5D4C7D480AC5A8ACEA402E1] - [29/07/2016 22:12:59] - |A| - [87040] - C:\WINDOWS\syswow64\MapsBtSvc.dll [MD5.AF1D02B5F78B3D0522458E8240672582] - [29/07/2016 22:12:20] - |A| - [673280] - C:\WINDOWS\syswow64\MbaeApiPublic.dll [MD5.1CDEF66CFD26AF241D8546896F77B8A5] - [29/07/2016 22:11:57] - |A| - [489984] - C:\WINDOWS\syswow64\mbsmsapi.dll [MD5.A9E193BE154B7145EF06FD0FD10232A0] - [29/07/2016 22:08:06] - |A| - [151040] - C:\WINDOWS\syswow64\mdmregistration.dll [MD5.388077FF1642D94BF81F9D814F22BBA2] - [29/07/2016 22:12:30] - |A| - [499712] - C:\WINDOWS\syswow64\MessagingDataModel2.dll [MD5.F3B12C931650835388F43DB2DF606657] - [29/07/2016 22:08:25] - |A| - [511320] - C:\WINDOWS\syswow64\mf.dll [MD5.B572C03916EC3A8BE05CB2199D4A3263] - [29/07/2016 22:10:10] - |A| - [451936] - C:\WINDOWS\syswow64\MFCaptureEngine.dll [MD5.59976482DB1C9F2F41DF62AA9A1B01C5] - [29/07/2016 22:10:24] - |A| - [2062336] - C:\WINDOWS\syswow64\MFMediaEngine.dll [MD5.57D00F9D60519705D37BAFB852771443] - [29/07/2016 22:10:07] - |A| - [1118208] - C:\WINDOWS\syswow64\mfnetsrc.dll [MD5.A489CECF560EA0421C04277904210395] - [29/07/2016 22:10:02] - |A| - [925576] - C:\WINDOWS\syswow64\mfplat.dll [MD5.734C17FFE65F9E0436BDAD566A613D8C] - [29/07/2016 22:08:04] - |A| - [32040] - C:\WINDOWS\syswow64\mfpmp.exe [MD5.3B5A60CFD5EA636133A0A9F8CD4EDC45] - [29/07/2016 22:10:05] - |A| - [709176] - C:\WINDOWS\syswow64\mfsvr.dll [MD5.D5ACEA2845E642A7ABF383C316CABDA6] - [29/07/2016 22:14:01] - |A| - [6295552] - C:\WINDOWS\syswow64\mos.dll [MD5.E4873BE74A0BE6F30A6948F882E6E7FC] - [29/07/2016 22:13:19] - |A| - [50176] - C:\WINDOWS\syswow64\MosHostClient.dll [MD5.0BBEA534AB25CEBFE72BD191FF84F593] - [29/07/2016 22:13:18] - |A| - [59904] - C:\WINDOWS\syswow64\MosStorage.dll [MD5.BEF902286DC49188F8435B1C2474AE96] - [29/07/2016 22:13:33] - |A| - [687616] - C:\WINDOWS\syswow64\msfeeds.dll [MD5.E5DD7B8A4023B9277C434405849BB43A] - [29/07/2016 22:11:25] - |A| - [2680320] - C:\WINDOWS\syswow64\msftedit.dll [MD5.01ECA12A5BF2D571FCE11C05419C3E50] - [29/07/2016 22:14:45] - |A| - [19347968] - C:\WINDOWS\syswow64\mshtml.dll [MD5.594D1C58958A1F980336964B643784F3] - [29/07/2016 22:08:42] - |A| - [3671040] - C:\WINDOWS\syswow64\msi.dll [MD5.1EEC0939B2B99EF1F53B14D9205041AD] - [29/07/2016 22:10:42] - |A| - [282624] - C:\WINDOWS\syswow64\msieftp.dll [MD5.ACE2B02BA07DF7F13F59D07F7A38AA18] - [29/07/2016 22:11:02] - |A| - [161792] - C:\WINDOWS\syswow64\msorcl32.dll [MD5.D4DE4F98D350823BACCA6D7F753D74D4] - [29/07/2016 22:10:35] - |A| - [6471168] - C:\WINDOWS\syswow64\mspaint.exe [MD5.C2230C9A5F4DA4FE5EF9462047429082] - [29/07/2016 22:11:48] - |A| - [32768] - C:\WINDOWS\syswow64\msscntrs.dll [MD5.B27FEB21C56278185E7B7A77722C6819] - [29/07/2016 22:09:39] - |A| - [777728] - C:\WINDOWS\syswow64\MsSpellCheckingFacility.dll [MD5.F3C7017623E0F1F04016E5041A106FC8] - [29/07/2016 22:11:59] - |A| - [119296] - C:\WINDOWS\syswow64\mssph.dll [MD5.4BC42306D03B539D0EDDD81CC0AE0CD3] - [29/07/2016 22:12:03] - |A| - [244736] - C:\WINDOWS\syswow64\mssphtb.dll [MD5.6500AB640E37FBFBE0D57B24F8BC6F30] - [29/07/2016 22:12:28] - |A| - [1984000] - C:\WINDOWS\syswow64\mssrch.dll [MD5.EF539679E1F6FA5DFDCE4D013A3D37CF] - [29/07/2016 22:13:47] - |A| - [6740992] - C:\WINDOWS\syswow64\mstscax.dll [MD5.3ABE2040F4F9BDDD008EC5D4713D5ABE] - [29/07/2016 22:08:21] - |A| - [294752] - C:\WINDOWS\syswow64\msv1_0.dll [MD5.38AF3B80B54449F95BD16486EC8975A3] - [30/07/2016 07:12:51] - |A| - [476160] - C:\WINDOWS\syswow64\msvcp80.dll [MD5.E2D57E42409B6E576CFECA69C39201D0] - [30/07/2016 07:12:51] - |A| - [353280] - C:\WINDOWS\syswow64\msvcr80.dll [MD5.1F5B5642253FC9760EEACD81900C38DC] - [29/07/2016 22:08:09] - |A| - [312160] - C:\WINDOWS\syswow64\mswsock.dll [MD5.2FE56BAE736FE2AD20950ECED0FFD6D1] - [29/07/2016 22:12:21] - |A| - [1588224] - C:\WINDOWS\syswow64\msxml3.dll [MD5.C9D7861D1C984E1997A3778A97DD1AF9] - [29/07/2016 22:07:40] - |A| - [162816] - C:\WINDOWS\syswow64\MTF.dll [MD5.96BFB1E4B3F38D999E418D286BE45BFB] - [29/07/2016 22:07:45] - |A| - [118272] - C:\WINDOWS\syswow64\mtxoci.dll [MD5.110EE87B0F4E38609AD73E9075EF82A4] - [29/07/2016 22:09:32] - |A| - [97096] - C:\WINDOWS\syswow64\ncryptsslp.dll [MD5.6C2B2CA75F486449921ED10A39DB9799] - [29/07/2016 22:13:14] - |A| - [69744] - C:\WINDOWS\syswow64\netapi32.dll [MD5.E3E6CA2D3FAADDEE4FC8A934FA42FA3D] - [29/07/2016 22:13:04] - |A| - [1171456] - C:\WINDOWS\syswow64\netcenter.dll [MD5.F99386465A196CA0129AE92307FF472D] - [29/07/2016 22:13:03] - |A| - [197120] - C:\WINDOWS\syswow64\netplwiz.dll [MD5.53BD5A0B7D0B027984D99BEDB945CEE6] - [29/07/2016 22:12:17] - |A| - [84832] - C:\WINDOWS\syswow64\NetSetupApi.dll [MD5.E724CB02012CEBF773DC9FE304DCD946] - [29/07/2016 22:12:56] - |A| - [501600] - C:\WINDOWS\syswow64\NetSetupEngine.dll [MD5.4AE45F3077E79A3E3B22996F80DA9E7A] - [29/07/2016 22:10:03] - |A| - [354304] - C:\WINDOWS\syswow64\NetSetupShim.dll [MD5.F964FA5FA4FAB1B2D9E6638A0CF0D7E7] - [29/07/2016 22:09:32] - |A| - [2679808] - C:\WINDOWS\syswow64\netshell.dll [MD5.861D71E2284DCEA5E9309CDE8D920252] - [29/07/2016 22:10:53] - |A| - [485888] - C:\WINDOWS\syswow64\newdev.dll [MD5.631450FBA9C8677C00F5A577905ECE36] - [29/07/2016 22:13:00] - |A| - [784896] - C:\WINDOWS\syswow64\NMAA.dll [MD5.806D3A66BBC91F7F2B4FCC337C13EFAE] - [29/07/2016 22:12:01] - |A| - [239104] - C:\WINDOWS\syswow64\NotificationObjFactory.dll [MD5.85ED26DB17B3270944C344E0E5B7C34A] - [29/07/2016 22:11:33] - |A| - [1542816] - C:\WINDOWS\syswow64\ntdll.dll [MD5.ABFB6150CA07482BCF3D3FDE3B62152A] - [29/07/2016 22:11:57] - |A| - [309760] - C:\WINDOWS\syswow64\ntprint.dll [MD5.34B1DD62B3F090A0466241F84F1E9AE0] - [29/07/2016 22:09:25] - |A| - [802816] - C:\WINDOWS\syswow64\ntshrui.dll [MD5.77D3FB612C75A70CDA55889616DF3969] - [29/07/2016 22:10:42] - |A| - [205312] - C:\WINDOWS\syswow64\oemlicense.dll [MD5.F0781A46DFE3A6C48FCA23FCDDA69B4B] - [29/07/2016 22:08:14] - |A| - [957608] - C:\WINDOWS\syswow64\ole32.dll [MD5.1A341701906986F1865766C6849269FC] - [29/07/2016 22:11:10] - |A| - [323072] - C:\WINDOWS\syswow64\oleacc.dll [MD5.91ED19257EAA98C1C95A7E5F0FF07FF0] - [29/07/2016 22:10:32] - |A| - [10240] - C:\WINDOWS\syswow64\oleacchooks.dll [MD5.FC03376F464F07369BC07A6D9BE8CA8D] - [29/07/2016 22:09:28] - |A| - [88576] - C:\WINDOWS\syswow64\olepro32.dll [MD5.BF769A5BEA8E50F12264746D30D57C6F] - [29/07/2016 22:09:08] - |A| - [52736] - C:\WINDOWS\syswow64\OnDemandConnRouteHelper.dll [MD5.61D86AEAE520B20FD3AE5C68327239EB] - [29/07/2016 22:11:02] - |A| - [400896] - C:\WINDOWS\syswow64\OneDriveSettingSyncProvider.dll [MD5.60F349C2C3477D77CD28216B378DB868] - [29/07/2016 19:01:20] - |A| - [1956472] - C:\WINDOWS\syswow64\PerfStringBackup.INI [MD5.53903FCDBE698C8804D0B479F4F5E29B] - [29/07/2016 22:13:37] - |A| - [517632] - C:\WINDOWS\syswow64\PlayToManager.dll [MD5.ED3335C188873DD766C73C98F06A3BEA] - [29/07/2016 22:13:00] - |A| - [216576] - C:\WINDOWS\syswow64\PlayToReceiver.dll [MD5.64229C17CFE9262689EAE3E852D3975F] - [29/07/2016 22:08:16] - |A| - [296488] - C:\WINDOWS\syswow64\policymanager.dll [MD5.4DED20A327D15D69FB85310D14D67711] - [29/07/2016 22:08:03] - |A| - [291328] - C:\WINDOWS\syswow64\polstore.dll [MD5.6F391E9286733CC6B34FC0FAB23B8DF3] - [29/07/2016 19:43:22] - |A| - [103120] - C:\WINDOWS\syswow64\PresentationCFFRasterizerNative_v0300.dll [MD5.BF9CAA33ADD4C21C118148B5CFC5494B] - [29/07/2016 19:43:22] - |A| - [778936] - C:\WINDOWS\syswow64\PresentationNative_v0300.dll [MD5.65585F1DB21193BA2DEB7C034984E2E8] - [29/07/2016 22:09:17] - |A| - [519168] - C:\WINDOWS\syswow64\PrintDialogs.dll [MD5.AF3369020E352540743E7664F7CAA189] - [29/07/2016 22:11:15] - |A| - [1355336] - C:\WINDOWS\syswow64\propsys.dll [MD5.404EA5D1E9451EAB6D37403B7CFAD736] - [29/07/2016 22:07:56] - |A| - [123392] - C:\WINDOWS\syswow64\ProximityCommon.dll [MD5.9484654938AE332E2BD2EFEA8F596376] - [29/07/2016 22:08:02] - |A| - [569856] - C:\WINDOWS\syswow64\qdvd.dll [MD5.B34DE2B803625C572C664C495FC3F720] - [29/07/2016 22:13:07] - |A| - [846336] - C:\WINDOWS\syswow64\rasgcw.dll [MD5.F07AE86B2CD1C2CF6AE7812C60299032] - [29/07/2016 22:09:41] - |A| - [535040] - C:\WINDOWS\syswow64\rastls.dll [MD5.CB82FEFF538C7889DD58EF66B8FDB9FD] - [29/07/2016 22:13:11] - |A| - [2632192] - C:\WINDOWS\syswow64\rdpcore.dll [MD5.897906025BD3616BF9C30A3979A73DEE] - [29/07/2016 22:13:43] - |A| - [712704] - C:\WINDOWS\syswow64\RemoteNaturalLanguage.dll [MD5.525FC35182F9660E2A7DCC75607535DC] - [29/07/2016 22:08:22] - |A| - [707608] - C:\WINDOWS\syswow64\rpcrt4.dll [MD5.25B0BAA64D6D62873FAA7719DB64015C] - [29/07/2016 22:09:35] - |A| - [183904] - C:\WINDOWS\syswow64\rsaenh.dll [MD5.00000000000000000000000000000000] - [29/07/2016 18:57:04] - |D| - [1421112] - C:\WINDOWS\syswow64\RTCOM [MD5.E793B893135F3B6942B6230D45E27610] - [29/07/2016 22:09:08] - |A| - [61440] - C:\WINDOWS\syswow64\samlib.dll [MD5.836FF4B7A3AC93E7D659F4FCCF7E0309] - [29/07/2016 22:11:59] - |A| - [779264] - C:\WINDOWS\syswow64\sbe.dll [MD5.318E2A6EC26C9703A5B273B015672660] - [29/07/2016 22:08:26] - |A| - [388608] - C:\WINDOWS\syswow64\schannel.dll [MD5.4A8E1182ECF552141C2C165B0A137E50] - [29/07/2016 22:09:24] - |A| - [186880] - C:\WINDOWS\syswow64\schtasks.exe [MD5.8DBFE13F50BE7578913003EE5256AEBE] - [29/07/2016 22:11:52] - |A| - [282624] - C:\WINDOWS\syswow64\Search.ProtocolHandler.MAPI2.dll [MD5.D0B4D167CB9BA37A62BA8E7B7934F517] - [29/07/2016 22:08:05] - |A| - [460800] - C:\WINDOWS\syswow64\SearchFolder.dll [MD5.F370A686221023EC003D96BB1FBA57A0] - [29/07/2016 22:12:21] - |A| - [760320] - C:\WINDOWS\syswow64\SearchIndexer.exe [MD5.4C629B1F6E54578C7875057FD5C53E5F] - [29/07/2016 22:11:52] - |A| - [282624] - C:\WINDOWS\syswow64\SearchProtocolHost.exe [MD5.7D51637A2E604113F1A4E96FF3F2727C] - [29/07/2016 22:10:55] - |A| - [51128] - C:\WINDOWS\syswow64\SensorsNativeApi.dll [MD5.2823A28AB08EE9DCE85436C700799D66] - [29/07/2016 22:10:32] - |A| - [80384] - C:\WINDOWS\syswow64\SensorsNativeApi.V2.dll [MD5.E2C0139812E0030B26F2E7B156C726A4] - [29/07/2016 22:10:45] - |A| - [184832] - C:\WINDOWS\syswow64\SettingMonitor.dll [MD5.D69DDC0073FA31032D7F9379D054679F] - [29/07/2016 22:11:17] - |A| - [503296] - C:\WINDOWS\syswow64\SettingSync.dll [MD5.0162996989471778328E929D58B1041E] - [29/07/2016 22:11:23] - |A| - [754176] - C:\WINDOWS\syswow64\SettingSyncCore.dll [MD5.D00ACFADE7EE80F0C45CC0B94EB5D21A] - [29/07/2016 22:11:03] - |A| - [465760] - C:\WINDOWS\syswow64\SettingSyncHost.exe [MD5.8162BC2EC9E529AA90F196A12D887308] - [29/07/2016 22:11:11] - |A| - [4268880] - C:\WINDOWS\syswow64\setupapi.dll [MD5.9E6DBA611E99BE75589D6A358F54364F] - [29/07/2016 22:12:25] - |A| - [137728] - C:\WINDOWS\syswow64\shacct.dll [MD5.245BCE64F9396340F4E84FB140DD6CA6] - [29/07/2016 22:11:05] - |A| - [489984] - C:\WINDOWS\syswow64\ShareHost.dll [MD5.B726B6583C0E880B59BE3C4463C27BAB] - [29/07/2016 22:09:51] - |A| - [569752] - C:\WINDOWS\syswow64\SHCore.dll [MD5.3EEAC377D273ABB2B6FB02DBFE8E307E] - [29/07/2016 22:10:20] - |A| - [21123320] - C:\WINDOWS\syswow64\shell32.dll [MD5.E71CB29D5B7F76DD58677381CBFE6847] - [29/07/2016 22:09:23] - |A| - [129024] - C:\WINDOWS\syswow64\SimAuth.dll [MD5.42D425CA43C93CC578D1AEA96D1E39F0] - [29/07/2016 22:09:35] - |A| - [157696] - C:\WINDOWS\syswow64\SimCfg.dll [MD5.1CB309C3183A1249C0F3241BB3BA66DD] - [29/07/2016 22:11:04] - |A| - [736768] - C:\WINDOWS\syswow64\SmartcardCredentialProvider.dll [MD5.8B70A4CDB39E270F7F892C82BDB641A5] - [29/07/2016 22:10:14] - |A| - [799744] - C:\WINDOWS\syswow64\SRH.dll [MD5.0B1427CECB2D744C61E841DF0B905592] - [29/07/2016 22:10:16] - |A| - [1445888] - C:\WINDOWS\syswow64\SRHInproc.dll [MD5.C122D52ED9662F09EC2650B010544468] - [29/07/2016 22:09:31] - |A| - [73872] - C:\WINDOWS\syswow64\srvcli.dll [MD5.A3B6AED415AEEA114597E5043F45FF18] - [29/07/2016 22:13:37] - |A| - [415232] - C:\WINDOWS\syswow64\StoreAgent.dll [MD5.A142F1D0FF07C172FA90075B7848CCD0] - [29/07/2016 22:12:23] - |A| - [521728] - C:\WINDOWS\syswow64\StructuredQuery.dll [MD5.2311952A48D5D22080073E5AD4621509] - [29/07/2016 22:10:47] - |A| - [629760] - C:\WINDOWS\syswow64\sud.dll [MD5.2F7684C2601F30ED0A5AFCB3AD295152] - [29/07/2016 22:10:56] - |A| - [3301376] - C:\WINDOWS\syswow64\SyncCenter.dll [MD5.551624F398703A90CAFCC5777CEA99E8] - [29/07/2016 22:11:26] - |A| - [450560] - C:\WINDOWS\syswow64\SyncController.dll [MD5.E7AF52CE93D93984F11E5021024CA085] - [29/07/2016 22:09:25] - |A| - [356352] - C:\WINDOWS\syswow64\taskcomp.dll [MD5.FBA0E803ED70D649630DCA8EEC625414] - [29/07/2016 22:09:30] - |A| - [240640] - C:\WINDOWS\syswow64\taskeng.exe [MD5.38F874DC40AED7FE90ABED3006FF20B9] - [29/07/2016 22:09:48] - |A| - [1083656] - C:\WINDOWS\syswow64\Taskmgr.exe [MD5.2E947792E9B1C738E33FD5794B1650F9] - [29/07/2016 22:13:01] - |A| - [30208] - C:\WINDOWS\syswow64\tbauth.dll [MD5.71DF6482300C802BB104514F34B460F0] - [29/07/2016 22:12:28] - |A| - [91648] - C:\WINDOWS\syswow64\tdlrecover.exe [MD5.097906E4A4DAACC83E4BBCB351A82123] - [29/07/2016 22:14:02] - |A| - [245760] - C:\WINDOWS\syswow64\TextInputFramework.dll [MD5.212B595D06DB8A90B540E970E493CD6F] - [29/07/2016 22:10:47] - |A| - [2519552] - C:\WINDOWS\syswow64\themecpl.dll [MD5.F843B18F29E440CB4599F3674E03B0A5] - [29/07/2016 22:10:45] - |A| - [2849792] - C:\WINDOWS\syswow64\themeui.dll [MD5.4C5CD8F1A3B88B8B7B9F57F2E256FAFC] - [29/07/2016 22:13:31] - |A| - [639488] - C:\WINDOWS\syswow64\TokenBroker.dll [MD5.EAF904785CA7849C66F6DC2EF0A0E0E7] - [29/07/2016 22:13:02] - |A| - [22528] - C:\WINDOWS\syswow64\TokenBrokerCookies.exe [MD5.A233DD6D55CDBC80890E6D0702F727B5] - [29/07/2016 22:12:34] - |A| - [2771968] - C:\WINDOWS\syswow64\tquery.dll [MD5.F432E0E5B0958F4982D40EB622FBD7FC] - [29/07/2016 19:43:22] - |A| - [35480] - C:\WINDOWS\syswow64\TsWpfWrp.exe [MD5.A5B6DDDF137C8118B93D00404510741D] - [29/07/2016 22:08:22] - |A| - [836760] - C:\WINDOWS\syswow64\twinapi.appcore.dll [MD5.643BBA6FB3DA30DC0294F14D72EEFAAB] - [29/07/2016 22:11:05] - |A| - [581632] - C:\WINDOWS\syswow64\twinapi.dll [MD5.409D5D7EB68EDC5E5751A1F437F8C58E] - [29/07/2016 22:08:43] - |A| - [2000896] - C:\WINDOWS\syswow64\twinui.appcore.dll [MD5.A582CC5D97DA29AFE99024BBE96673F3] - [29/07/2016 22:11:40] - |A| - [9919488] - C:\WINDOWS\syswow64\twinui.dll [MD5.CC2F923F02D8EB36D0C442CE709B6CD9] - [29/07/2016 22:11:23] - |A| - [1139712] - C:\WINDOWS\syswow64\UIAutomationCore.dll [MD5.D613DBA2E2D43264B6D5C1933F3A71FC] - [29/07/2016 22:09:56] - |A| - [3459584] - C:\WINDOWS\syswow64\UIRibbon.dll [MD5.FC4E7D3027D748E2D131C9DED39D4976] - [29/07/2016 22:09:09] - |A| - [584704] - C:\WINDOWS\syswow64\UIRibbonRes.dll [MD5.4243F729D260C0D6C6A3B605F51FD518] - [29/07/2016 22:10:48] - |A| - [103424] - C:\WINDOWS\syswow64\updatepolicy.dll [MD5.7D5E17FC31FA563A94A8251AF8ADDEE4] - [29/07/2016 22:10:21] - |A| - [1498624] - C:\WINDOWS\syswow64\urlmon.dll [MD5.E7BD4D15CDC5A1E162256CFADCA92344] - [29/07/2016 22:08:16] - |A| - [1337240] - C:\WINDOWS\syswow64\user32.dll [MD5.32E42A131A187BCAD87EA3A2A09498B9] - [29/07/2016 22:13:08] - |A| - [1249280] - C:\WINDOWS\syswow64\usercpl.dll [MD5.C41C3339364B262957110B2C6C32FF3D] - [29/07/2016 22:12:00] - |A| - [573440] - C:\WINDOWS\syswow64\UserLanguagesCpl.dll [MD5.88A5A640F1C46936CEA62B7B42969E8E] - [29/07/2016 22:08:31] - |A| - [502784] - C:\WINDOWS\syswow64\vbscript.dll [MD5.E9E7FA1FC796ADC16A1169736EFC7AF3] - [29/07/2016 22:12:19] - |A| - [84480] - C:\WINDOWS\syswow64\VEDataLayerHelpers.dll [MD5.D93D6F9BC1EE3329A9DCF3B9591EB156] - [29/07/2016 22:12:08] - |A| - [219136] - C:\WINDOWS\syswow64\VEEventDispatcher.dll [MD5.B6A9C98BFE60CB8DC992033108F3C4F0] - [29/07/2016 22:07:53] - |A| - [1226752] - C:\WINDOWS\syswow64\wcnwiz.dll [MD5.94B32AFBC8D832B3CC39C87DACCF4CEE] - [29/07/2016 22:09:17] - |A| - [879616] - C:\WINDOWS\syswow64\WebcamUi.dll [MD5.86FBB78A2D77D9BDD58F0D72A2E4D934] - [29/07/2016 22:13:02] - |A| - [230400] - C:\WINDOWS\syswow64\webcheck.dll [MD5.D6D84F133DC05DB51FE689BB2066D43E] - [29/07/2016 22:13:10] - |A| - [405504] - C:\WINDOWS\syswow64\webio.dll [MD5.CD94405BB0A90B179E94BE23F4D2B79D] - [29/07/2016 22:13:03] - |A| - [39424] - C:\WINDOWS\syswow64\wfdprov.dll [MD5.A3E1888B827AD9132A35657C48C9762B] - [29/07/2016 22:10:52] - |A| - [578048] - C:\WINDOWS\syswow64\wiaaut.dll [MD5.E78E204A005D6DDEBBFA453380D6E847] - [29/07/2016 22:09:15] - |A| - [585216] - C:\WINDOWS\syswow64\Windows.AccountsControl.dll [MD5.395AC69CCD9E2D590775AA6ADD2AE1D2] - [29/07/2016 22:13:47] - |A| - [649728] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.dll [MD5.162EE6B2FD2EBF008AF0B12C7E07A6D8] - [29/07/2016 22:13:48] - |A| - [250880] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.40C2D19E230CDCBA7707DB5C5A9C6419] - [29/07/2016 22:11:34] - |A| - [5323776] - C:\WINDOWS\syswow64\Windows.Data.Pdf.dll [MD5.D1600085065675F98F41A01DCD03AA6E] - [29/07/2016 22:13:33] - |A| - [854528] - C:\WINDOWS\syswow64\Windows.Devices.Bluetooth.dll [MD5.5A9CDDA8859CDA201006EE7BB84BC673] - [29/07/2016 22:13:03] - |A| - [254976] - C:\WINDOWS\syswow64\Windows.Devices.Picker.dll [MD5.257C46467A3C9FA96EA59B8B7DFCCA75] - [29/07/2016 22:13:03] - |A| - [559616] - C:\WINDOWS\syswow64\Windows.Devices.SmartCards.dll [MD5.ED87A6D9B014FC9D5CF57B9D7F54EA15] - [29/07/2016 22:10:41] - |A| - [386560] - C:\WINDOWS\syswow64\Windows.Devices.WiFiDirect.dll [MD5.5AF1EAB54122BA45CA59C10FAF3CC558] - [29/07/2016 22:08:18] - |A| - [1228800] - C:\WINDOWS\syswow64\Windows.Globalization.dll [MD5.CF97D32C0BD24525307676C04F4A32DF] - [29/07/2016 22:12:07] - |A| - [298496] - C:\WINDOWS\syswow64\Windows.Graphics.dll [MD5.B99334A08D3E9CE2D4A4BFB8BBC4CB76] - [29/07/2016 22:12:08] - |A| - [1448960] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.3D.dll [MD5.50B851ADFFAC3B2EFD1B5DE4D8A94277] - [29/07/2016 22:10:58] - |A| - [468992] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.dll [MD5.5DC9ED2C89D94C47892DF237D604BDC8] - [29/07/2016 22:07:48] - |A| - [200192] - C:\WINDOWS\syswow64\Windows.Internal.Management.dll [MD5.8D9CB9BB31AC17112D75456E928C3839] - [29/07/2016 22:09:36] - |A| - [103936] - C:\WINDOWS\syswow64\Windows.Media.Devices.dll [MD5.BD869430C7B7CCD5FE0C3D9D6D344953] - [29/07/2016 22:10:23] - |A| - [2798080] - C:\WINDOWS\syswow64\Windows.Media.dll [MD5.734026191E38F421D62D0067D89B0E35] - [29/07/2016 22:09:22] - |A| - [1063936] - C:\WINDOWS\syswow64\Windows.Media.Editing.dll [MD5.76B34D04F94D7A8D47763C4E8285F88B] - [29/07/2016 22:12:16] - |A| - [1117184] - C:\WINDOWS\syswow64\Windows.Media.Speech.dll [MD5.A4879DCB9CBE6F67661F0EF4D5A59092] - [29/07/2016 22:09:27] - |A| - [835072] - C:\WINDOWS\syswow64\Windows.Media.Streaming.dll [MD5.B39E043BCB704FF6F0D0DEADBCBA754D] - [29/07/2016 22:09:21] - |A| - [683008] - C:\WINDOWS\syswow64\Windows.Networking.BackgroundTransfer.dll [MD5.7C7CC816CEEB07022EBCC6B779B16E1D] - [29/07/2016 22:09:57] - |A| - [521728] - C:\WINDOWS\syswow64\Windows.Networking.Connectivity.dll [MD5.5E52C817BCF919CF11CD523A2EC4A456] - [29/07/2016 22:09:51] - |A| - [638464] - C:\WINDOWS\syswow64\Windows.Networking.dll [MD5.C40419A7C19D8C10AD7F7C923044FCFF] - [29/07/2016 22:13:18] - |A| - [523776] - C:\WINDOWS\syswow64\Windows.Security.Authentication.OnlineId.dll [MD5.97C7434D1268B8AA10A615415C92CE9A] - [29/07/2016 22:13:05] - |A| - [496128] - C:\WINDOWS\syswow64\Windows.Security.Authentication.Web.Core.dll [MD5.80BD175A8820F5D1C0913DE1BA2A0400] - [29/07/2016 22:07:45] - |A| - [40960] - C:\WINDOWS\syswow64\Windows.Shell.Search.UriHandler.dll [MD5.937208F90E70A7A415F05932ABD72DFB] - [29/07/2016 22:09:16] - |A| - [34304] - C:\WINDOWS\syswow64\Windows.Speech.Pal.dll [MD5.CF034E3697C5CA79777F94116D57C6A6] - [29/07/2016 22:09:54] - |A| - [2179584] - C:\WINDOWS\syswow64\Windows.StateRepository.dll [MD5.492C152E65A4F59D0FDDE2F2E0C34DE8] - [29/07/2016 22:09:10] - |A| - [48128] - C:\WINDOWS\syswow64\Windows.StateRepositoryBroker.dll [MD5.10882529EF2A92C7E5ACCC0E6EDF8390] - [29/07/2016 22:09:15] - |A| - [48640] - C:\WINDOWS\syswow64\Windows.StateRepositoryClient.dll [MD5.4BBFE28B6732D30D01C8880CEB254BB5] - [29/07/2016 22:09:33] - |A| - [256192] - C:\WINDOWS\syswow64\Windows.Storage.ApplicationData.dll [MD5.394B995CB6ADFEED1A37DD15FADE5068] - [29/07/2016 22:14:03] - |A| - [5240960] - C:\WINDOWS\syswow64\windows.storage.dll [MD5.414967EA08650001DD671FEFE37633E7] - [29/07/2016 22:07:55] - |A| - [645632] - C:\WINDOWS\syswow64\Windows.Storage.Search.dll [MD5.A65CFA79A13690155545A5FEEEC4FC42] - [29/07/2016 22:10:43] - |A| - [283136] - C:\WINDOWS\syswow64\Windows.UI.BioFeedback.dll [MD5.70BE5D31CD548715F88398D7B56E99B5] - [29/07/2016 22:10:44] - |A| - [315904] - C:\WINDOWS\syswow64\Windows.UI.BlockedShutdown.dll [MD5.70128BC69D515F2D38577D2438861424] - [29/07/2016 22:13:35] - |A| - [133632] - C:\WINDOWS\syswow64\Windows.UI.Core.TextInput.dll [MD5.541C337FA4551C852FA4371AD3BF9C5B] - [29/07/2016 22:11:10] - |A| - [764928] - C:\WINDOWS\syswow64\Windows.UI.Cred.dll [MD5.E48F0A089D9BAE356BF14FE3A16B1147] - [29/07/2016 22:11:20] - |A| - [489984] - C:\WINDOWS\syswow64\Windows.UI.dll [MD5.8F81BC95794B0C17812988D44D000170] - [29/07/2016 22:11:11] - |A| - [1582080] - C:\WINDOWS\syswow64\Windows.UI.Immersive.dll [MD5.2C0BBF7FC5526D7285BEAD239895C473] - [29/07/2016 22:11:19] - |A| - [682496] - C:\WINDOWS\syswow64\Windows.UI.Input.Inking.dll [MD5.E43E3D372FB0B976124C3A4F080556C6] - [29/07/2016 22:11:32] - |A| - [1799680] - C:\WINDOWS\syswow64\Windows.UI.Logon.dll [MD5.23F74037E71A1D1D827A3F0DDCB8A697] - [29/07/2016 22:08:35] - |A| - [4404736] - C:\WINDOWS\syswow64\Windows.UI.Search.dll [MD5.D8F75D59301833722BFB4893A47F57F2] - [29/07/2016 22:14:09] - |A| - [13018112] - C:\WINDOWS\syswow64\Windows.UI.Xaml.dll [MD5.7C557ABB26C2B2D930AA005FF6A8C025] - [29/07/2016 22:10:01] - |A| - [592384] - C:\WINDOWS\syswow64\Windows.Web.dll [MD5.D57F7D9FB771CA0B434E975F76413430] - [29/07/2016 22:10:09] - |A| - [1072128] - C:\WINDOWS\syswow64\Windows.Web.Http.dll [MD5.236B3202BBB1FCD6C3319A994056E108] - [29/07/2016 22:13:27] - |A| - [1522160] - C:\WINDOWS\syswow64\WindowsCodecs.dll [MD5.702A77C8EB30026CF6C16F9B1439F166] - [29/07/2016 22:09:20] - |A| - [238592] - C:\WINDOWS\syswow64\WindowsCodecsExt.dll [MD5.FFA3300F8C8542A92015C7FF48A16AF9] - [29/07/2016 22:09:39] - |A| - [28083144] - C:\WINDOWS\syswow64\WindowsCodecsRaw.dll [MD5.1E497317417C1C68B5453DD04721B16D] - [29/07/2016 22:13:40] - |A| - [614400] - C:\WINDOWS\syswow64\winhttp.dll [MD5.21BE44272CAC55D1B6C88C1E0BA78F8E] - [29/07/2016 22:10:26] - |A| - [2501632] - C:\WINDOWS\syswow64\wininet.dll [MD5.D5BF10F0C309C82820813A7190CE1F5F] - [29/07/2016 22:10:23] - |A| - [65536] - C:\WINDOWS\syswow64\wininetlui.dll [MD5.CEEA8FA78E1652BB7219FC118E9F67EE] - [29/07/2016 22:10:45] - |A| - [330752] - C:\WINDOWS\syswow64\winipcfile.dll [MD5.BEC15702CE3242133B95F0E2C69FFC88] - [29/07/2016 22:10:57] - |A| - [980480] - C:\WINDOWS\syswow64\winipcsecproc.dll [MD5.EACDCB7EA7696B10EF5CC65040A44923] - [29/07/2016 22:12:24] - |A| - [1349640] - C:\WINDOWS\syswow64\winmde.dll [MD5.2086CC9E5A8C75F246A75EE606988B77] - [29/07/2016 22:10:35] - |A| - [1508352] - C:\WINDOWS\syswow64\winmsipc.dll [MD5.B65D241B81A010B6A78CCEEA900CCFC0] - [29/07/2016 22:09:28] - |A| - [56320] - C:\WINDOWS\syswow64\wkscli.dll [MD5.30F680D95B0CCABE46C775672C912C0A] - [29/07/2016 22:13:19] - |A| - [306832] - C:\WINDOWS\syswow64\wlanapi.dll [MD5.5A0B501B638941EAF2BEABCE3C645769] - [29/07/2016 22:07:52] - |A| - [413696] - C:\WINDOWS\syswow64\WLanConn.dll [MD5.3D3BBD2DA5660B0B6C9F6A8B9401648C] - [29/07/2016 22:13:08] - |A| - [337920] - C:\WINDOWS\syswow64\wlanmsm.dll [MD5.51DF6FC12B5EF8CA87414D79C98CBC7A] - [29/07/2016 22:13:00] - |A| - [395264] - C:\WINDOWS\syswow64\wlansec.dll [MD5.9208E440059270395C320190BFA9EE0E] - [29/07/2016 22:13:07] - |A| - [368128] - C:\WINDOWS\syswow64\wlanui.dll [MD5.BF370250794A9405AD153A4C1A4F5BBD] - [29/07/2016 22:09:27] - |A| - [32552] - C:\WINDOWS\syswow64\wldp.dll [MD5.87755FF83726D908224C08C180D42C72] - [29/07/2016 22:14:05] - |A| - [12586496] - C:\WINDOWS\syswow64\wmp.dll [MD5.5A69A6CB031970F5E0BBD4E967D32924] - [29/07/2016 22:10:05] - |A| - [1497088] - C:\WINDOWS\syswow64\WMPDMC.exe [MD5.6B50CF0D71F727CEDF49216FD4AC0FB9] - [29/07/2016 22:10:37] - |A| - [290304] - C:\WINDOWS\syswow64\WmpDui.dll [MD5.A7CD30176029F60B56F5590E37310103] - [29/07/2016 22:12:01] - |A| - [339968] - C:\WINDOWS\syswow64\WMPhoto.dll [MD5.FC42E59329315A30F397490033055D28] - [29/07/2016 22:12:32] - |A| - [2217984] - C:\WINDOWS\syswow64\Wpc.dll [MD5.B33928C3DED11908104A38E0C3090F7F] - [29/07/2016 22:11:48] - |A| - [572928] - C:\WINDOWS\syswow64\WpcWebFilter.dll [MD5.968DD3AA844E40932950709FD9CB9556] - [29/07/2016 22:13:05] - |A| - [1976832] - C:\WINDOWS\syswow64\wpdshext.dll [MD5.75869FD635879D9B0DCED6B6E4FEFDCD] - [29/07/2016 22:13:01] - |A| - [57344] - C:\WINDOWS\syswow64\WPDShServiceObj.dll [MD5.FBBE8B9147474379F54F8A1BACBF9748] - [29/07/2016 22:11:07] - |A| - [388384] - C:\WINDOWS\syswow64\ws2_32.dll [MD5.9A6B1DB1667CDD276A208F5AE5646948] - [29/07/2016 22:09:12] - |A| - [151552] - C:\WINDOWS\syswow64\WSClient.dll [MD5.AD1EC1102124182624F1224768FFAE96] - [29/07/2016 22:08:27] - |A| - [564224] - C:\WINDOWS\syswow64\WSDApi.dll [MD5.92B98A16E41005D74CF7B2EF28AB1FCF] - [29/07/2016 22:12:07] - |A| - [26112] - C:\WINDOWS\syswow64\wsdchngr.dll [MD5.8450005F7BA8662A64E3FB7B0C3EE836] - [29/07/2016 22:13:00] - |A| - [51712] - C:\WINDOWS\syswow64\wshbth.dll [MD5.B61C9BA4E125BC5FFF338D7B11BAC6EC] - [29/07/2016 22:09:29] - |A| - [805888] - C:\WINDOWS\syswow64\WSShared.dll [MD5.3E97CC7E938C4D15FCC27EC33C898606] - [29/07/2016 22:09:17] - |A| - [153088] - C:\WINDOWS\syswow64\WSSync.dll [MD5.B91176A909798C7EAC28AB4FE786CA53] - [29/07/2016 22:11:19] - |A| - [705536] - C:\WINDOWS\syswow64\wuapi.dll [MD5.F5814ED9E8B83F872FBDCB139B001C8A] - [29/07/2016 22:10:46] - |A| - [23552] - C:\WINDOWS\syswow64\wups.dll [MD5.D0A2BA04B1E3F6C1F0E52F65D97EF39D] - [29/07/2016 22:12:53] - |A| - [703840] - C:\WINDOWS\syswow64\WWAHost.exe [MD5.FC26697351E186D415E53BF83D37DAAD] - [29/07/2016 22:09:44] - |A| - [3555840] - C:\WINDOWS\syswow64\xpsrchvw.exe [MD5.F459F8A639AE35E8ECA718832BEDDB53] - [29/07/2016 22:13:22] - |A| - [2102272] - C:\WINDOWS\syswow64\xpsservices.dll [MD5.00000000000000000000000000000000] - [29/07/2016 19:45:03] - |D| - [10400] - C:\WINDOWS\syswow64\XPSViewer [MD5.B18B0885CEFFA800A8C39EBDF41CE5A8] - [29/07/2016 22:10:43] - |A| - [347648] - C:\WINDOWS\syswow64\zipfldr.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 14:06:01] - |RASH| - [0] - C:\WINDOWS\syswow64\Drivers\103C_HP_cPC_CQ2904EF_Y53316J_0U_Q4CH3100VPJ_E12WE3RR8607_4A_I2AE3_SHP_V1.02_B8.17_T130125_W8101-0_L40C_M3660_J62_7AMD_8BFF_91.40_#130304_N19692062_Z_G10029809.MRK ---------- | Drives V: S: [23/06/2016 07:51:44] - |A| - (.-.) - [1474] - (0.0.0.0) - S:\barrow 2 & widen 100% sécurisé - Raccourci.lnk [12/05/2016 12:04:54] - |A| - (.Copyright © 1999-2012 - BASS.) - [219136] - (2.4.9.0) - S:\bass.dll [12/05/2016 12:04:54] - |A| - (.Copyright © 2005-2012 by radio42: Bernd Niedergesaess, Germany. http://www.bass.radio42.com/ - bn@radio42.com - BASS.NET API for .Net.) - [638976] - (2.4.9.1) - S:\Bass.Net.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2003-2009 - BASSCD.) - [35328] - (2.4.3.1) - S:\basscd.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [48128] - (2.4.1.0) - S:\bassflac.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2005-2010 - BASSmix.) - [33280] - (2.4.4.0) - S:\bassmix.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2012 - BASSOPUS.) - [103424] - (0.0.0.1) - S:\bassopus.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [34816] - (2.4.4.0) - S:\basswma.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2007-2009 - BASSWV.) - [59904] - (2.4.1.0) - S:\basswv.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9416] - (2.4.3.0) - S:\bass_alac.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [81408] - (2.4.0.1) - S:\bass_ape.dll [12/05/2016 12:04:57] - |A| - (.2003-2006, MaresWEB - Musepack add-on for the BASS library.) - [45056] - (2.4.1.0) - S:\bass_mpc.dll [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBXPExt.) - [68608] - (4.5.7.6229) - S:\CDBXP.dll [12/05/2016 12:05:09] - |A| - (. - .) - [337408] - (13.0.0.0) - S:\LogicNP.FolderView.dll [12/05/2016 12:05:15] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2016. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3622784] - (15.6.1.1025) - S:\StarBurn.dll [11/07/2016 08:44:19] - |A| - (.Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [371303208] - (18.0.0.329) - S:\10295_Video-facile-1.exe [11/07/2016 08:43:51] - |A| - (.Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [371303208] - (18.0.0.329) - S:\10295_Video-facile.exe [26/07/2016 18:18:34] - |A| - (.-.) - [220130080] - (0.0.0.0) - S:\1_CyberLink_Power2Go10_Platinum_Upgrade_P2G150522-04.exe [26/07/2016 06:03:37] - |A| - (.-.) - [160160] - (0.0.0.0) - S:\60Second_en_us.exe [26/07/2016 06:03:38] - |A| - (.-.) - [34010104] - (0.0.0.0) - S:\60Second_x64.exe [11/07/2016 08:44:52] - |A| - (.-.) - [318714912] - (0.0.0.0) - S:\ABBYY_BCR20Win_ESD.exe [14/06/2016 07:35:24] - |A| - (.-.) - [368371848] - (0.0.0.0) - S:\ABBYY_FR12_PRO_TRIAL.exe [09/07/2016 23:53:01] - |A| - (.-.) - [252432728] - (0.0.0.0) - S:\ABBYY_ScreenshotReader_11_ESD.exe [14/06/2016 07:27:21] - |A| - (.-.) - [71143096] - (0.0.0.0) - S:\ABBYY_Screenshot_Reader_ESD.exe [16/07/2016 06:47:43] - |A| - (.© 2016 Acelogix Software - System maintenance and Optimizer utility.) - [9138432] - (6.2.0.289) - S:\aceutils.exe [11/07/2016 08:45:17] - |A| - (.c Lavasoft Limited. - Web Companion Installer.) - [340568] - (2.3.1411.2698) - S:\Ad-Aware Web Companion Pro 2.3.1411.2698.exe [26/07/2016 18:18:42] - |A| - (.-.) - [1725064] - (11.1.5152.0) - S:\Adaware_Installer.exe [14/07/2016 14:58:24] - |A| - (.Copyright© 2005-2016 - Advanced SystemCare 10 .) - [44912008] - (10.0.0.198) - S:\advanced-systemcare-setup-beta.exe [14/07/2016 11:17:41] - |A| - (.-.) - [42799000] - (0.0.0.0) - S:\any-audio-converter(1).exe [06/07/2016 18:35:50] - |A| - (.-.) - [42799000] - (0.0.0.0) - S:\any-audio-converter.exe [15/07/2016 13:48:43] - |A| - (.Copyright (c) Apowersoft Ltd. 2016 All rights reserved - Apowersoft Online Launcher Setup .) - [1223336] - (1.4.4.0) - S:\apowersoft-online-launcher (1).exe [15/07/2016 13:47:19] - |A| - (.Copyright (c) Apowersoft Ltd. 2016 All rights reserved - Apowersoft Online Launcher Setup .) - [1223336] - (1.4.4.0) - S:\apowersoft-online-launcher.exe [11/07/2016 08:45:18] - |A| - (.-.) - [1006637056] - (0.0.0.0) - S:\appstore lfs ultra, power2go 11, & efm du musée de l'homme.exe [10/07/2016 19:04:24] - |A| - (. - Ashampoo Backup 2016 Setup .) - [2608520] - (1.0.0.0) - S:\ashampoo_backup_2016_dl.exe [10/07/2016 19:04:25] - |A| - (. - Ashampoo Backup Pro 10 Setup .) - [2610664] - (1.0.0.0) - S:\ashampoo_backup_pro_10_dl.exe [11/07/2016 08:48:01] - |A| - (. - Ashampoo Burning Studio 16 Setup .) - [92298344] - (16.0.6.0) - S:\ashampoo_burning_studio_16_e16.0.6_sm.exe [11/07/2016 08:48:11] - |A| - (. - Ashampoo Core Tuner 2 Setup .) - [2493632] - (1.0.0.0) - S:\ashampoo_core_tuner_2_dl.exe [11/07/2016 08:48:12] - |A| - (. - Ashampoo Cover Studio 2 Setup .) - [40270904] - (2.2.0.0) - S:\ashampoo_cover_studio_2_2.2.0_sm.exe [14/07/2016 04:03:31] - |A| - (. - Ashampoo Media Sync Setup .) - [12641832] - (1.0.2.0) - S:\ashampoo_media_sync_e1.0.2_sm.exe [09/07/2016 23:58:12] - |A| - (. - Ashampoo Music Studio 4 Setup .) - [43875848] - (4.1.2.0) - S:\ashampoo_music_studio_4_4.1.2_16904.exe [11/07/2016 08:48:16] - |A| - (. - Ashampoo Music Studio 5 Setup .) - [50101560] - (5.0.7.0) - S:\ashampoo_music_studio_5_e5.0.7_sm.exe [11/07/2016 08:48:22] - |A| - (. - Ashampoo Music Studio 6 Setup .) - [45366192] - (6.0.2.0) - S:\ashampoo_music_studio_6_e6.0.2_sm.exe [10/07/2016 19:04:58] - |A| - (. - Ashampoo Photo Commander Free Setup .) - [163570320] - (11.2.0.0) - S:\ashampoo_photo_commander_free_21556.exe [09/07/2016 23:58:35] - |A| - (. - Ashampoo Photo Recovery Setup .) - [8033992] - (1.0.3.0) - S:\ashampoo_photo_recovery_e1.0.3_sm.exe [12/07/2016 11:11:22] - |A| - (. - Ashampoo Slideshow Studio HD 4 Setup .) - [53664272] - (4.0.0.0) - S:\ashampoo_slideshow_studio_hd_4_e4.0.0_sm.exe [10/07/2016 19:05:42] - |A| - (. - Ashampoo Snap 2017 Setup .) - [52382680] - (1.0.1.0) - S:\ashampoo_snap_2017_23494.exe [14/07/2016 14:52:15] - |A| - (. - Ashampoo Snap 9 Setup .) - [56773968] - (9.0.1.0) - S:\ashampoo_snap_9_e9.0.1_sm.exe [25/07/2016 18:52:26] - |A| - (. - Ashampoo Snap Business Setup .) - [52186504] - (9.0.1.0) - S:\ashampoo_snap_business_9.0.1_demo_sm.exe [11/07/2016 08:48:27] - |A| - (. - Ashampoo Undeleter Setup .) - [2493176] - (1.0.0.0) - S:\ashampoo_undeleter_dl.exe [10/07/2016 07:45:11] - |A| - (. - Ashampoo UnInstaller 5 Setup .) - [21088224] - (5.4.0.0) - S:\ashampoo_uninstaller_5_e5.0.4_sm.exe [10/07/2016 19:05:58] - |A| - (. - Ashampoo UnInstaller 5 Setup .) - [22345192] - (5.6.0.0) - S:\ashampoo_uninstaller_5_e5.0.6_sm.exe [17/07/2016 17:17:52] - |A| - (. - Ashampoo UnInstaller 6 Setup .) - [18412280] - (6.0.14.0) - S:\ashampoo_uninstaller_6_e6.00.14_sm.exe [10/07/2016 07:45:14] - |A| - (. - Ashampoo Video Styler Setup .) - [27869488] - (1.0.1.0) - S:\ashampoo_video_styler_e1.0.1_sm.exe [11/07/2016 08:48:30] - |A| - (. - Ashampoo WinOptimizer 14 Setup .) - [28220040] - (14.0.0.0) - S:\ashampoo_winoptimizer_14_e14.00.00_sm.exe [11/07/2016 08:48:33] - |A| - (.Copyright (C) 2004-2012 - Astroburn Audio Setup.) - [6086824] - (1.6.0.47) - S:\AstroburnAudio160-0047.exe [08/07/2016 07:22:41] - |A| - (.-.) - [4999096] - (0.0.0.0) - S:\ausetup.exe [09/07/2016 05:48:53] - |A| - (.2007-2015@Auslogics Software Pty Ltd - Auslogics BitReplica Installation File .) - [6628472] - (2.1.1.0) - S:\auslogics-bitreplica-setup.exe [05/07/2016 10:02:25] - |A| - (.Copyright (c) 2012 AVAST Software - Avast! Browser Cleanup Sfx.) - [4284888] - (12.1.2272.125) - S:\avast-browser-cleanup-sfx.exe [10/07/2016 19:07:11] - |A| - (.Copyright 2003 Avery - Création d'étiquettes et de pochettes .) - [7744030] - (4.1.100.1332) - S:\AveryDesignPro_FR.exe [10/07/2016 19:07:13] - |A| - (.Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors - Avira Launcher.) - [4630840] - (1.1.63.21885) - S:\avira_fr_av_57559d7b12d97__wsd.exe [10/06/2016 11:13:32] - |A| - (.-.) - [13915352] - (0.0.0.0) - S:\BDAntiCryptoWall_Release.exe [11/07/2016 08:49:00] - |A| - (.Copyright © 1997-2015 Bitdefender - BDAntiRansomware Setup .) - [4677896] - (0.0.0.0) - S:\BDAntiRansomwareSetup.exe [26/07/2016 06:03:41] - |A| - (.-.) - [43968168] - (0.0.0.0) - S:\BDPUARLauncher_FR.exe [13/07/2016 06:14:25] - |A| - (.Bitdefender LLC. - Bitdefender USB Immunizer.) - [4071672] - (2.0.1.9) - S:\BDUSBImmunizerLauncher.exe [05/07/2016 06:10:33] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [10513112] - (6.0.2800.1168) - S:\BingDesktopSetup.exe [11/07/2016 08:49:03] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - S:\BitTorrent (1).exe [10/07/2016 00:00:15] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - S:\BitTorrent (2).exe [10/07/2016 00:00:16] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - S:\BitTorrent (3).exe [11/07/2016 08:49:04] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - S:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FAq2NsdKU).exe [11/07/2016 08:49:04] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - S:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FjSAg97W0).exe [10/07/2016 19:07:22] - |A| - (.Copyright (c) BlueStack Systems Inc. - BlueStacks Thin Installer.) - [319729248] - (0.0.0.0) - S:\BlueStacks2_native_mobile-retention.exe [14/06/2016 07:47:58] - |A| - (.PortableApps.com Installer Copyright 2007-2010 PortableApps.com. - CamStudio Portable.) - [1433632] - (2.0.0.1) - S:\CamStudioPortable_2.0_English.paf.exe [11/07/2016 08:50:13] - |A| - (.-.) - [252605800] - (8.1.2.1327) - S:\camtasia_864c253ee677b4609b331d451009a871.exe [17/07/2016 16:03:37] - |A| - (.2005-2016 COMODO. - COMODO Cloud Antivirus.) - [6113672] - (1.3.1079.265) - S:\ccav_installer.exe [10/07/2016 19:08:48] - |A| - (.Copyright (C) Piriform 2013-2015 - CCleaner Cloud Installer.) - [6259936] - (1.4.0.1817) - S:\CCleanerCloudSetup_1_4_1817.exe [10/07/2016 19:08:46] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [6868672] - (2.0.0.0) - S:\ccleaner_5-16_fr_14492.exe [13/06/2016 14:08:59] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [6868672] - (2.0.0.0) - S:\ccsetup_516.exe [11/07/2016 08:50:47] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [7033368] - (2.0.0.0) - S:\ccsetup_517.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP command line version.) - [25712] - (4.5.7.6229) - S:\cdbxpcmd.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP.) - [1746544] - (4.5.7.6229) - S:\cdbxpp.exe [10/07/2016 12:08:39] - |A| - (.2001-2014 Canneverbe Limited - CDBurnerXP .) - [6230152] - (4.5.7.6140) - S:\cdbxp_setup_4.5.7.6139.exe [20/07/2016 12:27:40] - |A| - (.� 2008-2010 COMODO Security Solutions, Inc. - cDrive setup.) - [14394008] - (1.0.8.84) - S:\cDrive_Setup.exe [13/07/2016 10:33:25] - |A| - (.Copyright (c) 2009-2016, Comodo Security Solutions, Inc. - Chromodo.) - [53661272] - (50.14.22.468) - S:\chromodosetup.exe [29/07/2016 16:59:25] - |A| - (.Copyright © 2001-2016 Józef Starosczyk - Copy Handler Setup .) - [7958608] - (0.0.0.0) - S:\chsetup-1.40.exe [11/07/2016 08:50:54] - |A| - (.Copyright (C) 2009-2015, Ivo Beltchev - Adds classic shell features to Windows 7 and Windows 8.) - [6968048] - (4.2.5.0) - S:\ClassicShellSetup_4_2_5.exe [10/06/2016 12:33:10] - |A| - (.-.) - [497903] - (0.0.0.0) - S:\CLCleaner2-PhotoDirector_5.exe [10/07/2016 00:03:34] - |A| - (.Copyright (c) 2009-2015, Comodo Security Solutions, Inc. - Comodo Dragon.) - [55056152] - (45.8.12.389) - S:\Comodo Dragon 45.8.12.389 + Portable.exe [10/07/2016 00:04:08] - |A| - (.2005-2014 COMODO. - COMODO Internet Security.) - [230403208] - (7.0.55655.4142) - S:\Comodo Firewall 7.0.317799.4142.exe [11/07/2016 08:52:47] - |A| - (.2005-2015 COMODO. - COMODO Internet Security.) - [217812544] - (8.2.0.4792) - S:\Comodo Internet Security Premium 8.2.0.4792 Final.exe [17/07/2016 16:07:35] - |A| - (.© 2008-2012 Comodo Security Solutions, Inc. - COMODO PC TuneUp setup.) - [14863480] - (1.0.3740.46) - S:\cptsetup.exe [12/07/2016 14:02:20] - |A| - (.Copyright (C) 2008-2010 Comodo Security Solutions, Inc. - COMODO System Utilities setup.) - [13530592] - (4.0.30135.26) - S:\CSU_FREE_Setup.exe [10/07/2016 19:10:42] - |A| - (.8pecxstudios 2012-2016 - Cyberfox Web Browser Fibre optics of the web .) - [50060432] - (45.0.2.0) - S:\Cyberfox-45.0.2.en-US.win64-x86_64.intel.exe [10/07/2016 00:07:23] - |A| - (.-.) - [1887724608] - (0.0.0.0) - S:\CyberLinkDirectorSuite2.0_DRS131210-01_TR131226-021.part1.exe [10/07/2016 19:10:55] - |A| - (.-.) - [1048863800] - (0.0.0.0) - S:\CyberLinkMediaSuite12.0_Ultimate_MES140428-01_TR140718-022.part1.exe [10/07/2016 19:10:55] - |A| - (.-.) - [1048863800] - (0.0.0.0) - S:\cyberlinkmediasuite12.0_ultimate_mes140428-01_tr140718-022.part1.exe [11/07/2016 12:50:06] - |A| - (.-.) - [1993434200] - (0.0.0.0) - S:\CyberLinkMediaSuite14.0_Trial_MES160530-01_TR160628-024.exe [16/07/2016 12:28:02] - |A| - (.-.) - [1048870784] - (0.0.0.0) - S:\CyberLinkMediaSuite14.0_Ultimate_MES160511-03_TR160627-004.part1.exe [16/07/2016 13:46:34] - |A| - (.-.) - [111981936] - (0.0.0.0) - S:\CyberLink_CreativeDesignPack_TravelPack4_CDP160425-01.exe [10/07/2016 19:10:54] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_Director_Suite_Downloader.exe [13/05/2016 06:34:57] - |A| - (.-.) - [97557896] - (0.0.0.0) - S:\CyberLink_MediaEspresso7.5_MEX160302-01.exe [10/07/2016 19:10:54] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_MediaEspresso_Downloader.exe [11/07/2016 12:49:02] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1089304] - (2.9.1.7801) - S:\CyberLink_Media_Suite_Downloader.exe [11/07/2016 08:55:24] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_PhotoDirector_Downloader.exe [11/07/2016 08:55:25] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_PhotoDirector_Downloader_1.exe [04/07/2016 15:01:26] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1064376] - (2.9.1.7325) - S:\CyberLink_Power2Go_Downloader.exe [14/06/2016 07:48:31] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_PowerDirector_Downloader.exe [11/07/2016 08:55:25] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_PowerDirector_Ultimate_Suite_Downloader.exe [11/07/2016 08:55:25] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_PowerDirector_Ultimate_Suite_Downloader_1.exe [14/06/2016 07:33:45] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1031608] - (2.9.1.6109) - S:\CyberLink_PowerDVD_Downloader.exe [14/06/2016 07:48:33] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [967200] - (2.9.1.3520) - S:\CyberLink_PowerProducer_Downloader.exe [16/07/2016 12:29:00] - |A| - (.-.) - [78368488] - (0.0.0.0) - S:\CyberLink_TravelPack3_YouCam_CDP150508-01.exe [16/07/2016 12:29:13] - |A| - (.-.) - [411978176] - (0.0.0.0) - S:\CyberLink_YouCam7_Deluxe_YUC150721-01.exe [11/07/2016 08:55:26] - |A| - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Setup.) - [19062208] - (10.1.0.74) - S:\DAEMON Tools Lite 10.1.0.74.exe [10/07/2016 19:32:06] - |A| - (.Copyright © BVRP Software 2004 - .) - [60183082] - (4.1.100.1332) - S:\DigitalVideoDuplicator3_FR(1).exe [14/06/2016 07:26:45] - |A| - (. - .) - [61197060] - (4.1.100.1332) - S:\DigitalVideoDuplicator3_FR.exe [13/07/2016 10:28:14] - |A| - (.Copyright (c) 2009-2016, Comodo Security Solutions, Inc. - Comodo Dragon.) - [56127856] - (50.14.22.465) - S:\dragonsetup.exe [05/07/2016 17:12:31] - |A| - (.Copyright© 2016 IObit. - Driver Booster 4 Setup .) - [14201416] - (4.0.0.0) - S:\driver_booster_setup_beta.exe [15/07/2016 11:47:10] - |A| - (.Copyright (c) 2006-2012 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short). - EaseUS Disk Copy Home Edition 2.3.) - [45470992] - (1.1.0.1) - S:\EaseUS_DiskCopy_Home.exe [30/07/2016 13:23:08] - |A| - (.-.) - [440998489] - (1.1.3.70) - S:\emsisoft on barrow ushuaia.exe [11/07/2016 09:03:40] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Anti-Malware Setup .) - [237135456] - (11.7.0.6394) - S:\EmsisoftAntiMalwareSetup.exe [11/07/2016 09:04:18] - |A| - (.-.) - [232114840] - (0.0.0.0) - S:\EmsisoftEmergencyKit (1).exe [19/07/2016 09:36:47] - |A| - (.-.) - [243326440] - (0.0.0.0) - S:\EmsisoftEmergencyKit(1).exe [19/07/2016 13:32:45] - |A| - (.-.) - [243326440] - (0.0.0.0) - S:\EmsisoftEmergencyKit(2).exe [14/07/2016 07:34:44] - |A| - (.-.) - [243789992] - (0.0.0.0) - S:\EmsisoftEmergencyKit.exe [11/07/2016 09:04:37] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Internet Security Setup .) - [226980568] - (11.5.1.6247) - S:\EmsisoftInternetSecuritySetup.exe [13/07/2016 11:12:33] - |A| - (.Copyright (c) 2004-2016 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short). - EaseUS Partition Master Setup .) - [49063856] - (11.5.0.0) - S:\epm.exe [13/07/2016 11:37:53] - |A| - (.Copyright (c) 2004-2016 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short). - EaseUS Partition Master Trial Edition Setup .) - [50340704] - (11.0.0.0) - S:\epm_trial(1).exe [13/07/2016 11:31:21] - |A| - (.Copyright (c) 2004-2016 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short). - EaseUS Partition Master Trial Edition Setup .) - [50340704] - (11.0.0.0) - S:\epm_trial.exe [14/06/2016 07:59:26] - |A| - (.Serif WebPlus Starter Edition 4.0.2 © 2014 Serif (Europe) Ltd. Tous droits réservés. - Serif WebPlus Starter Edition Install.) - [175768400] - (1.0.0.0) - S:\ESDPK-WLX7-WebPlusStarterEdition-fr-FR.exe [11/07/2016 09:06:33] - |A| - (.Serif WebPlus Starter Edition 4.0.2 © 2014 Serif (Europe) Ltd. Tous droits réservés. - Serif WebPlus Starter Edition Install.) - [175768400] - (1.0.0.0) - S:\ESDPK-WLX7-WebPlusStarterEdition-fr-FR_1.exe [10/07/2016 19:38:19] - |A| - (.Copyright (c) ESET 1992-2011. - ESET Smart Installer.) - [2870984] - (1.0.0.6421) - S:\esetsmartinstaller_enu.exe [18/07/2016 18:13:42] - |A| - (.Copyright (c) 2014 CHENGDU YIWO Tech Development Co., Ltd (YIWO Tech Ltd, for short). - EaseUS EverySync Setup .) - [26312616] - (3.0.0.0) - S:\everysync_trial.exe [11/07/2016 09:06:53] - |A| - (.© 2006 Microsoft Corporation. -.) - [53610536] - (12.0.6320.5000) - S:\ExcelViewer.exe [11/07/2016 09:07:05] - |A| - (.© 2013-2016 F-Secure Corporation. - F-Secure Download Tool.) - [524248] - (1.0.265.0) - S:\F-SecureOnlineScanner.exe [29/07/2016 16:59:26] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.2.0.0 - FastCopy Portable.) - [1062432] - (3.13.0.2) - S:\FastCopyPortable_3.13_Rev_2.paf.exe [10/06/2016 12:23:44] - |A| - (.-.) - [167034] - (0.0.0.0) - S:\fileassassin-setup-1.06.exe [14/06/2016 08:08:08] - |A| - (.PortableApps.com Installer Copyright 2007-2011 PortableApps.com. - Mozilla Firefox, Portable Edition (Legacy 3.6).) - [9178672] - (3.6.25.0) - S:\FirefoxPortableLegacy36_3.6.25_English.paf.exe [25/07/2016 09:25:28] - |A| - (.MindGems, Inc. - Folder Size .) - [2301330] - (3.4.0.0) - S:\FolderSize.exe [19/07/2016 13:57:07] - |A| - (.MindGems, Inc. - Folder Size .) - [2301330] - (3.4.0.0) - S:\foldersize_2-6_en_18550.exe [22/08/2013 15:57:30] - |A| - (.-.) - [472466] - (0.8.0.2) - S:\Framakey.exe [26/07/2016 14:06:39] - |A| - (.2005-2015 © par l'équipe Framakey - Framakey Installer.) - [486775300] - (2.2.0.2) - S:\FramakeyInstaller_2.2.0.2-LaTeX-fr.exe [10/07/2016 02:11:31] - |A| - (.2005-2007© by Framakey Team - Framakey Installer pour Windows XP et suivants.) - [515917547] - (1.13.0.8) - S:\FramakeyInstaller_Full-1.13.0.8.exe [11/07/2016 09:07:01] - |A| - (.Copyright © 2016 iSkysoft. - iSkysoft Free Video Downloader Setup .) - [33832392] - (4.9.1.0) - S:\free-video-downloader_full1683.exe [19/07/2016 13:47:24] - |A| - (. - Freemake Youtube Mp3 Converter Setup .) - [1277416] - (3.5.2.1) - S:\freemake-youtube-mp3-converter-3-5-2-1-es-en-br-fr-de-it-win.exe [19/07/2016 13:39:42] - |A| - (. - Freemake Video Converter Setup .) - [1866512] - (4.1.9.29) - S:\FreemakeVideoConverterSetup.exe [05/07/2016 08:16:43] - |A| - (. - Free Studio Setup .) - [2267896] - (1.0.1.0) - S:\FreeStudio_6.6.24.627_d.exe [05/07/2016 14:13:23] - |A| - (. - Free Video to MP3 Converter Setup .) - [2267840] - (1.0.1.0) - S:\FreeVideoToMP3Converter_5.0.96.627_o.exe [26/01/2016 18:30:26] - |A| - (.© Microsoft Corporation. - GWX WEB WINDOWS.) - [7635472] - (6.3.9600.18124) - S:\GetWindows10-Web_Default_Attr(1).exe [26/01/2016 18:30:27] - |A| - (.© Microsoft Corporation. - GWX WEB WINDOWS.) - [7635472] - (6.3.9600.18124) - S:\GetWindows10-Web_Default_Attr.exe [10/06/2016 11:27:21] - |A| - (.-.) - [14892728] - (0.0.0.0) - S:\Glary_Utilities_Pro_v5.17.0.30.exe [11/07/2016 09:07:09] - |A| - (.Copyright Reason Company Software Inc. - herdProtect Anti-Malware Scanner.) - [2873112] - (1.0.3.9) - S:\herdProtectScan_Setup.exe [28/07/2016 18:11:42] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [10451640] - (3.7.14.265) - S:\HitmanPro.exe [11/07/2016 09:07:11] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11441168] - (3.7.14.263) - S:\HitmanPro_x64(1).exe [15/06/2016 09:06:30] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11438608] - (3.7.14.265) - S:\HitmanPro_x64.exe [12/07/2016 14:18:31] - |A| - (.Copyright (C) Reason Software Company Inc. - Boost by Reason Setup.) - [7761936] - (1.0.2.0) - S:\installboost.exe [10/07/2016 17:02:53] - |A| - (.Copyright(c) 2005-2012 - IObit Uninstaller.) - [1688408] - (2.2.0.127) - S:\iobit-uninstaller.exe [29/07/2016 16:59:27] - |A| - (.-.) - [598545] - (0.0.0.0) - S:\KCinst.exe [10/07/2016 19:39:30] - |A| - (.Copyright © 1998-2015 KC Softwares - KC Softwares KCleaner Setup .) - [1414720] - (0.0.0.0) - S:\kcleaner.exe [29/07/2016 16:59:27] - |A| - (.-.) - [107182] - (0.0.0.0) - S:\kclite.exe [28/07/2016 18:11:43] - |A| - (.© 2012 SurfRight B.V. - HitmanPro.Kickstart.) - [143640] - (1.0.0.0) - S:\Kickstarter.exe [10/07/2016 02:20:28] - |A| - (.Copyright Lavasoft. - Lavasoft Digital Lock .) - [6089248] - (7.7.0.2) - S:\LavasoftDigitalLock_30days.exe [10/07/2016 02:20:30] - |A| - (.Lavasoft © 2001-2007 - Lavasoft Encrypted File (SFX).) - [126312] - (7.7.0.8) - S:\LavasoftEncryptionReader.exe [10/07/2016 02:20:30] - |A| - (.Copyright Lavasoft. - Lavasoft File Shredder .) - [5263480] - (7.7.0.2) - S:\LavasoftFileShredder_30days.exe [10/07/2016 02:20:31] - |A| - (.Copyright Lavasoft. - Lavasoft Privacy Toolbox .) - [6443280] - (7.7.0.2) - S:\LavasoftPrivacyToolbox_30days.exe [11/07/2016 09:23:55] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.2.0.0 - LibreOffice Portable.) - [174042352] - (5.1.3.0) - S:\LibreOfficePortable_5.1.3_MultilingualAll.paf.exe [10/07/2016 19:39:50] - |A| - (.Copyright (C) 2007 Macrovision Corporation - Setup Launcher .) - [11309264] - (14.0.0.166) - S:\LightScribeTemplateLabeler_1.18.15.1.exe [29/07/2016 16:59:27] - |A| - (.-.) - [143761] - (0.0.0.0) - S:\mac_os_x.exe [15/07/2016 14:11:16] - |A| - (.(c) Malwarebytes. - Malwarebytes Anti-Malware .) - [22851472] - (2.2.1.1043) - S:\mbam-setup-cnet.35891-2.2.1.1043.exe [10/07/2016 17:04:21] - |A| - (.Copyright © Malwarebytes Corporation - Malwarebytes Anti-Rootkit.) - [16563352] - (1.9.3.1001) - S:\mbar-1.09.3.1001.exe [26/07/2016 06:02:43] - |A| - (.-.) - [388227] - (3.3.4.0) - S:\MKV.exe [10/07/2016 19:40:12] - |A| - (.© MOVAVI. - Movavi Video Suite 11.) - [100766168] - (11.2.0.0) - S:\MovaviVideoSuiteSetup.exe [10/07/2016 19:40:59] - |A| - (.© Movavi. - Video Suite.) - [140213832] - (15.3.0.0) - S:\MovaviVideoSuiteSetupF(1).exe [10/07/2016 19:41:26] - |A| - (.© Movavi. - Video Suite.) - [140213832] - (15.3.0.0) - S:\MovaviVideoSuiteSetupF(2).exe [10/07/2016 19:40:31] - |A| - (.© Movavi. - Video Suite.) - [153857904] - (15.2.0.0) - S:\movavivideosuitesetupf.exe [10/07/2016 02:27:17] - |A| - (.Copyright 2011 Nero AG and its licensors - Nero Self Extractor.) - [262941032] - (12.0.3.0) - S:\Nero2015-16.0.05500_trial.exe [10/07/2016 02:27:59] - |A| - (.Copyright 2011 Nero AG and its licensors - Nero Self Extractor.) - [803581360] - (12.0.3.0) - S:\Nero2015_ContentPack-16.0.00300.exe [10/07/2016 19:41:54] - |A| - (.(c) 2015 Nero AG and its affiliates - NeroInstaller.) - [2559496] - (1.6.0.0) - S:\Nero2016-17.09.2015_stub_trial.exe [11/07/2016 09:24:27] - |A| - (.(c) 2015 Nero AG and its affiliates - NeroInstaller.) - [2563536] - (1.7.0.8) - S:\Nero_CoverDesigner_3p.exe [10/07/2016 19:41:55] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [307200] - (0.1.1.986) - S:\Ninite AdAware Classic Start Dropbox Essentials Installer.exe [20/07/2016 09:03:17] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [307200] - (0.1.1.986) - S:\Ninite Classic Start Installer.exe [04/07/2016 18:45:35] - |A| - (.(c) 2009 Nitro PDF Software - Installation and setup files for Nitro PDF Reader (fr-FR).) - [56666816] - (2.1.1009.0) - S:\nitro_reader5_64.exe [27/07/2016 13:38:00] - |A| - (.Copyright (C) 2016 Neuxpower Solutions Ltd - NXPowerLite™ - Optimize Microsoft Office, PDF, JPEG and ZIP files.) - [24532464] - (7.0.6.0) - S:\NXPowerLiteSetup70_6.exe [25/07/2016 09:25:29] - |A| - (.© Microsoft Corporation. - Microsoft OneDrive Setup.) - [9040072] - (17.3.6390.509) - S:\OneDriveSetup.exe [14/06/2016 07:43:08] - |A| - (. - Online Video Recorder Setup .) - [16879392] - (3.4.4.1) - S:\OnlineVideoRecorder_3_4_4_AQFR.exe [11/07/2016 09:24:30] - |A| - (.Copyright 2013 O&O Software GmbH - O&O SafeErase Professional.) - [772296] - (6.0.0.0) - S:\OOSafeEraseProfessional10ENU.exe [10/07/2016 19:42:18] - |A| - (.© Panda 2016 - Panda Security SFX.) - [2252720] - (15.14.2.0) - S:\PANDAFREEAV.exe [25/07/2016 11:36:51] - |A| - (.-.) - [2001540] - (0.0.0.0) - S:\pc-decrapifier-3.0.0.exe [11/07/2016 09:24:33] - |A| - (.© pdfforge GmbH - PDFCreator is the easy way of creating PDFs..) - [27980440] - (2.2.2.0) - S:\PDFCreator_Plus-2_2_2-setup.exe [14/06/2016 07:32:38] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PhotoFiltre Portable.) - [5878212] - (7.1.2.0) - S:\PhotoFiltrePortable_7.1.2.paf.exe [25/07/2016 09:25:29] - |A| - (.Copyright (C) 2006 Macrovision Corporation - Setup Launcher .) - [53091632] - (12.0.0.49974) - S:\pm14free_x64_eng.exe [11/07/2016 09:24:37] - |A| - (.Copyright 2011, 2012, 2013, 2014, 2015, 2016 Sony Corporation - PlayMemories Home Installer.) - [16496720] - (8.0.7600.16385) - S:\PMHOME_5100DL.exe [14/06/2016 09:05:05] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PortableApps.com AppCompactor.) - [895480] - (3.1.0.0) - S:\PortableApps.comAppCompactor_3.1.0_English.paf.exe [14/06/2016 07:38:15] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PortableApps.com Launcher.) - [767904] - (2.2.0.0) - S:\PortableApps.comLauncher_2.2.paf (1).exe [14/06/2016 07:44:26] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - PortableApps.com Launcher.) - [767904] - (2.2.0.0) - S:\PortableApps.comLauncher_2.2.paf.exe [14/06/2016 08:06:15] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [3793168] - (12.2.0.0) - S:\PortableApps.com_Platform_Setup_12.2.paf.exe [11/07/2016 09:24:39] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4409424] - (13.0.0.0) - S:\PortableApps.com_Platform_Setup_13.0.paf.exe [11/07/2016 09:24:39] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4353008] - (14.0.0.0) - S:\PortableApps.com_Platform_Setup_14.0.paf.exe [19/07/2016 09:39:56] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4140968] - (14.1.0.0) - S:\PortableApps.com_Platform_Setup_14.1.paf(1).exe [14/07/2016 07:35:44] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4140968] - (14.1.0.0) - S:\PortableApps.com_Platform_Setup_14.1.paf.exe [14/06/2016 08:21:22] - |A| - (.PortableApps.com - PortableApps.com Suite.) - [140562568] - (1.6.1.0) - S:\PortableApps.com_Suite_Setup_1.6.1_English (1).exe [14/06/2016 08:07:07] - |A| - (.PortableApps.com - PortableApps.com Suite.) - [140562568] - (1.6.1.0) - S:\PortableApps.com_Suite_Setup_1.6.1_English.exe [10/06/2016 11:45:21] - |A| - (.-.) - [258331888] - (0.0.0.0) - S:\Power2Go_10.0.2522.0_Essential_b_Essential_P2G151125-04.exe [11/07/2016 09:24:42] - |A| - (.© 2010 Microsoft Corporation. -.) - [63347104] - (14.0.4730.1010) - S:\PowerPointViewer.exe [14/06/2016 07:57:59] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - Private Browsing by PortableApps.com.) - [1487280] - (3.0.0.0) - S:\PrivateBrowsingByPortableApps_3.0.paf.exe [21/07/2016 06:18:54] - |A| - (.Copyright Shane Gowland © 2015 - ProcessAlive.) - [409088] - (0.0.8.0) - S:\ProcessAlive-0.9.1.exe [23/07/2016 12:57:25] - |A| - (.Copyright (C) 2013-2015 SosVirus Software - Process Killer.) - [988160] - (1.0.0.3) - S:\processclose_1.0.0.3.exe [25/07/2016 18:52:45] - |A| - (.Copyright © 2009 - 2015 MiniTool Solution Ltd., - MiniTool Partition Wizard Free Setup .) - [32262960] - (9.1.0.0) - S:\pwfree91.exe [10/07/2016 19:42:55] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.1.1.0 - qBittorrent Portable.) - [9120168] - (3.3.3.0) - S:\qBittorrentPortable_3.3.3.paf.exe [11/07/2016 09:24:54] - |A| - (.Copyright © 2016 Reason Software Company Inc. - Reason Core Security Setup.) - [3919376] - (1.1.2.0) - S:\reason-core-security-setup (1).exe [11/07/2016 09:24:53] - |A| - (.Copyright © 2016 Reason Software Company Inc. - Reason Core Security Setup.) - [3919376] - (1.1.2.0) - S:\reason-core-security-setup.exe [11/07/2016 09:24:54] - |A| - (.Copyright © 2015 Reason Software Company Inc. - Reason Core Security Setup.) - [3855576] - (1.1.1.0) - S:\reason-core-security-setup_1.1.1.0.exe [10/06/2016 15:20:24] - |A| - (.(c) Malwarebytes - Malwarebytes' RegASSASSIN.) - [65232] - (1.0.0.3) - S:\regassassin-setup-1.03.exe [09/07/2016 14:19:14] - |A| - (.Copyright © 2008-2014 Auslogics Labs Pty Ltd - Auslogics Registry Cleaner Installation File .) - [7253752] - (4.1.0.0) - S:\registry-cleaner-setup.exe [21/07/2016 06:13:18] - |A| - (. - Remembr Setup .) - [819850] - (0.0.0.0) - S:\remembr-install-0.5.exe [11/07/2016 09:24:59] - |A| - (.-.) - [409449] - (1.3.0.0) - S:\rstassociations-version-exe_1.3.exe [25/07/2016 18:52:47] - |A| - (.© 2011-2016 Pete Batard (GPL v3) - Rufus.) - [937080] - (2.10.973.0) - S:\rufus-2.10.exe [11/07/2016 09:29:03] - |A| - (.-.) - [487400] - (3.3.9.4) - S:\Search_The_Crack.exe [10/07/2016 19:44:49] - |A| - (.kastorsoft.com - Free Video Converter Setup .) - [6509896] - (2.3.0.0) - S:\SetupFreeVideoConverter.exe [26/07/2016 06:02:44] - |A| - (.-.) - [163598920] - (0.0.0.0) - S:\setup_11.0.3.8.x01_2014_12_13_09_36.exe [11/07/2016 09:29:08] - |A| - (. - ShadowExplorer Setup .) - [969845] - (0.9.462.0) - S:\ShadowExplorer-0.9-setup.exe [11/07/2016 09:29:08] - |A| - (.© 2015 simplitec GmbH - simplitec setup .) - [21595680] - (2.2.22.27) - S:\simplitec_simpliclean_int.exe [25/07/2016 09:25:32] - |A| - (.Copyright (c) TechSmith Corporation. - Snagit 13.) - [91067736] - (13.0.1.6326) - S:\snagit.exe [11/07/2016 09:29:59] - |A| - (.Copyright 1989-2016 Sophos Limited. - Sophos Extractor.) - [196787200] - (1.3.3.7) - S:\SophosInstall.exe [25/07/2008 01:16:42] - |A| - (.2005-2006© by sarkos and Tuxmouraille (GPL) - Framakey Starter pour Windows XP.) - [188397] - (0.2.2.2) - S:\start.exe [26/07/2016 06:02:52] - |A| - (.(c) Malwarebytes - Malwarebytes' StartUpLite.) - [204496] - (1.0.0.7) - S:\startuplite-setup-1.07.exe [29/07/2016 16:59:27] - |A| - (.-.) - [109259] - (0.0.0.0) - S:\steam.exe [09/07/2016 05:50:18] - |A| - (.Stellar Information Technology Pvt Ltd. - Stellar Information Technology Pvt Ltd. .) - [5979488] - (6.0.0.1) - S:\StellarPhoenixWindowsDataRecovery-Professional.exe [10/07/2016 19:46:38] - |A| - (.1995-2013 Stellar Information Systems Ltd. - Stellar Information Systems Ltd .) - [6471304] - (6.0.0.0) - S:\StellarPhoenixWindowsDataRecovery-ProfessionalV6_AQFR.exe [14/06/2016 07:25:56] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - Sumatra PDF Portable.) - [2541384] - (2.3.2.0) - S:\SumatraPDFPortable_2.3.2.paf.exe [05/07/2016 09:39:21] - |A| - (.-.) - [7233888] - (0.0.0.0) - S:\susetupPro.exe [26/07/2016 06:02:52] - |A| - (.© 1997-2014 Kaspersky Lab ZAO. - TDSS rootkit removing tool.) - [4187592] - (3.0.0.42) - S:\tdsskiller.exe [11/07/2016 09:30:26] - |A| - (.PortableApps.com Installer Copyright 2007-2012 PortableApps.com. - TeamViewer Portable.) - [10876344] - (11.0.59518.0) - S:\TeamViewerPortable_11.0.59518.paf.exe [10/07/2016 19:46:51] - |A| - (.TeamViewer GmbH -.) - [9666224] - (11.0.59518.0) - S:\TeamViewer_Setup_fr.exe [11/07/2016 09:30:28] - |A| - (.-.) - [23398464] - (0.0.0.0) - S:\tenorshare-android-data-recovery-trial.exe [14/06/2016 07:43:53] - |A| - (.-.) - [24727614] - (0.0.0.0) - S:\tenorshare-free-video-converter.exe [11/07/2016 09:30:33] - |A| - (.-.) - [8074734] - (0.0.0.0) - S:\tenorshare-pdf-password-recovery-trial.exe [11/07/2016 09:30:34] - |A| - (.-.) - [5015718] - (0.0.0.0) - S:\tenorshare-pdf-password-remover-trial.exe [05/07/2016 13:46:37] - |A| - (.-.) - [25106954] - (0.0.0.0) - S:\tenorshare-samsung-data-recovery-trial.exe [14/06/2016 07:45:03] - |A| - (.-.) - [24343000] - (0.0.0.0) - S:\tenorshare-video-converter-trial.exe [14/06/2016 08:03:50] - |A| - (.-.) - [266046792] - (0.0.0.0) - S:\tenorshare-windows-boot-genius-trial.exe [14/06/2016 08:06:43] - |A| - (.-.) - [32563203] - (0.0.0.0) - S:\tenorshare-windows-video-downloader-trial.exe [11/07/2016 04:50:20] - |A| - (.-.) - [271572636] - (1.1.3.70) - S:\tentatives lfs ultra finalis efm et didinser.exe [19/07/2016 19:23:09] - |A| - (.Mozilla - Thunderbird.) - [35165800] - (4.42.0.0) - S:\Thunderbird Setup 45.2.0.exe [19/07/2016 13:55:05] - |A| - (.© 1996-2016 by Joachim Marder e.K. - TreeSize Free Setup .) - [5963008] - (3.4.5.343) - S:\TreeSizeFreeSetup.exe [11/07/2016 09:31:52] - |A| - (.Copyright ©2011 - 2016 - Setup Application.) - [21382440] - (3.9.0.0) - S:\tweaking.com_windows_repair_aio_setup.exe [26/07/2016 18:02:08] - |A| - (.-.) - [6848474] - (0.0.0.0) - S:\ultracopier-ultimate-windows-x86_64-1.2.3.2-setup.exe [11/07/2016 09:31:55] - |A| - (.Copyright - Geza Kovacs - License - GNU GPL v2+ - UNetbootin - Universal Netboot Installer - http://unetbootin.sourceforge.net.) - [4831744] - (1.1.1.1) - S:\unetbootin-windows-613.exe [10/06/2016 11:10:42] - |A| - (.© 2008/2014 - El Desaparecido - www.SosVirus.net - UsbFix - Remove Malware From Your Drive!.) - [3989160] - (7.8.0.6) - S:\UsbFix-7.806.exe [10/07/2016 17:04:37] - |A| - (.© 2008/2016 - El Desaparecido - www.SOSVirus.net - UsbFix - Remove Malware From Your Drive!.) - [3124797] - (8.2.2.8) - S:\UsbFix_2016_8.233.exe [11/07/2016 09:31:58] - |A| - (.Copyright (c) 2016 Steganos Software GmbH - Steganos PortableSafe USB Starter.) - [4127744] - (17.1.3.11700) - S:\usbstarter.exe [10/07/2016 19:48:12] - |A| - (. - Panda USB Vaccine Setup .) - [848856] - (1.0.1.4) - S:\USBVaccineSetup.exe [11/07/2016 09:31:59] - |A| - (.2007-2016 PortableApps.com, PortableApps.com Installer 3.1.1.0 - uTorrent Portable.) - [2370592] - (3.4.6.42178) - S:\uTorrentPortable_3.4.6.42178_online.paf.exe [10/07/2016 16:14:51] - |A| - (.Copyright 2015 Wondershare Corporation - videoconverterfree_setup_full1129.exe.) - [800840] - (1.2.1.1) - S:\video-converter-free_setup_full1129.exe [10/07/2016 19:48:31] - |A| - (. - .) - [46736640] - (9.0.18.0) - S:\video-converter-ultimate(1).exe [10/07/2016 19:48:19] - |A| - (. - .) - [46736640] - (9.0.18.0) - S:\video-converter-ultimate.exe [23/07/2016 05:19:21] - |A| - (.- Video to Picture Setup.) - [12937488] - (1.0.0.0) - S:\video-to-picture.exe [11/07/2016 09:32:15] - |A| - (.- Professional video watermarking program.) - [16786240] - (5.1.0.0) - S:\video-watermark-pro.exe [11/07/2016 09:32:13] - |A| - (.- Video watermarking program.) - [16733504] - (5.1.0.0) - S:\video-watermark.exe [10/07/2016 19:48:17] - |A| - (.Copyright © 2014 UpdateStar - Video Converter Setup .) - [8704008] - (7.0.3.91) - S:\VideoConverter.exe [24/06/2016 11:31:58] - |A| - (.-.) - [89589712] - (0.0.0.0) - S:\VideoMeetingPlus_1.0.1711.0_Beta_VMX160226-03.exe [10/07/2016 12:33:54] - |A| - (.Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc. - InstallScript Setup Launcher.) - [453686816] - (17.0.0.717) - S:\Video_Explosion_Deluxe_Setup.exe [10/07/2016 07:41:44] - |A| - (.- Télécharge et installe VirtualBox portable.) - [301259] - (3.3.6.1) - S:\VirtualBoxPortable.exe [14/06/2016 07:15:38] - |A| - (.2007-2015 PortableApps.com, PortableApps.com Installer 3.0.17.0 - VLC Media Player Portable.) - [26948496] - (2.2.1.0) - S:\VLCPortable_2.2.1.paf.exe [14/03/2015 03:48:01] - |RA| - (.© 2015 Western Digital Technologies, Inc. - Unlock Utility for WD Encrypted Drive.) - [2081624] - (1.2.0.9) - S:\WD Drive Unlock.exe [14/06/2016 07:23:56] - |A| - (.tenorshare.com - Windows Care Genius .) - [16035976] - (3.9.4.355) - S:\windows-care-genius-trial.exe [26/07/2016 06:02:53] - |A| - (.WiseCleaner.com - Wise Care 365 .) - [5692408] - (3.4.3.300) - S:\Wise_Care_365_v3.43.exe [29/07/2016 16:59:27] - |A| - (.-.) - [119912] - (0.0.0.0) - S:\wood.exe [11/07/2016 09:32:28] - |A| - (.© 2006 Microsoft Corporation. -.) - [25746416] - (12.0.6038.3000) - S:\wordview_fr-fr.exe [26/07/2016 06:02:54] - |A| - (.WiseVideoSuite.com - Wise Video Downloader .) - [2006472] - (1.6.1.77) - S:\WVDSetup.exe [11/07/2016 09:32:31] - |A| - (.-.) - [33087576] - (0.0.0.0) - S:\x-audio-maker6-fr.exe [11/07/2016 09:32:34] - |A| - (.-.) - [16868162] - (0.0.0.0) - S:\x-dailymotion-video-downloader-fr.exe [11/07/2016 09:32:36] - |A| - (.-.) - [28206392] - (0.0.0.0) - S:\x-download-youtube-video5-fr.exe [11/07/2016 09:32:39] - |A| - (.-.) - [37509928] - (0.0.0.0) - S:\x-video-converter-ultimate7-fr.exe [11/07/2016 09:32:43] - |A| - (.-.) - [26640091] - (0.0.0.0) - S:\x-video-editor2-fr.exe [29/07/2016 16:59:27] - |A| - (.-.) - [38457] - (0.0.0.0) - S:\xpsoft.exe [29/07/2016 16:59:27] - |A| - (.-.) - [38683] - (0.0.0.0) - S:\xpsolive.exe [26/07/2016 17:35:39] - |A| - (.NCH Software - Express Zip.) - [1062432] - (0.0.0.0) - S:\zipplus.exe [11/07/2016 09:32:49] - |A| - (.Copyright © 1998-2016, Check Point, LTD - ZoneAlarm.) - [3412200] - (14.1.48.0) - S:\zonealarm-free-antivirus-firewall_14-1-048-000_fr_10494.exe [11/07/2016 09:32:48] - |A| - (.Copyright © 1999-2011 Pro Softnet Corp. - ZoneAlarm Backup Powered by IDrive Setup .) - [9468744] - (0.0.0.0) - S:\ZoneAlarmBackupSetup.exe [08/07/2016 19:32:32] - |A| - (.-.) - [262] - (0.0.0.0) - S:\.label.info [10/07/2016 19:01:41] - |A| - (.-.) - [4248] - (0.0.0.0) - S:\0x0404.ini [10/07/2016 19:01:41] - |A| - (.-.) - [7094] - (0.0.0.0) - S:\0x0407.ini [10/07/2016 19:01:41] - |A| - (.-.) - [6129] - (0.0.0.0) - S:\0x0409.ini [10/07/2016 19:01:41] - |A| - (.-.) - [7022] - (0.0.0.0) - S:\0x040a.ini [10/07/2016 19:01:41] - |A| - (.-.) - [7242] - (0.0.0.0) - S:\0x040c.ini [10/07/2016 19:01:41] - |A| - (.-.) - [6897] - (0.0.0.0) - S:\0x0410.ini [10/07/2016 19:01:41] - |A| - (.-.) - [6623] - (0.0.0.0) - S:\0x0411.ini [10/07/2016 19:01:42] - |A| - (.-.) - [5724] - (0.0.0.0) - S:\0x0412.ini [10/07/2016 19:01:42] - |A| - (.-.) - [4315] - (0.0.0.0) - S:\0x0804.ini [11/07/2016 08:44:52] - |A| - (.-.) - [6848] - (0.0.0.0) - S:\a2settings.ini [11/07/2016 08:44:52] - |A| - (.-.) - [64] - (0.0.0.0) - S:\a2whitelist.ini [12/05/2016 12:04:59] - |A| - (.-.) - [24] - (0.0.0.0) - S:\Config.ini [10/07/2016 19:10:42] - |A| - (.-.) - [142] - (0.0.0.0) - S:\Custom.ini [10/07/2016 19:31:48] - |A| - (.-.) - [40] - (0.0.0.0) - S:\Define.ini [18/07/2016 18:18:04] - |A| - (.-.) - [282] - (0.0.0.0) - S:\desktop(1).ini [10/07/2016 19:31:48] - |A| - (.-.) - [282] - (0.0.0.0) - S:\desktop_FromLFS_ULTRA.ini [27/11/2013 15:14:04] - |A| - (.-.) - [2054] - (0.0.0.0) - S:\Framakey.ini [10/07/2016 19:39:27] - |A| - (.-.) - [101] - (0.0.0.0) - S:\info.ini [11/07/2016 09:24:15] - |A| - (.-.) - [0] - (0.0.0.0) - S:\LogAnalyZer.ini [10/07/2016 19:44:47] - |A| - (.-.) - [1953] - (0.0.0.0) - S:\Setup.ini [10/07/2016 19:48:12] - |A| - (.-.) - [208] - (0.0.0.0) - S:\ureg.ini [12/05/2016 12:06:17] - |A| - (.-.) - [1598] - (0.0.0.0) - S:\UserSettings.ini [11/07/2016 09:32:19] - |A| - (.-.) - [27] - (0.0.0.0) - S:\VTU.ini R: [12/05/2016 12:04:54] - |A| - (.Copyright © 1999-2012 - BASS.) - [219136] - (2.4.9.0) - R:\bass.dll [12/05/2016 12:04:54] - |A| - (.Copyright © 2005-2012 by radio42: Bernd Niedergesaess, Germany. http://www.bass.radio42.com/ - bn@radio42.com - BASS.NET API for .Net.) - [638976] - (2.4.9.1) - R:\Bass.Net.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2003-2009 - BASSCD.) - [35328] - (2.4.3.1) - R:\basscd.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [48128] - (2.4.1.0) - R:\bassflac.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2005-2010 - BASSmix.) - [33280] - (2.4.4.0) - R:\bassmix.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2012 - BASSOPUS.) - [103424] - (0.0.0.1) - R:\bassopus.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [34816] - (2.4.4.0) - R:\basswma.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2007-2009 - BASSWV.) - [59904] - (2.4.1.0) - R:\basswv.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9416] - (2.4.3.0) - R:\bass_alac.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [81408] - (2.4.0.1) - R:\bass_ape.dll [12/05/2016 12:04:57] - |A| - (.2003-2006, MaresWEB - Musepack add-on for the BASS library.) - [45056] - (2.4.1.0) - R:\bass_mpc.dll [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBXPExt.) - [68608] - (4.5.7.6229) - R:\CDBXP.dll [12/05/2016 12:05:09] - |A| - (. - .) - [337408] - (13.0.0.0) - R:\LogicNP.FolderView.dll [12/05/2016 12:05:15] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2016. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3622784] - (15.6.1.1025) - R:\StarBurn.dll [14/07/2016 04:03:31] - |A| - (. - Ashampoo Media Sync Setup .) - [12641832] - (1.0.2.0) - R:\ashampoo_media_sync_e1.0.2_sm.exe [13/05/2016 06:34:57] - |A| - (.-.) - [97557896] - (0.0.0.0) - R:\CyberLink_MediaEspresso7.5_MEX160302-01.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP command line version.) - [25712] - (4.5.7.6229) - R:\cdbxpcmd.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP.) - [1746544] - (4.5.7.6229) - R:\cdbxpp.exe [12/05/2016 12:06:17] - |A| - (.-.) - [1598] - (0.0.0.0) - R:\UserSettings.ini [12/05/2016 12:04:59] - |A| - (.-.) - [24] - (0.0.0.0) - R:\Config.ini M: [05/05/2016 17:15:18] - |A| - (.© 2008/2016 - El Desaparecido - www.SOSVirus.net - UsbFix - Remove Malware From Your Drive!.) - [3124797] - (8.2.2.8) - M:\UsbFix_2016_8.233.exe [08/05/2016 13:18:31] - |A| - (.©2016 BitTorrent, Inc. - BitTorrent.) - [1963528] - (7.9.6.42179) - M:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FAq2NsdKU).exe [08/05/2016 13:18:36] - |A| - (.Copyright © 2005-2016 Piriform Ltd - CCleaner Installer.) - [7033368] - (2.0.0.0) - M:\ccsetup_517.exe [08/05/2016 13:18:42] - |A| - (.Copyright 2003-2015 Emsisoft Ltd. - Emsisoft Anti-Malware Setup .) - [237135456] - (11.7.0.6394) - M:\EmsisoftAntiMalwareSetup.exe [08/05/2016 13:19:02] - |A| - (.-.) - [232114840] - (0.0.0.0) - M:\EmsisoftEmergencyKit (1).exe [08/05/2016 13:19:19] - |A| - (.-.) - [232114840] - (0.0.0.0) - M:\EmsisoftEmergencyKit.exe [08/05/2016 13:19:43] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11441168] - (3.7.14.263) - M:\hitmanpro_x64.exe [08/05/2016 13:20:35] - |A| - (.Copyright © Malwarebytes Corporation - Malwarebytes Anti-Rootkit.) - [16563352] - (1.9.3.1001) - M:\mbar-1.09.3.1001.exe [08/05/2016 13:20:43] - |A| - (.Copyright ©2011 - 2016 - Setup Application.) - [21258848] - (3.8.0.7) - M:\tweaking.com_windows_repair_aio_setup.exe [08/05/2016 13:20:46] - |A| - (.© Copyright 2015 - AntiMalware .) - [5479312] - (2.20.613.0) - M:\Zemana.AntiMalware.Setup.exe [07/06/2016 10:44:01] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [4140968] - (14.1.0.0) - M:\PortableApps.com_Platform_Setup_14.1.paf.exe [11/05/2016 19:55:40] - |A| - (.-.) - [505346176] - (0.0.0.0) - M:\CyberLink_ActionDirector_ACD160414-01.exe L: [30/07/2016 06:28:11] - |A| - (.2005-2006© by sarkos and Tuxmouraille (GPL) - Framakey Starter pour Windows XP.) - [188397] - (0.2.2.2) - L:\start.exe K: [31/01/2016 11:57:05] - |A| - (.-.) - [983040] - (0.8.0.5) - K:\Framakey.exe [31/01/2016 11:43:52] - |A| - (.-.) - [2141] - (0.0.0.0) - K:\Framakey.ini J: [29/07/2016 06:46:25] - |A| - (.2005-2006© by sarkos and Tuxmouraille (GPL) - Framakey Starter pour Windows XP.) - [188397] - (0.2.2.2) - J:\start.exe H: [09/05/2011 20:08:50] - |N| - (.- Télécharge et installe VirtualBox portable.) - [301259] - (3.3.6.1) - H:\VirtualBoxPortable.exe [04/05/2011 17:11:58] - |N| - (.-.) - [472466] - (0.8.0.2) - H:\Framakey.exe [03/05/2011 11:24:12] - |N| - (.-.) - [2054] - (0.0.0.0) - H:\Framakey.ini D: [29/07/2016 14:05:50] - |A| - (.-.) - [44] - (0.0.0.0) - D:\language.ini ---------- | C: [05/03/2013 01:30:20] - |SHD| - [258] - C:\$RECYCLE.BIN [29/07/2016 18:06:37] - |D| - [800582761] - C:\$WINDOWS.~BT [29/07/2016 17:23:49] - |D| - [319010] - C:\$Windows.~WS [29/07/2016 19:41:54] - |D| - [126954006] - C:\AMD [30/07/2016 15:50:27] - |RASHD| - [3] - C:\Autorun.inf [02/08/2012 04:02:18] - |SHD| - [18175260] - C:\Boot [MD5.21BF183C15AFE62A8D1137BB9007B2A3] - [26/07/2012 10:18:43] - |RASH| - (.-.) - [398156] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [26/07/2012 10:18:43] - |N| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [29/07/2016 14:48:10] - |D| - [881296] - C:\Config.Msi [26/07/2012 09:22:08] - |SHD| - [0] - C:\Documents and Settings [29/07/2016 17:58:34] - |D| - [3679045097] - C:\ESD [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 11:20:23] - |ASH| - (.-.) - [1535000576] - (0.0.0.0) - C:\hiberfil.sys [07/01/2013 13:49:41] - |D| - [3918878] - C:\hp [29/07/2016 19:44:59] - |D| - [91539] - C:\inetpub [27/04/2016 07:50:24] - |D| - [16285696] - C:\Logs [MD5.9554AF1AF69FE631B8C9F0EC69BD89C9] - [30/07/2016 19:05:03] - |A| - (.-.) - [31988] - (0.0.0.0) - C:\Look_my_hardware.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 09:30:46] - |N| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 11:17:30] - |ASH| - (.-.) - [419430400] - (0.0.0.0) - C:\pagefile.sys [30/10/2015 09:24:24] - |D| - [0] - C:\PerfLogs [30/10/2015 08:28:30] - |RD| - [2428703902] - C:\Program Files [30/10/2015 08:28:30] - |RD| - [2166976941] - C:\Program Files (x86) [30/10/2015 09:24:24] - |HD| - [2143180653] - C:\ProgramData [30/07/2016 19:01:27] - |D| - [262073] - C:\QuickDiag [MD5.FBF8C125068F92C39EE25B70BA3B40C9] - [30/07/2016 19:01:37] - |A| - (.-.) - [435477] - (0.0.0.0) - C:\QuickDiag.txt [29/07/2016 19:54:17] - |SHD| - [971] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/07/2016 11:17:31] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [02/08/2012 05:15:28] - |AD| - [1021173952] - C:\SWSETUP [29/07/2016 11:17:29] - |SHD| - [0] - C:\System Volume Information [01/08/2012 11:57:15] - |D| - [38380355] - C:\SYSTEM.SAV [30/07/2016 14:12:51] - |D| - [32398127] - C:\UsbFix [30/10/2015 08:28:30] - |RD| - [3738914916] - C:\Users [30/10/2015 08:28:30] - |D| - [26783233434] - C:\Windows [29/07/2016 19:48:25] - |D| - [18466615887] - C:\Windows.old ---------- | C:\WINDOWS [30/10/2015 09:24:24] - |D| - [802] - C:\WINDOWS\addins [30/10/2015 09:24:24] - |D| - [6587039] - C:\WINDOWS\appcompat [30/10/2015 09:24:24] - |D| - [12360910] - C:\WINDOWS\AppPatch [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\AppReadiness [30/10/2015 09:24:24] - |RD| - [833473992] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 01:09:53] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [26/07/2012 10:12:59] - |D| - [0] - C:\WINDOWS\AUInstallAgent [30/10/2015 09:24:24] - |D| - [241412] - C:\WINDOWS\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\WINDOWS\bfsvc.exe [30/10/2015 09:24:24] - |D| - [32716961] - C:\WINDOWS\Boot [MD5.1BCA8453EBF7A313961BE4686EF85AF7] - [27/04/2016 07:40:14] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [30/10/2015 09:24:24] - |D| - [2380376] - C:\WINDOWS\Branding [30/10/2015 09:11:39] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.203F8C2CA4C6BD8E4D79564E581380A7] - [29/07/2016 18:21:49] - |A| - (.-.) - [6554] - (0.0.0.0) - C:\WINDOWS\comsetup.log [MD5.F59060E298148DE24DEBB3E8321C4407] - [27/04/2016 07:30:17] - |A| - (.-.) - [31816] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.B749466D1A93B0BFE3590BD487A793BF] - [05/03/2013 01:14:16] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [30/10/2015 09:24:24] - |D| - [8970858] - C:\WINDOWS\Cursors [30/10/2015 09:24:24] - |D| - [993475] - C:\WINDOWS\debug [30/10/2015 09:24:24] - |RD| - [22462] - C:\WINDOWS\DesktopTileResources [30/10/2015 09:24:24] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [MD5.E3F4BF3FC55D97314DC1DD650C83F2C1] - [29/07/2016 18:06:34] - |A| - (.-.) - [10449] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [30/10/2015 09:24:24] - |D| - [4217368] - C:\WINDOWS\diagnostics [MD5.692CA5EBC9E0CEF0A8D0BE4DF7400CEE] - [29/07/2016 18:06:34] - |A| - (.-.) - [9528] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [27/04/2016 07:12:00] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.1125AAECF81A3142FB25C74E73F82F6D] - [05/03/2013 01:45:51] - |A| - (.-.) - [204] - (0.0.0.0) - C:\WINDOWS\DirectX.log [30/10/2015 09:24:24] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.55DB2EA397CED3A348146AF446E81BF9] - [30/10/2015 09:25:57] - |A| - (.-.) - [5161] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [30/10/2015 09:24:24] - |HD| - [44568] - C:\WINDOWS\ELAMBKUP [26/07/2012 11:43:43] - |D| - [116160] - C:\WINDOWS\en-GB [27/04/2016 07:12:00] - |D| - [0] - C:\WINDOWS\en-US [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [29/07/2016 22:12:44] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.494) - C:\WINDOWS\explorer.exe [30/10/2015 09:24:24] - |RSD| - [354759834] - C:\WINDOWS\Fonts [05/03/2013 01:46:39] - |D| - [116648] - C:\WINDOWS\fr [27/04/2016 07:12:00] - |D| - [134144] - C:\WINDOWS\fr-FR [30/10/2015 09:24:24] - |D| - [20838848] - C:\WINDOWS\Globalization [30/10/2015 09:24:24] - |D| - [2127415] - C:\WINDOWS\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [29/07/2016 22:10:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.494) - C:\WINDOWS\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\WINDOWS\hh.exe [MD5.2EB26B9B1FD61752BE302ABE84165A9E] - [29/07/2016 19:00:42] - |A| - (.-.) - [13431] - (0.0.0.0) - C:\WINDOWS\iis.log [30/10/2015 09:24:24] - |D| - [173196894] - C:\WINDOWS\IME [30/10/2015 09:24:24] - |RD| - [6840341] - C:\WINDOWS\ImmersiveControlPanel [30/10/2015 09:21:47] - |D| - [112842682] - C:\WINDOWS\INF [30/10/2015 09:24:24] - |D| - [931024796] - C:\WINDOWS\InfusedApps [30/10/2015 09:24:24] - |D| - [36258450] - C:\WINDOWS\InputMethod [30/10/2015 09:24:24] - |SHD| - [524021036] - C:\WINDOWS\Installer [30/10/2015 09:24:24] - |D| - [89407] - C:\WINDOWS\L2Schemas [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\LiveKernelReports [30/10/2015 08:31:03] - |D| - [48956419] - C:\WINDOWS\Logs [MD5.B76FB326A850CB5F345008107126A96D] - [26/04/2016 22:39:54] - |A| - (.-.) - [1342] - (0.0.0.0) - C:\WINDOWS\lsasetup.log [30/10/2015 09:24:24] - |RSD| - [20145669] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [30/10/2015 09:24:24] - |D| - [775714971] - C:\WINDOWS\Microsoft.NET [30/10/2015 09:24:24] - |D| - [2371] - C:\WINDOWS\Migration [30/10/2015 09:24:24] - |RD| - [470257] - C:\WINDOWS\MiracastView [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.60336413E419C2EA5E215F1A32061E40] - [30/10/2015 09:19:28] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [244736] - (10.0.10586.0) - C:\WINDOWS\notepad.exe [MD5.9AEECE909BBC1C0C5A292354286D764A] - [30/07/2016 18:59:36] - |A| - (.-.) - [81980] - (0.0.0.0) - C:\WINDOWS\ntbtlog.txt [27/04/2016 07:17:47] - |D| - [199124] - C:\WINDOWS\OCR [30/10/2015 09:24:24] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [29/07/2016 19:54:14] - |DC| - [119977268] - C:\WINDOWS\Panther [30/10/2015 09:24:24] - |D| - [28868194] - C:\WINDOWS\Performance [MD5.D52DEED43D177CFC246703622269B527] - [30/07/2016 18:59:36] - |A| - (.-.) - [802] - (0.0.0.0) - C:\WINDOWS\PFRO.log [30/10/2015 09:24:24] - |D| - [1136442] - C:\WINDOWS\PLA [30/10/2015 09:24:24] - |D| - [2566565] - C:\WINDOWS\PolicyDefinitions [29/07/2016 18:56:12] - |D| - [30005479] - C:\WINDOWS\Prefetch [30/10/2015 09:24:24] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [30/10/2015 09:24:24] - |D| - [1297393] - C:\WINDOWS\Provisioning [30/10/2015 09:24:24] - |RD| - [770223] - C:\WINDOWS\PurchaseDialog [MD5.D9D56AFAA121BD6B4206F7FF3DA84BBA] - [30/10/2015 09:17:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.10586.0) - C:\WINDOWS\regedit.exe [30/10/2015 09:24:24] - |D| - [1095144] - C:\WINDOWS\Registration [30/10/2015 09:24:24] - |D| - [4656070] - C:\WINDOWS\rescache [30/10/2015 09:24:24] - |D| - [4002319] - C:\WINDOWS\Resources [MD5.2A7B78F4CFA0F1A5655891DDAACEFAD9] - [05/03/2013 01:18:17] - |A| - (.Copyright (C) 2012 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1706640] - (1.0.3.8) - C:\WINDOWS\RtlExUpd.dll [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\SchCache [30/10/2015 09:24:24] - |D| - [121229] - C:\WINDOWS\schemas [30/10/2015 09:24:24] - |D| - [9926586] - C:\WINDOWS\security [27/04/2016 07:38:17] - |D| - [57367567] - C:\WINDOWS\ServiceProfiles [30/10/2015 08:28:30] - |D| - [85632141] - C:\WINDOWS\servicing [30/10/2015 09:26:37] - |D| - [42] - C:\WINDOWS\Setup [MD5.BD5DC58711FAE37414AE1D3E1E9C751E] - [27/04/2016 07:40:06] - |A| - (.-.) - [28148] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/04/2016 07:40:06] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [27/04/2016 07:29:00] - |D| - [9383] - C:\WINDOWS\ShellNew [27/04/2016 07:17:19] - |D| - [3070736] - C:\WINDOWS\SKB [29/07/2016 14:02:12] - |D| - [7859852987] - C:\WINDOWS\SoftwareDistribution [30/10/2015 09:24:24] - |D| - [103545399] - C:\WINDOWS\Speech [30/10/2015 09:24:24] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\WINDOWS\splwow64.exe [30/10/2015 09:24:24] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [26/07/2012 07:26:52] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [30/10/2015 08:28:30] - |D| - [4233848431] - C:\WINDOWS\System32 [30/10/2015 09:24:25] - |D| - [158572489] - C:\WINDOWS\SystemApps [30/10/2015 09:24:25] - |D| - [18175861] - C:\WINDOWS\SystemResources [30/10/2015 08:28:37] - |D| - [1361703072] - C:\WINDOWS\SysWOW64 [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\TAPI [26/07/2012 10:12:59] - |D| - [1928] - C:\WINDOWS\Tasks [30/10/2015 09:24:25] - |D| - [5302] - C:\WINDOWS\Temp [26/07/2012 10:12:59] - |RD| - [0] - C:\WINDOWS\ToastData [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\tracing [30/10/2015 09:24:25] - |D| - [43083340] - C:\WINDOWS\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [30/10/2015 09:24:25] - |D| - [12420] - C:\WINDOWS\Vss [30/10/2015 09:24:25] - |D| - [25457486] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [26/07/2012 07:26:52] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [29/07/2016 14:02:12] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\WINDOWS\winhlp32.exe [30/10/2015 08:28:30] - |D| - [8653483499] - C:\WINDOWS\WinSxS [MD5.D935AD9372C6858C04E3FB423149134C] - [28/07/2012 04:54:00] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [321472] - (16.4.3503.728) - C:\WINDOWS\WLXPGSS.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\WINDOWS\write.exe [MD5.6F06EA56C23E87D9D1CCC1B5C26E20CE] - [29/07/2016 17:20:27] - |A| - (.-.) - [149532] - (0.0.0.0) - C:\WINDOWS\ZAM.krnl.trace [MD5.3B1A8EB80E96129ADFFC6A12C64BEFC2] - [29/07/2016 17:20:26] - |A| - (.-.) - [119944] - (0.0.0.0) - C:\WINDOWS\ZAM_Guard.krnl.trace ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [08/08/2012 07:20:32] - C:\WINDOWS\Installer\15b2f8.msi : (HP Postscript Converter - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2012 23:54:11] - C:\WINDOWS\Installer\15b301.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2012 04:07:50] - C:\WINDOWS\Installer\15b307.msi : ( - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2012 01:12:59] - C:\WINDOWS\Installer\15b310.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:24] - C:\WINDOWS\Installer\1df36a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 10:49:56] - C:\WINDOWS\Installer\1df371.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:16] - C:\WINDOWS\Installer\1df377.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:22] - C:\WINDOWS\Installer\1df37e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:30] - C:\WINDOWS\Installer\1df385.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:36] - C:\WINDOWS\Installer\1df38c.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:44] - C:\WINDOWS\Installer\1df393.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:52] - C:\WINDOWS\Installer\1df39a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:00] - C:\WINDOWS\Installer\1df3a1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:06] - C:\WINDOWS\Installer\1df3a8.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:16] - C:\WINDOWS\Installer\1df3af.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:22] - C:\WINDOWS\Installer\1df3b6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:30] - C:\WINDOWS\Installer\1df3bd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:38] - C:\WINDOWS\Installer\1df3c4.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:46] - C:\WINDOWS\Installer\1df3cb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:54] - C:\WINDOWS\Installer\1df3d2.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:02] - C:\WINDOWS\Installer\1df3d9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:10] - C:\WINDOWS\Installer\1df3e0.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:18] - C:\WINDOWS\Installer\1df3e7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:26] - C:\WINDOWS\Installer\1df3ee.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:34] - C:\WINDOWS\Installer\1df3f5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:42] - C:\WINDOWS\Installer\1df3fc.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:50] - C:\WINDOWS\Installer\1df403.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:58] - C:\WINDOWS\Installer\1df40a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:06] - C:\WINDOWS\Installer\1df411.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:40] - C:\WINDOWS\Installer\1df417.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:07:30] - C:\WINDOWS\Installer\1df41d.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:12] - C:\WINDOWS\Installer\1df423.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/07/2016 04:42:00] - C:\WINDOWS\Installer\254c8c0.msi : (Epson Software Updater - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2016 12:09:58] - C:\WINDOWS\Installer\25ccf03.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/03/2016 00:00:00] - C:\WINDOWS\Installer\25ccf09.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 08:45:36] - C:\WINDOWS\Installer\25ccf15.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:20:40] - C:\WINDOWS\Installer\29c4fe8.msi : (Blank Project Template - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:21:30] - C:\WINDOWS\Installer\29c4fed.msi : (AntimalwareEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:22:41] - C:\WINDOWS\Installer\29c4ff2.msi : (FirewallEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:22:50] - C:\WINDOWS\Installer\29c4ff7.msi : (OnlineThreatsEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:23:01] - C:\WINDOWS\Installer\29c4ffc.msi : (AntispamEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:23:14] - C:\WINDOWS\Installer\29c5001.msi : (AvcEngine - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:24:03] - C:\WINDOWS\Installer\29c5006.msi : (Blank Project Template - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:54] - C:\WINDOWS\Installer\2dfcc.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:05:09] - C:\WINDOWS\Installer\2dfd2.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:59:01] - C:\WINDOWS\Installer\2dfd7.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:01:33] - C:\WINDOWS\Installer\2dfdc.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:01:42] - C:\WINDOWS\Installer\2dfe1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:01:46] - C:\WINDOWS\Installer\2dfe6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:01:52] - C:\WINDOWS\Installer\2dfeb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:01:58] - C:\WINDOWS\Installer\2dff0.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:04] - C:\WINDOWS\Installer\2dff5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:11] - C:\WINDOWS\Installer\2dffa.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:16] - C:\WINDOWS\Installer\2dfff.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:20] - C:\WINDOWS\Installer\2e004.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:27] - C:\WINDOWS\Installer\2e009.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:33] - C:\WINDOWS\Installer\2e00e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:37] - C:\WINDOWS\Installer\2e013.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:43] - C:\WINDOWS\Installer\2e018.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:47] - C:\WINDOWS\Installer\2e01d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:52] - C:\WINDOWS\Installer\2e022.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:02:59] - C:\WINDOWS\Installer\2e027.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:03] - C:\WINDOWS\Installer\2e02c.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:10] - C:\WINDOWS\Installer\2e031.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:14] - C:\WINDOWS\Installer\2e036.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:20] - C:\WINDOWS\Installer\2e03b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:26] - C:\WINDOWS\Installer\2e040.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:32] - C:\WINDOWS\Installer\2e045.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:36] - C:\WINDOWS\Installer\2e04a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:03:44] - C:\WINDOWS\Installer\2e04f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:04:11] - C:\WINDOWS\Installer\2e054.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:01:24] - C:\WINDOWS\Installer\2e05a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 10:05:35] - C:\WINDOWS\Installer\2e05f.msi : (AMD Accelerated Parallel Processing SDK - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2013 01:20:47] - C:\WINDOWS\Installer\2e065.msi : (HP Support Assistant - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/06/2012 09:46:42] - C:\WINDOWS\Installer\2e06a.msi : (Blank Project Template - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2013 01:24:47] - C:\WINDOWS\Installer\2e06f.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/07/2012 03:38:58] - C:\WINDOWS\Installer\2e073.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2012 00:03:55] - C:\WINDOWS\Installer\2e081.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/07/2012 23:59:51] - C:\WINDOWS\Installer\2e086.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/07/2016 07:24:13] - [415960] - C:\WINDOWS\Installer\{05B0CF4A-564C-4549-913E-AE3EDA16971A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [30/07/2016 07:24:13] - [415960] - C:\WINDOWS\Installer\{05B0CF4A-564C-4549-913E-AE3EDA16971A}\NewShortcut1_B4EBD3E89A394A41B825BC37C011DD6E.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [30/07/2016 07:24:13] - [415960] - C:\WINDOWS\Installer\{05B0CF4A-564C-4549-913E-AE3EDA16971A}\NewShortcut6_465244A5DB8C4392A3D537510D1DB9FE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [29/07/2016 19:44:21] - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:06] - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe () - () [05/03/2013 01:24:49] - [10134] - C:\WINDOWS\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:00] - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:08] - [88102] - C:\WINDOWS\Installer\{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}\ARPPRODUCTICON.exe () - () [30/07/2016 07:23:10] - [59608] - C:\WINDOWS\Installer\{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 01:37:42] - [300318] - C:\WINDOWS\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe () - () [05/03/2013 01:20:03] - [88102] - C:\WINDOWS\Installer\{104D7F23-A414-EE6D-315E-A07CB75ADEEE}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:48] - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe () - () [30/07/2016 07:22:47] - [59608] - C:\WINDOWS\Installer\{115C1C6A-15A2-48B1-A599-79F1AA1A03F6}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 01:20:02] - [88102] - C:\WINDOWS\Installer\{1A7CF3BE-0D4A-33DF-DFD9-824487726365}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:51] - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:58] - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:04] - [88102] - C:\WINDOWS\Installer\{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:11] - [88102] - C:\WINDOWS\Installer\{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:02] - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe () - () [05/03/2013 01:28:50] - [156903] - C:\WINDOWS\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe () - () [30/07/2016 07:22:12] - [59608] - C:\WINDOWS\Installer\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [29/07/2016 19:44:14] - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe () - () [30/07/2016 07:22:59] - [59608] - C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [30/07/2016 07:23:22] - [59608] - C:\WINDOWS\Installer\{28349A67-1D99-45A6-A1C1-C5B6D1DF937A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 01:37:25] - [101879] - C:\WINDOWS\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:03] - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:16] - [88102] - C:\WINDOWS\Installer\{2E2526C8-51A8-F6EB-8289-6787E880CE27}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:16] - [88102] - C:\WINDOWS\Installer\{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:59] - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:19] - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe () - () [30/07/2016 07:20:48] - [415960] - C:\WINDOWS\Installer\{36036827-FA38-4A74-8333-26BC4EEC9308}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 01:25:52] - [74032] - C:\WINDOWS\Installer\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:23] - [10134] - C:\WINDOWS\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:06] - [88102] - C:\WINDOWS\Installer\{5AD25D5C-C813-146B-4FB0-76561F7875B7}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:09] - [88102] - C:\WINDOWS\Installer\{5B4886EE-5A95-C257-A68F-2DCADE47A273}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:12] - [88102] - C:\WINDOWS\Installer\{5DB58618-7021-C650-EE8A-58CD1FAA95F9}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:01] - [88102] - C:\WINDOWS\Installer\{5F5ACD0C-A454-32A7-E206-EE89B1510128}\ARPPRODUCTICON.exe () - () [05/03/2013 01:19:38] - [88102] - C:\WINDOWS\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\ARPPRODUCTICON.exe () - () [05/03/2013 01:19:38] - [88102] - C:\WINDOWS\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/03/2013 01:19:38] - [88102] - C:\WINDOWS\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/03/2013 01:19:38] - [88102] - C:\WINDOWS\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/03/2013 01:19:38] - [88102] - C:\WINDOWS\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe () - () [29/07/2016 19:43:45] - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:11] - [88102] - C:\WINDOWS\Installer\{67087BB4-19B4-C169-3E52-2BED796D8AB3}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:08] - [88102] - C:\WINDOWS\Installer\{6AE04BB9-A455-16ED-5806-DCFBB14505D6}\ARPPRODUCTICON.exe () - () [30/07/2016 06:14:00] - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe (Copyright (C) SEIKO EPSON CORPORATION 2010-2013.) - (E-Web Print Preview) [05/03/2013 01:24:44] - [53248] - C:\WINDOWS\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe (Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [29/07/2016 19:43:55] - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe () - () [05/03/2013 01:19:59] - [10134] - C:\WINDOWS\Installer\{7474548C-E456-4818-8ED0-4A1F00EF77A1}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:04] - [88102] - C:\WINDOWS\Installer\{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:20] - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:04] - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:00] - [88102] - C:\WINDOWS\Installer\{839D1577-5415-6C89-6642-515DFFE6432F}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:07] - [88102] - C:\WINDOWS\Installer\{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:18] - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:15] - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe () - () [30/07/2016 06:11:53] - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe (Copyright (C) 2011) - (EProjManager Application) [29/07/2016 19:44:11] - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:13] - [88102] - C:\WINDOWS\Installer\{A666A6E7-3A51-E289-559B-BF3486036ABF}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:17] - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe () - () [05/03/2013 01:19:36] - [88102] - C:\WINDOWS\Installer\{ABA39912-380C-0EF3-C820-868115EB1DAC}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:03] - [88102] - C:\WINDOWS\Installer\{AC7A441A-353F-75F6-6ABA-3BF98161B530}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:50] - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:05] - [88102] - C:\WINDOWS\Installer\{B6480ED1-448E-813B-4FE0-BED811D1C01F}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:13] - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:00] - [88102] - C:\WINDOWS\Installer\{BDBF9803-B57C-AB2A-8830-CBED34703840}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:09] - [88102] - C:\WINDOWS\Installer\{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:05] - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:53] - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe () - () [05/03/2013 01:29:54] - [79345] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:09] - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:06] - [88102] - C:\WINDOWS\Installer\{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}\ARPPRODUCTICON.exe () - () [05/03/2013 01:43:25] - [297086] - C:\WINDOWS\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:24] - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe () - () [29/07/2016 19:44:12] - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:20] - [88102] - C:\WINDOWS\Installer\{E8406BA9-5D47-4A62-08C3-759EA677229A}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:14] - [88102] - C:\WINDOWS\Installer\{F193812F-83C0-3CED-1EDE-BE2525267303}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:13] - [88102] - C:\WINDOWS\Installer\{F754BC24-2C04-F76E-C403-0175F0954560}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:57] - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe () - () [29/07/2016 19:43:54] - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe () - () [05/03/2013 01:20:10] - [88102] - C:\WINDOWS\Installer\{FC62C740-2339-618C-467B-36CE6D409E5F}\ARPPRODUCTICON.exe () - () [05/03/2013 01:23:32] - [98304] - C:\WINDOWS\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\ARPPRODUCTICON_IObitDel.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 01:23:32] - [98304] - C:\WINDOWS\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\HPSF.exe2_2EBA634C3DB04BEC8765F065A06AB6AA_IObitDel.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 01:23:32] - [98304] - C:\WINDOWS\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770_IObitDel.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) ---------- | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\WINDOWS\System32\ieuinit.inf [26/10/2012 16:42:24] - [29494] - C:\WINDOWS\System32\lvcoin64.ini [29/07/2016 19:01:29] - [2049398] - C:\WINDOWS\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\WINDOWS\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\WINDOWS\System32\WimBootCompress.ini [30/10/2015 09:19:39] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [29/07/2016 19:01:20] - [1956472] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [30/10/2015 09:18:25] - [2269] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | [Administrateur] [27/04/2016 07:43:26] - |HD| - [128750435] - C:\Users\Administrateur\AppData [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Application Data [27/04/2016 07:50:35] - |RD| - [412] - C:\Users\Administrateur\Contacts [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Cookies [27/04/2016 07:43:26] - |RD| - [282] - C:\Users\Administrateur\Desktop [27/04/2016 07:43:26] - |RD| - [402] - C:\Users\Administrateur\Documents [27/04/2016 07:43:26] - |RD| - [282] - C:\Users\Administrateur\Downloads [27/04/2016 07:43:26] - |RD| - [690] - C:\Users\Administrateur\Favorites [27/04/2016 07:43:26] - |RD| - [2015] - C:\Users\Administrateur\Links [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Local Settings [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Menu Démarrer [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Mes documents [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Modèles [27/04/2016 07:43:26] - |RD| - [504] - C:\Users\Administrateur\Music [27/04/2016 07:43:26] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT [27/04/2016 07:43:26] - |ASH| - [0] - C:\Users\Administrateur\ntuser.dat.LOG1 [27/04/2016 07:43:26] - |ASH| - [185344] - C:\Users\Administrateur\ntuser.dat.LOG2 [27/04/2016 07:43:26] - |ASH| - [65536] - C:\Users\Administrateur\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TM.blf [27/04/2016 07:43:26] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TMContainer00000000000000000001.regtrans-ms [27/04/2016 07:43:26] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TMContainer00000000000000000002.regtrans-ms [27/04/2016 07:43:26] - |ASH| - [20] - C:\Users\Administrateur\ntuser.ini [27/04/2016 07:51:45] - |RD| - [105] - C:\Users\Administrateur\OneDrive [27/04/2016 07:43:26] - |RD| - [504] - C:\Users\Administrateur\Pictures [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Recent [27/04/2016 07:43:26] - |RD| - [282] - C:\Users\Administrateur\Saved Games [27/04/2016 07:50:36] - |RD| - [1872] - C:\Users\Administrateur\Searches [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\SendTo [27/04/2016 07:43:26] - |RD| - [504] - C:\Users\Administrateur\Videos [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Voisinage d'impression [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\Voisinage réseau [27/04/2016 07:50:34] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe [27/04/2016 07:43:26] - |SD| - [135931] - C:\Users\Administrateur\AppData\Roaming\Microsoft [27/04/2016 07:45:51] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Application Data [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Historique [27/04/2016 07:53:08] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db [27/04/2016 07:43:26] - |D| - [114026756] - C:\Users\Administrateur\AppData\Local\Microsoft [27/04/2016 07:43:33] - |D| - [3500604] - C:\Users\Administrateur\AppData\Local\Packages [27/04/2016 07:43:26] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files [27/04/2016 07:43:32] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer [27/04/2016 07:50:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [27/04/2016 07:43:26] - |SHD| - [0] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [27/04/2016 07:43:26] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/04/2016 07:43:26] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [27/04/2016 07:43:26] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [27/04/2016 07:50:36] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/04/2016 07:50:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [27/04/2016 07:43:26] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [27/04/2016 07:51:46] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [27/04/2016 07:50:36] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [27/04/2016 07:43:26] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [27/04/2016 07:43:26] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [27/04/2016 07:50:36] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Jean-Marie] [29/07/2016 19:02:20] - |HD| - [477743439] - C:\Users\Jean-Marie\AppData [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Application Data [29/07/2016 14:06:56] - |RD| - [412] - C:\Users\Jean-Marie\Contacts [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Cookies [29/07/2016 14:01:57] - |RD| - [407941648] - C:\Users\Jean-Marie\Desktop [29/07/2016 14:01:56] - |RD| - [206242854] - C:\Users\Jean-Marie\Documents [29/07/2016 14:01:56] - |RD| - [298] - C:\Users\Jean-Marie\Downloads [29/07/2016 14:01:56] - |RD| - [2194] - C:\Users\Jean-Marie\Favorites [29/07/2016 14:01:56] - |RD| - [2536] - C:\Users\Jean-Marie\Links [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Local Settings [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Menu Démarrer [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Mes documents [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Modèles [29/07/2016 14:01:56] - |RD| - [504] - C:\Users\Jean-Marie\Music [29/07/2016 19:02:19] - |ASH| - [1048576] - C:\Users\Jean-Marie\NTUSER.DAT [29/07/2016 19:02:20] - |ASH| - [393216] - C:\Users\Jean-Marie\ntuser.dat.LOG1 [29/07/2016 19:02:20] - |ASH| - [90112] - C:\Users\Jean-Marie\ntuser.dat.LOG2 [29/07/2016 19:02:20] - |ASH| - [65536] - C:\Users\Jean-Marie\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TM.blf [29/07/2016 19:02:20] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TMContainer00000000000000000001.regtrans-ms [29/07/2016 19:02:20] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{404b0371-0bf7-11e6-9eee-c7f85b4f6d8d}.TMContainer00000000000000000002.regtrans-ms [29/07/2016 19:21:15] - |SH| - [20] - C:\Users\Jean-Marie\ntuser.ini [29/07/2016 19:31:46] - |RD| - [101] - C:\Users\Jean-Marie\OneDrive [29/07/2016 14:01:56] - |RD| - [884] - C:\Users\Jean-Marie\Pictures [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Recent [29/07/2016 14:01:56] - |RD| - [282] - C:\Users\Jean-Marie\Saved Games [29/07/2016 14:06:56] - |RD| - [1872] - C:\Users\Jean-Marie\Searches [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\SendTo [30/07/2016 08:11:57] - |A| - [0] - C:\Users\Jean-Marie\Sti_Trace.log [29/07/2016 14:00:26] - |RD| - [504] - C:\Users\Jean-Marie\Videos [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Voisinage d'impression [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\Voisinage réseau [29/07/2016 14:06:48] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Adobe [29/07/2016 14:08:44] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\ATI [30/07/2016 06:12:19] - |D| - [6777] - C:\Users\Jean-Marie\AppData\Roaming\Epson [29/07/2016 14:03:27] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Hewlett-Packard [30/07/2016 07:28:12] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Lavasoft [30/07/2016 07:24:40] - |D| - [737] - C:\Users\Jean-Marie\AppData\Roaming\LavasoftStatistics [29/07/2016 19:02:20] - |SD| - [678489] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft [29/07/2016 14:18:55] - |D| - [2425747] - C:\Users\Jean-Marie\AppData\Roaming\ZHP [29/07/2016 19:23:18] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\ActiveSync [30/07/2016 08:12:41] - |D| - [2] - C:\Users\Jean-Marie\AppData\Local\AMD [29/07/2016 17:19:44] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\AntiLogger Free [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\Application Data [29/07/2016 14:08:44] - |D| - [68104] - C:\Users\Jean-Marie\AppData\Local\ATI [29/07/2016 19:22:31] - |D| - [18882580] - C:\Users\Jean-Marie\AppData\Local\Comms [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\Historique [30/07/2016 18:57:40] - |AH| - [11640] - C:\Users\Jean-Marie\AppData\Local\IconCache.db [29/07/2016 19:02:20] - |D| - [168104575] - C:\Users\Jean-Marie\AppData\Local\Microsoft [30/07/2016 06:15:50] - |D| - [87469] - C:\Users\Jean-Marie\AppData\Local\MicrosoftEdge [29/07/2016 14:02:31] - |D| - [59039650] - C:\Users\Jean-Marie\AppData\Local\Packages [29/07/2016 14:07:40] - |D| - [40960] - C:\Users\Jean-Marie\AppData\Local\Power2Go8 [29/07/2016 17:15:30] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Programs [29/07/2016 19:27:22] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Publishers [29/07/2016 19:02:20] - |D| - [209695624] - C:\Users\Jean-Marie\AppData\Local\Temp [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\Temporary Internet Files [29/07/2016 19:21:24] - |D| - [11542528] - C:\Users\Jean-Marie\AppData\Local\TileDataLayer [29/07/2016 14:02:39] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\VirtualStore [29/07/2016 17:12:46] - |D| - [82] - C:\Users\Jean-Marie\AppData\Local\Wondershare [29/07/2016 17:19:44] - |D| - [6949536] - C:\Users\Jean-Marie\AppData\Local\Zemana [29/07/2016 14:06:56] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [29/07/2016 19:02:20] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [29/07/2016 19:02:20] - |RD| - [22532] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [29/07/2016 19:02:20] - |RD| - [3888] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [29/07/2016 19:02:20] - |RD| - [2927] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [29/07/2016 14:06:56] - |RD| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/07/2016 19:21:39] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [29/07/2016 19:02:20] - |D| - [170] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [29/07/2016 19:31:46] - |A| - [2469] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [29/07/2016 14:06:56] - |RD| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [29/07/2016 19:02:20] - |RD| - [5318] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [29/07/2016 19:02:20] - |RSD| - [7238] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [29/07/2016 14:06:56] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [27/04/2016 07:50:35] - |RHD| - [196] - C:\Users\Public\AccountPictures [26/07/2012 10:12:59] - |RHD| - [8375] - C:\Users\Public\Desktop [30/10/2015 09:24:29] - |ASH| - [174] - C:\Users\Public\desktop.ini [26/07/2012 10:12:59] - |RD| - [164576846] - C:\Users\Public\Documents [26/07/2012 10:12:59] - |RD| - [174] - C:\Users\Public\Downloads [30/10/2015 09:24:24] - |RHD| - [1135] - C:\Users\Public\Libraries [26/07/2012 10:12:59] - |RD| - [380] - C:\Users\Public\Music [26/07/2012 10:12:59] - |RD| - [380] - C:\Users\Public\Pictures [05/03/2013 01:49:07] - |D| - [10362] - C:\Users\Public\Symantec [26/07/2012 10:12:59] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [29/07/2016 19:44:26] - |D| - [0] - C:\ProgramData\AMD [05/03/2013 01:35:50] - |D| - [0] - C:\ProgramData\Apple [29/07/2016 19:18:05] - |SHD| - [23549559850] - C:\ProgramData\Application Data [29/07/2016 17:17:41] - |D| - [157574] - C:\ProgramData\Ashampoo [30/07/2016 08:11:54] - |D| - [186] - C:\ProgramData\ATI [30/07/2016 07:32:53] - |D| - [0] - C:\ProgramData\BitDefender [29/07/2016 11:22:07] - |SHD| - [8375] - C:\ProgramData\Bureau [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\Comms [05/03/2013 01:28:53] - |D| - [275365] - C:\ProgramData\CyberLink [29/07/2016 19:18:04] - |SHD| - [164576846] - C:\ProgramData\Documents [29/07/2016 19:32:12] - |D| - [10668251] - C:\ProgramData\EPSON [05/03/2013 01:17:19] - |D| - [91122811] - C:\ProgramData\Hewlett-Packard [05/03/2013 01:28:11] - |D| - [76833] - C:\ProgramData\install_clap [30/07/2016 07:20:22] - |D| - [295530297] - C:\ProgramData\Lavasoft [29/07/2016 11:22:07] - |SHD| - [136745] - C:\ProgramData\Menu Démarrer [30/10/2015 09:24:24] - |SD| - [1138722553] - C:\ProgramData\Microsoft [27/04/2016 07:50:56] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [05/03/2013 01:45:17] - |D| - [0] - C:\ProgramData\Microsoft SkyDrive [29/07/2016 11:22:07] - |SHD| - [0] - C:\ProgramData\Modèles [05/03/2013 01:48:08] - |D| - [1305397] - C:\ProgramData\Norton [05/03/2013 01:47:28] - |D| - [20910534] - C:\ProgramData\NortonInstaller [29/07/2016 19:43:23] - |D| - [14060333] - C:\ProgramData\Package Cache [01/08/2012 19:06:12] - |D| - [24792] - C:\ProgramData\PRICache [29/07/2016 20:33:29] - |D| - [27114522] - C:\ProgramData\Recovery [30/10/2015 09:24:24] - |D| - [1000] - C:\ProgramData\regid.1991-06.com.microsoft [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\SoftwareDistribution [30/07/2016 06:14:51] - |D| - [645] - C:\ProgramData\Sony Corporation [05/03/2013 01:25:25] - |D| - [1508070] - C:\ProgramData\Temp [30/07/2016 06:15:00] - |D| - [4680] - C:\ProgramData\UDL [30/10/2015 09:24:24] - |D| - [5601] - C:\ProgramData\USOPrivate [27/04/2016 07:44:18] - |D| - [466944] - C:\ProgramData\USOShared [05/03/2013 01:30:04] - |D| - [2486085] - C:\ProgramData\WildTangent [29/07/2016 17:14:19] - |D| - [0] - C:\ProgramData\Wondershare [29/07/2016 17:11:11] - |D| - [492748580] - C:\ProgramData\Wondershare Video Editor [05/03/2013 01:20:47] - |D| - [46414838] - C:\ProgramData\{AFF99647-6D64-46F2-934A-F12F468037F6} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [29/07/2016 11:22:07] - |SHD| - [136571] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [30/10/2015 09:24:24] - |RD| - [136571] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [30/10/2015 09:24:24] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [30/10/2015 09:24:24] - |RD| - [15666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [30/10/2015 09:24:24] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/07/2016 19:44:51] - |D| - [4373] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [29/07/2016 17:17:50] - |D| - [2635] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [29/07/2016 19:35:37] - |D| - [1608] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau [30/10/2015 09:24:28] - |ASH| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |RAS| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [30/07/2016 06:13:32] - |D| - [2051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [30/07/2016 06:02:37] - |D| - [7064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [05/03/2013 01:30:09] - |RD| - [12468] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [05/03/2013 01:23:32] - |RD| - [9405] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [30/10/2015 09:19:28] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [30/07/2016 07:24:10] - |D| - [3619] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft [30/10/2015 09:24:24] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [30/10/2015 09:17:57] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [05/03/2013 01:46:34] - |A| - [1308] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [05/03/2013 01:28:52] - |RD| - [6033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos [05/03/2013 01:46:30] - |A| - [1377] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [30/10/2015 09:19:28] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [05/03/2013 01:29:57] - |RD| - [7612] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [30/10/2015 09:18:07] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [05/03/2013 01:25:55] - |RD| - [4633] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection [29/07/2016 14:06:12] - |RD| - [2292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services [30/10/2015 09:24:24] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [30/10/2015 09:24:24] - |RD| - [4033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [27/04/2016 07:29:00] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [29/07/2016 19:08:34] - |A| - [1519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [29/07/2016 17:17:11] - |D| - [1227] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer [29/07/2016 17:15:37] - |D| - [1207] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Downloader [29/07/2016 17:12:36] - |D| - [6956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [29/07/2016 17:19:52] - |D| - [3438] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free [29/07/2016 17:20:40] - |D| - [1056] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [05/03/2013 01:20:22] - |AD| - [2249244] - C:\Program Files (x86)\AMD APP [29/07/2016 17:17:37] - |D| - [101010959] - C:\Program Files (x86)\Ashampoo [05/03/2013 01:19:36] - |AD| - [110174970] - C:\Program Files (x86)\ATI Technologies [30/10/2015 08:28:30] - |D| - [160850258] - C:\Program Files (x86)\Common Files [05/03/2013 01:28:38] - |D| - [1006144052] - C:\Program Files (x86)\CyberLink [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [30/07/2016 06:11:35] - |D| - [2947568] - C:\Program Files (x86)\EPSON [30/07/2016 06:02:36] - |D| - [233871446] - C:\Program Files (x86)\EPSON Software [05/03/2013 01:14:24] - |D| - [87778327] - C:\Program Files (x86)\Hewlett-Packard [05/03/2013 01:30:13] - |D| - [23862871] - C:\Program Files (x86)\HP Games [05/03/2013 01:18:18] - |HD| - [136755833] - C:\Program Files (x86)\InstallShield Installation Information [30/10/2015 09:24:24] - |D| - [2156726] - C:\Program Files (x86)\Internet Explorer [29/07/2016 17:19:52] - |D| - [197482] - C:\Program Files (x86)\KeyCryptSDK [29/07/2016 19:35:13] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [05/03/2013 01:45:48] - |D| - [5563840] - C:\Program Files (x86)\Microsoft SkyDrive [05/03/2013 01:46:24] - |AD| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [30/10/2015 09:24:24] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [29/07/2016 19:44:59] - |D| - [25757] - C:\Program Files (x86)\MSBuild [05/03/2013 01:48:08] - |D| - [19501304] - C:\Program Files (x86)\Norton Internet Security [05/03/2013 01:30:04] - |RD| - [1614137] - C:\Program Files (x86)\Online Services [05/03/2013 01:18:18] - |D| - [48454551] - C:\Program Files (x86)\Realtek [29/07/2016 19:44:59] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [05/03/2013 01:49:07] - |D| - [2562624] - C:\Program Files (x86)\SymSilent [05/03/2013 01:18:18] - |HD| - [0] - C:\Program Files (x86)\Temp [30/10/2015 09:24:24] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [05/03/2013 01:46:07] - |AD| - [90972365] - C:\Program Files (x86)\Windows Live [30/10/2015 09:24:24] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [30/10/2015 09:24:24] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [30/10/2015 09:24:24] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [30/10/2015 09:24:24] - |SD| - [2685232] - C:\Program Files (x86)\WindowsPowerShell [29/07/2016 17:15:36] - |D| - [8010179] - C:\Program Files (x86)\Wise [29/07/2016 17:15:42] - |D| - [0] - C:\Program Files (x86)\Wondershare [29/07/2016 17:19:51] - |AD| - [10323227] - C:\Program Files (x86)\Zemana AntiLogger Free [29/07/2016 17:20:17] - |AD| - [16306803] - C:\Program Files (x86)\Zemana AntiMalware ---------- | C:\Program Files [29/07/2016 19:41:33] - |D| - [96636696] - C:\Program Files\AMD [05/03/2013 01:19:37] - |D| - [27488048] - C:\Program Files\ATI [29/07/2016 19:44:23] - |AD| - [5595872] - C:\Program Files\ATI Technologies [30/10/2015 08:28:30] - |D| - [98498953] - C:\Program Files\Common Files [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files\desktop.ini [29/07/2016 11:22:07] - |SHD| - [98498953] - C:\Program Files\Fichiers communs [05/03/2013 01:14:23] - |D| - [3855844] - C:\Program Files\Hewlett-Packard [30/10/2015 09:24:24] - |D| - [2778005] - C:\Program Files\Internet Explorer [30/07/2016 07:22:04] - |D| - [577555804] - C:\Program Files\Lavasoft [29/07/2016 19:44:59] - |D| - [25757] - C:\Program Files\MSBuild [05/03/2013 01:43:57] - |RD| - [600796] - C:\Program Files\Online Services [29/07/2016 18:57:04] - |D| - [31620520] - C:\Program Files\Realtek [29/07/2016 19:44:59] - |D| - [36850857] - C:\Program Files\Reference Assemblies [27/04/2016 07:43:31] - |HD| - [0] - C:\Program Files\Uninstall Information [30/10/2015 09:24:24] - |D| - [11400666] - C:\Program Files\Windows Defender [27/04/2016 07:29:00] - |D| - [8974456] - C:\Program Files\Windows Journal [30/10/2015 09:24:24] - |D| - [6322176] - C:\Program Files\Windows Mail [30/10/2015 09:24:24] - |D| - [5394547] - C:\Program Files\Windows Media Player [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7862330] - C:\Program Files\Windows NT [30/10/2015 09:24:24] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files\Windows Sidebar [30/10/2015 09:24:24] - |HD| - [1185781650] - C:\Program Files\WindowsApps [30/10/2015 09:24:24] - |SD| - [2856133] - C:\Program Files\WindowsPowerShell [29/07/2016 17:11:11] - |D| - [311706810] - C:\Program Files\Wondershare ---------- | C:\Program Files (x86)\Common Files [05/03/2013 01:37:28] - |D| - [94320] - C:\Program Files (x86)\Common Files\CyberLink [05/03/2013 01:18:12] - |D| - [2106564] - C:\Program Files (x86)\Common Files\InstallShield [29/07/2016 18:58:30] - |D| - [337630] - C:\Program Files (x86)\Common Files\logishrd [30/10/2015 09:24:24] - |D| - [16051105] - C:\Program Files (x86)\Common Files\Microsoft Shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [30/10/2015 09:24:24] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System [05/03/2013 01:45:06] - |D| - [125659747] - C:\Program Files (x86)\Common Files\Windows Live [29/07/2016 17:12:44] - |D| - [6921507] - C:\Program Files (x86)\Common Files\Wondershare ---------- | C:\Program Files\Common files [05/03/2013 01:09:47] - |D| - [0] - C:\Program Files\Common files\ATI Technologies [29/07/2016 19:33:23] - |D| - [152640] - C:\Program Files\Common files\EPSON [30/07/2016 07:20:45] - |D| - [44830754] - C:\Program Files\Common files\Lavasoft [29/07/2016 18:58:23] - |D| - [1022022] - C:\Program Files\Common files\logishrd [30/10/2015 09:24:24] - |D| - [41985224] - C:\Program Files\Common files\microsoft shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files\Common files\Services [30/10/2015 09:24:24] - |D| - [10505611] - C:\Program Files\Common files\System ---------- | Tasks [MD5.1ABA18457E36BCCF76F6B175C45CA342] - [30/07/2016 19:00:58] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [MD5.88D69AD832C1D488A31E9D804E061448] - [29/07/2016 19:33:25] - |A| - [761] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {DE5FE077-1DAB-4165-BCFA-7B3FDE7438E1}.job [MD5.1F01271A91D41EDF5BC1D8CEDE1E271C] - [29/07/2016 19:33:24] - |A| - [947] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {DE5FE077-1DAB-4165-BCFA-7B3FDE7438E1}.job [MD5.708EA029F398E51E2AEBBD0AD5E5CA73] - [27/04/2016 07:43:15] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.40982A5D59954B967AA3212F5923D0C5] - [30/07/2016 10:30:32] - |A| - [4008] - C:\WINDOWS\System32\Tasks\Ashampoo Privacy Protector 2015 Weekly Security Scan : C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector 2015\PrivacyProtector2015.exe [MD5.447B4270C73291B71FF06F00865DA0E3] - [29/07/2016 17:18:53] - |A| - [2772] - C:\WINDOWS\System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan : C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe [MD5.DD59FB05977D9CD5EA80FE52933C325C] - [29/07/2016 19:33:25] - |A| - [3966] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {DE5FE077-1DAB-4165-BCFA-7B3FDE7438E1} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.035AB44BA4B3CE4840692487954D4055] - [29/07/2016 19:33:24] - |A| - [4144] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {DE5FE077-1DAB-4165-BCFA-7B3FDE7438E1} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.00000000000000000000000000000000] - [05/03/2013 01:24:20] - |D| - [9218] - C:\WINDOWS\System32\Tasks\Hewlett-Packard [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [493660] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.75AF20D7A0381C84ED6896DC77B12041] - [29/07/2016 14:15:17] - |A| - [2808] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-333624727-3628993747-300940260-1001 : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.00000000000000000000000000000000] - [29/07/2016 14:07:27] - |D| - [3758] - C:\WINDOWS\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "{629348E5-CDC8-4292-A55A-DAD5C073A069}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{5A07F8F0-955F-41D3-B41C-79D22E3819EE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{19E2A71E-EBEF-4CBA-B436-D5DAEFA86D2A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{4EB9BBDD-83BC-417B-B3B5-4D359A2B3C6A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{6DF546D6-13B7-49E3-905D-4085106A6941}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{B8E0DBED-B67B-48FA-9B6A-EF831417E300}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{69A97E02-59FD-4B31-8CE4-1F782FFD8BD1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C11F23A4-E612-4A92-B0CB-EF189E94F9BE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{450BE8AE-0C01-44D7-AD1B-861F5E647148}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{DB1064A4-2825-4B1C-B215-7E08C38DC2F6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{09B000D0-7580-4EC2-A155-E59399F5D0AF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{31261360-34F0-41C6-98D6-30332DCF692A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{E750CCAC-6146-4D54-BCCA-0E162E42B966}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{731CB1ED-9F8D-400A-80AB-FA5ADF8A74CF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A269953B-88E2-4968-9B2E-C9B4DA28D2B7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{26FC50B4-CB17-44C8-93F7-8F1C6E63C5BD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{1EA5358A-1A66-456F-A605-7381197C5572}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DD42B476-E606-4D97-BED6-1D2F7C3AD43D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{8CA78F31-F83A-430E-AF55-21D92EE34BC2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{86BF0ED6-88D4-470E-BC70-A8B944E9A86B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D8BE1351-722D-446D-B30B-18041C5855BA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-333624727-3628993747-300940260-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{27E8F599-151D-445D-82BF-FE93E84F494B}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Jean-Marie\AppData\Local\Temp\7zSB52C.tmp\SymNRT.exe|Name=Norton Removal Tool| "{1F6657B0-5859-43A3-A1AD-B9BA5C0E79A8}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Jean-Marie\AppData\Local\Temp\7zSB52C.tmp\SymNRT.exe|Name=Norton Removal Tool| "{671AE137-3655-4619-8CBD-1BD81200AD57}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{D6E833CF-0421-4571-9A10-383436754E3C}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{BD01E8EF-D2BE-44EF-978D-ABFA0F8CF8E5}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{618138FE-8DB2-4E09-8215-2C87E6D8169A}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe|Name=Microsoft SkyDrive| "{5FCA5AF1-8CB5-40DC-9489-93BACEE128DB}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE|Name=CyberLink PowerDVD 10.0|Desc=CyberLink PowerDVD 10.0| "{FF187569-0167-4E8A-A092-08023B231A5B}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Bonjour Service| "{4B07539D-4D04-4B2F-BAE4-D88610C648B4}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Bonjour Service| "{C5B62B61-5218-4C9B-9939-8B1B7619E45B}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Bonjour Service| "{30A328EA-A9F1-4991-A8A7-ECFAC2870676}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Bonjour Service| "{E7985E1D-C36F-4787-80A8-6350D07E9266}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{808F1451-4108-46FD-ADBB-F17324B5F0BD}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{0293B3E9-6179-4747-A569-6EF9402A71AF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{A016169A-B438-4752-9655-7B536DEA12CB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{842BFACA-7EE5-4BD3-BCB6-E588119088CE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{B163B3C0-EB32-4487-8814-10FB82C877E1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{E5C7C3ED-6596-48FA-A498-68E432EEA208}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{C99360ED-3731-49DD-9738-9A249E6EF785}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{5DFCC4E9-6584-41E7-BA00-DBD4930778C4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C7870372-7EA9-4357-8D3B-BFD986E141BD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D26BF024-40CC-4200-83BF-5205AB1781D5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{9A2DDAD3-9FA4-4744-A65B-57DB4C9AD5A3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{9A8B4FE6-7CB0-4ACB-B1AF-213FDD80D692}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{EBF0708D-1F1C-438C-A0C7-AD5A6F151C77}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{371ADF03-4C25-4C64-8DD6-AE59F62A076C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{4B10F523-DEFF-4AFE-8E07-A4389C888650}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{9F779320-9CE7-470B-8216-B258E197E638}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{AC337BFD-270F-4C95-BC12-8207B55B7A24}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{6704C8FD-39FC-4686-9513-03D238A0F59A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{050A4015-9EF3-4C27-B6BC-FBD00DCADD09}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{BD664548-7149-46F2-A0F9-0AC78DD483BC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{452FB5F1-BA0F-45D1-A7CD-11F0C4FE8A11}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5E919D50-93D0-41B1-8689-DBF0FC92A01E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{041051E4-EEC6-4EFB-9D16-E09579BD07BA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{DD2E4240-2D58-4F35-87BD-C9B624236E09}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{66D5481A-3423-4F9C-9681-6001F05FEBF3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{41C530A0-F6E7-4E98-9E19-FB2514E7507E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=eBay|Desc=eBay|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3057257296-3828382797-3810074314-1216619655-2489216617-4232069503-3218356943|EmbedCtxt=eBay|Platform=2:6:2|Platform2=GTEQ| "{51289328-A160-4B21-8DCE-B9270E052A8F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Kindle|Desc=KindleMetroApp|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3914994936-2000556978-535238140-3661956287-2904456864-4241685056-2997331440|EmbedCtxt=Kindle|Platform=2:6:2|Platform2=GTEQ| "{C6C6ED72-AA73-498B-9FDC-6B505B1C1D1B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Desc=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1896734660-1176741147-3560790752-1583426572-2102545463-3029068088-1728687620|EmbedCtxt=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Platform=2:6:2|Platform2=GTEQ| "{22DB3A2C-281D-4697-B7E5-6D3B9F97B7DE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Desc=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1896734660-1176741147-3560790752-1583426572-2102545463-3029068088-1728687620|EmbedCtxt=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Platform=2:6:2|Platform2=GTEQ| "{516D3604-CA76-4E27-803F-05D9B08AC641}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP Registration|Desc=HP_Registration|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2378861296-2015544789-3629328051-2316572820-2405720470-604034908-561769599|EmbedCtxt=HP Registration|Platform=2:6:2|Platform2=GTEQ| "{BDD3DC66-4D98-40D8-B1B7-0A0A2C4BBCB8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Norton Studio|Desc=Norton Studio|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3342756179-808701018-336801113-2653072947-1322651050-3274280541-3025550173|EmbedCtxt=Norton Studio|Platform=2:6:2|Platform2=GTEQ| "{88827E95-978F-44CF-A1F2-4C91ED60776F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Desc=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/AppDescription}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544|EmbedCtxt=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{6A4FF67F-9EB0-4A39-A6D9-80FCF3185295}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{0569B8BE-FB7E-4352-B6BF-EF5A775A4C7C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{48796170-1F44-4132-AE1D-BE1F300DC27B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{066379F2-30B9-47B1-8B98-0B4C1C5E2A55}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8826D6A5-92AD-4F08-A2E7-1F255C0BB3B0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Snapfish|Desc=Snapfish|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-24713430-3312609791-1953074073-2220766950-192704244-1768595957-3502366569|EmbedCtxt=Snapfish|Platform=2:6:2|Platform2=GTEQ| "{B8E18541-B4C1-44FF-A45D-666A7BE496BB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{A493C5BE-3C1A-4BF2-B15C-614B8BDDC382}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{CD01F076-2151-417F-9377-E8E795FB236B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{6ABCA35E-1F30-458F-B75E-A6D7CD4A489F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{FF0DD504-E3FB-4366-8217-69879A01E501}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{5806FD15-E233-4178-8EB6-6FA074694035}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{6FFF335B-6D6B-4301-968F-F403F14D2272}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{FD2D3C4C-AD23-425F-9E14-9B9F0A55434F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{21438730-2744-4351-BBF2-753FEF68BF0E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{C8EB05D6-74FA-4D2B-BFEC-2C384359A2DC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{3FF269B6-40DE-44F3-BB6E-FB98A2664E8F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{6F472748-4D61-4FFA-9DB8-BA0B8BB1C5D0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A3A2C791-6871-4382-8E6D-DB6249EC42EE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{5E49E52E-A1AC-4CE8-8E69-A8DA19054F69}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{955F159D-8C88-4F9B-9F47-1E64FF9A6804}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{88AFA384-960D-4459-B4FE-1695F4E41641}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{B800EE9C-2A2A-44CA-B049-F57309721762}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{E7BF0D08-54A1-4FCA-850F-DCAD96CB2EEE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{54572CE1-2602-4CA2-97C9-E238E142A4F8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{AEEA4003-6FFA-43EC-BB24-76AB7A8A5D30}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{9DA48FEA-77C6-42CD-9A74-8290E896E138}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{EF77647D-DD7B-429D-B0DD-21DE4C6ABBAA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{114B74E3-E090-4D13-9B54-F5A19E88D000}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1A36D25A-534B-40EA-95A5-D689B25E9772}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{A7F5F14D-8A4C-4726-935B-1973C880B149}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{62F8E251-3374-43B8-99A2-D3409E890C93}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{7DC623CA-01D3-4FEA-A1BD-4CE405EECB7F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{278BE797-1799-4D68-9431-DAF818AFACBF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{2EC55E3E-B90E-4FCC-A1BD-28BCDEFCC52D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-333624727-3628993747-300940260-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{DB125480-27BB-4C4E-B613-3E30D19C3542}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{08CF08DD-CB03-42BC-BAE3-2A4293210E59}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe"=C:\Users\Jean-Marie\Desktop\quickdiag_2_28.07.2016.1.exe:*:Enabled:quickdiag_2_28.07.2016.1 ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem11.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{B95B836B-234E-4857-A1F8-D0D9A9BEC1C5}] : (vmbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [30/10/2015 09:17:23] - (10.6.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver) - C:\WINDOWS\System32\drivers\nvraid.sys [30/10/2015 09:17:22] - (7.12.2.3) - (QLogic Corporation - QLogic 10 GigE VBD) - C:\WINDOWS\System32\drivers\evbda.sys [30/10/2015 09:17:22] - (5.1.0.51) - (LSI - LSI 3ware SCSI Storport Driver) - C:\WINDOWS\System32\drivers\3ware.sys [30/10/2015 09:17:22] - (3.7.1540.43) - (AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform) - C:\WINDOWS\System32\drivers\amdsbs.sys [30/10/2015 09:17:22] - (7.5.0.32048) - (PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver) - C:\WINDOWS\System32\drivers\arcsas.sys [30/10/2015 09:17:23] - (1.34.3.83) - (LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas.sys [30/10/2015 09:17:23] - (2.0.76.80) - (LSI Corporation - LSI SAS Gen2 Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys [30/10/2015 09:17:23] - (2.50.96.80) - (Avago Technologies - Avago SAS Gen3 Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys [30/10/2015 09:17:23] - (2.10.61.81) - (LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort)) - C:\WINDOWS\System32\drivers\lsi_sss.sys [30/10/2015 09:17:23] - (6.706.6.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\megasas.sys [30/10/2015 09:17:23] - (15.2.2013.129) - (LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver) - C:\WINDOWS\System32\drivers\megasr.sys [30/10/2015 09:17:23] - (1.0.5.1016) - (Marvell Semiconductor, Inc. - Marvell Flash Controller Driver) - C:\WINDOWS\System32\drivers\mvumis.sys [30/10/2015 09:17:23] - (10.6.0.23) - (NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver) - C:\WINDOWS\System32\drivers\nvstor.sys [30/10/2015 09:17:23] - (6.803.21.0) - (LSI Corporation - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\percsas2i.sys [30/10/2015 09:17:23] - (6.602.12.0) - (Avago Technologies - MEGASAS RAID Controller Driver for Windows) - C:\WINDOWS\System32\drivers\percsas3i.sys [30/10/2015 09:17:23] - (5.1.1039.2600) - (Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver) - C:\WINDOWS\System32\drivers\SiSRaid2.sys [30/10/2015 09:17:23] - (5.1.1039.3600) - (Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver) - C:\WINDOWS\System32\drivers\sisraid4.sys [30/10/2015 09:17:23] - (7.0.9600.6352) - (VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64) - C:\WINDOWS\System32\drivers\vsmraid.sys [30/10/2015 09:17:23] - (5.1.0.10) - (Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64) - C:\WINDOWS\System32\drivers\stexstor.sys [30/10/2015 09:17:23] - (8.0.9200.8110) - (VIA Corporation - VIA StorX RAID Controller Driver) - C:\WINDOWS\System32\drivers\vstxraid.sys [30/10/2015 09:17:22] - (1.3.0.10769) - (PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller) - C:\WINDOWS\System32\drivers\ADP80XX.SYS [30/10/2015 09:17:22] - (8.0.4.0) - (Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver) - C:\WINDOWS\System32\drivers\HpSAMD.sys [16/02/2016 16:52:38] - (7.0.0.12) - (BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver) - C:\WINDOWS\system32\DRIVERS\bdfndisf6.sys [16/02/2016 16:52:38] - (7.0.0.8) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys [30/10/2015 09:17:23] - (2.1.0.16) - (Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller) - C:\WINDOWS\System32\drivers\L1C63x64.sys [05/01/2016 13:45:28] - (3.11.12293.6311) - (BitDefender - BitDefender AntiVirus Active Virus Control Hypervisor driver) - C:\WINDOWS\system32\DRIVERS\avchv.sys [29/07/2016 17:19:53] - (1.8.2.320) - (Zemana Ltd. - Zemana AntiLogger Free) - C:\WINDOWS\system32\DRIVERS\KeyCrypt64.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 76 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="agp440" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avc3" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="avchv" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avckf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="BdfNdisf" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="bdfwfpf" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gagp30kx" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="gzflt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="keycrypt" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="L1C" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="nv_agp" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Trufos" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uagp35" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uliagpkx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wpcfltr" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WSDPrintDevice" LoadOrderGroup.Name="Base" - SystemDriver.Name="WSDScan" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys R0 - ADP80XX () -> System32\drivers\ADP80XX.SYS R0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys R0 - amdsata () -> System32\drivers\amdsata.sys R0 - amdsbs () -> System32\drivers\amdsbs.sys R0 - amdxata () -> System32\drivers\amdxata.sys R0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys R0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys R0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys R0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys S0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys R0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys R0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys R0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys R0 - intelide () -> System32\drivers\intelide.sys R0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys R0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - LSI_SAS () -> System32\drivers\lsi_sas.sys R0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys R0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys R0 - LSI_SSS () -> System32\drivers\lsi_sss.sys R0 - megasas () -> System32\drivers\megasas.sys R0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - nvraid () -> System32\drivers\nvraid.sys R0 - nvstor () -> System32\drivers\nvstor.sys R0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys R0 - pciide () -> System32\drivers\pciide.sys R0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys R0 - percsas2i () -> System32\drivers\percsas2i.sys R0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys R0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys R0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys R0 - stexstor () -> System32\drivers\stexstor.sys R0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys R0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys R0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys R0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys R0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys R0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys R0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys R0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys R0 - vsmraid () -> System32\drivers\vsmraid.sys R0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys S0 - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\WdBoot.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys S0 - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\WdFilter.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - BdfNdisf (@oem15.inf,%BdfNdisf_Desc%;BitDefender Firewall NDIS 6 Filter Driver) -> \SystemRoot\system32\DRIVERS\bdfndisf6.sys R1 - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.1.0\Drivers\bdfwfpf.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys S1 - CLVirtualDrive (CLVirtualDrive) -> \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys S1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys S1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys S1 - ZAM (ZAM Helper Driver) -> \??\C:\Windows\System32\drivers\zam64.sys S1 - ZAM_Guard (ZAM Guard Driver) -> \??\C:\Windows\System32\drivers\zamguard64.sys S2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe S2 - AMD FUEL Service (AMD FUEL Service) -> "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService S2 - AppHostSvc (@%windir%\system32\inetsrv\iisres.dll,-30011) -> %windir%\system32\svchost.exe -k apphost S2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork S2 - BingDesktopUpdate (Bing Desktop Update service) -> "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" S2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S2 - DiagTrack (@%SystemRoot%\system32\diagtrack.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork S2 - EpsonScanSvc (Epson Scanner Service) -> C:\WINDOWS\system32\EscSvc64.exe R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs S2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - LavasoftAdAwareService11 (Ad-Aware Service 11) -> "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe" S2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys S2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys S2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_28a83 (Hôte de synchronisation_28a83) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss S2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys S2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe S2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe S2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys S2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc S2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys S2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys S2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel S2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - VBoxDRV (PortableVBoxDRV) -> \??\L:\VirtualBox\Portable-VirtualBox\app64\drivers\VBoxDrv\VBoxDrv.sys S2 - VBoxUSBMon (PortableVBoxUSBMon) -> \??\L:\VirtualBox\Portable-VirtualBox\app64\drivers\USB\filter\VBoxUSBMon.sys S2 - WbioSrvc (@%systemroot%\system32\wbiosrvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k WbioSvcGroup R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - WinDefend (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310) -> "%ProgramFiles%\Windows Defender\MsMpEng.exe" R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" S2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding S2 - ZAMSvc (ZAM Controller Service) -> "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service S3 - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys S3 - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys S3 - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys S3 - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys S3 - AJRouter (@%SystemRoot%\system32\AJRouter.dll,-2) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - ALG (@%SystemRoot%\system32\Alg.exe,-112) -> %SystemRoot%\System32\alg.exe S3 - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys S3 - amdkmdag () -> \SystemRoot\system32\DRIVERS\atikmdag.sys S3 - amdkmdap () -> \SystemRoot\system32\DRIVERS\atikmpag.sys S3 - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys S3 - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys S3 - AppIDSvc (@%systemroot%\system32\appidsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - Appinfo (@%systemroot%\system32\appinfo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - AppReadiness (@%SystemRoot%\System32\AppReadiness.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k AppReadiness S3 - AppXSvc (@%SystemRoot%\system32\appxdeploymentserver.dll,-1) -> %systemroot%\system32\svchost.exe -k wsappx S3 - aspnet_state (@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1) -> %systemroot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe S3 - AsyncMac (@%systemroot%\system32\rascfg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys S3 - avc3 (avc3) -> system32\DRIVERS\avc3.sys R3 - avchv (@oem14.inf,%ServiceDesc%;avchv Function Driver) -> \SystemRoot\system32\DRIVERS\avchv.sys S3 - avckf (avckf) -> system32\DRIVERS\avckf.sys S3 - AxInstSV (@%SystemRoot%\system32\AxInstSV.dll,-103) -> %SystemRoot%\system32\svchost.exe -k AxInstSVGroup S3 - bcmfn (@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service) -> \SystemRoot\System32\drivers\bcmfn.sys S3 - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys S3 - BDESVC (@%SystemRoot%\system32\bdesvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k netsvcs R3 - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys S3 - Browser (@%systemroot%\system32\browser.dll,-100) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys S3 - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys S3 - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys S3 - BthHFSrv (@%SystemRoot%\System32\BthHFSrv.dll,-103) -> %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation S3 - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Pilote de communications modem Bluetooth) -> \SystemRoot\System32\drivers\bthmodem.sys S3 - bthserv (@%SystemRoot%\System32\bthserv.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys S3 - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys S3 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys S3 - ClipSVC (@%SystemRoot%\system32\ClipSVC.dll,-103) -> %SystemRoot%\System32\svchost.exe -k wsappx S3 - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys R3 - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys S3 - COMSysApp (@comres.dll,-947) -> %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} R3 - condrv (Console Driver) -> System32\drivers\condrv.sys S3 - DcpSvc (@%SystemRoot%\system32\dcpsvc.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - defragsvc (@%SystemRoot%\system32\defragsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k defragsvc S3 - DeviceInstall (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S3 - DevQueryBroker (@%SystemRoot%\system32\DevQueryBroker.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - diagnosticshub.standardcollector.service (@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000) -> %SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe S3 - DmEnrollmentSvc (@%systemroot%\system32\Windows.Internal.Management.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys S3 - dmwappushservice (@%SystemRoot%\system32\dmwappushsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - dot3svc (@%systemroot%\system32\dot3svc.dll,-1102) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys S3 - DsmSvc (@%SystemRoot%\system32\DeviceSetupManager.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - DsSvc (@%SystemRoot%\system32\dssvc.dll,-10003) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys S3 - Eaphost (@%systemroot%\system32\eapsvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - EFS (@%SystemRoot%\system32\efssvc.dll,-100) -> %SystemRoot%\System32\lsass.exe S3 - embeddedmode (@%SystemRoot%\system32\embeddedmodesvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - EntAppSvc (@EnterpriseAppMgmtSvc.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel S3 - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys S3 - exfat (exFAT File System Driver) -> (?) R3 - fastfat (FAT12/16/32 File System Driver) -> (?) S3 - Fax (@%systemroot%\system32\fxsresm.dll,-118) -> %systemroot%\system32\fxssvc.exe S3 - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys S3 - fdPHost (@%systemroot%\system32\fdPHost.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - fhsvc (@%systemroot%\system32\fhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys S3 - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys S3 - FontCache3.0.0.0 (@%SystemRoot%\system32\PresentationHost.exe,-3309) -> %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe S3 - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys S3 - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys S3 - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys S3 - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys S3 - gzflt (gzflt) -> \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\gzflt.sys R3 - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys S3 - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys S3 - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys S3 - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys S3 - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys S3 - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys S3 - hidserv (@%SystemRoot%\System32\hidserv.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys S3 - HomeGroupListener (@%SystemRoot%\System32\ListSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - HomeGroupProvider (@%SystemRoot%\System32\provsvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S3 - hpqwmiex (HP Software Framework Service) -> "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" S3 - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys S3 - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys S3 - HyperVideo () -> \SystemRoot\system32\DRIVERS\HyperVideo.sys S3 - i8042prt (@keyboard.inf,%i8042prt.SvcDesc%;Pilote pour clavier i8042 et souris sur port PS/2) -> \SystemRoot\System32\drivers\i8042prt.sys S3 - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys S3 - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys S3 - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys S3 - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys S3 - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys S3 - icssvc (@%SystemRoot%\System32\tetheringservice.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - IEEtwCollectorService (@%SystemRoot%\system32\ieetwcollectorres.dll,-1000) -> %SystemRoot%\system32\IEEtwCollector.exe /V S3 - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys S3 - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys S3 - IoQos (@%SystemRoot%\system32\drivers\ioqos.sys,-100) -> system32\drivers\ioqos.sys S3 - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys S3 - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys S3 - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys S3 - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys S3 - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys R3 - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Pilote de la classe Clavier) -> \SystemRoot\System32\drivers\kbdclass.sys R3 - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys R3 - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys R3 - keycrypt (keycrypt) -> system32\DRIVERS\KeyCrypt64.sys S3 - KeyIso (@keyiso.dll,-100) -> %SystemRoot%\system32\lsass.exe S3 - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys S3 - KtmRm (@comres.dll,-2946) -> %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation R3 - L1C (@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller) -> \SystemRoot\System32\drivers\L1C63x64.sys S3 - lfsvc (@%SystemRoot%\System32\lfsvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - LicenseManager (@%SystemRoot%\system32\licensemanagersvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - lltdsvc (@%SystemRoot%\system32\lltdres.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalService R3 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S3 - LVRS64 (@oem8.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver) -> \SystemRoot\system32\DRIVERS\lvrs64.sys S3 - LVUVC64 (@oem6.inf,%PID_081B_DD%(UVC);Logitech HD Webcam C310(UVC)) -> \SystemRoot\system32\DRIVERS\lvuvc64.sys S3 - MessagingService (@%SystemRoot%\system32\MessagingService.dll,-100) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_28a83 (MessagingService_28a83) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys S3 - Modem () -> system32\drivers\modem.sys S3 - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys R3 - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Pilote de la classe Souris) -> \SystemRoot\System32\drivers\mouclass.sys R3 - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys R3 - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys S3 - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys R3 - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys R3 - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys S3 - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys S3 - MSDTC (@comres.dll,-2797) -> %SystemRoot%\System32\msdtc.exe S3 - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys S3 - mshidkmdf () -> \SystemRoot\System32\drivers\mshidkmdf.sys S3 - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys S3 - MSiSCSI (@%SystemRoot%\system32\iscsidsc.dll,-5000) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - msiserver (@%SystemRoot%\system32\msimsg.dll,-27) -> %systemroot%\system32\msiexec.exe /V S3 - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\system32\DRIVERS\MSKSSRV.sys S3 - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\system32\DRIVERS\MSPCLOCK.sys S3 - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\system32\DRIVERS\MSPQM.sys S3 - MsRPC () -> (?) S3 - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\system32\DRIVERS\MSTEE.sys S3 - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys S3 - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys S3 - NcaSvc (@%SystemRoot%\system32\ncasvc.dll,-3009) -> %SystemRoot%\System32\svchost.exe -k NetSvcs S3 - NcbService (@%SystemRoot%\system32\ncbservice.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - NcdAutoSetup (@%SystemRoot%\system32\NcdAutoSetup.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork S3 - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys S3 - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys S3 - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys S3 - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> System32\DRIVERS\ndistapi.sys S3 - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys R3 - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys S3 - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys S3 - ndiswanlegacy (@%systemroot%\system32\rascfg.dll,-32014) -> System32\DRIVERS\ndiswan.sys S3 - ndproxy (@%SystemRoot%\system32\drivers\todo.sys,-101;NDIS Proxy) -> System32\DRIVERS\NDProxy.sys S3 - Netlogon (@%SystemRoot%\System32\netlogon.dll,-102) -> %systemroot%\system32\lsass.exe S3 - Netman (@%SystemRoot%\system32\netman.dll,-109) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - netprofm (@%SystemRoot%\system32\netprofmsvc.dll,-202) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - NetSetupSvc (@%SystemRoot%\system32\NetSetupSvc.dll,-3) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys S3 - NgcCtnrSvc (@%SystemRoot%\System32\NgcCtnrSvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - NgcSvc (@%SystemRoot%\System32\ngcsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - NTFS () -> (?) S3 - p2pimsvc (@%SystemRoot%\system32\pnrpsvc.dll,-8004) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S3 - p2psvc (@%SystemRoot%\system32\p2psvc.dll,-8006) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S3 - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys S3 - PerfHost (@%systemroot%\sysWow64\perfhost.exe,-2) -> %SystemRoot%\SysWow64\perfhost.exe S3 - PhoneSvc (@%SystemRoot%\system32\PhoneserviceRes.dll,-10000) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - PimIndexMaintenanceSvc (@%SystemRoot%\system32\UserDataAccessRes.dll,-15001) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_28a83 (Données de contacts_28a83) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - pla (@%systemroot%\system32\pla.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R3 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-200) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S3 - PNRPAutoReg (@%SystemRoot%\system32\pnrpauto.dll,-8002) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S3 - PNRPsvc (@%SystemRoot%\system32\pnrpsvc.dll,-8000) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet R3 - PolicyAgent (@%SystemRoot%\System32\polstore.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted S3 - PptpMiniport (@%systemroot%\system32\rascfg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys S3 - PrintNotify (@C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1) -> %SystemRoot%\system32\svchost.exe -k print S3 - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys S3 - QWAVE (@%SystemRoot%\system32\qwave.dll,-1) -> %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys S3 - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys S3 - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys S3 - RasAuto (@%Systemroot%\system32\rasauto.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - Rasl2tp (@%systemroot%\system32\rascfg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys S3 - RasMan (@%Systemroot%\system32\rasmans.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> \SystemRoot\System32\drivers\raspppoe.sys S3 - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys R3 - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys S3 - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys S3 - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys S3 - ReFSv1 () -> (?) S3 - RetailDemo (@%SystemRoot%\System32\RDXService.dll,-256) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - RpcLocator (@%systemroot%\system32\Locator.exe,-2) -> %SystemRoot%\system32\locator.exe S3 - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys S3 - ScDeviceEnum (@%SystemRoot%\System32\ScDeviceEnum.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys S3 - SCPolicySvc (@%SystemRoot%\System32\certprop.dll,-13) -> %SystemRoot%\system32\svchost.exe -k netsvcs R3 - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys S3 - SDRSVC (@%SystemRoot%\system32\sdrsvc.dll,-107) -> %SystemRoot%\system32\svchost.exe -k SDRSVC R3 - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys S3 - seclogon (@%SystemRoot%\system32\seclogon.dll,-7001) -> %windir%\system32\svchost.exe -k netsvcs S3 - SensorDataService (@%SystemRoot%\system32\SensorDataService.exe,-101) -> %SystemRoot%\System32\SensorDataService.exe S3 - SensorService (@%SystemRoot%\System32\sensorservice.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - SensrSvc (@%SystemRoot%\System32\sensrsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys S3 - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys S3 - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys S3 - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys S3 - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys S3 - SessionEnv (@%SystemRoot%\System32\SessEnv.dll,-1026) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys S3 - smphost (@%SystemRoot%\System32\smphost.dll,-102) -> %SystemRoot%\System32\svchost.exe -k smphost S3 - SmsRouter (@%SystemRoot%\System32\SmsRouterSvc.dll,-10001) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - SNMPTRAP (@%SystemRoot%\system32\snmptrap.exe,-3) -> %SystemRoot%\System32\snmptrap.exe S3 - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys S3 - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys S3 - srvnet () -> System32\DRIVERS\srvnet.sys S3 - SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - SstpSvc (@%SystemRoot%\system32\sstpsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService R3 - StateRepository (@%SystemRoot%\system32\windows.staterepository.dll,-1) -> %SystemRoot%\system32\svchost.exe -k appmodel S3 - StorSvc (@%SystemRoot%\System32\StorSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - svsvc (@%SystemRoot%\system32\svsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys S3 - swprv (@%SystemRoot%\System32\swprv.dll,-103) -> %SystemRoot%\System32\svchost.exe -k swprv S3 - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys S3 - TabletInputService (@%SystemRoot%\system32\TabSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - TapiSrv (@%SystemRoot%\system32\tapisrv.dll,-10100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys S3 - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys S3 - TermService (@%SystemRoot%\System32\termsrv.dll,-268) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - TieringEngineService (@%SystemRoot%\system32\TieringEngineService.exe,-702) -> %SystemRoot%\system32\TieringEngineService.exe S3 - TimeBroker (@%windir%\system32\TimeBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys S3 - Trufos (Trufos) -> system32\DRIVERS\Trufos.sys S3 - TrustedInstaller (@%SystemRoot%\servicing\TrustedInstaller.exe,-100) -> %SystemRoot%\servicing\TrustedInstaller.exe S3 - tsusbflt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> System32\drivers\TsUsbFlt.sys S3 - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys S3 - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys R3 - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys S3 - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys S3 - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys R3 - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys S3 - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys S3 - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys S3 - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys S3 - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys S3 - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys S3 - UI0Detect (@%SystemRoot%\system32\ui0detect.exe,-101) -> %SystemRoot%\system32\UI0Detect.exe R3 - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys S3 - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys S3 - UmRdpService (@%SystemRoot%\system32\umrdp.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - UnistoreSvc (@%SystemRoot%\system32\UserDataAccessRes.dll,-10003) -> %SystemRoot%\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_28a83 (Stockage des données utilisateur_28a83) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - upnphost (@%systemroot%\system32\upnphost.dll,-213) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys S3 - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys S3 - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys S3 - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;Pilote USB audio (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys R3 - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Pilote parent générique USB Microsoft) -> \SystemRoot\System32\drivers\usbccgp.sys S3 - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys R3 - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys R3 - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys R3 - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys R3 - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys S3 - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys S3 - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\system32\DRIVERS\usbscan.sys S3 - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys R3 - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;Pilote de stockage de masse USB) -> \SystemRoot\System32\drivers\USBSTOR.SYS S3 - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys R3 - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS S3 - UserDataSvc (@%SystemRoot%\system32\UserDataAccessRes.dll,-14001) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_28a83 (Accès aux données utilisateur_28a83) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UsoSvc (@%systemroot%\system32\usocore.dll,-102) -> %systemroot%\system32\svchost.exe -k netsvcs R3 - VaultSvc (@%SystemRoot%\system32\vaultsvc.dll,-1003) -> %SystemRoot%\system32\lsass.exe S3 - vds (@%SystemRoot%\system32\vds.exe,-100) -> %SystemRoot%\System32\vds.exe S3 - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys S3 - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys S3 - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys S3 - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys S3 - vmicguestinterface (@%systemroot%\system32\icsvc.dll,-801) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmicheartbeat (@%systemroot%\system32\icsvc.dll,-101) -> %systemroot%\system32\svchost.exe -k ICService S3 - vmickvpexchange (@%systemroot%\system32\icsvc.dll,-201) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmicrdv (@%systemroot%\system32\icsvc.dll,-601) -> %systemroot%\system32\svchost.exe -k ICService S3 - vmicshutdown (@%systemroot%\system32\icsvc.dll,-301) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmictimesync (@%systemroot%\system32\icsvc.dll,-401) -> %systemroot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - vmicvmsession (@%systemroot%\system32\icsvc.dll,-901) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmicvss (@%systemroot%\system32\icsvc.dll,-501) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys S3 - VSS (@%systemroot%\system32\vssvc.exe,-102) -> %systemroot%\system32\vssvc.exe S3 - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys S3 - W32Time (@%SystemRoot%\system32\w32time.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - w3logsvc (@%windir%\system32\inetsrv\iisres.dll,-30014) -> %windir%\system32\svchost.exe -k apphost S3 - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys S3 - WalletService (@%SystemRoot%\System32\WalletService.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k appmodel S3 - wanarp (@%systemroot%\system32\rascfg.dll,-32011) -> System32\DRIVERS\wanarp.sys S3 - wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> System32\DRIVERS\wanarp.sys S3 - WAS (@%windir%\system32\inetsrv\iisres.dll,-30001) -> %windir%\system32\svchost.exe -k iissvcs S3 - wbengine (@%systemroot%\system32\wbengine.exe,-104) -> "%systemroot%\system32\wbengine.exe" S3 - wcncsvc (@%SystemRoot%\system32\wcncsvc.dll,-3) -> %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation S3 - WcsPlugInService (@%SystemRoot%\system32\WcsPlugInService.dll,-200) -> %SystemRoot%\system32\svchost.exe -k wcssvc S3 - WDC_SAM (@oem11.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver) -> \SystemRoot\System32\drivers\wdcsam64.sys S3 - WdiServiceHost (@%systemroot%\system32\wdi.dll,-502) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - WdiSystemHost (@%systemroot%\system32\wdi.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys S3 - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys S3 - WdNisSvc (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320) -> "%ProgramFiles%\Windows Defender\NisSrv.exe" S3 - WebClient (@%systemroot%\system32\webclnt.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - Wecsvc (@%SystemRoot%\system32\wecsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k NetworkService S3 - WEPHOSTSVC (@%systemroot%\system32\wephostsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k WepHostSvcGroup S3 - wercplsupport (@%SystemRoot%\System32\wercplsupport.dll,-101) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - WerSvc (@%SystemRoot%\System32\wersvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k WerSvcGroup S3 - WiaRpc (@%SystemRoot%\system32\wiarpc.dll,-2) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - WIMMount (WIMMount) -> system32\drivers\wimmount.sys S3 - WinHttpAutoProxySvc (@%SystemRoot%\system32\winhttp.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys S3 - WinRM (@%Systemroot%\system32\wsmsvc.dll,-101) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS S3 - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys S3 - WlanSvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - wlidsvc (@%SystemRoot%\system32\wlidsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys S3 - wmiApSrv (@%Systemroot%\system32\wbem\wmiapsrv.exe,-110) -> %systemroot%\system32\wbem\WmiApSrv.exe S3 - workfolderssvc (@%systemroot%\system32\workfolderssvc.dll,-102) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - wpcfltr (Family Safety Filter Driver) -> system32\DRIVERS\wpcfltr.sys S3 - WPDBusEnum (@%SystemRoot%\system32\wpdbusenum.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys S3 - WpnService (@%SystemRoot%\system32\wpnservice.dll,-1) -> %systemroot%\system32\svchost.exe -k wswpnservice S3 - WSDPrintDevice (@wsdprint.inf,%WSDPrintDevice.SVCDESC%;WSD Print Support) -> \SystemRoot\System32\drivers\WSDPrint.sys S3 - WSDScan (@sti.inf,%WSDScan.SvcDesc%;Prise en charge de la numérisation WSD) -> \SystemRoot\system32\DRIVERS\WSDScan.sys S3 - WSService (@%SystemRoot%\system32\WSService.dll,-103) -> %SystemRoot%\System32\svchost.exe -k wsappx S3 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs R3 - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys S3 - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys R3 - wudfsvc (@%SystemRoot%\system32\wudfsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys S3 - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys S3 - WwanSvc (@%SystemRoot%\System32\wwansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork S3 - XblAuthManager (@%systemroot%\system32\XblAuthManager.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - XblGameSave (@%systemroot%\system32\XblGameSave.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys S3 - XboxNetApiSvc (@%systemroot%\system32\XboxNetApiSvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys S4 - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys S4 - CDPSvc (@%SystemRoot%\system32\cdpsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S4 - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys S4 - NetTcpPortSharing (@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201) -> %systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe S4 - RemoteAccess (@%Systemroot%\system32\mprdim.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S4 - RemoteRegistry (@regsvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k localService S4 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S4 - SharedAccess (@%SystemRoot%\system32\ipnathlp.dll,-106) -> %SystemRoot%\System32\svchost.exe -k netsvcs S4 - tzautoupdate (@%SystemRoot%\system32\tzautoupdate.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService S4 - udfs (udfs) -> system32\DRIVERS\udfs.sys S4 - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys ---------- | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.D1F059A530620DCF71303B525D52CA97] - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [21141.48 Ko] - (8.1.1.1500) - C:\WINDOWS\System32\Drivers\atikmdag.sys [MD5.AD96CC96B6A0CEE8910A13679426C970] - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [658.48 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\Drivers\atikmpag.sys [MD5.CCF9DED019BAD2701F39A140FC4D6C44] - [05/01/2016 13:45:28] - (.Copyright © BitDefender - Active Virus Control filter driver.) - [1563 Ko] - (3.11.12727.6315) - C:\WINDOWS\System32\Drivers\avc3.sys [MD5.3FC014DABD685F8958C89EAA35D77368] - [05/01/2016 13:45:28] - (.Copyright © BitDefender - BitDefender AntiVirus Active Virus Control Hypervisor driver.) - [275.39 Ko] - (3.11.12293.6311) - C:\WINDOWS\System32\Drivers\avchv.sys [MD5.4D3ADB9A6B623D332F0D0ED39613BB04] - [05/01/2016 13:45:28] - (.Copyright © BitDefender - Active Virus Control Kernel Filtering driver.) - [757.25 Ko] - (3.11.12293.6311) - C:\WINDOWS\System32\Drivers\avckf.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.AF3E1ABAB951FC9064267ED76268F41B] - [16/02/2016 16:52:38] - (.Copyright (C) BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - [104.98 Ko] - (7.0.0.12) - C:\WINDOWS\System32\Drivers\bdfndisf6.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.075CCE75090786F124573A788C8656E6] - [05/03/2013 01:37:30] - (.Copyright (C) 2011 CyberLink - It is a virtual device driver which could create multiple virtual devices and mount image files..) - [90.37 Ko] - (1.0.0.621) - C:\WINDOWS\System32\Drivers\CLVirtualDrive.sys [MD5.2285B31039611D509F6120D691CA661F] - [05/03/2013 01:24:02] - (.@ 2012 Hewlett-Packard Development Company,L.P. - hpvhd 64bit support driver.) - [26.81 Ko] - (1.3.0.0) - C:\WINDOWS\System32\Drivers\cpqdfw.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.547E9B25B4407A125D5F187E918BC217] - [29/07/2016 17:19:53] - (.Zemana Ltd. - Zemana AntiLogger Free.) - [140.53 Ko] - (1.8.2.320) - C:\WINDOWS\System32\Drivers\KeyCrypt64.sys [MD5.4E444F41E69BBE2E0BAE34D5DFCB5732] - [30/10/2015 09:17:23] - (.2001-2012 Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller.) - [118.5 Ko] - (2.1.0.16) - C:\WINDOWS\System32\Drivers\L1C63x64.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.A0A527569856B9814E8920F52EBB67F5] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Kernel Audio Improvement Filter Driver.) - [343.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvrs64.sys [MD5.415E344294D1C0D04627B29146F68481] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Driver.) - [4646.66 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvuvc64.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.C2F868881D48A568B525255F084EF063] - [16/07/2012 11:47:46] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [3970.02 Ko] - (6.0.1.6662) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.40A8AB90F3CB342F037B493A8EADE4B9] - [28/04/2016 17:20:32] - (.(c) 2014 BitDefender S.R.L. - Trufos Kernel Module.) - [474.13 Ko] - (2.4.986.39) - C:\WINDOWS\System32\Drivers\Trufos.sys [MD5.4875DC63E548812C75D4FDEF84970C89] - [17/07/2012 04:36:29] - (.Copyright © 2011-2012 AMD, Inc. - AMD USB Filter Driver.) - [55.66 Ko] - (2.0.10.262) - C:\WINDOWS\System32\Drivers\usbfilter.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.A556768CC1FA4F36022BEE2F0EDE2566] - [12/11/2015 22:50:10] - (.© 2006-2015 Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SAM) driver.) - [26.25 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\wdcsam64.sys [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [29/07/2016 17:20:22] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zam64.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [29/07/2016 17:20:21] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zamguard64.sys ---------- | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON XP-710 Series] : (EPSON XP-710 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSLPE.EXE /R /APD /P:"EPSON XP-710 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Filmora_is1] : (Wondershare Filmora(Build 7.5.0).-.Wondershare Software) -> "C:\Program Files\Wondershare\Filmora\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{05B0CF4A-564C-4549-913E-AE3EDA16971A}] : (AdAwareInstaller.-.Lavasoft) -> MsiExec.exe /I{05B0CF4A-564C-4549-913E-AE3EDA16971A} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057}] : (AntispamEngine.-.Lavasoft) -> MsiExec.exe /I{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0FA995CC-C849-4755-B14B-5404CC75DC24}] : (Energy Star.-.Hewlett-Packard) -> MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{115C1C6A-15A2-48B1-A599-79F1AA1A03F6}] : (FirewallEngine.-.Lavasoft) -> MsiExec.exe /I{115C1C6A-15A2-48B1-A599-79F1AA1A03F6} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}] : (AntimalwareEngine.-.Lavasoft) -> MsiExec.exe /I{20334FA5-6CD5-48FC-B5F9-D34D75E07845} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C}] : (OnlineThreatsEngine.-.Lavasoft) -> MsiExec.exe /I{26F31E12-3722-45FD-903B-49012286BB4C} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{28349A67-1D99-45A6-A1C1-C5B6D1DF937A}] : (AvcEngine.-.Lavasoft) -> MsiExec.exe /I{28349A67-1D99-45A6-A1C1-C5B6D1DF937A} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36036827-FA38-4A74-8333-26BC4EEC9308}] : (AdAwareUpdater.-.Lavasoft) -> MsiExec.exe /I{36036827-FA38-4A74-8333-26BC4EEC9308} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36036827-FA38-4A74-8333-26BC4EEC9308}_AdAwareUpdater] : (Ad-Aware Antivirus.-.Lavasoft) -> "C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.12.945.9202\AdAwareUpdater.exe" --uninstall [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{503F672D-6C84-448A-8F8F-4BC35AC83441}] : (AMD APP SDK Runtime.-.Advanced Micro Devices Inc.) -> MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{5F769CF4-5263-4C7B-AEB2-C06A73AE4428} REBOOT=ReallySuppress [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}] : (HP Postscript Converter.-.Hewlett-Packard) -> MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7366CA8-7179-77AE-E712-BA18D70A0A07}] : (AMD Fuel.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] : (CyberLink Power2Go 8.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (CyberLink LabelPrint.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] : (CyberLink PowerDVD.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Usbfix] : (UsbFix.-.El Desaparecido - www.usb-antivirus.com - www.sosvirus.net) -> C:\UsbFix\Un-UsbFix.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-mahjonggdarkdimensions] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Mahjongg Dark Dimensions\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-polarbowlerfacebook] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Polar Bowler Strike!\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-worldofwarcraft] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - World of Warcraft\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] : (Wise Memory Optimizer 3.32.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Video Downloader_is1] : (Wise Video Downloader 1.61.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Video Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WUCCCApp] : (AMD Catalyst Control Center.-.AMD) -> "C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07326A3E-02B3-1078-25D7-B8666BA8FE15}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}] : (Epson Easy Photo Print 2.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}\setup.exe" -runfromtemp -l0x040c UNINST -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{104D7F23-A414-EE6D-315E-A07CB75ADEEE}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A7CF3BE-0D4A-33DF-DFD9-824487726365}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1AD99E77-37CC-744E-39CA-67F6FD34565A}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] : (CyberLink Power2Go 8.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2E2526C8-51A8-F6EB-8289-6787E880CE27}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] : (Recovery Manager.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1] : (Wondershare Helper Compact 2.5.0.-.Wondershare) -> "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5AD25D5C-C813-146B-4FB0-76561F7875B7}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5B4886EE-5A95-C257-A68F-2DCADE47A273}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DB58618-7021-C650-EE8A-58CD1FAA95F9}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5F5ACD0C-A454-32A7-E206-EE89B1510128}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{67087BB4-19B4-C169-3E52-2BED796D8AB3}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AE04BB9-A455-16ED-5806-DCFBB14505D6}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}] : (Epson Software Updater.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6DBD132B-7F42-4594-BBE7-0BB677EB2926} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.2.0.0.-.Hewlett-Packard Company) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7474548C-E456-4818-8ED0-4A1F00EF77A1}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{7474548C-E456-4818-8ED0-4A1F00EF77A1} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82CA1714-13EA-F419-91FE-12834424745E}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{839D1577-5415-6C89-6642-515DFFE6432F}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.SEIKO EPSON CORPORATION) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1] : (Zemana AntiMalware.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiMalware\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-1187-82D5-494C-E86DE5C5262D}_is1] : (Ashampoo Privacy Protector 2015 v.1.1.3.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector 2015\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1] : (Ashampoo Privacy Protector.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A666A6E7-3A51-E289-559B-BF3486036ABF}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A80DB23D-0618-405B-89D9-28F99814E287}_is1] : (AntiLogger Free version 1.8.2.320.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiLogger Free\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABA39912-380C-0EF3-C820-868115EB1DAC}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC7A441A-353F-75F6-6ABA-3BF98161B530}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6480ED1-448E-813B-4FE0-BED811D1C01F}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B839153C-D4D2-F89C-5033-0A160C62706B}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BDBF9803-B57C-AB2A-8830-CBED34703840}] : (Catalyst Control Center Graphics Previews Common.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1EA3764-1138-AE27-AD63-549BAD99BA15}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (CyberLink LabelPrint.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D16A31F9-276D-4968-A753-FFEAC56995D0}] : (Epson Print CD.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{D16A31F9-276D-4968-A753-FFEAC56995D0}\setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] : (CyberLink PowerDVD.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E817E580-6318-AFC8-2102-322C73117EC4}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E8406BA9-5D47-4A62-08C3-759EA677229A}] : (AMD VISION Engine Control Center.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F193812F-83C0-3CED-1EDE-BE2525267303}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F754BC24-2C04-F76E-C403-0175F0954560}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F77474EE-EB6C-C87B-88AF-3310C848E068}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC62C740-2339-618C-467B-36CE6D409E5F}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Microsoft Specifications ---------- | CLSID ---------- | Listing No Microsoft signed files | system32 (Not necessary Malwares) [MD5.C65F3DD5C512B0E73984DB406B5512F7] - |D| - [30/10/2015 09:17:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@edptoastimage.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |D| - [30/10/2015 09:18:12] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@language_notification_icon.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |D| - [30/10/2015 09:18:10] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@optionalfeatures.png [MD5.9971B035154F5C54948B73A86D6C6874] - |D| - [30/10/2015 09:18:14] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@TileEmpty1x1Image.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |D| - [30/10/2015 09:17:39] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@WiFiNotificationIcon.png [MD5.4B10D8998C824DD84AD597F9E058F6F0] - |D| - [30/07/2015 21:58:04] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amde31a.dat [MD5.C7628FE6341B7919D2F62DB9057DB4FC] - |D| - [21/10/2015 02:14:42] - (.-.) - [208.48 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdgfxinfo64.dll [MD5.AF1928F5E15921A29877C2E18626F80E] - |D| - [21/10/2015 02:14:42] - (.-.) - [139.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdhdl64.dll [MD5.DDEB20626133878B0CE79CCE29B031B9] - |D| - [23/07/2015 11:52:32] - (.-.) - [814.26 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdicdxx.dat [MD5.82CAB4EAF1E1CBA85AE5DEBB4C068EE2] - |D| - [21/10/2015 02:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [616.48 Ko] - (1.0.3.8) - C:\WINDOWS\system32\amdlvr64.dll [MD5.C366C5A2EE8F1F586691E4511AB56040] - |D| - [21/10/2015 02:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [6529.48 Ko] - (9.1.10.83) - C:\WINDOWS\system32\amdmantle64.dll [MD5.3960C946E67311C9831550AEDC649C3A] - |D| - [21/10/2015 02:14:54] - (.-.) - [460.27 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdmiracast.dll [MD5.4CA9A0DF33972919623BBFF8FBD1A501] - |D| - [21/10/2015 02:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [57.98 Ko] - (1.6.0.0) - C:\WINDOWS\system32\amdmmcl6.dll [MD5.7BA9A6BBF176D945D7B201865897E158] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26898.98 Ko] - (0.8.0.0) - C:\WINDOWS\system32\amdocl12cl64.dll [MD5.AFF92249DA8E62FF8C6D2B89977D3245] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46673.98 Ko] - (10.0.1800.11) - C:\WINDOWS\system32\amdocl64.dll [MD5.8305AA2FEBE5CAD45AB8D208C17DA930] - |D| - [21/10/2015 02:14:44] - (.-.) - [1168 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdocl_as64.exe [MD5.187EB6A72565FAAF01AAE0CDD63DE56F] - |D| - [21/10/2015 02:14:44] - (.-.) - [1045.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdocl_ld64.exe [MD5.2B79CD2445F85D54959702583ECBCC04] - |D| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\system32\amdpcom64.dll [MD5.926C753C058B5E589CF38AAC72166702] - |D| - [30/10/2015 09:17:41] - (.-.) - [404.84 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ApnDatabase.xml [MD5.9B034D049D1C6EC9BED55D2F27D86ED9] - |D| - [29/07/2016 22:10:29] - (.-.) - [2.13 Ko] - (0.0.0.0) - C:\WINDOWS\system32\AppxProvisioning.xml [MD5.28DF09388444100467873AC906FD6CB2] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1226.98 Ko] - (7.15.20.1301) - C:\WINDOWS\system32\atiadlxx.dll [MD5.53650482B8E621276DC55E50C9FB2FEE] - |D| - [22/08/2015 01:53:34] - (.-.) - [646.87 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiapfxx.blb [MD5.CC2470CA903EA355A24F05520D79BDB8] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [366.98 Ko] - (6.14.10.1001) - C:\WINDOWS\system32\atiapfxx.exe [MD5.279066332FA267076E3BEE81C4297F87] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [62.98 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticalcl64.dll [MD5.3A0F17C7C8E37DCEAE1DA76B7D761702] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15356.98 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticaldd64.dll [MD5.D22A08EE217DE15B6A41AE518B4F4FBE] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [69.48 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticalrt64.dll [MD5.BE92AD0155D4A23D0073AF51BE808B29] - |D| - [21/10/2015 02:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1445.13 Ko] - (8.17.10.1404) - C:\WINDOWS\system32\aticfx64.dll [MD5.B565601728AF96EEFCF7E9CDE3CDD2BE] - |D| - [21/10/2015 02:14:46] - (.2002-2012 - Graphics DEM.) - [440.48 Ko] - (4.5.5711.37472) - C:\WINDOWS\system32\atidemgy.dll [MD5.8700278344BED8D4A3A5AC2875359584] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11804.69 Ko] - (8.17.10.625) - C:\WINDOWS\system32\atidxx64.dll [MD5.69F82C40A189962A65F6D5A02DF8599F] - |D| - [21/10/2015 02:14:46] - (.-.) - [164.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atieah64.exe [MD5.B96BD9F5B2B0CD6549EE59FD242A6D56] - |D| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [667.48 Ko] - (6.14.11.1199) - C:\WINDOWS\system32\atieclxx.exe [MD5.521248FA26458669BAAE6AB7DB21F3AC] - |D| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [249.48 Ko] - (6.14.11.1199) - C:\WINDOWS\system32\atiesrxx.exe [MD5.E4F96DFF0501430BF7C6E90841A7282D] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [81.98 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atig6pxx.dll [MD5.86F2AE002AF9222F34937823B98753C2] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [161.48 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atig6txx.dll [MD5.0C3156664885AF41100B63853EBCE037] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiglpxx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |D| - [06/11/2014 10:53:26] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiicdxx.dat [MD5.FE4E7138E51DA7EF01E51F28128A7F53] - |D| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\system32\atimpc64.dll [MD5.C84C24F13663EF5A59C1E598A350C8C3] - |D| - [21/10/2015 02:14:46] - (.Copyright ฉ 2009 AMD - Multi-language DPPE DLL.) - [37.48 Ko] - (6.14.10.1002) - C:\WINDOWS\system32\atimuixx.dll [MD5.7D9CCB5DD8837D6AC954956A5812112C] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30054.98 Ko] - (6.14.10.13399) - C:\WINDOWS\system32\atio6axx.dll [MD5.0E89795F721B2BC02D0A12C470750DF6] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODCLI Application.) - [58.48 Ko] - (1.0.0.1) - C:\WINDOWS\system32\ATIODCLI.exe [MD5.C7A506822BE45CD42415710979CDAE7F] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODE Application.) - [333.48 Ko] - (1.0.0.1) - C:\WINDOWS\system32\ATIODE.exe [MD5.3FE40633FC3BC5AE41EACDA0E1BA72FE] - |D| - [21/10/2015 02:14:46] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [194.98 Ko] - (6.14.11.25) - C:\WINDOWS\system32\atitmm64.dll [MD5.067CED045532C58B46E6527BCE3CB47F] - |D| - [21/10/2015 02:14:54] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [127.02 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiu9p64.dll [MD5.AC6970C74B7457B291BB2C0035AA7DAE] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8657.15 Ko] - (9.14.10.1128) - C:\WINDOWS\system32\atiumd64.dll [MD5.486D6985E7B7826DBBEAE12755851027] - |D| - [22/08/2015 01:55:34] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiumd6a.cap [MD5.0A9CA09952D768F768D2903F984102DC] - |D| - [21/10/2015 02:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8771.91 Ko] - (8.14.10.513) - C:\WINDOWS\system32\atiumd6a.dll [MD5.AE81C76C930DD6875E5D9C6BEA2F0966] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [158.43 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiuxp64.dll [MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |D| - [24/07/2015 21:44:06] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativce02.dat [MD5.B974290EEE645249EE212FF62DD0824A] - |D| - [30/07/2015 22:00:06] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |D| - [29/05/2015 01:00:42] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |D| - [29/05/2015 00:58:32] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |D| - [29/05/2015 01:21:32] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |D| - [29/05/2015 01:17:24] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |D| - [29/05/2015 01:15:12] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |D| - [29/05/2015 01:10:58] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |D| - [29/05/2015 01:08:18] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |D| - [22/08/2015 01:54:10] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |D| - [22/08/2015 01:54:10] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvsvl.dat [MD5.D638E3AD81E149A75EEF59E9C743E27C] - |D| - [30/10/2015 09:24:33] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\system32\AutoWorkplace.exe.config [MD5.8AB8CC8200DF2148BEA11FD7F520EA3A] - |D| - [30/07/2016 07:24:32] - (.Copyright © 1997-2011 BitDefender - BitDefender Firewall.) - [205.06 Ko] - (1.0.14.0) - C:\WINDOWS\system32\BdFirewallSDK.dll [MD5.E32E201688F60CBEF10439F568F94DF5] - |D| - [30/07/2016 07:24:32] - (.Copyright (C) BitDefender LLC - BitDefender Firewall Core Library.) - [153.26 Ko] - (7.0.0.2) - C:\WINDOWS\system32\bdfwcore.dll [MD5.73D9B14B7C8621500675F8123043C864] - |D| - [30/07/2016 07:24:33] - (.© 2008 BitDefender S.R.L. - BitDefender POP3 Proxy.) - [152.26 Ko] - (2.63.11.0) - C:\WINDOWS\system32\bdpop3p.dll [MD5.5A60405B7D88A6B6DF933DCCE778DD99] - |D| - [30/07/2016 07:24:32] - (.Copyright (C) BitDefender LLC - BitDefender Proxy Redirector User-Mode Module.) - [93.91 Ko] - (7.0.0.5) - C:\WINDOWS\system32\bdpredir.dll [MD5.44CF1CE6512CA6B54083156DF7DE3359] - |D| - [30/07/2016 07:24:32] - (.© 2008 BitDefender S.R.L. - BitDefender SMTP Proxy.) - [1036.89 Ko] - (2.63.11.0) - C:\WINDOWS\system32\bdsmtpp.dll [MD5.22D9945B4AAE36DD59620A918F2E65F4] - |D| - [30/10/2015 09:17:46] - (.-.) - [3096 Ko] - (0.0.0.0) - C:\WINDOWS\system32\boot.sdi [MD5.405E1EF8E3C88E9BCD2853382BB12430] - |D| - [30/10/2015 09:19:28] - (.-.) - [22.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\bopomofo.uce [MD5.6EC6A5D8C388FCE5792805DC8C736E87] - |D| - [30/10/2015 09:17:40] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [92 Ko] - (1.0.0.1) - C:\WINDOWS\system32\BthpanContextHandler.dll [MD5.6E5DAEBB08D93B3630F2DA9B4FACC05B] - |D| - [30/10/2015 09:18:10] - (.Copyright (C) 2008 - Application ContextH.) - [54 Ko] - (1.0.0.1) - C:\WINDOWS\system32\BWContextHandler.dll [MD5.CCEAEFAA4DF2F399E9A179D942FEB23C] - |D| - [30/10/2015 09:18:01] - (.-.) - [163.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\chs_singlechar_pinyin.dat [MD5.F2D598B11C294EE360FDA0D3E81DA7EC] - |D| - [21/10/2015 02:14:48] - (.-.) - [237.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\clinfo.exe [MD5.A0E91D21C945781D03EA0BA1C95F821E] - |D| - [21/10/2015 02:14:48] - (.AMD. - CoInstaller DLL.) - [853.98 Ko] - (1.0.5.9) - C:\WINDOWS\system32\coinst_15.20.dll [MD5.B2241C7E71A7CA5B4CE86FB28FA97373] - |D| - [30/10/2015 09:18:07] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-appcmd.searchconnector-ms [MD5.2B405BCB2A2BDEC47D35D0A921E5B10B] - |D| - [30/10/2015 09:18:06] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-contacts.searchconnector-ms [MD5.8A063B4755E352DD772D43D5E8123BBB] - |D| - [30/10/2015 09:18:06] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-history.searchconnector-ms [MD5.A727FC8376E18F7506A6BB6BC389E602] - |D| - [30/10/2015 09:18:07] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-music.searchconnector-ms [MD5.80CC9D3D6A70AAA255C0FEDB4C7BB692] - |D| - [30/10/2015 09:18:06] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-paths.searchconnector-ms [MD5.1420FE34B31CBD3B81011E03ACAD94F2] - |D| - [30/10/2015 09:18:07] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-protocol.searchconnector-ms [MD5.E7B53AF004BEE5112F787A6E5B04D737] - |D| - [30/10/2015 09:18:06] - (.-.) - [10.85 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms [MD5.ACB02726235DF588BF8D5A4FF54379DF] - |D| - [30/10/2015 09:18:06] - (.-.) - [7.6 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms [MD5.0E3D116A4DC1D2ABDD0692C6173E09E6] - |D| - [30/10/2015 09:18:06] - (.-.) - [6.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms [MD5.A71D446195E2B8090621C884D5DC3532] - |D| - [29/07/2016 22:08:55] - (.-.) - [2594.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\CoreUIComponents.dll [MD5.306B90493D00011EB635E161C6C024B8] - |D| - [30/10/2015 09:17:57] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |D| - [30/10/2015 09:24:34] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DefaultQuestions.json [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |D| - [26/10/2012 16:42:24] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\system32\DevManagerCore.dll [MD5.F938469DAF278EE42E32CE2ED5400172] - |D| - [30/10/2015 09:17:46] - (.-.) - [90.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DiskSnapshot.conf [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - |D| - [30/10/2015 09:24:34] - (.-.) - [210.88 Ko] - (0.0.0.0) - C:\WINDOWS\system32\dssec.dat [MD5.30B4EC182373056C7AE758B72B83E8D5] - |D| - [30/10/2015 09:17:52] - (.-.) - [166.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EditionUpgradeHelper.dll [MD5.33D9CB37446952603C170F80B2C897BB] - |D| - [30/10/2015 09:17:52] - (.-.) - [28 Ko] - (0.0.0.0) - C:\WINDOWS\system32\efsext.dll [MD5.4A73C017D5CF58F2FD764F5D3B0E81E4] - |D| - [29/07/2016 19:15:51] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\emptyregdb.dat [MD5.93E76CF7B04EC33A1E9E0FD7546D3603] - |D| - [30/10/2015 09:17:45] - (.-.) - [17.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EventViewer_EventDetails.xsl [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |D| - [29/07/2016 19:31:57] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\system32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |D| - [29/07/2016 19:31:54] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\system32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - |D| - [29/07/2016 19:31:55] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2013. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.4.0.0) - C:\WINDOWS\system32\E_ILMBLPE.DLL [MD5.2D6764C3CFCE0FBFB219DB7F3B0723AD] - |D| - [26/04/2016 22:39:15] - (.-.) - [198.65 Ko] - (0.0.0.0) - C:\WINDOWS\system32\FNTCACHE.DAT [MD5.7EB29DBB6CB2CACD1C7027B8E050DED8] - |D| - [30/10/2015 09:18:09] - (.-.) - [24.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\GamePanelExternalHook.dll [MD5.0FEE8DB559981D7F06E26042ECD8D671] - |D| - [30/10/2015 09:17:39] - (.-.) - [73.87 Ko] - (0.0.0.0) - C:\WINDOWS\system32\gatherNetworkInfo.vbs [MD5.4FDED87068052EEB9B72A97FDBC141DB] - |D| - [30/10/2015 09:19:28] - (.-.) - [23.44 Ko] - (0.0.0.0) - C:\WINDOWS\system32\gb2312.uce [MD5.67FC2C86490CB84F4AD74B6F5AF3A89C] - |D| - [05/03/2013 01:35:48] - (.© Copyright 2012 HPDC - Port Monitor Server DLL.) - [347.5 Ko] - (0.3.1282.3591) - C:\WINDOWS\system32\hpbprtmon.dll [MD5.D0519B40392DB0D156B61502D5F650F4] - |D| - [05/03/2013 01:35:48] - (.© Copyright 2012 HPDC - Port Monitor UI DLL.) - [166.5 Ko] - (0.3.1282.3591) - C:\WINDOWS\system32\hpbprtmonui.dll [MD5.06F13BD51FB6A9B199B73C1605238BBF] - |D| - [05/03/2013 01:35:48] - (.© Copyright 2012 HPDC - Real Port Monitor DLL.) - [368.5 Ko] - (0.3.1282.3591) - C:\WINDOWS\system32\hpbrprtmon.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |D| - [05/03/2013 01:53:16] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\system32\HPCheckOA21.err [MD5.3083DEF0BC30D66A5D320B9979C178EC] - |D| - [05/03/2013 01:53:16] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\HPCheckOA21.txt [MD5.1A4695BDC5017B37E6D23A88CFEC0760] - |D| - [05/03/2013 01:14:27] - (.Copyright (C) 2011 -.) - [114.5 Ko] - (1.3.0.0) - C:\WINDOWS\system32\HPMUIDir.exe [MD5.E635EEC491CBD436095B4300C3E9C4C9] - |D| - [30/10/2015 09:17:57] - (.-.) - [340.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\HrtfApo.dll [MD5.77071BF934BEF16D5F02E31624258A91] - |D| - [21/10/2015 02:14:48] - (.-.) - [108.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\hsa-thunk64.dll [MD5.FD4C613364F59BAAC59A2C4F5F0EE52B] - |D| - [30/07/2016 07:24:33] - (.Copyright (C) BitDefender - Http Filter Proxy.) - [190.45 Ko] - (7.0.0.8) - C:\WINDOWS\system32\httproxy.dll [MD5.ECD81B99477AB4A93D7838EB40B870D0] - |D| - [30/10/2015 09:24:35] - (.-.) - [8.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\icrav03.rat [MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - |D| - [30/10/2015 09:19:28] - (.-.) - [59.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ideograf.uce [MD5.6B31D08801D3A3F51B59FB1DB14E4A01] - |D| - [30/10/2015 09:18:41] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ieuinit.inf [MD5.7CAACE1DF07B3656E458D07115A71600] - |D| - [25/07/2012 22:22:54] - (.-.) - [429.01 Ko] - (0.0.0.0) - C:\WINDOWS\system32\igcompkrng500.bin [MD5.385B8EFE468E3A4A3E2E65FC8764E4BF] - |D| - [25/07/2012 22:22:54] - (.-.) - [90.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\igfcg500m.bin [MD5.C4CF4FA6C9399B277E86D602BF251A11] - |D| - [25/07/2012 22:22:54] - (.-.) - [959.22 Ko] - (0.0.0.0) - C:\WINDOWS\system32\igkrng500.bin [MD5.9A014CE65642722D72588D5196F147CE] - |D| - [25/07/2012 22:22:54] - (.-.) - [1945.25 Ko] - (0.0.0.0) - C:\WINDOWS\system32\iglhxa64.cpa [MD5.DB945DDE9D7825BB4A173CD108193C49] - |D| - [25/07/2012 22:22:56] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\system32\iglhxa64.vp [MD5.A980B0ED5543E3DFD1C21058B06C5A65] - |D| - [25/07/2012 22:22:56] - (.-.) - [58.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\iglhxc64.vp [MD5.82001B2CC6728CE282EF036ABC2BC975] - |D| - [25/07/2012 22:22:56] - (.-.) - [58.84 Ko] - (0.0.0.0) - C:\WINDOWS\system32\iglhxg64.vp [MD5.3B6C78580EC3B9A0346D2AD63EC7906A] - |D| - [25/07/2012 22:22:56] - (.-.) - [58.61 Ko] - (0.0.0.0) - C:\WINDOWS\system32\iglhxo64.vp [MD5.0E74C595B6F7276F41425F50D414B680] - |D| - [25/07/2012 22:22:56] - (.-.) - [5.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\iglhxs64.vp [MD5.652C6CF73BE7AD53D8EECB92D37F3EDE] - |D| - [30/10/2015 09:18:01] - (.-.) - [181.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ism32k.dll [MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - |D| - [30/10/2015 09:19:28] - (.-.) - [6.79 Ko] - (0.0.0.0) - C:\WINDOWS\system32\kanji_1.uce [MD5.529BBD63519BBD654EF328454019693F] - |D| - [30/10/2015 09:19:28] - (.-.) - [8.29 Ko] - (0.0.0.0) - C:\WINDOWS\system32\kanji_2.uce [MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - |D| - [30/10/2015 09:19:28] - (.-.) - [12.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\korean.uce [MD5.251C002837808A2F421A73CB9F8E2239] - |D| - [30/10/2015 09:17:36] - (.Copyright © 1996-1999 Fraunhofer Institut Integrierte Schaltungen IIS - MPEG Layer-3 Audio Codec for MSACM.) - [85 Ko] - (1.9.0.401) - C:\WINDOWS\system32\l3codeca.acm [MD5.9C0B73FE241261A8C447407DDA4EC7F3] - |D| - [30/10/2015 09:17:36] - (.Copyright © 2004 Fraunhofer IIS - MPEG Audio Layer-3 Codec for MSACM.) - [180 Ko] - (3.4.0.0) - C:\WINDOWS\system32\l3codecp.acm [MD5.050BC9351A3386458B696F8BCA78B27B] - |D| - [30/10/2015 09:17:57] - (.-.) - [145.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\LargeRoom.bin [MD5.531FE5A2634D87A078017259F21D9736] - |D| - [30/10/2015 09:18:19] - (.-.) - [206.97 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lcphrase.tbl [MD5.D3C85593F8C4576FCF9B42AC48CA4368] - |D| - [30/10/2015 09:18:19] - (.-.) - [23.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lcptr.tbl [MD5.10B2D2D402319E647C90A2E1908C8DBB] - |D| - [29/07/2016 19:54:13] - (.-.) - [49.47 Ko] - (0.0.0.0) - C:\WINDOWS\system32\license.rtf [MD5.B65E8E52916A527F88486875EE291AA8] - |D| - [26/10/2012 16:42:22] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |D| - [26/10/2012 16:42:22] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LogiDPPApp.exe [MD5.4D4248F6D008D86D5575EE5B154971AE] - |D| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\lvco1380853.dll [MD5.FF510CF2A7FA73192E7DB06D7C311799] - |D| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Video Codec.) - [171.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\lvcod64.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |D| - [26/10/2012 16:42:24] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lvcoin64.ini [MD5.48CFFF644B6DD9EBB523E878792557AD] - |D| - [29/07/2016 18:58:23] - (.-.) - [7.65 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lvcoinst.log [MD5.B4CD287DFAA6578AC763A3800F0C2DC8] - |D| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LVUI64.dll [MD5.CCFDDF84B42198B0AAD27D11ACFD254E] - |D| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LVUIRC64.dll [MD5.D3F4E00C322EDA78873848BE75ACC8A4] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [132.98 Ko] - (9.1.10.83) - C:\WINDOWS\system32\mantle64.dll [MD5.EA33454E28EE1F3CA432DA87203DA24F] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [100.98 Ko] - (9.1.10.83) - C:\WINDOWS\system32\mantleaxl64.dll [MD5.BC74BDA8DC53F722C2CA686071600AE2] - |D| - [30/10/2015 09:17:57] - (.-.) - [107.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MediumRoom.bin [MD5.ED434A3EBE29070A7E0138C42482EB93] - |D| - [30/10/2015 09:18:14] - (.-.) - [657.31 Ko] - (0.0.0.0) - C:\WINDOWS\system32\mlang.dat [MD5.AB416599057FFDC84E28BBB6DA69EADC] - |D| - [29/07/2016 22:11:46] - (.-.) - [229.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MTF.dll [MD5.72534830694CCABA9A5CBA33F9771C63] - |D| - [27/04/2016 07:16:33] - (.-.) - [254.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MTFServer.dll [MD5.86166DAA04A6C154826508304CC6D4AC] - |D| - [30/10/2015 09:17:40] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NdfEventView.xml [MD5.9F72E06493E8E034E4F3E287B2F6D5D4] - |D| - [01/08/2012 19:10:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-303172.txt [MD5.EC3F2258DC5247436CF829AA405523A7] - |D| - [01/08/2012 19:03:24] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-40170.txt [MD5.E39F5B5F2F8E17B44BC73BFD6F5EEFE8] - |D| - [01/08/2012 19:03:24] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-40591.txt [MD5.0A742EBDEC323A1C158125EDDCD0ECB9] - |D| - [01/08/2012 19:03:25] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-40934.txt [MD5.363AB3B147EC26DE764E2FB32EA2041C] - |D| - [01/08/2012 19:03:25] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-41340.txt [MD5.670571AEA7547824368AAFF1210E5219] - |D| - [01/08/2012 19:03:25] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-41667.txt [MD5.876860348EF677B24E4070B6F0D0434B] - |D| - [01/08/2012 19:03:26] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-41933.txt [MD5.D9DF4A50BBA7175DDD31647FDD2E1C1E] - |D| - [01/08/2012 19:03:26] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-42213.txt [MD5.6B60C5E72A98FFD8AA3C3E79EB9EBC37] - |D| - [01/08/2012 19:03:26] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-42510.txt [MD5.FC2AE0A6CD9E5604723A4D73E3485D1B] - |D| - [01/08/2012 19:03:27] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-42947.txt [MD5.8CC3614DB50EB8B061D80657A5E43793] - |D| - [01/08/2012 19:03:27] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-43290.txt [MD5.E4843FF1AB51E26581AC8DB00AF1A4C5] - |D| - [01/08/2012 19:03:29] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\system32\netcfg-44959.txt [MD5.D10B6580768E0248CC758AE59AA22D8A] - |D| - [29/07/2016 18:55:47] - (.-.) - [24.63 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |D| - [30/10/2015 09:17:39] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml [MD5.79BD0E63A9E54ED8AFFD19F43B5B83F2] - |D| - [27/04/2016 07:16:33] - (.Copyright (C) Nokia 2013 - master branch.) - [258 Ko] - (8.1.0.65535) - C:\WINDOWS\system32\NmaDirect.dll [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - |D| - [30/10/2015 09:24:36] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NOISE.DAT [MD5.5D27362AF3BCAA75A418F5416A35934E] - |D| - [30/10/2015 09:17:55] - (.-.) - [0.26 Ko] - (0.0.0.0) - C:\WINDOWS\system32\odbcconf.rsp [MD5.0A13D6818BCBF860EDCEC1ED1E7B9698] - |D| - [30/07/2016 07:24:32] - (.Copyright © 1997-2011 BitDefender - OEMBdpredir Dynamic Link Library.) - [120.05 Ko] - (1.0.5.0) - C:\WINDOWS\system32\OEMbdpredir.dll [MD5.DE4FA2E0FBF5D7CAF54977DE21949EC2] - |D| - [30/10/2015 09:24:36] - (.-.) - [15.33 Ko] - (0.0.0.0) - C:\WINDOWS\system32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |D| - [30/10/2015 09:17:50] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\system32\onlinesetup.cmd [MD5.F192E1998A5F6826BE6955F6EAE7CDA1] - |D| - [21/10/2015 02:14:42] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [71.98 Ko] - (2.0.4.0) - C:\WINDOWS\system32\OpenCL.dll [MD5.FEA7C5495FA97FA85091260BA99F443A] - |D| - [08/08/2012 13:09:14] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [74 Ko] - (10.0.938.2) - C:\WINDOWS\system32\OpenVideo64.dll [MD5.42D2360079B1DF3230024AE920737367] - |D| - [30/10/2015 09:17:57] - (.-.) - [45.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\OutdoorAudioEnvironment.bin [MD5.FD4964DC69D2CA2F77872224A0F2EBBF] - |D| - [08/08/2012 13:09:02] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [62 Ko] - (10.0.938.2) - C:\WINDOWS\system32\OVDecode64.dll [MD5.66D58077CC739E4B8166E33AB0BA4639] - |D| - [30/10/2015 09:18:09] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pcl.sep [MD5.4CA026AF6DE66D2AA3F7A855A3BDCCCF] - |D| - [30/10/2015 09:26:16] - (.-.) - [160.6 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfc009.dat [MD5.9232D01F8CD62C30F7CB9993953C70C4] - |D| - [27/04/2016 07:12:16] - (.-.) - [183.65 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |D| - [30/10/2015 09:26:16] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |D| - [27/04/2016 07:12:16] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfd00C.dat [MD5.83C7A3352D6BCF0C9E22E8A4AEB5ED2B] - |D| - [30/10/2015 09:26:16] - (.-.) - [780.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfh009.dat [MD5.D138C158B40B8BC869B989CA48B1A3DA] - |D| - [27/04/2016 07:12:16] - (.-.) - [877.08 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfh00C.dat [MD5.ED0C02CB0193763BB1445EB0CE167F9D] - |D| - [29/07/2016 19:01:29] - (.-.) - [2001.37 Ko] - (0.0.0.0) - C:\WINDOWS\system32\PerfStringBackup.INI [MD5.C09741B9886EF0D15EC3B1443352FB62] - |D| - [30/10/2015 09:18:09] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pscript.sep [MD5.007893E8374C766471239EB291BA8C17] - |D| - [30/10/2015 09:17:45] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\psmodulediscoveryprovider.mof [MD5.3A77C18665A4C8428768CE186A5BC1EF] - |D| - [30/10/2015 09:17:39] - (.-.) - [1.78 Ko] - (0.0.0.0) - C:\WINDOWS\system32\rasctrnm.h [MD5.C6CA43573C21CA6392F57F238C8391FC] - |D| - [26/10/2012 16:42:22] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\Repository.reg [MD5.226BBC4490EA49B69B407742A85A2D92] - |D| - [30/10/2015 09:19:26] - (.-.) - [8.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ResPriHMImageList [MD5.7153DD25B2D727B7281780A3DF33C877] - |D| - [30/10/2015 09:19:26] - (.-.) - [8.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ResPriImageList [MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - |D| - [30/10/2015 09:17:50] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\system32\RestartManager.mof [MD5.3F75A221A01F68D6CE67FE99A868BD8F] - |D| - [30/10/2015 09:17:50] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\system32\RestartManagerUninstall.mof [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |D| - [16/07/2012 11:46:28] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\system32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |D| - [16/07/2012 11:46:32] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\system32\RP3DHT64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |D| - [16/07/2012 11:46:47] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |D| - [16/07/2012 11:46:49] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |D| - [16/07/2012 11:46:52] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |D| - [16/07/2012 11:46:55] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |D| - [30/10/2015 09:19:26] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ScavengeSpace.xml [MD5.00E5FCFD833151F7CBDE607E2F7AFEB4] - |D| - [30/10/2015 09:19:28] - (.-.) - [5.66 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance.png [MD5.5719BFC9CFDA7A9C059A71A47A0E6383] - |D| - [30/10/2015 09:19:28] - (.-.) - [2.56 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance_Alert.png [MD5.099BA37F81C044F6B2609537FDB7D872] - |D| - [30/10/2015 09:19:28] - (.-.) - [6.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance_Error.png [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |D| - [30/10/2015 09:17:43] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\settings.dat [MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - |D| - [30/10/2015 09:19:28] - (.-.) - [16.35 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ShiftJIS.uce [MD5.3903BCAB32A4A853DFA54962112D4D02] - |D| - [30/10/2015 09:17:53] - (.-.) - [139.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\slmgr.vbs [MD5.5DA94C1082B9331928DFC87F5E13EAB2] - |D| - [23/01/2012 15:15:14] - (.- SlotMaximizerAg.dll.) - [120 Ko] - (1.0.2.32) - C:\WINDOWS\system32\SlotMaximizerAg.dll [MD5.E93999885EA5519A5D4B1EEF6EA448B3] - |D| - [23/01/2012 15:15:14] - (.- SlotMaximizerBe.dll.) - [2420.5 Ko] - (1.0.2.32) - C:\WINDOWS\system32\SlotMaximizerBe.dll [MD5.1C6F12AA3D178A0A953E8005B3CD4CDE] - |D| - [30/10/2015 09:17:57] - (.-.) - [68.14 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SmallRoom.bin [MD5.C1AA14DBA23EB5AE5044727DF182FE5C] - |D| - [30/10/2015 09:17:46] - (.-.) - [54.8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\srms.dat [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |D| - [16/07/2012 11:49:35] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\system32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |D| - [16/07/2012 11:49:38] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\system32\SRSWOW64.dll [MD5.B59958CD06C9F89C39281FB12F1BB233] - |D| - [30/10/2015 09:18:42] - (.-.) - [513.74 Ko] - (0.0.0.0) - C:\WINDOWS\system32\staticurllist.bin [MD5.30F5568679A54042F99CA9EC1102EBCD] - |D| - [30/10/2015 09:19:28] - (.-.) - [91.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SubRange.uce [MD5.81B14F1AD906AC1CF9102796C97A54FE] - |D| - [30/10/2015 09:18:09] - (.-.) - [3.24 Ko] - (0.0.0.0) - C:\WINDOWS\system32\sysprint.sep [MD5.58A67EC6B00A54A69DC364194CA171E0] - |D| - [30/10/2015 09:18:09] - (.-.) - [3.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\sysprtj.sep [MD5.31B010EF50D54D548B4B8B211F421318] - |D| - [30/10/2015 09:18:10] - (.-.) - [1.63 Ko] - (0.0.0.0) - C:\WINDOWS\system32\tcpbidi.xml [MD5.D602CA245CC6774A0981B607F0675609] - |D| - [30/10/2015 09:18:09] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\tcpmon.ini [MD5.6D21D0A95286DCD09E354B612F592EB7] - |D| - [30/10/2015 09:24:37] - (.-.) - [1.94 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ticrf.rat [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |D| - [30/10/2015 09:17:47] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WdsUnattendTemplate.xml [MD5.039C8233D4FCE424F5CA9427EF771942] - |D| - [30/10/2015 09:18:19] - (.-.) - [213.34 Ko] - (0.0.0.0) - C:\WINDOWS\system32\weretw.dll [MD5.D87FB0D2599BAE25F3A6D29589AF0D98] - |D| - [30/10/2015 09:17:49] - (.-.) - [2.22 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WimBootCompress.ini [MD5.2BA7DF05213968EFC98867E03687CEDB] - |D| - [30/10/2015 09:17:59] - (.-.) - [401.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\Windows.Perception.Stub.dll [MD5.E0974EE3F592223A950B3B0C04797212] - |D| - [30/10/2015 09:19:39] - (.-.) - [1.61 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WindowsCodecsRaw.txt [MD5.7EF8F3CADE2DE177F96B5A5B581D73FF] - |D| - [30/10/2015 09:17:43] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\winrm.cmd [MD5.9D7684F978EBD77E6A3EA7EF1330B946] - |D| - [30/10/2015 09:17:43] - (.-.) - [199.32 Ko] - (0.0.0.0) - C:\WINDOWS\system32\winrm.vbs [MD5.965E1F4E54E12010DDDC7F71950C9C53] - |D| - [30/10/2015 09:17:50] - (.http://www.sqlite.org/copyright.html - SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - [642.46 Ko] - (3.8.8.3) - C:\WINDOWS\system32\winsqlite3.dll [MD5.C30C621748C66CE751B19B2788559A3E] - |D| - [30/10/2015 09:18:42] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wpcmon.png [MD5.F1DF7849450DBC5D5C3A464E8A791C8C] - |D| - [30/10/2015 09:18:42] - (.-.) - [1485.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WpcNBModel.bin [MD5.B6B479B04C64AF5EF36C24EBDF278302] - |D| - [30/10/2015 09:18:03] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wpr.config.xml [MD5.930423065AB3F5DB52D5726C7FC66385] - |D| - [30/10/2015 09:17:43] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wsmanconfig_schema.xml [MD5.D6CBFA113B69C491DE370E85EBAC80E9] - |D| - [30/10/2015 09:17:43] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WsmPty.xsl [MD5.B2EDF82825D979928AE07CBE9C7A2160] - |D| - [30/10/2015 09:17:43] - (.-.) - [2.37 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WsmTxt.xsl [MD5.9D6B8FC71167D22849424084F0F3D9E9] - |D| - [30/10/2015 09:19:41] - (.-.) - [74.28 Ko] - (0.0.0.0) - C:\WINDOWS\system32\xpsrchvw.xml [MD5.684DDBD6ED4066B10660A3A06655B59A] - |D| - [30/10/2015 09:17:42] - (.-.) - [3.92 Ko] - (0.0.0.0) - C:\WINDOWS\system32\xwizard.dtd ---------- | Installer [HKCR\Installer\Products\047C26CF9332C81664B763ECD604E9F5] : CCC Help Portuguese -> c:\windows\Installer\{FC62C740-2339-618C-467B-36CE6D409E5F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0694AF70830BBE9498B1F95939A05A44] : HP Customer Experience Enhancements -> C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\085E718E81368CFA122023C23711E74C] : CCC Help Polish -> C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0B8F248F2496039428F145E379B6C266] : MSVCRT110_amd64 [HKCR\Installer\Products\0D4A6A5A500250A2E212948580FC59DE] : CCC Help Norwegian -> C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0DDFD8EF345A38A47B9A4C113118495D] : Galerie de photos [HKCR\Installer\Products\0E5F85E2FE5BC448B581C4128F00AC6D] : ccc-utility64 -> c:\windows\Installer\{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0F76E360892CA2A8F06A481C35224A0E] : ccc-utility64 -> C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\19CF135DE4F67A949B215182D9506B8F] : Photo Common [HKCR\Installer\Products\1D5F27E1E3559FFC603AC8A55F70DDC1] : CCC Help French -> C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1DE0846BE844B318F40EEB8D111D0CF1] : CCC Help French -> c:\windows\Installer\{B6480ED1-448E-813B-4FE0-BED811D1C01F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\21993ABAC0833FE08C02681851BED1CA] : Catalyst Control Center InstallProxy -> c:\windows\Installer\{ABA39912-380C-0EF3-C820-868115EB1DAC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\21E13F622273DF5409B394102268BBC4] : OnlineThreatsEngine -> C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\241A5D4605DBE627DEE92D05D8A2712E] : Catalyst Control Center InstallProxy -> C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3089FBDBC75BA2BA8803BCDE43078304] : Catalyst Control Center Graphics Previews Common -> c:\windows\Installer\{BDBF9803-B57C-AB2A-8830-CBED34703840}\ARPPRODUCTICON.exe [HKCR\Installer\Products\32F7D401414AD6EE13E50AC77BA5EDEE] : CCC Help English -> c:\windows\Installer\{104D7F23-A414-EE6D-315E-A07CB75ADEEE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\37E58BB129D0A406A0FA7CAA5D3E3A6C] : CCC Help English -> C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3A56CBC8BA0456EDC21B99A7DB8ADF86] : CCC Help Turkish -> C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3C1BCDF6CDE9CBC374C3DD58DEE54049] : CCC Help German -> C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4171AC28AE31914F19EF2138444247E5] : CCC Help Italian -> C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42C6FBF1Df1C10144AB2C065F4E9E897] : Media Suite -> c:\windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42CB457F40C2E67F4C3010570F595406] : CCC Help Chinese Standard -> c:\windows\Installer\{F754BC24-2C04-F76E-C403-0175F0954560}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42D78011D76588D7966C7D0AB8F5C474] : Catalyst Control Center - Branding -> C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4673AE1C831172EADA3645B9DA99AB51] : CCC Help Japanese -> C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\4B4FA6E101901284BC028FDFA70AC9BC] : CCC Help Russian -> c:\windows\Installer\{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4BB780764B91961CE325B2DE97D6A83B] : CCC Help Swedish -> c:\windows\Installer\{67087BB4-19B4-C169-3E52-2BED796D8AB3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4F74DB53B91CF474AACC8E0CEB8341A8] : Photo Common [HKCR\Installer\Products\4FC967F53625B7C4EA2B0CA637EA4482] : AMD Catalyst Install Manager -> c:\windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\ARPPRODUCTICON.exe [HKCR\Installer\Products\554590D7179DC4D4E9DFA96F6A85F4A3] : Bing Bureau -> C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}\icon.ico [HKCR\Installer\Products\59EBDD8FEBCD5B303595ED631041E612] : CCC Help Danish -> C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5AF433025DC6CF845B9F3DD4570E8754] : AntimalwareEngine -> C:\WINDOWS\Installer\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5E16E053C2C6C3F2A341E790A46B3D0A] : CCC Help Spanish -> C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\66122D971C874DA2407EDB22DB85DF64] : CCC Help Chinese Traditional -> C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68ADF0FAB7E6C6A1154D34FA0581E12D] : AMD Catalyst Control Center -> C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6D6E41E65713A1E49B43AC5B8A3676DC] : HP Postscript Converter [HKCR\Installer\Products\6FB31B48FA7FE891E077CD4A20B7D991] : CCC Help Japanese -> c:\windows\Installer\{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}\ARPPRODUCTICON.exe [HKCR\Installer\Products\701043F6AA9F6C745BC43C1AF91155F3] : Hewlett-Packard ACLM.NET v1.2.0.0 -> C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7286306383AF47A4383362CBE4CE3980] : AdAwareUpdater -> C:\WINDOWS\Installer\{36036827-FA38-4A74-8333-26BC4EEC9308}\ARPPRODUCTICON.exe [HKCR\Installer\Products\72BCCFF8D2EEF85DA5DBDEC5609BE118] : CCC Help Swedish -> C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe [HKCR\Installer\Products\76A9438299D16A541A1C5C6B1DFD39A7] : AvcEngine -> C:\WINDOWS\Installer\{28349A67-1D99-45A6-A1C1-C5B6D1DF937A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7751D938514598C6662415D5FF6E34F2] : CCC Help Czech -> c:\windows\Installer\{839D1577-5415-6C89-6642-515DFFE6432F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\77E99DA1CC73E44793AC766FDF4365A5] : Catalyst Control Center Localization All -> C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\797ECA52ADBEB4E090F6F99EA7E1A2F6] : CCC Help Russian -> C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7CF988168379A934693B71FA89B1DDFE] : Movie Maker [HKCR\Installer\Products\7E6A666A15A3982E55B9FB436830A6FB] : CCC Help Turkish -> c:\windows\Installer\{A666A6E7-3A51-E289-559B-BF3486036ABF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\81685BD51207056CEEA885DCF1AA599F] : CCC Help Thai -> c:\windows\Installer\{5DB58618-7021-C650-EE8A-58CD1FAA95F9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8AC6637E9717EA777E21AB817DA0A070] : AMD Fuel -> C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BA31D3CA8644710D160BDA9EAA831B1] : CCC Help Czech -> C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8C6252E28A15BE6F289876788E08EC72] : Catalyst Control Center Localization All -> c:\windows\Installer\{2E2526C8-51A8-F6EB-8289-6787E880CE27}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\8F55E2B98AB554A46928CA6B2FCCD05A] : Photo Gallery [HKCR\Installer\Products\91AF5CD036E87774EA7BEFDF6A3C0C75] : AntispamEngine -> C:\WINDOWS\Installer\{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9AB6048E74D526A4803C57E96A7722A9] : AMD VISION Engine Control Center -> c:\windows\Installer\{E8406BA9-5D47-4A62-08C3-759EA677229A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9BB40EA6554ADE618560CDBF1B54506D] : CCC Help Dutch -> c:\windows\Installer\{6AE04BB9-A455-16ED-5806-DCFBB14505D6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9BEBFD6755E96CC89BA9C9FECA75A3F1] : CCC Help Spanish -> c:\windows\Installer\{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A144A7CAF3536F57A6ABB39F18165B03] : CCC Help Greek -> c:\windows\Installer\{AC7A441A-353F-75F6-6ABA-3BF98161B530}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A4FC0B50C465945419E3EAE3AD6179A1] : AdAwareInstaller -> C:\WINDOWS\Installer\{05B0CF4A-564C-4549-913E-AE3EDA16971A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A6C1C5112A511B845A99971FAAA1306F] : FirewallEngine -> C:\WINDOWS\Installer\{115C1C6A-15A2-48B1-A599-79F1AA1A03F6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A748067A9D4CFE7E17F6706CBC6F1B74] : CCC Help Thai -> C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B231DBD624F74954BB7EB06B77BE9262] : Epson Software Updater -> C:\WINDOWS\Installer\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}\icon.ico [HKCR\Installer\Products\BA0A2B44E214C8F40B851D8EEACCFD5F] : PowerRecover -> c:\windows\Installer\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BFCE53DD59C5B893ACAF5B8E8831363C] : CCC Help Italian -> c:\windows\Installer\{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C0DBE580E42F49BED633A222FE465CFC] : CCC Help Finnish -> C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C0DCA5F5454A7A232E60EE981B151082] : CCC Help Danish -> c:\windows\Installer\{5F5ACD0C-A454-32A7-E206-EE89B1510128}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C351938B2D4DC98F0533A061C02607B6] : CCC Help Portuguese -> C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C51E70D24A9A6D8D3D1729CE78975E78] : CCC Help Hungarian -> C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C5D52DA5318CB641F40B6765F187577B] : CCC Help Hungarian -> c:\windows\Installer\{5AD25D5C-C813-146B-4FB0-76561F7875B7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C8454747654E8184E80DA4F100FE771A] : Catalyst Control Center - Branding -> c:\windows\Installer\{7474548C-E456-4818-8ED0-4A1F00EF77A1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> c:\windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC599AF0948C55741BB44540CC57CD42] : Energy Star -> c:\windows\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\CD71EB902D9582DF73D1CD0EEA67EC57] : CCC Help Korean -> c:\windows\Installer\{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D276F30548C6A844F8F8B43CA58C4314] : AMD APP SDK Runtime -> c:\windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D84D78A2FDF3df1479DC1A3E07FEFF2E] : Power2Go -> c:\windows\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D85C4CB1627DB271ADC2BB6EEAD5BE67] : CCC Help Finnish -> c:\windows\Installer\{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DE532CED4A8571542A874CE1D8EABAB3] : PowerDVD -> c:\windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DED17A5318AD313153A2CEA8B072FDB3] : CCC Help Chinese Standard -> C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E3A623703B208701527D8B66B68AEF51] : CCC Help Korean -> C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E3B8D0C40F363774385F5C7B97B5F08B] : Photo Gallery [HKCR\Installer\Products\E45CB17D6E4A60E468C6DFE61EE61A78] : Movie Maker [HKCR\Installer\Products\EB3FC7A1A4D0FD33FD9D284478273656] : CCC Help German -> c:\windows\Installer\{1A7CF3BE-0D4A-33DF-DFD9-824487726365}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EE47477FC6BEB78C88FA33018C840E86] : CCC Help Greek -> C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EE6884B559A5752C6AF8D2ACED742A37] : CCC Help Norwegian -> c:\windows\Installer\{5B4886EE-5A95-C257-A68F-2DCADE47A273}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F218391F0C38DEC3E1EDEB5252623730] : CCC Help Chinese Traditional -> c:\windows\Installer\{F193812F-83C0-3CED-1EDE-BE2525267303}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F5ED6BFBAEB9BBF15348C28736C95EA9] : CCC Help Polish -> c:\windows\Installer\{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F64E64890E70FDB489A53EBF8A1C8577] : Movie Maker [HKCR\Installer\Products\F75D59AC3CF97DD0C76363F2478D0CE4] : CCC Help Dutch -> C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: AMI System Manufacturer: Hewlett-Packard System Product Name: CQ2904EF Logical Drives Mask: 0x0027dffc Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le package Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge a été interrompu, car sa suspension a été trop longue. ------------ La création du contexte d’activation a échoué pour « S:\esetsmartinstaller_enu.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest. ------------ La création du contexte d’activation a échoué pour « S:\esetsmartinstaller_enu.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. ------------ Nom de l’application défaillante VBoxManage.exe, version : 0.0.0.0, horodatage : 0x4db006fa Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000001c53a90 ID du processus défaillant : 0x864 Heure de début de l’application défaillante : 0x01d1ea211565b1d8 Chemin d’accès de l’application défaillante : L:\VirtualBox\Portable-VirtualBox\app64\VBoxManage.exe Chemin d’accès du module défaillant: unknown ID de rapport : ebf09234-30fb-4d61-a1e1-32a1371eee51 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante regsvr32.exe, version : 10.0.10586.0, horodatage : 0x5632d864 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000001c53a90 ID du processus défaillant : 0x1b0c Heure de début de l’application défaillante : 0x01d1ea210ae04296 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\regsvr32.exe Chemin d’accès du module défaillant: unknown ID de rapport : b59e05d1-ac7a-4167-9cbe-32b048dc2cb0 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante VBoxSVC.exe, version : 4.0.6.0, horodatage : 0x4db006da Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000001c53a90 ID du processus défaillant : 0x1770 Heure de début de l’application défaillante : 0x01d1ea2107751013 Chemin d’accès de l’application défaillante : L:\VirtualBox\Portable-VirtualBox\app64\VBoxSVC.exe Chemin d’accès du module défaillant: unknown ID de rapport : 878b237b-0cc8-4c94-a39a-af8c32832408 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.122, horodatage : 0x56cc0133 Nom du module défaillant : StartUI.dll, version : 10.0.10586.122, horodatage : 0x56cbff9f Code d’exception : 0x80000003 Décalage d’erreur : 0x00000000002a8713 ID du processus défaillant : 0x1284 Heure de début de l’application défaillante : 0x01d1e9be1139e740 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll ID de rapport : 5b6633b6-8e84-4e69-8b07-05ee158f9765 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ La collecte des données des compteurs de performance a été désactivée à partir du service « ASP.NET_2.0.50727 » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal des événements des applications. Corrigez les erreurs avant d’activer les compteurs de performance pour ce service. ------------ Windows ne peut pas ouvrir la DLL de compteur extensible 32 bits ASP.NET_2.0.50727 dans un environnement 64 bits. Contactez le fabricant du fichier pour obtenir une version 64 bits. Vous pouvez également ouvrir la DLL de compteur extensible 32 bits en utilisant la version 32 bits de l’Analyseur de performances. Pour utiliser cet outil, ouvrez le dossier Windows, puis le dossier Syswow64 et démarrez Perfmon.exe. ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : The catalog is corrupt. Détails : Le catalogue d’index des contenus est endommagé. 0xc0041801 (0xc0041801) ------------ Le service de recherche a détecté des fichiers de données endommagés dans l’index {id=3600}. Le service tentera de corriger automatiquement ce problème en recréant l’index. Détails : Le catalogue d’index des contenus est endommagé. 0xc0041801 (0xc0041801) ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ Échec de lecture de l'état du nœud de cluster : . Le code d'erreur retourné est : 0x8007085A ------------ DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service WSearch avec les arguments « Non disponible » pour exécuter le serveur : {9E175B6D-F52A-11D8-B9A5-505054503030} ------------ DCOM a reçu l’erreur « 1084 » lors de la tentative de démarrage du service ShellHWDetection avec les arguments « Non disponible » pour exécuter le serveur : {DD522ACC-F821-461A-A407-50B198B896DC} ------------ ----------( EOF)---------- - 7242 | 19:19:55