--------------- QuickDiag | g3n-h@ckm@n | 2_17.07.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 20/07/2016 06:11:05 Updated 17/07/2016 | 08.15 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jean- (Administrator)] - [DESKTOP-9LM40BG] (S-1-5-21-2956268689-1280340557-608612402-1001) System: Microsoft Windows 10 Famille - - (10.0.10586) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Extended ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: 1280x1024 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25344 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27136 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\prodad-codec.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 607256 - Manufacturer: proDAD GmbH - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34632 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:50 % CPU #2 value:25 % Total Overall CPU Usage value:38 % ---------- | Network Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) - Ethernet 802.3 - Qualcomm Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_2AE3103C&REV_C1\4&186C6B44&0&00A9 Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - - - Status: - PnPID : Microsoft ISATAP Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 3748 | Free (MB) : 1886 Pagefile = Total (MB) : 7155 | Free (MB) : 5007 Virtual = Total (MB) : 4194 | Free (MB) : 3938 Physical Memory 0 : Capacity: 4294967296 - A1_DIMM0 - Posit.: 0 - Manufacturer: Micron - PartNumber: 8JTF51264AZ-1G6E1 - S/N: DEA02E9 ---------- | SID Users Administrateur : [S-1-5-21-2956268689-1280340557-608612402-500] DefaultAccount : [S-1-5-21-2956268689-1280340557-608612402-503] Invité : [S-1-5-21-2956268689-1280340557-608612402-501] jean- : [S-1-5-21-2956268689-1280340557-608612402-1001] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-2956268689-1280340557-608612402-1002] ---------- | Drives W:\ -> [Removable] | [NO NAME] | Total : 59.48 Go | Free : 17.37 Go -> FAT32 [USB] M:\ -> [Removable] | [AUTORAD] | Total : 14.83 Go | Free : 14.58 Go -> FAT32 [USB] J:\ -> [Fixed] | [POWER2GO 11 SETUP] | Total : 0.61 Go | Free : 0.56 Go -> NTFS [SATA] I:\ -> [Removable] | [FRAMAKEY SA] | Total : 1.86 Go | Free : 0.22 Go -> FAT [USB] H:\ -> [CDROM] | [WD Unlocker] | Total : 0.01 Go | Free : 0 Go -> UDF [USB] F:\ -> [Fixed] | [100% s finalis blini benchmarkin] | Total : 6.52 Go | Free : 6.34 Go -> NTFS [SATA] E:\ -> [Fixed] | [widen & barrow 2] | Total : 29.44 Go | Free : 6.43 Go -> NTFS [SATA] D:\ -> [Fixed] | [Recovery Image] | Total : 12.45 Go | Free : 0.99 Go -> NTFS [SATA] C:\ -> [Fixed] | [OS] | Total : 552.57 Go | Free : 271.77 Go -> NTFS [SATA] Disk Usage Information [8 total Physical Disks] Physical Drive #0 [C:, E:, F:, D:, J:] : Read:39,254,400 bytes/sec, Written:0 bytes/sec Max Read:39,254,400 bytes/sec, Max Write:0 bytes/sec Physical Drive #\ [DESKTOP-9LM40BG\Disque, physique(1)\Écritures, disque,, octets/s] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #7 [M:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [S:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [T:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [V:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [W:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:39,254,400 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - External hard disk media - Part. - PnPID : USBSTOR\DISK&VEN_WD&PROD_MY_PASSPORT_0827&REV_1012\575831314438354450483744&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 10 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-60ZF5A0\4&32E8E4A0&0&000000 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-SM/XD&REV_2.10\50000007EDC1&1 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-MS&REV_2.10\50000007EDC1&3 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-SD&REV_2.10\50000007EDC1&2 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_SONY&PROD_CARD_R/W__-CF&REV_2.10\50000007EDC1&0 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_&PROD_FIXMESTICK&REV_8.07\D2BF4C401E2763FP1289&0 DeviceID: \\.\PHYSICALDRIVE7 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0815\000000000004&GL&23 ---------- | Windows updates No detected update !!! ---------- | Browsers IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" %1 ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.209 ---------- | Security AS : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 480 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe [30/10/2015 09:18:03] CPU Usage:0 % 756 | [Owner : | Parent : 648() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe [18/06/2016 12:09:12] CPU Usage:0 % 828 | [Owner : | Parent : 748() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe [20/06/2016 21:04:22] CPU Usage:0 % 876 | [Owner : | Parent : 756(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe [20/06/2016 21:04:20] CPU Usage:0 % 884 | [Owner : | Parent : 756(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe [30/10/2015 09:18:03] CPU Usage:0 % 996 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 504 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 624 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:4 % 1056 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1136 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1204 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1356 | [Owner : | Parent : 876(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe [21/10/2015 02:14:46] CPU Usage:0 % 1456 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1464 | [Owner : | Parent : 1356(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe [21/10/2015 02:14:46] CPU Usage:0 % 1492 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1780 | [Owner : | Parent : 876(services.exe) | ?????] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.73) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [01/08/2013 14:12:34] CPU Usage:0 % 1828 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1852 | [Owner : | Parent : 1780(RtkAudioService64.exe) | ?????] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.239) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [01/08/2013 14:12:32] CPU Usage:0 % 1904 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe [20/06/2016 21:04:09] CPU Usage:0 % 2196 | [Owner : | Parent : 876(services.exe) | ?????] - (.COMODO Security Solutions - COMODO COSService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\COSService.exe [13/07/2016 12:37:49] CPU Usage:0 % 2204 | [Owner : | Parent : 876(services.exe) | ?????] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - (1.8.1.2563) = C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [19/07/2016 08:45:00] CPU Usage:0 % 2232 | [Owner : | Parent : 876(services.exe) | ?????] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe [06/07/2016 14:58:56] CPU Usage:0 % 2244 | [Owner : | Parent : 876(services.exe) | ?????] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [21/08/2015 22:09:14] CPU Usage:0 % 2276 | [Owner : | Parent : 876(services.exe) | ?????] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [13/07/2016 11:56:43] CPU Usage:0 % 2284 | [Owner : | Parent : 876(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [28/06/2016 13:54:12] CPU Usage:0 % 2320 | [Owner : | Parent : 876(services.exe) | ?????] - (.Comodo Security Solutions, Inc. - COMODO PC TuneUp service.) - (1.0.0.1) = C:\Program Files\COMODO\PC TuneUP\CPluginService.exe [07/02/2013 14:09:22] CPU Usage:0 % 2356 | [Owner : | Parent : 876(services.exe) | ?????] - (.COMODO - COMODO Cloud Antivirus.) - (1.3.1079.265) = C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe [11/07/2016 06:41:46] CPU Usage:44 % 2388 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2408 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2444 | [Owner : | Parent : 876(services.exe) | ?????] - (.COMODO Security Solutions - COMODO SynchronizationService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\SynchronizationService.exe [13/07/2016 12:39:09] CPU Usage:0 % 3276 | [Owner : | Parent : 2204(mbae-svc.exe) | ?????] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit 64bit tasks.) - (1.8.1.2563) = C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe [19/07/2016 08:44:59] CPU Usage:0 % 3312 | [Owner : | Parent : 3276(mbae64.exe) | ?????] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe [30/10/2015 09:17:58] CPU Usage:0 % 3800 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.10586.494) = C:\Windows\System32\SearchIndexer.exe [18/07/2016 15:17:20] CPU Usage:0 % 3468 | [Owner : | Parent : 876(services.exe) | ?????] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.10586.0) = C:\Windows\System32\vds.exe [30/10/2015 09:17:48] CPU Usage:0 % 4172 | [Owner : | Parent : 2276(Agent.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe [13/07/2016 11:57:48] CPU Usage:0 % 5008 | [Owner : jean- | Parent : 1056(svchost.exe) | 21.12 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe [30/10/2015 09:18:01] CPU Usage:0 % 5036 | [Owner : jean- | Parent : 1056(svchost.exe) | 13.62 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe [30/10/2015 09:17:43] CPU Usage:0 % 4660 | [Owner : jean- | Parent : 1420() | 110.83 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [18/07/2016 17:13:01] CPU Usage:0 % 5652 | [Owner : jean- | Parent : 4660(explorer.exe) | 7.81 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe [18/07/2016 18:15:22] CPU Usage:0 % 5540 | [Owner : jean- | Parent : 4660(explorer.exe) | 13.92 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1008) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [05/07/2016 18:59:08] CPU Usage:0 % 5576 | [Owner : jean- | Parent : 4660(explorer.exe) | 90.87 Mo] - (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) - (10.0.3016.0) = C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [16/07/2016 15:51:38] CPU Usage:0 % 2904 | [Owner : jean- | Parent : 4660(explorer.exe) | 22.33 Mo] - (.ultracopier.first-world.info - Ultracopier under GPL3.) - (1.2.3.0) = C:\Program Files\Ultracopier\ultracopier.exe [02/01/2016 01:00:00] CPU Usage:0 % 5252 | [Owner : jean- | Parent : 4660(explorer.exe) | 55.77 Mo] - (.CHENGDU Yiwo Tech Development Co., Ltd. -.) - (2.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe [18/07/2016 18:15:23] CPU Usage:0 % 5316 | [Owner : jean- | Parent : 2948() | 15.21 Mo] - (.Logitech Inc. - Logitech Webcam Software.) - (13.51.815.0) = C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [13/09/2012 00:38:44] CPU Usage:0 % 5496 | [Owner : jean- | Parent : 996(svchost.exe) | 7.58 Mo] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.9525) = C:\PROGRA~2\CYBERL~1\SHARED~1\RichVideo.exe [16/07/2016 15:31:31] CPU Usage:0 % 4900 | [Owner : jean- | Parent : 2948() | 18.42 Mo] - (.CyberLink Corp. - CyberLink YouCam Service.) - (7.0.824.0) = C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [16/07/2016 14:15:25] CPU Usage:0 % 4904 | [Owner : jean- | Parent : 5316(LWS.exe) | 20.19 Mo] - (.-.) - (13.51.815.0) = C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe [13/09/2012 00:38:20] CPU Usage:0 % 4992 | [Owner : jean- | Parent : 2948() | 12.49 Mo] - (.CyberLink Corporation. - InstantBurn UDF Tool.) - (5.0.0.10524) = C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [16/07/2016 15:10:49] CPU Usage:0 % 4440 | [Owner : jean- | Parent : 2948() | 19.64 Mo] - (.- DivX Update.) - (1.0.6.88) = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [13/02/2013 04:37:16] CPU Usage:0 % 3424 | [Owner : jean- | Parent : 3620() | 53.94 Mo] - (.Comodo Security Solutions, Inc. - COMODO PC TuneUp.) - (1.0.0.1) = C:\Program Files\COMODO\PC TuneUP\CPCTuneUp.exe [07/02/2013 14:08:44] CPU Usage:0 % 4680 | [Owner : jean- | Parent : 2948() | 11.72 Mo] - (.CyberLink - CyberLink MediaLibray Service.) - (10.0.0.1725) = C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [16/07/2016 15:51:33] CPU Usage:0 % 6136 | [Owner : jean- | Parent : 2948() | 50.62 Mo] - (.COMODO - COMODO Cloud Antivirus.) - (1.3.1079.265) = C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe [11/07/2016 06:41:46] CPU Usage:0 % 2468 | [Owner : jean- | Parent : 1056(svchost.exe) | 3.48 Mo] - (.CyberLink Corp. - MediaEspresso DeviceDetector.) - (7.5.7515.60361) = C:\Program Files (x86)\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [16/07/2016 15:38:41] CPU Usage:0 % 5788 | [Owner : jean- | Parent : 2948() | 141.5 Mo] - (.Dropbox, Inc. - Dropbox.) - (7.3.29.0) = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [19/07/2016 04:05:39] CPU Usage:0 % 4308 | [Owner : jean- | Parent : 2948() | 13.19 Mo] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) - (1.8.1.2563) = C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [19/07/2016 08:44:59] CPU Usage:0 % 1044 | [Owner : jean- | Parent : 2948() | 34.63 Mo] - (.- ProductUpdater.) - (1.0.3.0) = C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [19/07/2016 13:43:15] CPU Usage:0 % 5460 | [Owner : jean- | Parent : 4660(explorer.exe) | 391.65 Mo] - (.Mozilla Corporation - Firefox.) - (47.0.1.6018) = C:\Program Files\Mozilla Firefox\firefox.exe [05/07/2016 10:09:40] CPU Usage:0 % 6936 | [Owner : jean- | Parent : 876(services.exe) | 25.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 6340 | [Owner : | Parent : 876(services.exe) | ?????] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.9525) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe [12/07/2016 07:54:13] CPU Usage:0 % 7344 | [Owner : jean- | Parent : 5460(firefox.exe) | 14.75 Mo] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (7.1.0.595) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe [29/03/2016 11:34:14] CPU Usage:0 % 6908 | [Owner : | Parent : 876(services.exe) | ?????] - (.Disc Soft Ltd - Disc Soft Bus Service.) - (7.1.0.595) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [29/03/2016 11:33:44] CPU Usage:0 % 6484 | [Owner : jean- | Parent : 996(svchost.exe) | 22.4 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10586.0) = C:\Windows\System32\ApplicationFrameHost.exe [30/10/2015 09:18:16] CPU Usage:0 % 4412 | [Owner : jean- | Parent : 996(svchost.exe) | 34.76 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.10586.11) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [20/06/2016 21:03:13] CPU Usage:0 % 7360 | [Owner : | Parent : 3800(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.10586.494) = C:\Windows\System32\SearchProtocolHost.exe [18/07/2016 15:17:06] CPU Usage:0 % 4868 | [Owner : jean- | Parent : 996(svchost.exe) | 57.88 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [18/07/2016 17:13:01] CPU Usage:4 % 6432 | [Owner : jean- | Parent : 4660(explorer.exe) | 31.3 Mo] - (.SosVirus - QuickDiag.) - (17.7.2016.1) = C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe [20/07/2016 06:08:58] CPU Usage:0 % 4956 | [Owner : jean- | Parent : 996(svchost.exe) | 0.09 Mo] - (.-.) - (10.1.2123.36) = C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe [05/07/2016 07:57:53] CPU Usage:0 % ---------- | MD5 [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 17:13:01] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.494) : C:\WINDOWS\Explorer.exe [MD5.41E25E514D90E9C8BC570484DBAFF62B] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [228.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [20/06/2016 21:04:20] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\WINDOWS\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [18/06/2016 12:09:28] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [18/06/2016 12:09:12] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [20/06/2016 21:04:22] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [20/06/2016 21:04:00] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [20/06/2016 21:03:31] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [20/06/2016 21:03:48] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [20/06/2016 21:03:40] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [20/06/2016 21:03:45] - (.© Microsoft Corporation. - MBT Transport driver.) - [272 Ko] - (10.0.10586.420) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [20/06/2016 21:04:04] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [20/06/2016 21:03:04] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [18/07/2016 17:03:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2346.84 Ko] - (10.0.10586.494) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [20/06/2016 21:03:57] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Windows\system32\ccavguard64.dll (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.320) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\CoreUIComponents.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (8.17.10.1404) -- C:\WINDOWS\SYSTEM32\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (8.14.1.6463) -- C:\WINDOWS\SYSTEM32\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (8.17.10.625) -- C:\WINDOWS\SYSTEM32\atidxx64.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySyncExplorerOverlayX64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.38) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll (.Rebit, Inc..-.Rebit Pro Namespace Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~1.DLL (.Rebit, Inc..-.Rebit Pro Translations.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\cqt.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\LIBEAY32.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\SSLEAY32.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtCore4.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtNetwork4.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtSql4.dll (.Disc Soft Ltd.-.DAEMON Tools Pro.) - (7.1.0.595) -- C:\Program Files\DAEMON Tools Pro\DTShl64.dll (.Rebit, Inc..-.Rebit Pro Shell Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~2.DLL (..-..) - (0.0.0.0) -- C:\WINDOWS\SysWOW64\WPShellExt64.dll (..-..) - (1.0.0.0) -- C:\WINDOWS\SysWOW64\WSCM64.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\TeraCopy\TERACO~2.DLL (.CHENGDU YIWO Tech Development Co.,Ltd.-.EaseUS Todo Backup Application.) - (3.0.0.1) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\creator-context-menu.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\encoding-conversion.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\root-service-provider.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\encoding-conversion.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\atom.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\atom.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\brand.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\logger.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\brand.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\notification-service.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\root-service-provider.dll (.pdfforge GmbH.-.PDF Architect 4.) - (4.1.4.27684) -- C:\Program Files\PDF Architect 4\support.dll (..-..) - (1.0.0.2) -- C:\WINDOWS\SysWOW64\ISCM64.dll (.SurfRight B.V..-.HitmanPro Shell Extension.) - (3.7.0.0) -- C:\Program Files\HitmanPro\hmpshext.dll (.CHENGDU Yiwo Tech Development Co., Ltd..-.EverySync.) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EUSyncExtMenux64.dll (.C-O-M-O-D-O.-.COMODO BackUp ShellExtension.) - (2.0.0.1834) -- C:\Program Files\COMODO\COMMON\ShellExtension.dll (.COMODO Security Solutions.-.COMODO BackUp Language DLL.) - (1.0.0.1808) -- C:\Program Files\COMODO\COMMON\LANG\GUILANG_FRA.dll (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll (.Cyberlink.-.Cyberlink Shell Extension dynamic link library.) - (10.0.0.1409) -- C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt10.dll (..-..) - (1.0.0.0) -- C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll (..-..) - (1.2.502.0) -- C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- : 4868 (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Windows\system32\ccavguard64.dll (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.320) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (.Seiko Epson Corporation.-.Epson Easy Photo Print (TBL x64).) - (2.7.0.0) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySyncExplorerOverlayX64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.38) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll (..-..) - (1.2.502.0) -- C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll (.C-O-M-O-D-O.-.COMODO BackUp ShellExtension.) - (2.0.0.1834) -- C:\Program Files\COMODO\COMMON\ShellExtension.dll (.Rebit, Inc..-.Rebit Pro Namespace Extension.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\REBIT-~1.DLL (.Rebit, Inc..-.Rebit Pro Translations.) - (5.1.3001.14505) -- C:\PROGRA~1\Rebit\REBITP~1\cqt.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\LIBEAY32.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\Rebit\REBITP~1\SSLEAY32.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtNetwork4.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtCore4.dll (..-..) - (4.7.3.0) -- C:\PROGRA~1\Rebit\REBITP~1\QtSql4.dll (.Disc Soft Ltd.-.DAEMON Tools Pro.) - (7.1.0.595) -- C:\Program Files\DAEMON Tools Pro\DTShl64.dll (..-..) - (0.0.0.0) -- C:\Program Files\TeraCopy\TeraCopy64.dll (..-..) - (0.0.0.0) -- C:\Program Files\Ultracopier\PluginLoader\catchcopy-v0002\catchcopy64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.COMODO.-.COMODO Cloud Antivirus.) - (1.3.1079.265) -- C:\Windows\system32\ccavguard64.dll (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.320) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up SpybotPostWindows10UpgradeReInstall - ("C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\S-1-5-18\...\Run]) - User: AUTORITE NT\Système OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU EaseUS EverySync - (EaseUS EverySync.lnk [Startup]) - User: DESKTOP-9LM40BG\jean- Power2GoExpress10 - ("C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- ultracopier - ("C:\Program Files\Ultracopier\ultracopier.exe" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\...\Run]) - User: DESKTOP-9LM40BG\jean- SpybotPostWindows10UpgradeReInstall - ("C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\.DEFAULT\...\Run]) - User: .DEFAULT RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\...\Run]) - User: Public COMODO PC TuneUp - (C:\Program Files\COMODO\PC TuneUP\CPCTuneUp.exe /Startup [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress10"="C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup "ultracopier"="C:\Program Files\Ultracopier\ultracopier.exe" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=notepad\1 "MRUList"=a [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "COMODO PC TuneUp"=C:\Program Files\COMODO\PC TuneUP\CPCTuneUp.exe /Startup [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide "YouCam Service7"="C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe" /s "InstantBurn"=C:\PROGRA~2\CYBERL~1\InstantBurn\Win2K\IBurn.exe [16/07/2016 15:10:49] "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "CLMLServer_For_P2G10"="C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe" "PowerDVD16Agent"="C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe" "ccav"="C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe" -autorun "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup "Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [19/07/2016 08:44:59] "ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [19/07/2016 13:43:15] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=4263be83-0e16-4065-8fd4-3367116 "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "BootExecute"=autocheck autochk * sdnclean64.exe "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkTimeout"=5 [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=6 "WaitToKillServiceTimeout"=200 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [10/06/2016 10:59:41] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "fullprivilegeauditing"=0x80 "LsaPid"=884 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ---------- | .LNK C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\jean-\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\jean-\AppData\Roaming\IObit\Advanced SystemCare Beta\Startup Manager\Shortcut\Logitech . Enregistrement du produit.lnk (/remind /language=FRA /_WFM=".") : ��HPg�HPg.�[)�K�EregZ2�p;�@ eReg.exeB �p;�@�HPg.�[ C:\Users\jean-\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EaseUS EverySync.lnk (0) � Uqpbinh2(l*SG�m EverySync.exeL ��H��H�.�TEverySync. C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\jean-\Desktop\AdsFix_Donate.lnk (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) C:\Users\jean-\Desktop\Dropbox.lnk (/home) C:\Users\Public\Desktop\Manuels EPSON.lnk ( /LA "FR" /FR "DESKTOP") C:\Users\Public\Desktop\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7 Mirror.lnk (/m) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk (Start Help -help) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink MediaEspresso 7.5\CyberLink MediaEspresso 7.5 Gadget.lnk (gadget) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Chercher les mises à jour.lnk (/start=update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Enregistrez.lnk (/start=registration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Réglages du Codec.lnk (/start=decoder) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk (/home) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL\Uninstall e-Carte Bleue LCL.lnk (/x {44A9E188-470F-40D1-80E0-C1E429FAEEE1}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON Software Updater.lnk (/ST) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Manuels EPSON.lnk ( /LA "FR" /FR "STARTMENU") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Supprimer HitmanPro 3.7.lnk (/uninstall) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll",DirectVobSub) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk ("C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madVR.lnk (editLocalSettingsDontWait) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit Pro\Rebit Pro.lnk (--show=full) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free.lnk (/NOADMIN) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Backup\WD Backup.lnk (-launchbackupdefault) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free\Generate Log File\Generate Log File.lnk (/CRASH) ---------- | AppCertDlls | AppInit_DLLs [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_Dlls"=C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=0 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "LeftOverlapChars"=3 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "Wallpaper"=C:\Users\jean-\AppData\Local\Microsoft\BingDesktop\themes\2016-07-19.jpg [19/07/2016 19:27:58] "ActiveWndTrkTimeout"=0 "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100B73A050080070000B0040000AC6CB5E4E2E1D10143003A005C00550073006500720073005C006A00650061006E002D005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00420069006E0067004400650073006B0074006F0070005C007400680065006D00650073005C0032003000310036002D00300037002D00310039002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "AutoColorization"=1 "ImageColor"=2939849665 "PreferredUILanguages"=fr-FR "ForegroundLockTimeout"=0 "MenuShowDelay"=0 "AutoEndTasks"=1 "HungAppTimeout"=4000 "ConvertedWallpaper"= "OriginalWallpaper"= "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=253 "NoDriveAutoRun-"=0 "NoDriveTypeAutoRun-"=0 "NoDriveAutoRun"=67108863 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 "{E31EA727-12ED-4702-820C-4B6445F28E1A}"=1 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003328000000000000000000000000000001000000130000000000000062000000 "UserSignedIn"=1 "AllowStartMenuToDefaultOn"=1 "TelemetrySalt"=2 "SlowContextMenuEntries"=0x0D24645B365B9F4BA75F4925B6A53D5B5BF00000BD0E0C47735D584D9CEDE91E22E232823FFD06000114020000000000C0000000000000469E8009006024B221EA3A6910A2DC08002B30309D8E6F0100F05A64A7E8D6AF488DFA023B1CF660A70DE30000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "GlobalAssocChangedCounter"=157 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=315 "link"=0x00000000 "DesktopProcess"=1 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "EnableStartMenu"=1 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewShadow"=1 "StartMenuInit"=11 "ReindexedProfile"=1 "nonetcrawling"=1 "ListviewAlphaSelect"=0 "TaskbarAnimations"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 "EnableLinkedConnections"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=253 "NoDriveAutoRun-"=0 "NoDriveTypeAutoRun-"=0 "NoDriveAutoRun"=67108863 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=21 "MultipleInvokePromptMinimum"=10000 "Max Cached Icons"=2000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 "EnableLinkedConnections"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoDriveTypeAutoRun"=253 "NoDriveAutoRun-"=0 "NoDriveTypeAutoRun-"=0 "NoDriveAutoRun"=67108863 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=104 "Max Cached Icons"=2000 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=10586 "FirstLogon"=0 "PUUActive"=0x53A5712D03000000070015008F710000A4710000AE540100D0000000010001008C203E97FB610100FB610100772C0000D6170000221500000000000005610100A40400005B00000019208E7B42E2D101 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "ShutdownStartTime"=131134639342837273 "UserSessionShutdownStopTime"=131134639343617109 "ShutdownFlags"=2147483687 "AutoAdminLogon"=0 "DefaultUserName"=jean-marie.carribon@wanadoo.fr "DisableCAD"=1 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [18/07/2016 17:01:36] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [18/07/2016 17:01:36] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C8F0890013408A0001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\jean-\Downloads\Adaware_Installer.exe"=0x534143500100000000000000070000002800000030972000BB0F210001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FC2E3200000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\filmora_setup_full1084.exe"=0x5341435001000000000000000700000028000000906812003E4D130001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FC130200000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\supercopier-windows-x86-1.2.1.0-setup.exe"=0x5341435001000000000000000700000028000000DCA86900000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000534A0100000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\teracopy.exe"=0x534143500100000000000000070000002800000088BB2800BE8329000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004F033400000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\unlocker-setup.exe"=0x5341435001000000000000000700000028000000C8692500E60026000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002BA20000000000000100000001000000 "SIGN.MEDIA=485F1E4F barrow 2 & widen 100% sécurisé\efm du musée de l'homme & power2go 11 essentials managers\filmora_resource.exe"=0x5341435001000000000000000700000028000000C0665116434752160100000000000000000001060001000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000070C00700000000000500000005000000 "SIGN.MEDIA=922F12CD barrow 2 & widen 100% sécurisé\ultracopier-windows-x86_64-1.2.3.0-setup.exe"=0x534143500100000000000000070000002800000044E26600000000000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000001C470000000000000100000001000000 "SIGN.MEDIA=4711798 barrow 2 & widen 100% sécurisé\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\macarons domi'gru\lws280.exe"=0x5341435001000000000000000700000028000000981771044C3371040100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B013100000000000100000001000000 "SIGN.MEDIA=101F8E barrow 2 & widen 100% sécurisé\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\CyberLink_Power2Go_Downloader.exe"=0x5341435001000000000000000700000028000000B83D10000B2B110001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C3520000000000000100000001000000 "C:\Users\jean-\Downloads\CyberLink_Power2Go_Downloader.exe"=0x5341435001000000000000000700000028000000189F10006028110001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AB142C00000000000100000001000000 "SIGN.MEDIA=1EA9848 barrow 2 & widen 100% sécurisé\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\quel tri'toir nadia winifred\Paragon-283-PEF_WinInstallSNx64_10.1.25.813_000.exe"=0x534143500100000000000000070000002800000058EF3103509632030100000000000000000000067102000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A46F0300000000000100000001000000 "SIGN.MEDIA=922F12CD barrow 2 & widen 100% sécurisé\CyberLink_YouCam_Downloader.exe"=0x5341435001000000000000000700000028000000B8BD0F0086B7100001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BA982000000000000100000001000000 "SIGN.MEDIA=922F12CD barrow 2 & widen 100% sécurisé\CyberLink_VideoMeetingPlus_Downloader.exe"=0x5341435001000000000000000700000028000000B8BD0F00C61A100001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BB951300000000000200000002000000 "C:\Program Files (x86)\CyberLink\YouCam7\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000B8BD0200F45103000100000000000000000002067102000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006E340000000000000100000001000000 "C:\Users\jean-\Documents\barrow 2 & widen 100% sécurisé\CyberLink_PresenterLinkPlus_Downloader.exe"=0x534143500100000000000000070000002800000018DF0F00E574100001000000000000000000000A7120000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009A631100000000000100000001000000 "C:\Program Files (x86)\CyberLink\VideoMeetingPlus\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000183503007DFC030001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002C180000000000000100000001000000 "C:\Program Files (x86)\CyberLink\PresenterLinkPlus\OLRSubmission\OLRSubmission.exe"=0x5341435001000000000000000700000028000000183703006B6F030001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B1140000000000000100000001000000 "C:\Users\jean-\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe"=0x534143500100000000000000070000002800000010A61400A6A914000100000000000000000001067122000019B4C529E312D1010000008000000000020000002800000000000000000000000000000000000000000000000000000008C90100000000002600000026000000 "SIGN.MEDIA=64FFE barrow 2 & widen 100% sécurisé\PortableApps\FirefoxPortable\FirefoxPortable.exe"=0x53414350010000000000000007000000280000005837030086C803000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000099511E00000000000200000002000000 "C:\Program Files (x86)\Wondershare\1-Click PC Care\1ClickPCCare.exe"=0x5341435001000000000000000700000028000000685F0B00FAA10B000100000000000000000001067122000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000029950700000000000100000001000000 "C:\Program Files (x86)\Wondershare\TidyMyMusic\TidyMyMusic.exe"=0x5341435001000000000000000700000028000000386D0D0047C80D0001000000000000000000000AF122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006A2D0300000000000300000003000000 "SIGN.MEDIA=318A4 LiberKey\Apps\CCleaner\CCleanerLKL.exe"=0x5341435001000000000000000700000028000000A8C1000011D500000100000000000000000001060021000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004004100000000000000000000000000000162F0500000000000100000001000000 "C:\Users\jean-\Downloads\nitro_reader5_64.exe"=0x5341435001000000000000000700000028000000C0AA60034E6061030100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B3B0200000000000100000001000000 "C:\Program Files (x86)\Wondershare\VideoConverterFree\WSVCUSplash.exe"=0x5341435001000000000000000700000028000000683B3100C9EB31000100000000000000000001066120000019B4C529E312D1010000000000000000020000002800000000000000000000000010000000000000000000000000000029449003000000000200000002000000 "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\Temp\player_full1374.exe"=0x5341435001000000000000000700000028000000A059A60145D7A6010100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000099059003000000000100000001000000 "C:\Program Files (x86)\Wondershare\Player\WSPlayer.exe"=0x534143500100000000000000070000002800000048B22800714329000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F00C0000000000000300000003000000 "C:\Program Files\Paragon Software\Migrate OS to SSD 4.0\program\migrateos.exe"=0x5341435001000000000000000700000028000000D8A2000017E800000100000000000000000003060001000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DDF0C100000000000300000003000000 "C:\Users\jean-\Downloads\BingDesktopSetup.exe"=0x5341435001000000000000000700000028000000D86AA00040A2A0000100000000000000000001057100000019B4C529E312D101000000000000000002000000280000000000000080090040000000000000000000000000000000000E290100000000000100000001000000 "C:\Users\jean-\Downloads\mediago_setup.exe"=0x5341435001000000000000000700000028000000400A6B05AB316B050100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000008E9A5800000000000100000001000000 "C:\Users\jean-\Downloads\FreeStudio_6.6.24.627_d.exe"=0x5341435001000000000000000700000028000000F89A22005147230001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EA432500000000000100000001000000 "C:\Program Files (x86)\e-Carte Bleue\LCL\LCL.exe"=0x5341435001000000000000000700000028000000F8D90400A862050001000000000000000000000AF522000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000266E8800000000000100000001000000 "C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe"=0x534143500100000000000000070000002800000000BE11000000000001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008C921700000000000100000001000000 "C:\Users\jean-\Downloads\susetupPro.exe"=0x534143500100000000000000070000002800000060616E00B3636E000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000005D2D6200000000000100000001000000 "C:\Users\jean-\Downloads\NiniteProTrial.exe"=0x534143500100000000000000070000002800000000B0040051E1040001000000000000000000000A0021000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000087881100000000000300000003000000 "C:\Users\jean-\Downloads\avast-browser-cleanup-sfx.exe"=0x5341435001000000000000000700000028000000D861410049E041000100000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A7400900000000000100000001000000 "C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\BrowserCleanup.exe"=0x5341435001000000000000000700000028000000480D4100012C410001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000090C90200000000000200000002000000 "C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8190600C0F9060001000000000000000000000A0021000059193B14E312D1010000000100000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000F04400851F450001000000010000000000000A7322000059193B14E312D1010000000000000000 "C:\Users\jean-\Documents\Setup.exe"=0x534143500100000000000000070000002800000018109B000000000001000000000000000000000A0021000019B4C529E312D1010000000000000000020000005000000000000000000000000000000000000000000000000000000034EF03000000000003000000030000000000000000000040000000000000000000000000000000005C530E00000000000100000000000000 "C:\Program Files (x86)\Sony\Media Go\MediaGo.exe"=0x534143500100000000000000070000002800000050E66202AB76630201000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000041504C00000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe"=0x5341435001000000000000000700000028000000701322005572220001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000019C61C01000000000400000004000000 "C:\Program Files\PDF Architect 4\architect.exe"=0x5341435001000000000000000700000028000000E032270099EB27000100000000000000000003060001000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005AF7F800000000000300000003000000 "SIGN.MEDIA=A53C295 events nouveau logo blini\FreeVideoToMP3Converter_5.0.96.627_o.exe"=0x5341435001000000000000000700000028000000C09A2200C867230001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002B220400000000000100000001000000 "C:\Users\jean-\Downloads\driver_booster_setup_beta.exe"=0x534143500100000000000000070000002800000048B2D8001782D90001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008C287200000000000100000001000000 "C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe"=0x5341435001000000000000000700000028000000D8D30A006E7B0B000100000000000000000002067122000019B4C529E312D10100000000000000000200000028000000000000000000000000000200000000000000000000000000F9100300000000000100000001000000 "C:\Users\jean-\Desktop\HitmanPro_x64.exe"=0x5341435001000000000000000700000028000000108AAE001A21AF0001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000016E57F00000000000200000002000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x534143500100000000000000070000002800000018E0290064292A000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A7560100000000000100000001000000 "C:\Users\jean-\Downloads\CyberLink_Media_Suite_Downloader.exe"=0x5341435001000000000000000700000028000000189F10002871110001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D9F3E900000000000500000005000000 "C:\Users\jean-\Downloads\ashampoo_slideshow_studio_hd_4_e4.0.0_sm.exe"=0x534143500100000000000000070000002800000010DA3203A56C330301000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008B2A0D00000000000100000001000000 "C:\Users\jean-\Downloads\siinst-full.exe"=0x534143500100000000000000070000002800000088FF3800D2EE39000100000000000000000003060001000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000007A3F0000000000000100000001000000 "C:\Users\jean-\Downloads\siinst.exe"=0x534143500100000000000000070000002800000088FF3800D2EE39000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000563E9300000000000100000001000000 "C:\Users\jean-\Downloads\setup_x64.exe"=0x53414350010000000000000007000000280000000893E902EB3AEA0201000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EDF59000000000000100000001000000 "C:\Program Files\CyberLink\PhotoDirector7\PhotoDirector7.exe"=0x5341435001000000000000000700000028000000186102008882020001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C4E30100000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Slideshow Studio HD 4\slideshowstudiohd4.exe"=0x53414350010000000000000007000000280000006867950023C6950001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A9BC0000000000000100000001000000 "C:\Program Files\HitmanPro\HitmanPro.exe"=0x5341435001000000000000000700000028000000108AAE001A21AF0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000AFDA1400000000000200000002000000 "C:\Program Files (x86)\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0840C00DDCA0C0001000000010000000000000A0021000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\CSU_FREE_Setup.exe"=0x5341435001000000000000000700000028000000E075CE003EA7CE000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000433E0300000000000100000001000000 "C:\Users\jean-\Downloads\LikeNEWPCSetup.exe"=0x534143500100000000000000070000002800000058883B0062273C0001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000000BDE0000000000000100000001000000 "C:\Users\jean-\Downloads\BDUSBImmunizerLauncher.exe"=0x5341435001000000000000000700000028000000F8203E0007383E000100000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000008000004000000000000000000000000000000000B4CE1C01000000000100000001000000 "C:\Program Files\Nitro\Reader 5\NitroPDFReader.exe"=0x5341435001000000000000000700000028000000A014700090BE70000100000000000000000002060001000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000084BA1E00000000000200000002000000 "C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000009C2600780C270001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000DBA02600000000000200000002000000 "C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe"=0x534143500100000000000000070000002800000008181E00C5C71E0001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007D324B00000000000100000001000000 "C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe"=0x534143500100000000000000070000002800000078B40500DFDA050001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000CA92C00000000000100000001000000 "C:\Users\jean-\Downloads\UnHackMe812-pq56d3\Setup.exe"=0x534143500100000000000000070000002800000060B22C0086332D000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000F8F81A00000000000100000001000000 "C:\Users\jean-\Downloads\epm_trial(1).exe"=0x534143500100000000000000070000002800000060230003D202010301000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000ECEB0200000000000100000001000000 "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\epm0.exe"=0x5341435001000000000000000700000028000000C07C09006A96090001000000000000000000000A7122000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000005AB00200000000000100000001000000 "C:\Users\jean-\Downloads\PAssist_Std.exe"=0x5341435001000000000000000700000028000000C02A9900345899000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000077DB0100000000000100000001000000 "C:\Users\jean-\Downloads\epm.exe"=0x5341435001000000000000000700000028000000A032E8028594E80201000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000006E143C00000000000100000001000000 "C:\Users\jean-\Downloads\BackupperFull.exe"=0x53414350010000000000000007000000280000001837EF04567FEF040100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000004AEC3A00000000000100000001000000 "C:\Users\jean-\Downloads\pwfree91.exe"=0x5341435001000000000000000700000028000000304BEC01551BED010100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007A313900000000000100000001000000 "C:\Program Files\CyberLink\ActionDirector1.1\UACAgent.exe"=0x5341435001000000000000000700000028000000183F01009CF7010001000000000000000000000A7322000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DCD80000000000000100000001000000 "C:\Program Files\CyberLink\ActionDirector1.1\OLRSubmission\OLRStateCheck.exe"=0x5341435001000000000000000700000028000000185102009C64020001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B2D0000000000000100000001000000 "C:\Users\jean-\Downloads\PortableApps.com_Platform_Setup_14.1.paf.exe"=0x5341435001000000000000000700000028000000A82F3F004701400001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000003A930600000000000200000002000000 "C:\Users\jean-\Downloads\EmsisoftEmergencyKit.exe"=0x5341435001000000000000000700000028000000A8F0870E9F27880E01000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000095D30800000000000100000001000000 "C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe"=0x534143500100000000000000070000002800000018FF04007074050001000000000000000000000A0021000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\pctrans_trial.exe"=0x534143500100000000000000070000002800000040605100BC56520001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000058591F01000000000100000001000000 "C:\Program Files\DAEMON Tools Pro\DTAgent.exe"=0x5341435001000000000000000700000028000000C08A4000A387410001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000DDEA0000000000000400000004000000 "C:\Users\jean-\Downloads\ashampoo_snap_9_e9.0.1_sm.exe"=0x5341435001000000000000000700000028000000504D6203F87F620301000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C98C4300000000000200000002000000 "C:\Users\jean-\Downloads\advanced-systemcare-setup-beta.exe"=0x5341435001000000000000000700000028000000884DAD0204EDAD0201000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000031864000000000000100000001000000 "C:\Users\Public\Desktop\Post Win10 Spybot-install.exe"=0x5341435001000000000000000700000028000000A08A0C00C19C0C000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A6B30200000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe"=0x534143500100000000000000070000002800000030496E0051236F0001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000014CBD500000000000100000001000000 "C:\Users\jean-\Downloads\JRT.exe"=0x534143500100000000000000070000002800000040931800A3DF18000100000000000000000001067102000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000DF542900000000000100000001000000 "C:\Users\jean-\Downloads\EaseUS_DiskCopy_Home.exe"=0x534143500100000000000000070000002800000010D5B502A5C7B6020100000000000000000001067102000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\apowersoft-online-launcher.exe"=0x5341435001000000000000000700000028000000A8AA12009995130001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000000000000000000000000000000000000000D08B0100000000000100000001000000 "C:\Users\jean-\Downloads\apowersoft-online-launcher (1).exe"=0x5341435001000000000000000700000028000000A8AA12009995130001000000000000000000000A0021000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe"=0x534143500100000000000000070000002800000090AF5C017A9F5D0101000000000000000000000A0021000019B4C529E312D1010000000000000000 "C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe"=0x534143500100000000000000070000002800000060C70600150E070001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000068E90300000000000100000001000000 "C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe"=0x534143500100000000000000070000002800000050DD040087C0050001000000000000000000000AF122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000902D0500000000000300000003000000 "C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe"=0x5341435001000000000000000700000028000000704717003F68170001000000000000000000000AF522000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000094384D02000000000500000005000000 "C:\Users\jean-\Downloads\aceutils.exe"=0x534143500100000000000000070000002800000000718B0040A28B0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000005F0C700000000000100000001000000 "C:\Users\jean-\Downloads\systune.exe"=0x5341435001000000000000000700000028000000D87668000843690001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000BB5C4E00000000000100000001000000 "C:\Users\jean-\Downloads\rt.exe"=0x5341435001000000000000000700000028000000C0D03E00F3023F0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000062AB4C00000000000100000001000000 "C:\Users\jean-\Downloads\rc.exe"=0x5341435001000000000000000700000028000000703B0900C44709000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004F0F0400000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0740C00BD6F0D0001000000010000000000000A0021000059193B14E312D1010000000000000000 "SIGN.MEDIA=1FC3C6 WD Drive Unlock.exe"=0x534143500100000000000000070000002800000058C31F008AC51F0001000000000000000000000A7122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D84C0000000000000B0000000B000000 "C:\Program Files (x86)\CyberLink\YouCam7\YouCam7.exe"=0x5341435001000000000000000700000028000000B84D08000342090001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004C451900000000000100000001000000 "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe"=0x534143500100000000000000070000002800000050491300C18313000100000000000000000002067122000019B4C529E312D10100000080000000000200000028000000000000000000000000000000000000000000000000000000C7FCE902000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go10\OLRSubmission\OLRStateCheck.exe"=0x534143500100000000000000070000002800000018BF010076AB02000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000921F2000000000000F0000000F000000 "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe"=0x534143500100000000000000070000002800000018DF0800A839090001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000055747D00000000000200000002000000 "C:\UsbFix\UsbFix.exe"=0x5341435001000000000000000700000028000000E0AD1B0095BE1B0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000413E4200000000000100000001000000 "C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0\PartAssist.exe"=0x5341435001000000000000000700000028000000B8894C003E634D0001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000006B600100000000000200000002000000 "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EPMStartLoader.exe"=0x5341435001000000000000000700000028000000C0B404003002050001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FBED0300000000000200000002000000 "C:\Program Files\MiniTool Partition Wizard Free 9.1\loader.exe"=0x5341435001000000000000000700000028000000A82F0D006D510D0001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000DFAE0300000000000200000002000000 "C:\Users\jean-\Downloads\Shockwave_Installer_Slim.exe"=0x5341435001000000000000000700000028000000102358009277580001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000056A12300000000000100000001000000 "SIGN.MEDIA=248ED47 SETUP.EXE"=0x534143500100000000000000070000002800000060CC2600C3AE27000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D6F60600000000000100000001000000 "C:\Program Files (x86)\mov Audio Extractor\movAudioExtractor.exe"=0x534143500100000000000000070000002800000000B47C000000000001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005ECE0300000000000300000003000000 "L:\blockulicious-endpoint-setup.exe"=0x5341435001000000000000000700000028000000C05B2D008D5C2D0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000087388D00000000000200000002000000 "C:\Users\jean-\Downloads\ccav_installer.exe"=0x534143500100000000000000070000002800000088495D004C1B5E0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000058338300000000000100000001000000 "C:\Users\jean-\Downloads\cptsetup.exe"=0x534143500100000000000000070000002800000078CCE200327FE3000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000046371500000000000100000001000000 "C:\Program Files\COMODO\PC TuneUP\CPCTuneUp.exe"=0x5341435001000000000000000700000028000000C8509600FB6D96000100000000000000000002067322000059193B14E312D101000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000040000000000000000000000000000000008EB17E02000000000600000006000000000000000000000000000000000000000000000000000000BAE57700000000000200000000000000 "C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious\Blockulicious.exe"=0x5341435001000000000000000700000028000000F8285D0034ED5D0001000000000000000000000A7122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B7690000000000000200000002000000 "C:\Users\jean-\Downloads\ashampoo_uninstaller_6_e6.00.14_sm.exe"=0x5341435001000000000000000700000028000000F8F21801D9A3190101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EE220900000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6.exe"=0x534143500100000000000000070000002800000048DB5E00418C5F0001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000005D541D00000000000100000001000000 "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe"=0x5341435001000000000000000700000028000000C0342400BB6724000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000419C5002000000000300000003000000 "L:\LiberKey\LiberKey.exe"=0x534143500100000000000000070000002800000098B600005AF100000100000000000000000003067100000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000004100000000000000000000000000000762D1B00000000000100000001000000 "C:\Users\jean-\Downloads\setup.exe"=0x5341435001000000000000000700000028000000B05C10024CB0100201000000000000000000000A0021000019B4C529E312D1010000000000000000 "C:\Users\jean-\Downloads\RogueKillerAdmin.exe"=0x53414350010000000000000007000000280000004880C500899BC50001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C5D71000000000000100000001000000 "C:\Users\jean-\Downloads\YaraEditor64.exe"=0x534143500100000000000000070000002800000048027101F29A710101000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CE7A0000000000000100000001000000 "C:\Users\jean-\Downloads\setup(1).exe"=0x5341435001000000000000000700000028000000908243012244440101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000593B0200000000000100000001000000 "C:\Program Files\RogueKiller\RogueKiller64.exe"=0x534143500100000000000000070000002800000048DC82019C9B830101000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000003FFC2201000000000300000003000000 "C:\Users\jean-\Downloads\everysync_trial.exe"=0x5341435001000000000000000700000028000000A87F91014209920101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A6F50100000000000100000001000000 "C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe"=0x5341435001000000000000000700000028000000286C2A00FBFE2A0001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000020A0000000000000100000001000000 "C:\Program Files\Ultracopier\ultracopier.exe"=0x534143500100000000000000070000002800000000F6110021C8120001000000000000000000000A7320000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F992AB00000000000200000002000000 "C:\Users\jean-\Downloads\mbae-setup-1.08.1.2563.exe"=0x5341435001000000000000000700000028000000485D1C00C07A1C0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000004A86A00000000000100000001000000 "C:\Users\jean-\Downloads\PortableApps.com_Platform_Setup_14.1.paf(1).exe"=0x5341435001000000000000000700000028000000A82F3F004701400001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009EC22C00000000000200000002000000 "C:\Users\jean-\Downloads\EmsisoftEmergencyKit(1).exe"=0x5341435001000000000000000700000028000000E8DD800E8005810E01000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000079571000000000000200000002000000 "C:\Program Files\PDFCreator\PDFCreator.exe"=0x5341435001000000000000000700000028000000C0D00D00C6E10D0001000000000000000000000AF522000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F1B71800000000000100000001000000 "C:\Program Files (x86)\Folder Size\FolderSize.exe"=0x534143500100000000000000070000002800000000EE4A00000000000100000000000000000003067122000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000400000000800000000000000000000000075CD06000000000001000000010000000000000000000000100003080000000000000000000000002C4C0000000000000100000000000000 "L:\events nouveau logo blini\PortableApps\ThunderbirdPortable\ThunderbirdPortable.exe"=0x534143500100000000000000070000002800000008C104009D8C05000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F17B2200000000000200000002000000 "C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe"=0x5341435001000000000000000700000028000000A8BF5F008342600001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D82B2300000000000200000002000000 "C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe"=0x53414350010000000000000007000000280000007058500092CD500001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007F460000000000000100000001000000 "C:\Users\jean-\Downloads\Thunderbird Setup 45.2.0.exe"=0x534143500100000000000000070000002800000068961802F75419020100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000FBE4002000000000100000001000000 "C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=0x5341435001000000000000000700000028000000A8E12000B5A1210001000000000000000000000A0021000019B4C529E312D1010000000000000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{148130fd-4b48-11e6-b981-806e6f6e6963}] : "H:\WD Drive Unlock.exe" autoplay=true (AutoRun) [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{fd9cf351-4999-11e6-b97b-4c72b9f956a2}] : "K:\StartCD.exe" (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:DoesNotExist [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131121064306434248 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallTime"=0x17C3F80AE9D5D101 "ManagedDefenderProductType"=0 "ProductStatus"=0 "OOBEInstallTime"=0x03F5F67CEBD5D101 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 "OneTimeSqmDataSent"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hitmanpro37] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hitmanpro37.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HitmanPro37Crusader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HitmanPro37CrusaderBoot] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts # Hosts file cleared by RogueKiller (Adlice Software) # http://www.adlice.com 127.0.0.1 localhost ---------- | @ [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=https://www.google.com/search?bcutc=sp-004-752&q={searchTerms} "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://fr.yahoo.com/?fr=fp-comodo&type=33220001005_1.3.394295.265_i_hp_sp "OperationalData"=13 "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160527-1834 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF240000002400000044030000A4020000 "ImageStoreRandomFolder"=z3649au "Start Page Redirect Cache_TIMESTAMP"=0xF2E48E2C34DCD101 "Start Page Redirect Cache AcceptLangs"=fr-FR "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x2E54C2C0CDDBD101 "IE10TourShown"=1 "IE10TourShownTime"=0x2E54C2C0CDDBD101 "Start Page_TIMESTAMP"=0x4A82E93934DCD101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000002C0000000B2D1EE0CA77909AAEA178F45B086AA958BE76D96A820476DEEC3AE4D27E19DED038A66187297445E84E1C22020000000E0000006A345633494F584B733530253364 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "TabShutdownDelay"=0 "Use FormSuggest"=no "Search Bar"=https://www.google.com/?bcutc=sp-004-752 "Isolation"=PMIL "NoUpdateCheck"=0 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=1 "ZonesSecurityUpgrade"=0x2E54C2C0CDDBD101 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "MaxConnectionsPerServer"=10 "MaxConnectionsPer1_0Server"=10 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=about:blank "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=about:blank "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Search Bar"=https://www.google.com/?bcutc=sp-004-752 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=about:newtab [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100001001600000001000000000700005E01000006000000410300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030F11C209CE25C4EA73FCD197DEFA6AE0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=22 [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0AA24E16-07B3-4694-8357-3C21ACC5F516} "KnownProvidersUpgradeTime"=0x9DD95A49EAD5D101 "Version"=5 "UpgradeTime"=0x9DD95A49EAD5D101 "DoNotAskAgain"=google.com [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={E9410C70-B6AE-41FF-AB71-32F4B279EA5F} "DoNotAskAgain"=google.com ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}] - (Yahoo!) - https://fr.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=33220001005_1.3.394295.265_i_ds_sp&p={searchTerms} : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}] - (Google) - https://www.google.com/search?bcutc=sp-004-752&q={searchTerms} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}] - (Google) - https://www.google.com/search?bcutc=sp-004-752&q={searchTerms} : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{254363DC-CC0E-47D3-B9F2-C4531366D4D1}] - () - wincomserver.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3214A3DF-F8D9-4A27-BF4D-FBBDE52E2E68}] - () - fdm.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a6f9abcb-1fe6-44e8-961a-788570310b11}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IPRELPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88}] - (C:\Program Files (x86)\DivX\DivX OVS Helper) - OVSHelperBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e3907fe6-5fcf-4c9a-b90d-3d55d7f714bc}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IARNLPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - () - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34372DD3-19BF-454f-BF23-8761F26CFFD2}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewps.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A895E9-93DD-4ffa-A4A3-2C14608B5B61}] - (C:\WINDOWS\SysWOW64\Adobe\Shockwave 12) - SwHelper_1224194.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - () - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68934FDE-CDB1-42CC-A38B-A44B43B0785C}] - (C:\WINDOWS\SysWOW64\Adobe\Director) - SWDNLD.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82821E4E-4B46-430D-8BB8-8B480FC9D8A5}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{886D9852-A9A8-4b88-83D4-50FC6616C21D}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewpsbw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - () - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - () - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.30.3) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.30.3) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88}] - (C:\Program Files (x86)\DivX\DivX OVS Helper) - OVSHelperBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - () - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - () - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}] : : C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2781761E-28E0-4109-99FE-B9D127C57AFE}] : : %ProgramFiles%\Windows Defender\MpOav.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{38279E1A-7019-40C1-B579-E99DFB3312E8}] : : C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{43D9786F-A485-683B-9B5B-ACC97ABC17FC}] : : C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}] : : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll ---------- | Ext\Stats [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}] : : C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{13D67BB7-DB5F-48AA-884D-7A5D94168509}] : : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] : : C:\Windows\SysWOW64\mshtml.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{38279E1A-7019-40C1-B579-E99DFB3312E8}] : : C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{43D9786F-A485-683B-9B5B-ACC97ABC17FC}] : : C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}] : : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] : : [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ac50ceed-7256-55ba-8b20-13dd4ff4ba21}] : : C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] : : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] : : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}] -> (Wondershare AllMyTube 4.9.0) : C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [04/07/2016 18:19:39] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 11:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}] -> (PDF Architect 4 Helper) : C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [04/05/2016 18:01:46] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43D9786F-A485-683B-9B5B-ACC97ABC17FC}] -> (Wondershare Player 1.6.0) : C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll [04/07/2016 18:51:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}] -> (iSkysoft iMedia Converter Deluxe 5.1.0) : C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL [13/07/2016 12:53:35] ---------- | Chrome [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Google\Chrome\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "pdf_architect_4_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension\ [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "AllMyTube@Wondershare.com"=C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com_xpi "{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}"=C:\Program Files (x86)\Wondershare\VideoConverterFree\SVRFirefoxExt\ "Player@Wondershare.com"=C:\ProgramData\Wondershare\Player\Player@Wondershare.com\ "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on "ISVCU@iSkysoft.com"=C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi "youcam@cyberlink.com"=C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox\ [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MozillaPlugins\sony.com/MediaGoDetector] - () : C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nitropdf.com/NitroPDF] - (NitroPDF Web Browser Plugin) : C:\Program Files (x86)\Nitro\Reader 5\npnitromozilla.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0] - () : [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\PDF Architect 4] - () : C:\Program Files (x86)\PDF Architect 4\np-previewer.dll C:\Users\jean-\AppData\Roaming\Mozilla\Firefox\Profiles\ld4f53gm.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160623154057"); user_pref("browser.startup.homepage_override.mstone", "47.0.1"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.baseURI", "resource://ascsurfingprotectionnew-at-iobit-dot-com/"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.domain", "ascsurfingprotectionnew-at-iobit-dot-com"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.load.reason", "startup"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.rootURI", "jar:file:///C:/Users/jean-/AppData/Roaming/Mozilla/Firefox/Profiles/ld4f53gm.default/extensions/ascsurfingprotectionnew@iobit.com.xpi!/"); user_pref("extensions.ascsurfingprotectionnew@iobit.com.sdk.version", "2.0.0"); user_pref("extensions.blocklist.pingCountTotal", 11); user_pref("extensions.blocklist.pingCountVersion", 11); user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"loop@mozilla.org\":{\"version\":\"1.4.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}\":{\"version\":\"5.20.3.1-signed\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\extensions\\\\{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":false}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", true); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0.1"); user_pref("extensions.getAddons.cache.lastUpdate", 1468911285); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0.1"); user_pref("extensions.lastPlatformVersion", "47.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.searchadsfn.insertFlag", false); user_pref("extensions.searchadsfn.replaceFlag", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\",\"addons\":{\"e10srollout@mozilla.org\":{\"version\":\"1.0\"},\"firefox@getpocket.com\":{\"version\":\"1.0.2\"},\"loop@mozilla.org\":{\"version\":\"1.4.2\"}}}"); user_pref("extensions.xpiState", "{\"app-system-addons\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1468330378968},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1468330379066},\"loop@mozilla.org\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\features\\\\{a1d837f1-e26a-4b7a-b60f-8e32db16e26a}\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.4.2\",\"st\":1468330378782}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1466736750000},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":false,\"v\":\"1.0.2\",\"st\":1466736751000},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":false,\"v\":\"1.3.2\",\"st\":1466736751000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0.1\",\"st\":1466736750000}},\"winreg-app-global\":{\"pdf_architect_4_conv@pdfarchitect.org\":{\"d\":\"C:\\\\Program Files\\\\PDF Architect 4\\\\resources\\\\pdfarchitect4firefoxextension\",\"e\":false,\"v\":\"1.0\",\"st\":1467705198632,\"mt\":1462371550000}},\"app-profile\":{\"{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}\":{\"d\":\"C:\\\\Users\\\\jean-\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\ld4f53gm.default\\\\extensions\\\\{91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E}.xpi\",\"e\":true,\"v\":\"5.20.3.1-signed\",\"st\":1468814163471}}}"); user_pref("network.http.max-persistent-connections-per-proxy", 16); ---------- | Active Connections TCP 127.0.0.1:1575 DESKTOP-9LM40BG:20158 ESTABLISHED 4660 TCP 127.0.0.1:1589 DESKTOP-9LM40BG:20159 ESTABLISHED 5252 TCP 127.0.0.1:1609 DESKTOP-9LM40BG:1610 ESTABLISHED 5460 TCP 127.0.0.1:1610 DESKTOP-9LM40BG:1609 ESTABLISHED 5460 TCP 127.0.0.1:1668 DESKTOP-9LM40BG:1669 ESTABLISHED 5788 TCP 127.0.0.1:1669 DESKTOP-9LM40BG:1668 ESTABLISHED 5788 TCP 127.0.0.1:3502 DESKTOP-9LM40BG:3503 ESTABLISHED 5788 TCP 127.0.0.1:3503 DESKTOP-9LM40BG:3502 ESTABLISHED 5788 TCP 127.0.0.1:20158 DESKTOP-9LM40BG:1575 ESTABLISHED 5652 TCP 127.0.0.1:20159 DESKTOP-9LM40BG:1589 ESTABLISHED 5652 TCP 192.168.1.11:1571 msnbot-191-232-139-61.search.msn.com:https ESTABLISHED 4660 TCP 192.168.1.11:1606 no-dns-yet.ccanet.co.uk:4448 ESTABLISHED 2356 TCP 192.168.1.11:1640 client.v.dropbox.com:https CLOSE_WAIT 5788 TCP 192.168.1.11:1670 162.125.34.129:https ESTABLISHED 5788 TCP 192.168.1.11:1672 api.v.dropbox.com:https CLOSE_WAIT 5788 TCP 192.168.1.11:3203 no-dns-yet.ccanet.co.uk:4448 ESTABLISHED 2356 TCP 192.168.1.11:3280 ec2-52-20-179-31.compute-1.amazonaws.com:https CLOSE_WAIT 5788 TCP 192.168.1.11:3357 d.v.dropbox.com:https CLOSE_WAIT 5788 TCP 192.168.1.11:3501 server-54-192-199-207.lhr50.r.cloudfront.net:https CLOSE_WAIT 5788 TCP 192.168.1.11:3541 104.16.60.31:http CLOSE_WAIT 2356 TCP 192.168.1.11:3547 valkyrie.comodo.com:https ESTABLISHED 2356 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{29bc317c-65d1-43e7-8ebf-f7b59e4ed51f}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{29bc317c-65d1-43e7-8ebf-f7b59e4ed51f}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - [1,1,1,9] - -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - [10,0,10586,0] - -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - [12,0,10011,16384] - -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - [10,0,10586,420] - -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [11,71,10586,0] - -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,10011,16384] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - [] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [10,0,10586,0] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{583AC46A-4A6F-39BC-AEFD-1BC2759FFA51}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [10,0,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - [10,0,10586,494] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - [11,71,10586,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,71,10586,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [10,0,10586,71] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,10011,16384] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [10,0,10586,0] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{600AC0DF-B614-36F9-9E10-28896BD4ACCA}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,10011,16384] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [10,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - [2,0,50727,1] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [10,0,10586,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> ---------- | Applications [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Classes\Applications\BitTorrent.exe] : "%APPDATA%\BitTorrent\BitTorrent.exe" "%1" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "%APPDATA%\uTorrent\uTorrent.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PDF Architect 4.exe] : "C:\Program Files\PDF Architect 4\architect.exe" --file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDF Architect 4.exe] : "C:\Program Files\PDF Architect 4\architect.exe" --file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CLWFLService7 - AppID: {03C200E3-11BC-49ea-8BAB-3B09120AC3AE} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: wpnservice - AppID: {077869D3-D0DE-4586-882B-359F80009D0C} Name: ContextMenuExt - AppID: {07BE11C2-F3C9-4345-9305-4D514DEEE749} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: FMVideoConverter - AppID: {09493455-1b6c-403d-b000-0d216201c6c0} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: SFSAPO - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: AutorunsScannerPlugin - AppID: {185582CD-AAEE-499E-848D-242C032B440A} Name: PDF Architect 4 Helper - AppID: {1912DC9A-0696-4204-928F-AB30B3EB33E4} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: FMMediaSource - AppID: {1bea28ad-0b3c-4f9c-b85e-ec697115c57a} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: WDDriveService - AppID: {1CBF4820-F5C1-4F72-AFBC-6D1BE589FD05} Name: WsSVRIEPlugin - AppID: {1CD5F97F-FE2C-4FE2-895F-866E7366CE10} Name: Disc soft DT Pro bus service - AppID: {1E9D16CB-FF03-481F-ABE2-F406C2808FE2} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: InstallAgent - AppID: {260eb9de-5cbe-4bff-a99a-3710af55bf1e} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: Exchange Active Sync Policies Broker - AppID: {26795871-6B8F-4115-89DD-986213012798} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: RegistrySettingsScannerPlugin - AppID: {2E26FE83-4468-428F-8D99-62434EEA9105} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: FMDVDMenu - AppID: {36bc61dd-c4f5-481f-a29d-4aeb4968340c} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: RegistryDefrag - AppID: {435AC3EC-C213-4700-9FE2-C417AC8E813B} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: PIFUAC - AppID: {45CB30B1-B453-488a-9E8F-CE3C2ABFAAA7} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: RadioManagement Lib Class - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: CategoryFactory - AppID: {4CD538D9-D9D3-4EA1-BB24-BEA3661AFF07} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Dispatch - AppID: {4D5F23BB-D55A-4961-9BC0-3FE728E15D9D} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: MalwareScannerPlugin - AppID: {4F18DDDC-31BF-4567-9BE6-4A36E0BB3897} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: DiskDuplicates - AppID: {4FF73765-6547-49E9-9B24-67AEE8F943EE} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: server - AppID: {53A998CB-A5C7-467E-BC47-30BCABB50766} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA} Name: Media Go - AppID: {561CA45E-A305-4417-AEA1-2BA634C97483} Name: DiskScannerPlugin - AppID: {562F845B-A532-470D-9888-3A0C62525973} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: %SystemRoot%\System32\wsclient.dll - AppID: {5C917E9C-0B2F-40D6-928B-5C43FDB16DF4} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: ForceDelete - AppID: {65CC603B-3DBF-4CE2-8FDC-D6B0B52BEF52} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: CPluginService - AppID: {6AD2BEF6-C03C-4C6F-B6AB-EDCB617FB8CB} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Out of proc server to enable Insider Hub and Feedback App scenarios to be reached from inside of its appcontainer - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: PDF Architect 4 Preview Handler - AppID: {76948E4A-3D1F-4066-AC83-B0C4E30F36C7} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: ServiceModule - AppID: {76E258F0-DE86-4CEC-9D30-3F728A898741} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: Dispatch - AppID: {7953C53B-4031-43ca-9AE7-033F565EFD5F} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: CLMLSvc_P2G10 - AppID: {7AF75464-3A22-4BB6-A2A0-F9ED5B72DD77} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: EpsonCustomerResearchParticipation - AppID: {7B9752DE-02B2-4F79-94C3-600FF0572D16} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: FMMediaUtils - AppID: {7d3b747c-1cc0-40f3-89b3-d8ccd95dde12} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: CnxtDSPdll - AppID: {81D6AA8D-5401-4EE7-A7A2-95133649C977} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: MyFirstService - AppID: {896A7263-20C2-404D-979D-1C3ADD06A153} Name: EventsScannerPlugin - AppID: {89A5984F-7B05-4725-9FF8-038CD897F77D} Name: UACObject - AppID: {8A10EE91-3ECA-4d0b-8A3F-8A26D26E03FC} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {8B8C2776-594E-41EA-90D0-8013CACBB9A7} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: UACObject - AppID: {90B553F3-415D-44D8-8665-C2F78763F8F1} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410} Name: ServiceModule - AppID: {96D1EED3-701E-4FE5-B996-A543A8465897} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: MMLib11 - AppID: {9D1713C0-5A09-4588-846F-38E355E6BEDE} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: CDP Reference Host - AppID: {A0316E2D-8793-4E74-AA48-8CE2ED05BA57} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: SwapAPODll - AppID: {A85F41D6-156B-470D-B505-110388968D5A} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: Out of proc server to enable Insider Hub scenarios to be reached from inside of its appcontainer - AppID: {ac0fd47a-37f4-4502-bfee-6b317e479d41} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: SwHelper_1224194 - AppID: {AF551664-D2DF-4E34-85DE-46320B13A0B4} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: VSSCOM - AppID: {B3E2C31B-A5EB-406C-890D-04D23EC4E315} Name: FireBreathWin - AppID: {B415CD14-B45D-4BCA-B552-B06175C38606} Name: UACObject - AppID: {B49FBDA8-D846-43c4-ACAA-06D7794374C8} Name: RichVideo64 - AppID: {B58B304A-D419-4c50-BE1F-6F6CD234B7EF} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: InstalledApplication - AppID: {B91AAE6E-3ACC-4980-95E7-BEFCE65ECBB9} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: VideoFileToIPOD - AppID: {BA3B76C9-61F7-4419-9F79-A9E3717EFE22} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: ewpsie_tb - AppID: {BBFE69BB-2EA4-49A6-99F3-9408974D0684} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: OVSHelper - AppID: {BFEDD1F7-641C-4D64-9A6A-481A5E6BEC4F} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: LockScreen Application Notification Broker - AppID: {C89FC3EF-A0DC-4feb-BFBC-F13A9C334D4F} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: EPTBL - AppID: {CACC252F-95A7-4741-BBE8-FB1F18C2826F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: UACObject - AppID: {CB43451C-E132-4866-B714-435253C98BBA} Name: ShellExtension - AppID: {CB65493D-4F92-4301-8EDB-0C93266A3B51} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: Dispatch - AppID: {CCA04D30-62E9-4801-B935-EDC8EA177B13} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: CcavHelper - AppID: {CD10AF2C-3024-4CF0-B978-0FBB7C4FE14C} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Dispatch - AppID: {CD9DD8FF-5FE5-44AB-AA3E-646052717FFF} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: BingDesktopUpdater - AppID: {CE41EBCF-17C0-4307-971E-03FEBCBB7D39} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: SwapAPODll - AppID: {CF85F74A-E465-4fb6-898F-8F72C2B84D8E} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: PDF Architect 4 Manager - AppID: {D2DDDDF6-161F-4CAA-AF85-1AF9F69FB28E} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: URLReqService - AppID: {D4859CE9-3B25-4235-8973-A74F5D9A04F2} Name: DVSiTunes - AppID: {D5FEAED3-3444-4CEA-9940-A972FB6726F1} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: RegistryScannerPlugin - AppID: {DC064D87-7C2D-4FCE-A6B5-932723747396} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: EverySyncExplorerOverlay - AppID: {DE4CE140-5838-468B-86C0-A422AC75B092} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: FMTransformBase - AppID: {e0cdf63d-2d66-469d-934b-3ec2897c94b1} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: DefinitionsCategory - AppID: {E1DF0971-80AA-4473-931D-529FD4AABBF8} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: FMMediaFormats - AppID: {e329c791-4d02-4e4b-b350-605b04edd9c6} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: TokenBroker Out Of Proc COM Server - AppID: {E73A797B-24CE-424A-AD4F-48E98B1E95B8} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Immersive Print Dialog Surrogate - AppID: {EB28E902-728E-42C4-97DC-DA89E144C744} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: SWDNLD - AppID: {ED372EB0-5B14-484F-A27C-05FF89B6DF25} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: RichVideo - AppID: {EEDE56D6-82E5-4B98-B99E-D4339825E216} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: UACObject - AppID: {F632543F-3A79-4cc9-AACD-07036DF9FFCD} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {F7CDD0DF-887D-463F-AF57-0E442B5C233B} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: DaemonShellExtImage - AppID: {F9B84490-4C45-4737-82E5-0EA0B1CF5307} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: ESLoadSevice - AppID: {FCA6F20F-92E5-4E74-AC19-D14B59CB1C15} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{077869D3-D0DE-4586-882B-359F80009D0C}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{33EB929C-6DC4-4848-9E49-4CC55198C0E7}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D5F23BB-D55A-4961-9BC0-3FE728E15D9D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D5F23BB-D55A-4961-9BC0-3FE728E15D9D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7953C53B-4031-43ca-9AE7-033F565EFD5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7953C53B-4031-43ca-9AE7-033F565EFD5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8A10EE91-3ECA-4d0b-8A3F-8A26D26E03FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8A10EE91-3ECA-4d0b-8A3F-8A26D26E03FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{90B553F3-415D-44D8-8665-C2F78763F8F1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{90B553F3-415D-44D8-8665-C2F78763F8F1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A0316E2D-8793-4E74-AA48-8CE2ED05BA57}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{AAA9A07E-68FF-4215-84F2-96115976F786}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B49FBDA8-D846-43c4-ACAA-06D7794374C8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B49FBDA8-D846-43c4-ACAA-06D7794374C8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB43451C-E132-4866-B714-435253C98BBA}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CB43451C-E132-4866-B714-435253C98BBA}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCA04D30-62E9-4801-B935-EDC8EA177B13}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CCA04D30-62E9-4801-B935-EDC8EA177B13}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{CD9DD8FF-5FE5-44AB-AA3E-646052717FFF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD9DD8FF-5FE5-44AB-AA3E-646052717FFF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D3EE1220-9AE6-40AE-BEA2-C2D65FA6DDAA}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F632543F-3A79-4cc9-AACD-07036DF9FFCD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F632543F-3A79-4cc9-AACD-07036DF9FFCD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ---------- | Software [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Acelogix] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Adlice Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Adobe] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Anvsoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Apowersoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AppDataLow] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Ashampoo] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\ATI] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\AVAST Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BDUSBImmunizer] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BitTorrent] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BitTorrentPlus] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Blockulicious] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\BugSplat] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Clients] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Code Sector] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\COMODO] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\ComodoGroup] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\CyberLink] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Disc Soft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DivX] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DivXNetworks] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Dropbox] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DropboxUpdate] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\DVDVideoSoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EaseUS] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EpmNewsInfo] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EPSON] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Freecom] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\FreeDownloadManager.ORG] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Freemake] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\GNU] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Google] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Greatis] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Icaros] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\iSkysoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\JAM Software] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\KC Softwares] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Leadertech] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\LiberKey] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\LogiShrd] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Logitech] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Macromedia] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\madshi] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MediaInfo] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MiniTool Solution Ltd.] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Mozilla] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MozillaPlugins] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\MPC-HC] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\NewBlue] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Nitro] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Ordinarysoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\PDF Architect 4] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\PDF Tools AG] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\pdfforge] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Policies] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\QtProject] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Realtek] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Reason] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Rebit] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\RegisteredApplications] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Safer Networking Limited] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Sony Corporation] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\SyncEngines] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\sysinternals] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Teorex] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Trolltech] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Ultracopier] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\UsbFix] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\UsbFix Standard] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\uTorrentPlus] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Western Digital] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Wondershare] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Wow6432Node] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\WSVCUPlugin] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Zemana] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{3E130920-7C40-4938-9222-4C357069EC21}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{4692CB1F-0DF0-4D99-ABAD-7CB66ACB109E}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{6487FE51-5D05-4253-8338-2B2FAF2E0214}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\{747B5AE4-397F-4dad-8A7E-3B0ECD9C191A}] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AdsFix] [HKLM\Software\AMD] [HKLM\Software\Ashampoo] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\AVC3] [HKLM\Software\Bitdefender] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\ComodoGroup] [HKLM\Software\CyberLink] [HKLM\Software\Disc Soft] [HKLM\Software\DivX] [HKLM\Software\EPSON] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GNU] [HKLM\Software\HaaliMkx] [HKLM\Software\HitmanPro] [HKLM\Software\Icaros] [HKLM\Software\Intel] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\NewBlue] [HKLM\Software\Nitro] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Ordinarysoft] [HKLM\Software\PDF Architect 4] [HKLM\Software\Policies] [HKLM\Software\proDAD] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Trolltech] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\Software\Zemana] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Ashampoo] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Auslogics] [HKLM\Software\WOW6432Node\CodeGear] [HKLM\Software\WOW6432Node\Comodo] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DigitalWave] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\EaseUS Todo Backup] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Freemake] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Greatis] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\iSkysoft] [HKLM\Software\WOW6432Node\iSkysoftSysMenuDATA] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\logishrd] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes Anti-Exploit] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\NewBlue] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\PDF Architect 4] [HKLM\Software\WOW6432Node\Safer Networking Limited] [HKLM\Software\WOW6432Node\SEIKO EPSON CORPORATION] [HKLM\Software\WOW6432Node\Softgogo] [HKLM\Software\WOW6432Node\Sony Corporation] [HKLM\Software\WOW6432Node\SOSVirus] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Western Digital] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\WondershareSysMenuDATA] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | FeatureControl [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "softinfo.exe"="11000" "utorrentie.exe"="9000" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOMAIN_REDIRECT_MITIGATION] "utorrentie.exe"="0" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "utorrentie.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "Filmora.exe"="9999" "PDR.exe"="8000" "softinfo.exe"="11000" "ACD.exe"="8000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="10" "iexplore.exe"="10" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="10" "iexplore.exe"="10" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "Power2Go10.exe"="8000" "WSBrowser.exe"="9999" "MediaShow6.exe"="11000" "PowerDVD.exe"="8000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" "iexplore.exe"="10" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" "iexplore.exe"="10" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [14/07/2016 11:20:18] - |D| - [126898391] - C:\Program Files (x86)\Anvsoft [MD5.00000000000000000000000000000000] - [13/07/2016 11:46:42] - |AD| - [53806429] - C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0 [MD5.00000000000000000000000000000000] - [05/07/2016 13:02:05] - |D| - [399773098] - C:\Program Files (x86)\Ashampoo [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:33] - |AD| - [106367910] - C:\Program Files (x86)\ATI Technologies [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [398915876] - C:\Program Files (x86)\Common Files [MD5.00000000000000000000000000000000] - [05/07/2016 10:16:22] - |D| - [125733926] - C:\Program Files (x86)\Comodo [MD5.00000000000000000000000000000000] - [04/07/2016 15:03:25] - |AD| - [5620173386] - C:\Program Files (x86)\CyberLink [MD5.5B8A2BA3138573583FF9E0158096EC48] - [04/07/2016 14:13:08] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [MD5.00000000000000000000000000000000] - [16/07/2016 15:42:33] - |D| - [8932831] - C:\Program Files (x86)\DivX [MD5.00000000000000000000000000000000] - [05/07/2016 09:56:49] - |D| - [251271176] - C:\Program Files (x86)\Dropbox [MD5.00000000000000000000000000000000] - [05/07/2016 08:18:28] - |AD| - [1326341009] - C:\Program Files (x86)\DVDVideoSoft [MD5.00000000000000000000000000000000] - [04/07/2016 19:01:17] - |D| - [317944] - C:\Program Files (x86)\e-Carte Bleue [MD5.00000000000000000000000000000000] - [13/07/2016 11:21:31] - |D| - [903606323] - C:\Program Files (x86)\EaseUS [MD5.00000000000000000000000000000000] - [06/07/2016 14:54:41] - |D| - [2947568] - C:\Program Files (x86)\EPSON [MD5.00000000000000000000000000000000] - [06/07/2016 14:37:09] - |AD| - [233857814] - C:\Program Files (x86)\EPSON Software [MD5.00000000000000000000000000000000] - [19/07/2016 13:57:29] - |D| - [5939373] - C:\Program Files (x86)\Folder Size [MD5.00000000000000000000000000000000] - [05/07/2016 08:21:54] - |D| - [20645164] - C:\Program Files (x86)\FreeCodecPack [MD5.00000000000000000000000000000000] - [19/07/2016 13:41:09] - |D| - [81616759] - C:\Program Files (x86)\Freemake [MD5.00000000000000000000000000000000] - [05/07/2016 07:26:48] - |D| - [17134] - C:\Program Files (x86)\Genesyslogic [MD5.00000000000000000000000000000000] - [05/07/2016 09:39:57] - |D| - [0] - C:\Program Files (x86)\Glarysoft [MD5.00000000000000000000000000000000] - [05/07/2016 09:56:14] - |D| - [8808168] - C:\Program Files (x86)\Google [MD5.00000000000000000000000000000000] - [05/07/2016 09:56:31] - |D| - [7807856] - C:\Program Files (x86)\GUM907.tmp [MD5.00000000000000000000000000000000] - [04/07/2016 15:04:53] - |HD| - [241017497] - C:\Program Files (x86)\InstallShield Installation Information [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [2154939] - C:\Program Files (x86)\Internet Explorer [MD5.00000000000000000000000000000000] - [13/07/2016 12:43:25] - |D| - [160204677] - C:\Program Files (x86)\iSkysoft [MD5.00000000000000000000000000000000] - [19/07/2016 13:57:43] - |D| - [5910723] - C:\Program Files (x86)\JAM Software [MD5.00000000000000000000000000000000] - [05/07/2016 09:52:57] - |AD| - [158072643] - C:\Program Files (x86)\K-Lite Codec Pack [MD5.00000000000000000000000000000000] - [13/07/2016 12:41:38] - |D| - [197482] - C:\Program Files (x86)\KeyCryptSDK [MD5.00000000000000000000000000000000] - [04/07/2016 14:57:56] - |D| - [38884251] - C:\Program Files (x86)\Logitech [MD5.00000000000000000000000000000000] - [19/07/2016 08:44:59] - |D| - [6807368] - C:\Program Files (x86)\Malwarebytes Anti-Exploit [MD5.00000000000000000000000000000000] - [15/07/2016 14:15:06] - |D| - [4024186] - C:\Program Files (x86)\Malwarebytes Anti-Malware [MD5.00000000000000000000000000000000] - [05/07/2016 06:11:38] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [MD5.00000000000000000000000000000000] - [17/07/2016 15:44:35] - |AD| - [121436692] - C:\Program Files (x86)\mov Audio Extractor [MD5.00000000000000000000000000000000] - [05/07/2016 10:12:37] - |D| - [260719] - C:\Program Files (x86)\Mozilla Maintenance Service [MD5.00000000000000000000000000000000] - [19/07/2016 19:25:18] - |D| - [88533157] - C:\Program Files (x86)\Mozilla Thunderbird [MD5.00000000000000000000000000000000] - [04/07/2016 14:25:40] - |D| - [25757] - C:\Program Files (x86)\MSBuild [MD5.00000000000000000000000000000000] - [11/07/2016 15:49:30] - |D| - [54782380] - C:\Program Files (x86)\NewBlue [MD5.00000000000000000000000000000000] - [04/07/2016 18:48:02] - |D| - [27237984] - C:\Program Files (x86)\Nitro [MD5.00000000000000000000000000000000] - [04/07/2016 15:04:53] - |D| - [65460881] - C:\Program Files (x86)\NSIS Uninstall Information [MD5.00000000000000000000000000000000] - [05/07/2016 09:52:01] - |AD| - [6636048] - C:\Program Files (x86)\PDF Architect 4 [MD5.00000000000000000000000000000000] - [04/07/2016 14:25:40] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [MD5.00000000000000000000000000000000] - [05/07/2016 06:16:27] - |D| - [160359540] - C:\Program Files (x86)\Sony [MD5.00000000000000000000000000000000] - [12/07/2016 11:58:59] - |D| - [10484459] - C:\Program Files (x86)\Sony Media Go Install [MD5.00000000000000000000000000000000] - [14/07/2016 10:47:12] - |D| - [94975775] - C:\Program Files (x86)\Spybot - Search & Destroy 2 [MD5.00000000000000000000000000000000] - [04/07/2016 14:53:08] - |D| - [23102104] - C:\Program Files (x86)\Supercopier [MD5.00000000000000000000000000000000] - [14/07/2016 14:23:44] - |AD| - [66311316] - C:\Program Files (x86)\Western Digital [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |SD| - [2685232] - C:\Program Files (x86)\WindowsPowerShell [MD5.00000000000000000000000000000000] - [13/07/2016 12:42:32] - |D| - [8010151] - C:\Program Files (x86)\Wise [MD5.00000000000000000000000000000000] - [04/07/2016 14:55:19] - |D| - [415631065] - C:\Program Files (x86)\Wondershare [MD5.00000000000000000000000000000000] - [15/07/2016 18:31:29] - |D| - [202442514] - C:\Program Files (x86)\ZebHelpProcess [MD5.00000000000000000000000000000000] - [13/07/2016 12:40:24] - |AD| - [10323221] - C:\Program Files (x86)\Zemana AntiLogger Free [MD5.00000000000000000000000000000000] - [13/07/2016 12:38:39] - |AD| - [16081174] - C:\Program Files (x86)\Zemana AntiMalware [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [802] - C:\WINDOWS\addins [MD5.00000000000000000000000000000000] - [17/07/2016 14:07:21] - |D| - [7389] - C:\WINDOWS\amlog [MD5.5C5F66B72868C46D9DC872AF5B2233B0] - [13/07/2016 11:46:58] - |A| - [1920624] - C:\WINDOWS\ampa.exe [MD5.F7800E92FC8BF0DD62C778CDA9597D36] - [17/07/2016 14:06:13] - |A| - [424] - C:\WINDOWS\ampa.ini [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [36195302] - C:\WINDOWS\appcompat [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [12360910] - C:\WINDOWS\AppPatch [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |RSD| - [1026603331] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 13:45:01] - |A| - [0] - C:\WINDOWS\ativpsrm.bin [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [241412] - C:\WINDOWS\bcastdvr [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [32716961] - C:\WINDOWS\Boot [MD5.F46CDE72D2676FF2BD9EE309780629E0] - [04/07/2016 13:42:18] - |AS| - [67584] - C:\WINDOWS\bootstat2.dat [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [2380376] - C:\WINDOWS\Branding [MD5.00000000000000000000000000000000] - [04/07/2016 13:55:34] - |D| - [48105304] - C:\WINDOWS\CbsTemp [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [8970858] - C:\WINDOWS\Cursors [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3200850] - C:\WINDOWS\debug [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [20934] - C:\WINDOWS\DesktopTileResources [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [4217368] - C:\WINDOWS\diagnostics [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:00] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |SD| - [0] - C:\WINDOWS\Downloaded Program Files [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |HD| - [44568] - C:\WINDOWS\ELAMBKUP [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:00] - |D| - [0] - C:\WINDOWS\en-US [MD5.538E0206CB36BDBF84CEA11A167D4593] - [17/07/2016 14:15:48] - |AH| - [3213] - C:\WINDOWS\EPMBatch.ept [MD5.00000000000000000000000000000000] - [12/07/2016 11:48:46] - |D| - [85343332] - C:\WINDOWS\ERUNT [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 17:13:01] - |A| - [4515256] - C:\WINDOWS\explorer.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RSD| - [356947094] - C:\WINDOWS\Fonts [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:00] - |D| - [134144] - C:\WINDOWS\fr-FR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [20838848] - C:\WINDOWS\Globalization [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [1589372] - C:\WINDOWS\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [18/07/2016 15:17:01] - |A| - [994816] - C:\WINDOWS\HelpPane.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [173194846] - C:\WINDOWS\IME [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [6840341] - C:\WINDOWS\ImmersiveControlPanel [MD5.00000000000000000000000000000000] - [04/07/2016 14:08:46] - |D| - [78165895] - C:\WINDOWS\INF [MD5.00000000000000000000000000000000] - [04/07/2016 14:34:22] - |D| - [931024796] - C:\WINDOWS\InfusedApps [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [36258450] - C:\WINDOWS\InputMethod [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |SHD| - [814700197] - C:\WINDOWS\Installer [MD5.00000000000000000000000000000000] - [05/07/2016 17:16:08] - |D| - [0] - C:\WINDOWS\IObit [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [89407] - C:\WINDOWS\L2Schemas [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\LiveKernelReports [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [44486284] - C:\WINDOWS\Logs [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RSD| - [20145669] - C:\WINDOWS\Media [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [775355119] - C:\WINDOWS\Microsoft.NET [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [2371] - C:\WINDOWS\Migration [MD5.00000000000000000000000000000000] - [18/07/2016 15:50:54] - |D| - [0] - C:\WINDOWS\Minidump [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [470257] - C:\WINDOWS\MiracastView [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.D186A7FEAF8DBB8A935672AAB915741F] - [19/07/2016 10:44:27] - |A| - [1516816] - C:\WINDOWS\ntbtlog.txt [MD5.00000000000000000000000000000000] - [04/07/2016 14:25:44] - |D| - [199124] - C:\WINDOWS\OCR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [MD5.00000000000000000000000000000000] - [04/07/2016 14:34:22] - |DC| - [0] - C:\WINDOWS\Panther [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [28864584] - C:\WINDOWS\Performance [MD5.CBCF91BD4020C02571750227D8228F2D] - [19/07/2016 03:30:29] - |A| - [258256] - C:\WINDOWS\PFRO.log [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [1136442] - C:\WINDOWS\PLA [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [2566565] - C:\WINDOWS\PolicyDefinitions [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [31830854] - C:\WINDOWS\prefetch [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [1297393] - C:\WINDOWS\Provisioning [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |RD| - [770223] - C:\WINDOWS\PurchaseDialog [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [1102632] - C:\WINDOWS\registration [MD5.5A6945B399F0881F3AA2DFC97BEB1C7E] - [14/07/2016 05:02:17] - |A| - [56] - C:\WINDOWS\REIMAGE.del [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3424794] - C:\WINDOWS\rescache [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3728883] - C:\WINDOWS\Resources [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\SchCache [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [121229] - C:\WINDOWS\schemas [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3637248] - C:\WINDOWS\security [MD5.00000000000000000000000000000000] - [04/07/2016 14:31:14] - |D| - [61170500] - C:\WINDOWS\ServiceProfiles [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [89507339] - C:\WINDOWS\servicing [MD5.00000000000000000000000000000000] - [04/07/2016 14:28:55] - |D| - [42] - C:\WINDOWS\Setup [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [9383] - C:\WINDOWS\ShellNew [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3070736] - C:\WINDOWS\SKB [MD5.00000000000000000000000000000000] - [04/07/2016 13:44:47] - |D| - [200824076] - C:\WINDOWS\SoftwareDistribution [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [103543755] - C:\WINDOWS\Speech [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [04/07/2016 14:13:10] - |A| - [219] - C:\WINDOWS\system.ini [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [4508976230] - C:\WINDOWS\System32 [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [155460814] - C:\WINDOWS\SystemApps [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [18175861] - C:\WINDOWS\SystemResources [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [1397192950] - C:\WINDOWS\syswow64 [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\TAPI [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [8078] - C:\WINDOWS\Tasks [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [5936] - C:\WINDOWS\Temp [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\tracing [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [43083340] - C:\WINDOWS\twain_32 [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [12420] - C:\WINDOWS\Vss [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [15729830] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [04/07/2016 14:13:10] - |A| - [92] - C:\WINDOWS\win.ini [MD5.038356387332650843BCB352BB89A101] - [18/07/2016 12:55:56] - |A| - [275] - C:\WINDOWS\WindowsUpdate.log [MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - [17/07/2016 17:59:12] - |A| - [85] - C:\WINDOWS\wininit.ini [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [13/07/2016 11:00:57] - |RASHOT| - [2] - C:\WINDOWS\winstart.bat [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [8452548421] - C:\WINDOWS\WinSxS [MD5.5F6C3A8BEFC99367223F3F69E38C51BD] - [20/07/2016 04:54:54] - |A| - [423334] - C:\WINDOWS\ZAM.krnl.trace [MD5.6389E83C3DAF3FC371406ED8AAD039F9] - [20/07/2016 04:54:54] - |A| - [410257] - C:\WINDOWS\ZAM_Guard.krnl.trace [MD5.00000000000000000000000000000000] - [04/07/2016 15:03:12] - |SHD| - [32760211] - C:\WINDOWS\Installer\$PatchCache$ [MD5.FAFC8ADA8DFA6D8AC98C9E50761E7B24] - [04/07/2016 19:01:03] - |A| - [1316352] - C:\WINDOWS\Installer\135be1.msi [MD5.4744E1D3A55C1011FFB0533B540140F9] - [13/07/2016 12:01:33] - |A| - [34205696] - C:\WINDOWS\Installer\21ad29.msi [MD5.4F7698E7A00168C894198B79B714A088] - [05/07/2016 09:51:37] - |A| - [38105088] - C:\WINDOWS\Installer\3429b56.msi [MD5.BC441006D008FC5F38488B722E05749A] - [05/07/2016 09:52:52] - |A| - [2211840] - C:\WINDOWS\Installer\3429b5c.msi [MD5.D9C3B59109D91351B32FC8FE3A89EE8D] - [05/07/2016 09:53:09] - |A| - [11067392] - C:\WINDOWS\Installer\3429b62.msi [MD5.827FBED36F57BAE0F1BC783B008E6F75] - [05/07/2016 09:53:39] - |A| - [2162688] - C:\WINDOWS\Installer\3429b68.msi [MD5.DF6B20FA7D0B588CFA57988FAE37A546] - [05/07/2016 09:56:16] - |A| - [31232] - C:\WINDOWS\Installer\3429b74.msi [MD5.6BB38BD51C3CFE2C64CE4E2BCB918BE4] - [05/07/2016 10:04:10] - |A| - [40960] - C:\WINDOWS\Installer\3603535.msi [MD5.12C41D01A301A310AC974E687321D8E4] - [04/07/2016 15:11:57] - |A| - [42436608] - C:\WINDOWS\Installer\49e5ab.msi [MD5.8CFC2BE3A86891E4E610D3E828C7E386] - [11/07/2016 07:44:32] - |A| - [10760192] - C:\WINDOWS\Installer\5ffebd.msi [MD5.BA80E1B46CDB98D34A3DAB0CA1E85E79] - [04/07/2016 18:46:33] - |A| - [229855232] - C:\WINDOWS\Installer\6af20.msi [MD5.58C5AB14BC28A73FD41F3E8D0BE546FF] - [05/07/2016 14:33:11] - |A| - [1957888] - C:\WINDOWS\Installer\aadb48.msi [MD5.0C2013B05AE84797635F50E53985F927] - [05/07/2016 14:33:35] - |A| - [23879680] - C:\WINDOWS\Installer\aadb4f.msi [MD5.430A332991705ED7355EC177F176964E] - [05/07/2016 14:33:16] - |A| - [2527232] - C:\WINDOWS\Installer\aadb56.msi [MD5.5C5BF21C95DF795EC9F52592DA512645] - [05/07/2016 14:33:21] - |A| - [2142208] - C:\WINDOWS\Installer\aadb5d.msi [MD5.E6BAF6ADDDAEA6E75A7331A0E919A268] - [05/07/2016 14:33:14] - |A| - [1568768] - C:\WINDOWS\Installer\aadb64.msi [MD5.8536600721BF7E5B9E4BB575C89718F3] - [05/07/2016 14:45:04] - |A| - [72388608] - C:\WINDOWS\Installer\b498c0.msi [MD5.00000000000000000000000000000000] - [14/07/2016 14:36:28] - |D| - [0] - C:\WINDOWS\Installer\MSI29D1.tmp- [MD5.00000000000000000000000000000000] - [14/07/2016 14:34:54] - |D| - [0] - C:\WINDOWS\Installer\MSIEE33.tmp- [MD5.24ECDA0E6EE816CA29163B72442B0395] - [05/07/2016 14:35:38] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{001676F2-4A2D-4D85-9A00-ED2A54DCFF81} [MD5.8FF8D1C42D737710C245EBBCEA7BDF0D] - [04/07/2016 13:47:18] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{063E67F0-C298-8A2A-0FA6-84C15322A4E0} [MD5.F77A45EE50FD33A6CBBA93EF14A7CF71] - [05/07/2016 09:53:14] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0} [MD5.5CC31EE0C43828F7A0105FBAF74FD3AD] - [04/07/2016 13:47:03] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{07326A3E-02B3-1078-25D7-B8666BA8FE15} [MD5.C338D574FED304784CB948EB914F2640] - [04/07/2016 13:46:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF} [MD5.02B2EB351FD79DF8E7FB4DD7C29B326F] - [04/07/2016 14:59:14] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{08610298-29AE-445B-B37D-EFBE05802967} [MD5.CC2BFB1C204F10C2F703BA83099DDCC7] - [05/07/2016 09:51:57] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{0893CB6D-8936-4882-8303-8C0769AA6750} [MD5.3008C981663D932177A9010902587611] - [05/07/2016 09:57:04] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{099218A5-A723-43DC-8DB5-6173656A1E94} [MD5.B1D3DB258082CCF3CC7B32B934B0F9E1] - [16/07/2016 20:15:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{0c8ebb00-4909-459c-8347-b2068b7f0319} [MD5.F311ED37CAE4EB03A5CF53D285A13A27] - [04/07/2016 13:46:36] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{11087D24-567D-7D88-69C6-D7A08B5F4C47} [MD5.0ABDD1FA22917C439177550EA90CD6E9] - [05/07/2016 06:16:20] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} [MD5.438E8E2DE7B1F1B6A98A59812419E67D] - [04/07/2016 14:58:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{15634701-BACE-4449-8B25-1567DA8C9FD3} [MD5.B16DFFA3C8EAB6073FCEDF261B3B4FD9] - [04/07/2016 14:57:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1651216E-E7AD-4250-92A1-FB8ED61391C9} [MD5.DB010BAAD9EA57F49247C8C36D16B6A8] - [04/07/2016 14:59:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{174A3B31-4C43-43DD-866F-73C9DB887B48} [MD5.AB50A82546235D306C45276A63C7765B] - [05/07/2016 06:17:20] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE} [MD5.AEBCF738424CFEFF869D993247190719] - [04/07/2016 13:46:39] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1AD99E77-37CC-744E-39CA-67F6FD34565A} [MD5.6AE77356F6300CE64561D3AD5838C5CA] - [04/07/2016 13:46:51] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6} [MD5.6BF5AAA645E96E8D94C648FF7664AAF7] - [05/07/2016 19:16:55] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1D8E6291-B0D5-35EC-8441-6616F567A0F7} [MD5.BE6EA995827BB144AB25779FA622003F] - [04/07/2016 13:46:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C} [MD5.21E6C2922842BFE8963D34752DDDAAE6] - [04/07/2016 15:06:29] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} [MD5.6A3AF56017D0B290462613C673A47F38] - [04/07/2016 14:59:23] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} [MD5.5F3663D30A4B36988DD2522098E2E4D5] - [04/07/2016 13:47:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F} [MD5.1E958C38FFC23E402ADBD9852563F601] - [04/07/2016 13:46:58] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2D07E15C-A9A4-D8D6-D371-92EC8779E587} [MD5.64744D9B253A93971E3FB102957AA57F] - [11/07/2016 15:50:23] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{2DFD8316-9EF1-3210-908C-4CB61961C1AC} [MD5.9FC3D3230CFDD13F97B8441BDC8AA174] - [04/07/2016 13:46:53] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0} [MD5.07F1311A4119F3C5041BF4E851FD8BDA] - [04/07/2016 13:47:16] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{35A71DED-DA81-1313-352A-EC8A0B27DF3B} [MD5.F70D4574B4194F40B17E49B7EB64EAB7] - [05/07/2016 19:17:19] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{37B8F9C7-03FB-3253-8781-2517C99D7C00} [MD5.39F7B643D0F77BBDDF16D770B578CDD0] - [05/07/2016 09:53:41] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{38251B9A-C44B-42D9-9A6A-0697986E334A} [MD5.E117C1292F1769EAA63C8A0C66F3CECC] - [04/07/2016 14:58:29] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} [MD5.DD78F8007850559E3C21AA5909D0FBF8] - [06/07/2016 14:59:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{402ED4A1-8F5B-387A-8688-997ABF58B8F2} [MD5.3E848895C6F8AFE2026213C2AA198D59] - [05/07/2016 14:34:28] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{43419429-3CD8-40A2-8245-D7C8CC59D27E} [MD5.EB7ED50F352DC4D687066853F6FFAE42] - [14/07/2016 14:27:17] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{48996CDD-DD81-4197-93FE-0971E73C5CA7} [MD5.F7E6C669E4BBE86B173E61E4DC0F0098] - [14/07/2016 14:30:25] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{4AACAFC7-951A-4215-B430-3DFCFF2E6CED} [MD5.4816D9BE1BFA0DE72EBE652DAA3DC4EC] - [05/07/2016 19:16:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} [MD5.5F7B02343352051B5713D8C61DF1ACDC] - [11/07/2016 15:49:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} [MD5.41E8D3E62EFD3DBEBA1984FBF852AA2C] - [04/07/2016 18:47:51] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100} [MD5.F88D191B5B1D995268E76A4C614BDAD0] - [12/07/2016 04:51:58] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [MD5.C2BB87663824FE35586117D19D326FA8] - [05/07/2016 10:01:04] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [MD5.D3BDE752A437233BDC04B0DBB249B4F2] - [17/07/2016 15:03:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{612C34C7-5E90-47D8-9B5C-0F717DD82726} [MD5.713BDB6E909012C5D3026D5CC5D9AAA4] - [04/07/2016 13:46:32] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{64D5A142-BD50-726E-ED9E-D2508D2A17E2} [MD5.BEE13FE256681C270A28E004A3BE8555] - [05/07/2016 06:17:52] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{65256C0D-3FE7-4D2E-BB3E-53F1175481C8} [MD5.04EE0349762B9979DCB0F432C0D79D66] - [06/07/2016 14:59:58] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.07177ABA994B1955E87592C1BA29DC99] - [04/07/2016 14:58:35] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} [MD5.9907E8701CB374AF982F736B3E943FA4] - [04/07/2016 13:46:46] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494} [MD5.BE41F53E9D32749076F6A7C0D02B791D] - [05/07/2016 06:15:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [MD5.06F4986EAE94FA713DB99E8D31CCAD95] - [04/07/2016 14:59:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{71E66D3F-A009-44AB-8784-75E2819BA4BA} [MD5.F909F3081B78661441DAC5705E0227DB] - [16/07/2016 15:03:10] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7299052b-02a4-4627-81f2-1818da5d550d} [MD5.B712B45D41F8CE5F77FF7B1F78604207] - [16/07/2016 18:44:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB} [MD5.0628C8714776C341AEF487B67E612BF1] - [13/07/2016 12:03:49] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D} [MD5.07FDC5B461AFB3A09A073B8858C82735] - [04/07/2016 13:47:17] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{79D22166-78C1-2AD4-04E7-BD22BD58FD46} [MD5.967B189914E6A1222AC35CD3539C63A5] - [14/07/2016 14:23:17] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7CC2EDF2-83EC-4707-BDD3-72469236A6CC} [MD5.61642D4A589719BD8E9BA59556196226] - [05/07/2016 06:11:37] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7D095455-D971-4D4C-9EFD-9AF6A6584F3A} [MD5.DADFE5C6B93FB0185A1308EA2F5CA75A] - [05/07/2016 09:52:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7F697B24-63AE-4433-8DF6-36F8171CAB70} [MD5.607F4B40FA42774CDAD2CB2AD4066659] - [11/07/2016 14:49:53] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8220EEFE-38CD-377E-8595-13398D740ACE} [MD5.19C16914821C4ACBA0B8A5C6B353F698] - [04/07/2016 13:47:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{82CA1714-13EA-F419-91FE-12834424745E} [MD5.EBECBF71D0AEE0DF5128CC8902111CEC] - [12/07/2016 07:59:46] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{837b34e3-7c30-493c-8f6a-2b0f04e2912c} [MD5.51BF353F39B3D4E0641899FA3E531F98] - [04/07/2016 14:59:06] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} [MD5.C981EF9DD2B690C25DDD98FCA64576B1] - [06/07/2016 14:59:07] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.59FD9F4921A04ACE05FE32E544C19784] - [05/07/2016 14:35:36] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{857BC7F8-F054-4324-9CAA-108661EA3C8D} [MD5.DFF5642931696D7EA2560AC5418EC1CD] - [04/07/2016 14:58:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8937D274-C281-42E4-8CDB-A0B2DF979189} [MD5.AD36CC6EB2E16E4C26DBD21523BC149D] - [04/07/2016 13:47:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68} [MD5.59F27AC6E9AA32ADEA1868A416640A6F] - [05/07/2016 14:35:21] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8} [MD5.E6D65F51A5FD68F54C4E69DDA837CE73] - [16/07/2016 15:29:27] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E} [MD5.AEA47C0B290C44D94395FD20274BDF5B] - [04/07/2016 13:47:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81} [MD5.174F2A30A5140F620E92191F2EC85496] - [05/07/2016 14:45:09] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{915D3B70-542D-4DEE-8F98-AA75FBADEFBA} [MD5.0D5DBD8916DDD8A01C880A0A824C3699] - [16/07/2016 15:43:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{933B4015-4618-4716-A828-5289FC03165F} [MD5.5020D7C595974AAABC21168BBDC814BF] - [11/07/2016 14:48:50] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9A25302D-30C0-39D9-BD6F-21E6EC160475} [MD5.887FE9E2AA88852DC3F4A039E21A9892] - [05/07/2016 06:15:59] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9BE518E6-ECC6-35A9-88E4-87755C07200F} [MD5.CAEE5B42036061DAAB375CAFEE66AB70] - [04/07/2016 14:59:21] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9DAEA76B-E50F-4272-A595-0124E826553D} [MD5.51108940298FCF0F4136BEE9AD41FDA9] - [19/07/2016 17:29:07] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9E04F23D-3E2E-4A62-AEBF-8BC952394295} [MD5.4E30A4774F9FF62E44DE2F57D67DFC93] - [06/07/2016 14:54:24] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9F205E94-9E42-4486-A92A-DF3F6CB85444} [MD5.8E5A0D98565E97F945C4A9105C0113F4] - [04/07/2016 13:47:06] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A5A6A4D0-2005-2A05-2E21-495808CF95ED} [MD5.48DEBB5E62A0829401D640D0046A4727] - [04/07/2016 13:47:13] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{A760847A-C4D9-E7EF-716F-07C6CBF6B147} [MD5.873DF1493040868E51B1FD3D8886AF26] - [16/07/2016 16:27:53] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{ADD5DB49-72CF-11D8-9D75-000129760D75} [MD5.7CC09C2B35C432164E9795A85D9FAC65] - [04/07/2016 13:47:25] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2} [MD5.7BD2BC8060946DB38ACDEDCAC2AC0FD3] - [04/07/2016 15:03:16] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B175520C-86A2-35A7-8619-86DC379688B9} [MD5.ED49933BC160402C6C7E896C667F7D1B] - [15/07/2016 07:50:32] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B26449A6-6007-4460-B4FE-C4776115BCEA} [MD5.9966DCC938E2D72A21646F0DF68B916A] - [04/07/2016 13:47:09] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{B839153C-D4D2-F89C-5033-0A160C62706B} [MD5.109DBF51F3BE4D5F0E3809B70870F350] - [04/07/2016 15:03:11] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [MD5.2249C67E43A6FA3B0FD8168E819A89AD] - [04/07/2016 13:47:02] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C1EA3764-1138-AE27-AD63-549BAD99BA15} [MD5.25DAD1D76457F96A940D0F1964A8A80E] - [04/07/2016 13:46:43] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C3D13AB8-468A-0174-1D06-DB9AAE8A131B} [MD5.0D524318551E373F99F9CA8E9887D16B] - [05/07/2016 06:16:26] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C52148B9-19E0-433A-9422-3451B1BEE20F} [MD5.64DBD3E70AD2997E94B0B27AE0D88DE1] - [16/07/2016 15:16:30] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C59C179C-668D-49A9-B6EA-0121CCFC1243} [MD5.0C62645521E1BA8A28B1562BBE82401A] - [06/07/2016 14:37:08] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{C7AA3D65-1F84-4590-AFAA-0777A04B6687} [MD5.A926F5CD3D15C6E5FACA5A95FB312A26] - [04/07/2016 13:47:04] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E} [MD5.0E4DE67076635D0A12221F51EB7F0509] - [04/07/2016 19:01:15] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CB94CFB5-AE04-4A66-9445-D2798D2F42EE} [MD5.AA25747588E55F58AD5D06773EEF4B27] - [05/07/2016 19:17:16] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [MD5.2C74FC0DD7A6CD7FD467FAB978128FAE] - [16/07/2016 20:17:22] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D36DD326-7280-11D8-97C8-000129760CBE} [MD5.F5EB9FA08BE6B2E6EEAA2A6F8482F25C] - [04/07/2016 15:13:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D4378A80-C713-11DF-9399-005056C00008} [MD5.4457D8880CE2352217876EC1C0623F4E] - [16/07/2016 18:30:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3} [MD5.863D30DE8595428587B8AC6DD464DBCA] - [05/07/2016 14:35:31] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D806EA29-CA16-43E5-9B63-CD591B0AF432} [MD5.D9555C96BEE6CE5B9043E158A33AB2C8] - [16/07/2016 16:36:46] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E3D04529-6EDB-11D8-A372-0050BAE317E1} [MD5.BFAA1C292D672AAADBEBB4907C424949] - [04/07/2016 13:47:20] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E7366CA8-7179-77AE-E712-BA18D70A0A07} [MD5.1F02FBFE1BA2310DAA21E1020BD3CCAB] - [04/07/2016 13:47:08] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E817E580-6318-AFC8-2102-322C73117EC4} [MD5.5906A7F0F0A463E8663E06F8B701EE77] - [05/07/2016 11:44:57] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [MD5.8B7B4E9138A1AD3B8B76E14148115350] - [04/07/2016 13:46:50] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F77474EE-EB6C-C87B-88AF-3310C848E068} [MD5.E00F155592925F8537357FA229AE9D6D] - [05/07/2016 06:16:22] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} [MD5.58CE61D16FB3E5E502F435DB07391024] - [04/07/2016 13:46:45] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F8DDBE95-DCBE-03B5-5359-DE3601146E21} [MD5.B919C2EEA341E3D35E567C256FEBA513] - [04/07/2016 14:58:33] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} [MD5.22728B19E6E98AF7AA8563D58DC2A01F] - [13/07/2016 12:04:01] - |A| - [68] - C:\WINDOWS\Installer\wix{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D}.SchedServiceConfig.rmi [MD5.00000000000000000000000000000000] - [05/07/2016 14:35:39] - |D| - [390356] - C:\WINDOWS\Installer\{001676F2-4A2D-4D85-9A00-ED2A54DCFF81} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:18] - |D| - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0} [MD5.00000000000000000000000000000000] - [05/07/2016 09:53:30] - |D| - [390356] - C:\WINDOWS\Installer\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:04] - |D| - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:55] - |D| - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF} [MD5.00000000000000000000000000000000] - [05/07/2016 09:52:34] - |D| - [780712] - C:\WINDOWS\Installer\{0893CB6D-8936-4882-8303-8C0769AA6750} [MD5.00000000000000000000000000000000] - [16/07/2016 20:15:58] - |D| - [200974] - C:\WINDOWS\Installer\{0c8ebb00-4909-459c-8347-b2068b7f0319} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:37] - |D| - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47} [MD5.00000000000000000000000000000000] - [05/07/2016 06:17:49] - |D| - [353566] - C:\WINDOWS\Installer\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:42] - |D| - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:52] - |D| - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:56] - |D| - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:11] - |D| - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:59] - |D| - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:53] - |D| - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:16] - |D| - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B} [MD5.00000000000000000000000000000000] - [05/07/2016 14:34:31] - |D| - [390356] - C:\WINDOWS\Installer\{43419429-3CD8-40A2-8245-D7C8CC59D27E} [MD5.00000000000000000000000000000000] - [14/07/2016 14:28:19] - |D| - [106851] - C:\WINDOWS\Installer\{48996CDD-DD81-4197-93FE-0971E73C5CA7} [MD5.00000000000000000000000000000000] - [14/07/2016 14:31:40] - |D| - [102404] - C:\WINDOWS\Installer\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED} [MD5.00000000000000000000000000000000] - [04/07/2016 18:48:10] - |D| - [99678] - C:\WINDOWS\Installer\{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100} [MD5.00000000000000000000000000000000] - [17/07/2016 15:03:26] - |D| - [10134] - C:\WINDOWS\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:33] - |D| - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2} [MD5.00000000000000000000000000000000] - [05/07/2016 06:18:08] - |D| - [300318] - C:\WINDOWS\Installer\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8} [MD5.00000000000000000000000000000000] - [06/07/2016 15:00:10] - |D| - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:49] - |D| - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494} [MD5.00000000000000000000000000000000] - [16/07/2016 18:44:56] - |D| - [200974] - C:\WINDOWS\Installer\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB} [MD5.00000000000000000000000000000000] - [13/07/2016 12:03:59] - |D| - [6770776] - C:\WINDOWS\Installer\{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:17] - |D| - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46} [MD5.00000000000000000000000000000000] - [14/07/2016 14:24:41] - |D| - [108884] - C:\WINDOWS\Installer\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC} [MD5.00000000000000000000000000000000] - [05/07/2016 06:30:31] - |D| - [123570] - C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A} [MD5.00000000000000000000000000000000] - [05/07/2016 09:52:55] - |D| - [390356] - C:\WINDOWS\Installer\{7F697B24-63AE-4433-8DF6-36F8171CAB70} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:01] - |D| - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E} [MD5.00000000000000000000000000000000] - [06/07/2016 14:59:09] - |D| - [72888] - C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.00000000000000000000000000000000] - [05/07/2016 14:35:37] - |D| - [390356] - C:\WINDOWS\Installer\{857BC7F8-F054-4324-9CAA-108661EA3C8D} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:15] - |D| - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68} [MD5.00000000000000000000000000000000] - [05/07/2016 14:35:28] - |D| - [390356] - C:\WINDOWS\Installer\{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8} [MD5.00000000000000000000000000000000] - [16/07/2016 15:29:30] - |D| - [348789] - C:\WINDOWS\Installer\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:12] - |D| - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81} [MD5.00000000000000000000000000000000] - [05/07/2016 14:45:28] - |D| - [390356] - C:\WINDOWS\Installer\{915D3B70-542D-4DEE-8F98-AA75FBADEFBA} [MD5.00000000000000000000000000000000] - [19/07/2016 17:29:08] - |D| - [17886] - C:\WINDOWS\Installer\{9E04F23D-3E2E-4A62-AEBF-8BC952394295} [MD5.00000000000000000000000000000000] - [06/07/2016 14:55:42] - |D| - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:07] - |D| - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:13] - |D| - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147} [MD5.00000000000000000000000000000000] - [12/07/2016 14:08:58] - |D| - [0] - C:\WINDOWS\Installer\{A7DA4247-9F22-4d4a-974A-DD455CCF43B6} [MD5.00000000000000000000000000000000] - [16/07/2016 16:28:44] - |D| - [132567] - C:\WINDOWS\Installer\{ADD5DB49-72CF-11D8-9D75-000129760D75} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:49] - |D| - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2} [MD5.00000000000000000000000000000000] - [13/07/2016 12:36:48] - |D| - [22566013] - C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:09] - |D| - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:02] - |D| - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:44] - |D| - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B} [MD5.00000000000000000000000000000000] - [05/07/2016 06:16:27] - |D| - [300318] - C:\WINDOWS\Installer\{C52148B9-19E0-433A-9422-3451B1BEE20F} [MD5.00000000000000000000000000000000] - [16/07/2016 15:17:27] - |D| - [155217] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243} [MD5.00000000000000000000000000000000] - [06/07/2016 14:37:11] - |D| - [50659] - C:\WINDOWS\Installer\{C7AA3D65-1F84-4590-AFAA-0777A04B6687} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:05] - |D| - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E} [MD5.00000000000000000000000000000000] - [04/07/2016 19:01:17] - |D| - [310208] - C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE} [MD5.00000000000000000000000000000000] - [16/07/2016 20:17:34] - |D| - [128012] - C:\WINDOWS\Installer\{D36DD326-7280-11D8-97C8-000129760CBE} [MD5.00000000000000000000000000000000] - [04/07/2016 15:13:59] - |D| - [74210] - C:\WINDOWS\Installer\{D4378A80-C713-11DF-9399-005056C00008} [MD5.00000000000000000000000000000000] - [16/07/2016 18:30:04] - |D| - [195904] - C:\WINDOWS\Installer\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3} [MD5.00000000000000000000000000000000] - [05/07/2016 14:35:34] - |D| - [390356] - C:\WINDOWS\Installer\{D806EA29-CA16-43E5-9B63-CD591B0AF432} [MD5.00000000000000000000000000000000] - [16/07/2016 16:37:23] - |D| - [139957] - C:\WINDOWS\Installer\{E3D04529-6EDB-11D8-A372-0050BAE317E1} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:22] - |D| - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07} [MD5.00000000000000000000000000000000] - [04/07/2016 13:47:08] - |D| - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:50] - |D| - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068} [MD5.00000000000000000000000000000000] - [04/07/2016 13:46:45] - |D| - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21} [MD5.00000000000000000000000000000000] - [17/07/2016 16:10:25] - |D| - [15012273] - C:\WINDOWS\Installer\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069} [MD5.05794775F92F240DCA71A84F690619B2] - [17/07/2016 13:14:15] - |A| - [1720] - C:\WINDOWS\system32\.crusader [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:02] - |D| - [0] - C:\WINDOWS\system32\0409 [MD5.9F0D0E63D6B10C2222B4FCC784AA3A4E] - [18/07/2016 15:19:31] - |A| - [315392] - C:\WINDOWS\system32\aadcloudap.dll [MD5.17D3651E968F5E7712110FC70BFC973D] - [18/07/2016 15:20:09] - |A| - [853504] - C:\WINDOWS\system32\aadtb.dll [MD5.F785587BCA673FB606BD3618EB767EEE] - [18/07/2016 15:04:45] - |A| - [92352] - C:\WINDOWS\system32\acmigration.dll [MD5.827B2A2F64465D19DF9F655FE7F10384] - [18/07/2016 17:01:30] - |A| - [565760] - C:\WINDOWS\system32\ActionCenterCPL.dll [MD5.8F533910E5D0A63500B17F486331259F] - [18/07/2016 15:03:38] - |A| - [356864] - C:\WINDOWS\system32\ActivationManager.dll [MD5.A499B4A9A1F4989BD37F812BC6DC0298] - [18/07/2016 15:03:38] - |A| - [4775424] - C:\WINDOWS\system32\actxprxy.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3307872] - C:\WINDOWS\system32\AdvancedInstallers [MD5.EF6BD61D1F7B3E4C20EEC44F9B07E06D] - [18/07/2016 15:03:37] - |A| - [1223872] - C:\WINDOWS\system32\aeinv.dll [MD5.83A5F89896E625650148CEFCABD8418D] - [18/07/2016 15:03:37] - |A| - [219136] - C:\WINDOWS\system32\aepic.dll [MD5.5B9F3D789C4E2B2A49C16ABA6B83BEC4] - [05/07/2016 18:59:09] - |A| - [574760] - C:\WINDOWS\system32\AERTAC64.dll [MD5.5A16E2274D2E1351577E6DA4117F9C63] - [05/07/2016 18:59:09] - |A| - [118600] - C:\WINDOWS\system32\AERTAR64.dll [MD5.E928E5009E2B1F4D956E57990D456054] - [13/07/2016 11:53:35] - |A| - [31192] - C:\WINDOWS\system32\ambakdrv.sys [MD5.23AFD7AB2C2358CACFB8BBC6E4B7EF7C] - [13/07/2016 11:53:35] - |A| - [152024] - C:\WINDOWS\system32\ammntdrv.sys [MD5.39B6FAE7DFE1B70034F253AB0BB96E2F] - [13/07/2016 11:46:59] - |A| - [19568] - C:\WINDOWS\system32\ampa.sys [MD5.609C2E5B69EB5D4F7131F7DF1107396B] - [13/07/2016 11:53:36] - |A| - [18392] - C:\WINDOWS\system32\amwrtdrv.sys [MD5.FDDC75FDB8F9B581E3D6513FB85256E8] - [18/07/2016 15:17:10] - |A| - [342016] - C:\WINDOWS\system32\APHostService.dll [MD5.7B2FEC36A1166CBAB50135FCE044D9CE] - [18/07/2016 15:03:19] - |A| - [86528] - C:\WINDOWS\system32\AppCapture.dll [MD5.177306E7F752A627A82D1F362A01FADE] - [18/07/2016 17:03:07] - |A| - [1159168] - C:\WINDOWS\system32\ApplicationFrame.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\system32\AppLocker [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [7955717] - C:\WINDOWS\system32\appraiser [MD5.B6C299CDD0D76D3A8073D934E00C8400] - [18/07/2016 15:04:45] - |A| - [1505984] - C:\WINDOWS\system32\appraiser.dll [MD5.682F73D86501D75B131A1D59539A475D] - [18/07/2016 15:03:21] - |A| - [504320] - C:\WINDOWS\system32\AppReadiness.dll [MD5.ACF6FB6941AAF8EEBFF3C2B9C79C3F14] - [18/07/2016 15:03:39] - |A| - [287744] - C:\WINDOWS\system32\apprepapi.dll [MD5.1F1C41F53373FCD4DA82C5A16E748E05] - [18/07/2016 15:03:39] - |A| - [381952] - C:\WINDOWS\system32\apprepsync.dll [MD5.E7A27A6CD6CC6EA66342482FAAA8A2A7] - [18/07/2016 17:00:18] - |A| - [814080] - C:\WINDOWS\system32\appwiz.cpl [MD5.7B8C0E8D6B84BB841D50779D643C2A22] - [18/07/2016 15:03:41] - |A| - [2066432] - C:\WINDOWS\system32\AppXDeploymentExtensions.dll [MD5.AA27A3DF5CDA714F0DD47A48FE7CA8C3] - [18/07/2016 15:03:42] - |A| - [2168320] - C:\WINDOWS\system32\AppXDeploymentServer.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [275456] - C:\WINDOWS\system32\ar-SA [MD5.5C6F3312EACE1409DC2C4C2AD5D2719D] - [18/07/2016 17:00:21] - |A| - [1054208] - C:\WINDOWS\system32\audiosrv.dll [MD5.B2FD8E42044B7A2C18AE54A60ACDDE6B] - [18/07/2016 17:13:11] - |A| - [2352128] - C:\WINDOWS\system32\authui.dll [MD5.D638E3AD81E149A75EEF59E9C743E27C] - [04/07/2016 14:13:19] - |A| - [389] - C:\WINDOWS\system32\AutoWorkplace.exe.config [MD5.63E75187FFFA108A78C67E14122C45B0] - [18/07/2016 17:03:24] - |A| - [865792] - C:\WINDOWS\system32\AzureSettingSyncProvider.dll [MD5.7A809AC3187F404168EAD29FB96A7854] - [18/07/2016 15:03:19] - |A| - [414720] - C:\WINDOWS\system32\bcastdvr.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [249856] - C:\WINDOWS\system32\bg-BG [MD5.20CD3B9C674909CCB1966F58A778DC68] - [18/07/2016 15:17:48] - |A| - [7200256] - C:\WINDOWS\system32\BingMaps.dll [MD5.453207816AB95A0376887BE01FAE30E1] - [18/07/2016 15:04:15] - |A| - [587776] - C:\WINDOWS\system32\bisrv.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [4473448] - C:\WINDOWS\system32\Boot [MD5.E62444E02CC404B7616916C816F14940] - [13/07/2016 11:53:21] - |A| - [3563712] - C:\WINDOWS\system32\BootMan.exe [MD5.C063C35A67FBECF53E4F31D44D253170] - [18/07/2016 15:04:16] - |A| - [91136] - C:\WINDOWS\system32\browserbroker.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [952] - C:\WINDOWS\system32\Bthprops [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [53621485] - C:\WINDOWS\system32\CatRoot [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [46198858] - C:\WINDOWS\system32\catroot2 [MD5.781173CAA32FC380415CAE7BC81A7FAD] - [11/07/2016 06:42:04] - |A| - [557224] - C:\WINDOWS\system32\CcavGuard64.dll [MD5.04F404D7F9CAC583ED45DCA0C496E893] - [18/07/2016 15:22:36] - |A| - [218624] - C:\WINDOWS\system32\cdd.dll [MD5.E8720AD5391738C5EBCCCF696B46C000] - [18/07/2016 15:04:43] - |A| - [59392] - C:\WINDOWS\system32\cdpreference.exe [MD5.88E3BA684A7B1247762E1D401076D4C2] - [18/07/2016 15:04:43] - |A| - [287744] - C:\WINDOWS\system32\cdpsvc.dll [MD5.150EB8C1C9AE50F354A4CB5778E5951E] - [18/07/2016 15:04:42] - |A| - [459776] - C:\WINDOWS\system32\certcli.dll [MD5.F432A642F2C6266788080704C63C7427] - [18/07/2016 15:17:05] - |A| - [2912256] - C:\WINDOWS\system32\CertEnroll.dll [MD5.1F4AB277DB73A3C731B669D33C560405] - [18/07/2016 17:03:17] - |A| - [7832576] - C:\WINDOWS\system32\Chakra.dll [MD5.C7ACF177D1EB5C3F00D4FC728BBF9DFD] - [18/07/2016 17:03:17] - |A| - [764928] - C:\WINDOWS\system32\Chakradiag.dll [MD5.DF85A7B895A73421A50E955B94719F2F] - [18/07/2016 15:03:17] - |A| - [78040] - C:\WINDOWS\system32\Clipc.dll [MD5.E72BB94A4010EBA7074DFEB25D67BDC3] - [18/07/2016 15:03:18] - |A| - [625000] - C:\WINDOWS\system32\ClipSVC.dll [MD5.20688A78EC7B410B2C099C80C5F758D8] - [18/07/2016 15:03:17] - |A| - [1128104] - C:\WINDOWS\system32\ClipUp.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [1482778] - C:\WINDOWS\system32\CodeIntegrity [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [375296] - C:\WINDOWS\system32\Com [MD5.603A69A513DCDDBF0DA209395071BA0C] - [18/07/2016 17:13:09] - |A| - [1063936] - C:\WINDOWS\system32\comdlg32.dll [MD5.65952E564FABBE1348E8DDBC9E85A5BC] - [18/07/2016 15:04:46] - |A| - [50368] - C:\WINDOWS\system32\CompatTelRunner.exe [MD5.0A0BE64EA194B257EA8CCA49DBA37F9B] - [05/07/2016 18:59:10] - |A| - [122328] - C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [445096348] - C:\WINDOWS\system32\config [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |SD| - [49954] - C:\WINDOWS\system32\Configuration [MD5.A71D446195E2B8090621C884D5DC3532] - [18/07/2016 15:04:46] - |A| - [2656408] - C:\WINDOWS\system32\CoreUIComponents.dll [MD5.B0296912EC10003945B68D19E9F4BC53] - [18/07/2016 17:12:44] - |A| - [440320] - C:\WINDOWS\system32\CredProvDataModel.dll [MD5.BF224299C98EA48FC9E4D3607C3148FB] - [18/07/2016 17:12:52] - |A| - [258560] - C:\WINDOWS\system32\credprovs.dll [MD5.244116AB9BC360772163F995CAF7FB8D] - [18/07/2016 15:04:50] - |A| - [1848584] - C:\WINDOWS\system32\crypt32.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [296960] - C:\WINDOWS\system32\cs-CZ [MD5.15D61F52DE9B272284D77BA822EC8477] - [05/07/2016 18:59:10] - |A| - [1608128] - C:\WINDOWS\system32\CX64APO.dll [MD5.FD8FBE19342CF2032F32C303B7D93A05] - [18/07/2016 15:23:15] - |A| - [5503488] - C:\WINDOWS\system32\d2d1.dll [MD5.957FA4FB89B1BE9D699C9927B0F3C384] - [18/07/2016 17:01:23] - |A| - [1240064] - C:\WINDOWS\system32\d3d10.dll [MD5.780B8E002BC11116E3C28DBEC6A3847D] - [18/07/2016 17:01:22] - |A| - [185856] - C:\WINDOWS\system32\d3d10_1.dll [MD5.584B28F7DA74E26FF45B83CFABABB599] - [18/07/2016 15:22:34] - |A| - [2773096] - C:\WINDOWS\system32\d3d11.dll [MD5.556E7C9734B9D2581022C56A23C96B78] - [18/07/2016 17:01:23] - |A| - [2145032] - C:\WINDOWS\system32\d3d9.dll [MD5.7FD5DC5E567910FD3B8F6FEA9A80DD4E] - [18/07/2016 15:19:55] - |A| - [4456448] - C:\WINDOWS\system32\D3DCompiler_47.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [292864] - C:\WINDOWS\system32\da-DK [MD5.5CD61D0822FCAC328DE501357445577D] - [18/07/2016 17:03:13] - |A| - [484352] - C:\WINDOWS\system32\DataSenseHandlers.dll [MD5.2AE0CAA966E0FA3ED4DC193A3DD71D3A] - [18/07/2016 15:14:55] - |A| - [5123072] - C:\WINDOWS\system32\dbgeng.dll [MD5.63EA8167E8F4FC8388E6F95D4D724917] - [18/07/2016 15:18:40] - |A| - [911648] - C:\WINDOWS\system32\dcomp.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [328704] - C:\WINDOWS\system32\de-DE [MD5.664AA698FC0106A2B075A641E8DC6302] - [04/07/2016 14:13:20] - |A| - [858] - C:\WINDOWS\system32\DefaultQuestions.json [MD5.B5FF07AFF96EFB80B930985B5B1A7CAB] - [18/07/2016 15:14:32] - |A| - [286720] - C:\WINDOWS\system32\deviceaccess.dll [MD5.283269F7F32FDF5835B1FB2233013735] - [18/07/2016 15:20:13] - |A| - [284352] - C:\WINDOWS\system32\DeviceCensus.exe [MD5.A3024762D19A31B0CDC361097E73294D] - [18/07/2016 17:12:54] - |A| - [564224] - C:\WINDOWS\system32\DevicePairing.dll [MD5.A2BE69243B678C4FD05DFD4AEC83A725] - [18/07/2016 15:03:37] - |A| - [559808] - C:\WINDOWS\system32\devinv.dll [MD5.6D63B50C49E869AF2F5B189FDD6CE784] - [18/07/2016 15:04:25] - |A| - [1443840] - C:\WINDOWS\system32\diagperf.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |SD| - [583168] - C:\WINDOWS\system32\DiagSvcs [MD5.5F1CAF0E823BADD5576555CC876F1067] - [18/07/2016 15:16:14] - |A| - [1613664] - C:\WINDOWS\system32\diagtrack.dll [MD5.B40875B8854291BD6919527ABB8DD8AE] - [18/07/2016 15:16:51] - |A| - [368640] - C:\WINDOWS\system32\diagtrack_win.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [7780088] - C:\WINDOWS\system32\Dism [MD5.F78D7C2D5139D658817A2823FCD6037A] - [18/07/2016 17:12:53] - |A| - [775168] - C:\WINDOWS\system32\Display.dll [MD5.E995CBD7C59AB97414489C7CC3B7E09C] - [18/07/2016 17:01:18] - |A| - [504832] - C:\WINDOWS\system32\dlnashext.dll [MD5.16455536238D9F0920E0AF07037D9434] - [18/07/2016 15:04:51] - |A| - [128000] - C:\WINDOWS\system32\dmcsps.dll [MD5.6A9D3DD35E13B1009E7A712E6D164B8A] - [18/07/2016 15:15:36] - |A| - [274432] - C:\WINDOWS\system32\dmdskmgr.dll [MD5.D9B2EDDCC1EE10A31389EE62B4CDDEC2] - [18/07/2016 15:18:28] - |A| - [503600] - C:\WINDOWS\system32\DMRServer.dll [MD5.6FFA21CD6166BB456262BDEFC2C5E3DE] - [18/07/2016 15:16:50] - |A| - [318976] - C:\WINDOWS\system32\domgmt.dll [MD5.13F1408690E108A987CA77141C4358E5] - [18/07/2016 15:17:26] - |A| - [1097216] - C:\WINDOWS\system32\dosvc.dll [MD5.C8E72A76B943CEF7A6C830BDB51E7B50] - [18/07/2016 15:14:39] - |A| - [319488] - C:\WINDOWS\system32\dot3ui.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [1147376] - C:\WINDOWS\system32\downlevel [MD5.00000000000000000000000000000000] - [04/07/2016 14:11:55] - |D| - [116405717] - C:\WINDOWS\system32\drivers [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [1155969458] - C:\WINDOWS\system32\DriverStore [MD5.00000000000000000000000000000000] - [16/07/2016 15:10:55] - |DC| - [428397] - C:\WINDOWS\system32\DRVSTORE [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |SD| - [152064] - C:\WINDOWS\system32\dsc [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - [04/07/2016 14:13:20] - |A| - [215943] - C:\WINDOWS\system32\dssec.dat [MD5.CE12FF056FBB4D78970A5D695D8C00BB] - [18/07/2016 17:01:24] - |A| - [1755648] - C:\WINDOWS\system32\dui70.dll [MD5.EFFFC67D0F0D2608BC294E01700FB4A3] - [18/07/2016 17:01:25] - |A| - [599040] - C:\WINDOWS\system32\duser.dll [MD5.ED922E0D9B4F1E4821B680EDEEE147EC] - [18/07/2016 15:18:53] - |A| - [1946112] - C:\WINDOWS\system32\dwmcore.dll [MD5.402CA5304470A5034EAA1FEDBB7564A7] - [18/07/2016 15:14:52] - |A| - [2445312] - C:\WINDOWS\system32\DWrite.dll [MD5.BD7E2F50A8C984500358E1AE1D1B89FC] - [18/07/2016 15:23:12] - |A| - [648256] - C:\WINDOWS\system32\dxgi.dll [MD5.55A6448A7AC0ACB238D56DFF7C280ABE] - [18/07/2016 17:01:49] - |A| - [290816] - C:\WINDOWS\system32\dxtrans.dll [MD5.D9D652506DD07CD49F3D20A3BBDD613B] - [18/07/2016 15:15:41] - |A| - [333312] - C:\WINDOWS\system32\eapp3hst.dll [MD5.AE4655837703FFA4AB079B22B66BB3C2] - [18/07/2016 15:16:12] - |A| - [352256] - C:\WINDOWS\system32\eappcfg.dll [MD5.FE87844A9D75F2D6D0752DF25EBF776B] - [18/07/2016 15:15:35] - |A| - [113152] - C:\WINDOWS\system32\eappgnui.dll [MD5.EB7C132D02CC40FB6538D53447447B2A] - [18/07/2016 15:15:31] - |A| - [308736] - C:\WINDOWS\system32\eapphost.dll [MD5.ACEDA3F655270B39586A7E8D37F1ADC2] - [18/07/2016 15:15:31] - |A| - [72192] - C:\WINDOWS\system32\eappprxy.dll [MD5.40A9F59FD6B24C045F1D6076E6489CE6] - [18/07/2016 15:16:55] - |A| - [174592] - C:\WINDOWS\system32\easwrt.dll [MD5.F823DAB5F96CC6A966DF0F1B487C51A0] - [18/07/2016 17:01:50] - |A| - [22379520] - C:\WINDOWS\system32\edgehtml.dll [MD5.97AF27209BA7058F21C8879E773CED86] - [18/07/2016 15:17:02] - |A| - [305152] - C:\WINDOWS\system32\edputil.dll [MD5.F8E7D71D4E1E57EF304805D2D770ED0A] - [18/07/2016 15:18:12] - |A| - [619520] - C:\WINDOWS\system32\efswrt.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [324096] - C:\WINDOWS\system32\el-GR [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:03] - |D| - [5120] - C:\WINDOWS\system32\en [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [239104] - C:\WINDOWS\system32\en-GB [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [2302464] - C:\WINDOWS\system32\en-US [MD5.3182FCAF6AAF478791DE5B430C912D4D] - [18/07/2016 15:14:45] - |A| - [314368] - C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [MD5.DFCC151C6AC8E5D50D27ACB34286835C] - [18/07/2016 15:18:50] - |A| - [642048] - C:\WINDOWS\system32\enterprisecsps.dll [MD5.C96635C52C5464AB2CEDA6500067F19D] - [13/07/2016 11:53:19] - |A| - [18016] - C:\WINDOWS\system32\epmntdrv.sys [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [318464] - C:\WINDOWS\system32\es-ES [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [260096] - C:\WINDOWS\system32\es-MX [MD5.D315FF43E23DF424ECEC2F6C930203E4] - [06/07/2016 14:58:56] - |A| - [144560] - C:\WINDOWS\system32\escsvc64.exe [MD5.88369A29F105499230C78B162BB04F32] - [06/07/2016 14:58:55] - |A| - [466432] - C:\WINDOWS\system32\esxw2ud.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [233472] - C:\WINDOWS\system32\et-EE [MD5.B69A265AD9328E2027C18D84C3D49959] - [13/07/2016 11:53:21] - |A| - [17504] - C:\WINDOWS\system32\EuEpmGdi.dll [MD5.08C997734B2CECE882656BB2855E6E76] - [13/07/2016 11:53:19] - |A| - [10848] - C:\WINDOWS\system32\EuGdiDrv.sys [MD5.3E9CD04F3FB54D4C3CEF3393ABF743BC] - [18/07/2016 15:15:40] - |A| - [254464] - C:\WINDOWS\system32\ExecModelClient.dll [MD5.D29BE449B728CD126D5ACA3E823C8907] - [18/07/2016 17:01:27] - |A| - [4827136] - C:\WINDOWS\system32\ExplorerFrame.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |SD| - [25446735] - C:\WINDOWS\system32\F12 [MD5.3C7D1E4786522EA69600111D7A7135EB] - [13/07/2016 11:58:56] - |A| - [24104] - C:\WINDOWS\system32\fbnative.exe [MD5.4176712BADB6903C8419B66E678CE816] - [18/07/2016 15:17:06] - |A| - [440320] - C:\WINDOWS\system32\fhcfg.dll [MD5.89C78489A7F929362858F4DFD86746E7] - [18/07/2016 15:16:57] - |A| - [252928] - C:\WINDOWS\system32\fhengine.dll [MD5.45521E32AB1D383F9E85674D0F035543] - [18/07/2016 15:16:59] - |A| - [469504] - C:\WINDOWS\system32\fhsettingsprovider.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [296448] - C:\WINDOWS\system32\fi-FI [MD5.E3D83E92FB3FAFD2E89A89850A0D9355] - [18/07/2016 17:12:49] - |A| - [90624] - C:\WINDOWS\system32\FingerprintEnrollment.dll [MD5.69A6A99AD1256CAEC30959EB9430F15B] - [05/07/2016 18:59:15] - |A| - [3282544] - C:\WINDOWS\system32\FMAPO64.dll [MD5.BB6A5A7F6D0A270E98C8CBF2A5C97268] - [04/07/2016 13:40:34] - |A| - [202632] - C:\WINDOWS\system32\FNTCACHE.DAT [MD5.F1BA85CF2AEE08860C8D5BF82C342F44] - [18/07/2016 15:19:34] - |A| - [1671168] - C:\WINDOWS\system32\FntCache.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:03] - |D| - [3474944] - C:\WINDOWS\system32\fr [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [266240] - C:\WINDOWS\system32\fr-CA [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [44794940] - C:\WINDOWS\system32\fr-FR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\system32\FxsTmp [MD5.81F9278A83AD6F42C5DE6FEAAFBEA8AB] - [18/07/2016 15:16:57] - |A| - [715776] - C:\WINDOWS\system32\GamePanel.exe [MD5.79E567E98D8F2BA20E52EBFAD92C20ED] - [18/07/2016 17:12:56] - |A| - [2731008] - C:\WINDOWS\system32\gameux.dll [MD5.E54FA914CF17AE4AFB18291F31BA3063] - [18/07/2016 17:04:16] - |A| - [1717248] - C:\WINDOWS\system32\GdiPlus.dll [MD5.08EF12456EDFB557DC424AFD9CF4AAE1] - [18/07/2016 15:04:46] - |A| - [587456] - C:\WINDOWS\system32\generaltel.dll [MD5.531662DC0764C1A1E333BD05D4485333] - [18/07/2016 15:15:27] - |A| - [321536] - C:\WINDOWS\system32\GlobCollationHost.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [263168] - C:\WINDOWS\system32\he-IL [MD5.511198CBBA38AE0D733553B0F31C770C] - [18/07/2016 17:12:54] - |A| - [636928] - C:\WINDOWS\system32\hgcpl.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [242688] - C:\WINDOWS\system32\hr-HR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [300544] - C:\WINDOWS\system32\hu-HU [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [5489] - C:\WINDOWS\system32\ias [MD5.632C3792D2BFC67E2F8B2A2CFC09CEEF] - [18/07/2016 17:01:49] - |A| - [14848] - C:\WINDOWS\system32\IconCodecService.dll [MD5.ECD81B99477AB4A93D7838EB40B870D0] - [04/07/2016 14:13:21] - |A| - [8798] - C:\WINDOWS\system32\icrav03.rat [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [37145] - C:\WINDOWS\system32\icsxml [MD5.771BC991BEB5DFD93B9347B18F62F216] - [18/07/2016 17:12:52] - |A| - [110080] - C:\WINDOWS\system32\IdCtrls.dll [MD5.69FB22CE0A11E8D55B0BA43D515B854B] - [18/07/2016 17:01:49] - |A| - [1752576] - C:\WINDOWS\system32\ieapfltr.dll [MD5.B4EF28C61CE2755D7F1842BFA122B60E] - [18/07/2016 17:01:56] - |A| - [13385728] - C:\WINDOWS\system32\ieframe.dll [MD5.FD93D230DAF156F0EAF41C7C039C8D71] - [18/07/2016 15:18:58] - |A| - [3675512] - C:\WINDOWS\system32\iertutil.dll [MD5.416CB546F36D3E5A5B5286E0066ED285] - [18/07/2016 17:01:48] - |A| - [585728] - C:\WINDOWS\system32\ieui.dll [MD5.5E5BEC886CC2503C4F18AF2153B169AF] - [18/07/2016 17:02:26] - |A| - [957952] - C:\WINDOWS\system32\IKEEXT.DLL [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [24563379] - C:\WINDOWS\system32\IME [MD5.4C21A65A6ACDF10B181D45E08DC15D24] - [18/07/2016 17:01:39] - |A| - [2127360] - C:\WINDOWS\system32\inetcpl.cpl [MD5.5B646920CE059478EED19BC7EFF72C7E] - [18/07/2016 17:02:41] - |A| - [167936] - C:\WINDOWS\system32\inetpp.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\system32\inetsrv [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [3306496] - C:\WINDOWS\system32\InputMethod [MD5.5CB0052CBF1DBF36071AD520245F32D6] - [18/07/2016 15:03:37] - |A| - [310464] - C:\WINDOWS\system32\invagent.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\system32\Ipmi [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [323584] - C:\WINDOWS\system32\it-IT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [237056] - C:\WINDOWS\system32\ja-JP [MD5.3AFCB780F17144A42F99128AD7E55A02] - [18/07/2016 15:17:50] - |A| - [1056256] - C:\WINDOWS\system32\JpMapControl.dll [MD5.3CC983011177A815A94218EB38E13241] - [18/07/2016 17:03:18] - |A| - [4895232] - C:\WINDOWS\system32\jscript9.dll [MD5.9B2BFADCB00CF39F0EBD3D690FC56220] - [18/07/2016 17:01:58] - |A| - [1997328] - C:\WINDOWS\system32\KernelBase.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [234496] - C:\WINDOWS\system32\ko-KR [MD5.2F022C0682885EFF4CFB0B62143482B5] - [18/07/2016 15:14:37] - |A| - [71168] - C:\WINDOWS\system32\LegacyNetUX.dll [MD5.1AD6967BB8F7D4495271715DC3E38CEB] - [18/07/2016 15:14:36] - |A| - [206848] - C:\WINDOWS\system32\LegacyNetUXHost.exe [MD5.6D9EE5BD98B4606D0AC2C9F1AEC0C6CB] - [04/07/2016 14:35:18] - |A| - [50650] - C:\WINDOWS\system32\license.rtf [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [74981] - C:\WINDOWS\system32\Licenses [MD5.196E3B5FB1D1A76D41A0C9A9A0B2F698] - [18/07/2016 15:03:17] - |A| - [236032] - C:\WINDOWS\system32\licensingdiag.exe [MD5.EDE31817FC0A574E7CC3AF7E544C8951] - [18/07/2016 17:01:31] - |A| - [279040] - C:\WINDOWS\system32\ListSvc.dll [MD5.28B5AB1D9C97737A3801658F12BDBCB6] - [18/07/2016 15:20:17] - |A| - [1121792] - C:\WINDOWS\system32\localspl.dll [MD5.6FDD8828032595D90AEB946A809089D8] - [18/07/2016 17:12:57] - |A| - [480768] - C:\WINDOWS\system32\LockAppBroker.dll [MD5.3AE63804B34BC99FFD101DFD54012EB8] - [18/07/2016 17:13:02] - |A| - [303216] - C:\WINDOWS\system32\LockAppHost.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [3358710] - C:\WINDOWS\system32\LogFiles [MD5.72BE361C64D50557765CB9C8E56BB9B6] - [18/07/2016 17:12:53] - |A| - [529920] - C:\WINDOWS\system32\LogonController.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [239616] - C:\WINDOWS\system32\lt-LT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [240640] - C:\WINDOWS\system32\lv-LV [MD5.83EF82141C2F7550A31ACA1E87D7B664] - [04/07/2016 13:45:55] - |A| - [32950] - C:\WINDOWS\system32\lvcoinst.log [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [29795054] - C:\WINDOWS\system32\Macromed [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [33460] - C:\WINDOWS\system32\MailContactsCalendarSync [MD5.05A027F27937EB29B89743A51B1313EA] - [18/07/2016 15:17:51] - |A| - [460800] - C:\WINDOWS\system32\MapConfiguration.dll [MD5.76BA7FDD3EA3764C0CADB522FF3F4715] - [18/07/2016 15:17:49] - |A| - [939520] - C:\WINDOWS\system32\MapControlCore.dll [MD5.923EC7EA1E8BE1C7706A2AC5DD28FF5B] - [18/07/2016 15:17:28] - |A| - [120320] - C:\WINDOWS\system32\MapsBtSvc.dll [MD5.5BDBA05692A03279E2EB9F26DB53E148] - [18/07/2016 15:17:28] - |A| - [89088] - C:\WINDOWS\system32\MapsCSP.dll [MD5.1D077E04EA82EF6D2E389182FF8C9A31] - [18/07/2016 15:17:51] - |A| - [853504] - C:\WINDOWS\system32\MapsStore.dll [MD5.DA3572238188A1145DC11800F581A30E] - [18/07/2016 15:17:28] - |A| - [28672] - C:\WINDOWS\system32\mapsupdatetask.dll [MD5.65A7997831D78845FDA12E2C87491670] - [18/07/2016 15:17:16] - |A| - [896512] - C:\WINDOWS\system32\MbaeApiPublic.dll [MD5.4EAE9C70DAB294850557E0A2B13DC3C2] - [18/07/2016 15:17:02] - |A| - [674304] - C:\WINDOWS\system32\mbsmsapi.dll [MD5.EBF31825A4C505188DC598F28C4E25F5] - [18/07/2016 15:17:19] - |A| - [586208] - C:\WINDOWS\system32\mf.dll [MD5.510702AC9FD86E3A5CDB68AC3DC14928] - [18/07/2016 17:01:59] - |A| - [498960] - C:\WINDOWS\system32\MFCaptureEngine.dll [MD5.64168D292D236456C6F5E6D48DE90528] - [18/07/2016 17:01:58] - |A| - [2582016] - C:\WINDOWS\system32\MFMediaEngine.dll [MD5.C64FA0D0AAF5EEE0E65EFB34DDDD2918] - [18/07/2016 17:02:12] - |A| - [1299504] - C:\WINDOWS\system32\mfnetsrc.dll [MD5.E3BF6CDE2DDE478E88667F1C9F33DBBC] - [18/07/2016 17:02:13] - |A| - [1092464] - C:\WINDOWS\system32\mfplat.dll [MD5.3801440364B05BDFA96CF6071D45CD7C] - [18/07/2016 15:17:03] - |A| - [35656] - C:\WINDOWS\system32\mfpmp.exe [MD5.409A46FE4B2A6133400572D2B26C6152] - [18/07/2016 17:02:11] - |A| - [847656] - C:\WINDOWS\system32\mfsvr.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:31:14] - |D| - [1132416] - C:\WINDOWS\system32\Microsoft [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [5631689] - C:\WINDOWS\system32\migration [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [43724994] - C:\WINDOWS\system32\migwiz [MD5.980258BAC6A086976DADB45D2A2233BC] - [18/07/2016 17:02:21] - |A| - [941568] - C:\WINDOWS\system32\MiracastReceiver.dll [MD5.9516AE004E3A945BA090B2CD7754B8AE] - [18/07/2016 15:15:37] - |A| - [870400] - C:\WINDOWS\system32\modernexecserver.dll [MD5.1FD91D9B6FA03C97DC8C1DD29775BBA5] - [18/07/2016 15:17:45] - |A| - [7977472] - C:\WINDOWS\system32\mos.dll [MD5.98E3D2BB421424B0457F8B7C46113110] - [18/07/2016 15:17:28] - |A| - [72704] - C:\WINDOWS\system32\moshost.dll [MD5.8EC8ECAB9AF9A5F23872031391AE6BB3] - [18/07/2016 15:17:28] - |A| - [66560] - C:\WINDOWS\system32\MosHostClient.dll [MD5.C0ADEBE6980D501C0D5B2FD321F78D19] - [18/07/2016 15:17:28] - |A| - [270848] - C:\WINDOWS\system32\moshostcore.dll [MD5.B3880D0DB160EDC7903B9F32C833812F] - [18/07/2016 15:17:28] - |A| - [74752] - C:\WINDOWS\system32\MosStorage.dll [MD5.00000000000000000000000000000000] - [17/07/2016 18:41:54] - |D| - [44928] - C:\WINDOWS\system32\MpEngineStore [MD5.BBA7BF185DD39318487299720C7859E7] - [12/07/2016 11:38:52] - |N| - [485032] - C:\WINDOWS\system32\MpSigStub.exe [MD5.00000000000000000000000000000000] - [17/07/2016 18:38:03] - |D| - [2] - C:\WINDOWS\system32\MRT [MD5.B0D02EB2EA0DBF7E5B6E04484D887335] - [17/07/2016 18:37:48] - |A| - [144749672] - C:\WINDOWS\system32\MRT.exe [MD5.869329345CED8F762DF9E2E21629A930] - [04/07/2016 14:13:22] - |A| - [230912] - C:\WINDOWS\system32\msclmd.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [46592] - C:\WINDOWS\system32\MSDRM [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [4395298] - C:\WINDOWS\system32\MsDtc [MD5.02122FD1A32C205DAA2EEC6462E60226] - [18/07/2016 17:01:49] - |A| - [784384] - C:\WINDOWS\system32\msfeeds.dll [MD5.4EB384E80857EC28F54766042D3BAB1E] - [18/07/2016 15:20:32] - |A| - [3355136] - C:\WINDOWS\system32\msftedit.dll [MD5.D5BDFD4F497EE8A2859E72809046CE89] - [18/07/2016 17:01:47] - |A| - [24610304] - C:\WINDOWS\system32\mshtml.dll [MD5.8B46C06B69A8AB4636539783FEACE54F] - [18/07/2016 17:12:51] - |A| - [316928] - C:\WINDOWS\system32\msieftp.dll [MD5.EA4B8BDD3CFFA0B5C7A605189D79184A] - [18/07/2016 17:12:50] - |A| - [6675968] - C:\WINDOWS\system32\mspaint.exe [MD5.7B5D06BDED5DFDF28597A9C5F72E85CE] - [18/07/2016 15:16:53] - |A| - [40960] - C:\WINDOWS\system32\msscntrs.dll [MD5.B9A5A35B9EB23AD507A3BABB35C5B67D] - [18/07/2016 15:17:14] - |A| - [1051648] - C:\WINDOWS\system32\MsSpellCheckingFacility.dll [MD5.D627ED29A07745EB1A5A7405FBFA2381] - [18/07/2016 15:16:55] - |A| - [147456] - C:\WINDOWS\system32\mssph.dll [MD5.5EE16195544A95C09FB12B5594D229FE] - [18/07/2016 15:17:09] - |A| - [247296] - C:\WINDOWS\system32\mssphtb.dll [MD5.028CE336DC0BD5D258716403C277674E] - [18/07/2016 15:17:27] - |A| - [2597888] - C:\WINDOWS\system32\mssrch.dll [MD5.749BEA2C23422B51F5340F42784F817D] - [18/07/2016 17:03:43] - |A| - [7533568] - C:\WINDOWS\system32\mstscax.dll [MD5.8559C1E30B9404590783497563A7A8AA] - [18/07/2016 15:18:39] - |A| - [1902592] - C:\WINDOWS\system32\msxml3.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [20120] - C:\WINDOWS\system32\MUI [MD5.C4DF2DEF5283FB1C44C6920F2FDD83BC] - [18/07/2016 15:18:19] - |A| - [44032] - C:\WINDOWS\system32\musdialoghandlers.dll [MD5.8CA9FBB305EFB04585BAC36B7B29C14B] - [18/07/2016 15:14:58] - |A| - [172032] - C:\WINDOWS\system32\MusNotification.exe [MD5.9DC794AC6F27E96F976990C6C7FC4862] - [18/07/2016 15:14:42] - |A| - [57344] - C:\WINDOWS\system32\MusNotificationUx.exe [MD5.0AC905009A2ED68715675E086B805316] - [18/07/2016 15:16:27] - |A| - [407552] - C:\WINDOWS\system32\MusUpdateHandlers.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [288256] - C:\WINDOWS\system32\nb-NO [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\system32\NDF [MD5.C93639FAB08F564D92AB5CFF29C2BFCD] - [18/07/2016 15:14:41] - |A| - [1216512] - C:\WINDOWS\system32\netcenter.dll [MD5.B9F994EA5B90838A7B10DEDCC4E41C2B] - [18/07/2016 17:02:26] - |A| - [270336] - C:\WINDOWS\system32\netplwiz.dll [MD5.329E7ACF649A721B8A5B3F0A9976F91F] - [18/07/2016 15:15:44] - |A| - [2800128] - C:\WINDOWS\system32\netshell.dll [MD5.FAAC4810F40849AB551C0B5557DF9D4B] - [18/07/2016 17:12:54] - |A| - [237056] - C:\WINDOWS\system32\NetworkDesktopSettings.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [52224] - C:\WINDOWS\system32\networklist [MD5.240F6A0AAEEAB059BC0B7D8B72637F72] - [18/07/2016 17:13:00] - |A| - [2609664] - C:\WINDOWS\system32\NetworkMobileSettings.dll [MD5.66989014C94A5AE3600DAFEA225C4DB8] - [18/07/2016 15:20:04] - |A| - [89600] - C:\WINDOWS\system32\NFCProvisioningPlugin.dll [MD5.E8DB44BFF95FE45512A7751B7B9D3C27] - [04/07/2016 18:48:16] - |A| - [31904] - C:\WINDOWS\system32\nitrolocalmon10.dll [MD5.BA1E173808A9EF0ED3A71DA9AE680718] - [04/07/2016 18:48:16] - |A| - [20128] - C:\WINDOWS\system32\nitrolocalui10.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [307712] - C:\WINDOWS\system32\nl-NL [MD5.F648E0821CACC7E547562321332E12B1] - [18/07/2016 15:17:49] - |A| - [988160] - C:\WINDOWS\system32\NMAA.dll [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - [04/07/2016 14:13:22] - |A| - [741] - C:\WINDOWS\system32\NOISE.DAT [MD5.DA7B203B42D2F32FB03AE8DFEB56F326] - [18/07/2016 15:03:20] - |A| - [529408] - C:\WINDOWS\system32\NotificationController.dll [MD5.95E5BA5E26BE4A4097458E1F316A8616] - [18/07/2016 15:22:55] - |A| - [7469408] - C:\WINDOWS\system32\ntoskrnl.exe [MD5.1D5D1656DF134068A04480DB4B1E1753] - [18/07/2016 15:19:38] - |A| - [349184] - C:\WINDOWS\system32\ntprint.dll [MD5.F747C037C6CC055E664235BF0EA9A30C] - [18/07/2016 17:02:27] - |A| - [882688] - C:\WINDOWS\system32\ntshrui.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |SD| - [16968352] - C:\WINDOWS\system32\Nui [MD5.DE4FA2E0FBF5D7CAF54977DE21949EC2] - [04/07/2016 14:13:22] - |A| - [15703] - C:\WINDOWS\system32\OEMDefaultAssociations.xml [MD5.F8D77A486B78DB6FA44F2F7DF5D7F65C] - [18/07/2016 15:03:17] - |A| - [285184] - C:\WINDOWS\system32\oemlicense.dll [MD5.642D4E1DE69A3D180D4962D6977AAAB3] - [18/07/2016 15:04:44] - |A| - [1322248] - C:\WINDOWS\system32\ole32.dll [MD5.354D204E888E96FC12E0D1F94A98D300] - [18/07/2016 17:12:55] - |A| - [364032] - C:\WINDOWS\system32\OneBackupHandler.dll [MD5.7EA42087AEE36B39F2758475B91AD5F3] - [18/07/2016 15:17:08] - |A| - [515072] - C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [12956045] - C:\WINDOWS\system32\oobe [MD5.A4BC389CAEA0203FD33849FA8431AA88] - [18/07/2016 15:14:30] - |A| - [224256] - C:\WINDOWS\system32\PackageStateRoaming.dll [MD5.D17374CC12B32B76AE375877612AB386] - [05/07/2016 09:50:44] - |A| - [120072] - C:\WINDOWS\system32\pdfcmon.dll [MD5.07A15DD04EDF82309DA3284CB5F790B5] - [04/07/2016 14:18:00] - |A| - [138836] - C:\WINDOWS\system32\perfc009.dat [MD5.FECBB2918A5C1AEB45620DA8232373BA] - [04/07/2016 14:24:48] - |A| - [155558] - C:\WINDOWS\system32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - [04/07/2016 14:18:00] - |A| - [33362] - C:\WINDOWS\system32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - [04/07/2016 14:24:48] - |A| - [40528] - C:\WINDOWS\system32\perfd00C.dat [MD5.73459E478768D945DA94E1FB8E4F4713] - [04/07/2016 14:18:00] - |A| - [734296] - C:\WINDOWS\system32\perfh009.dat [MD5.5CBB90DEAC6B08F5F648EE373844D50F] - [04/07/2016 14:24:48] - |A| - [824258] - C:\WINDOWS\system32\perfh00C.dat [MD5.6B98E5694DEDC80E39DE706A22E46E53] - [04/07/2016 14:18:00] - |A| - [296742] - C:\WINDOWS\system32\perfi009.dat [MD5.8F2243D346C50379E57AFCC43658FCDE] - [04/07/2016 14:24:48] - |A| - [350774] - C:\WINDOWS\system32\perfi00C.dat [MD5.CCA8304DBA81F8A4132F8FE75F70C94B] - [04/07/2016 14:00:41] - |A| - [1848398] - C:\WINDOWS\system32\PerfStringBackup.INI [MD5.1435F76294D5E1D1017D5C6D47CA3F80] - [18/07/2016 15:17:04] - |A| - [106928] - C:\WINDOWS\system32\phoneactivate.exe [MD5.FC749BCC3387CBBEE57539F414B24EB9] - [18/07/2016 17:02:42] - |A| - [583680] - C:\WINDOWS\system32\PhotoScreensaver.scr [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [304640] - C:\WINDOWS\system32\pl-PL [MD5.B2F6749368EEE07AF0B09755B1636F4F] - [18/07/2016 15:18:10] - |A| - [458752] - C:\WINDOWS\system32\PlayToDevice.dll [MD5.1CA267651F0295A6B809EFCED2846F70] - [18/07/2016 15:18:47] - |A| - [697856] - C:\WINDOWS\system32\PlayToManager.dll [MD5.2A64B3002165F3842EDCFA048624284F] - [18/07/2016 15:18:00] - |A| - [283648] - C:\WINDOWS\system32\PlayToReceiver.dll [MD5.7324FB4B99D7485728862DE165946846] - [18/07/2016 15:16:12] - |A| - [1814528] - C:\WINDOWS\system32\pnidui.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [386560] - C:\WINDOWS\system32\PointOfService [MD5.19348CC554A839CDFE5F79A42EBBBFAB] - [18/07/2016 15:14:39] - |A| - [589824] - C:\WINDOWS\system32\PrintDialogs.dll [MD5.DC61C9AF4B96DB3CAB08168B8E9D3455] - [18/07/2016 15:14:50] - |A| - [2050560] - C:\WINDOWS\system32\PrintDialogs3D.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:06] - |D| - [430506] - C:\WINDOWS\system32\Printing_Admin_Scripts [MD5.0225FC6F0D91F84B44CE252487D8D725] - [16/07/2016 17:13:36] - |A| - [607256] - C:\WINDOWS\system32\prodad-codec.dll [MD5.E5FCE41A5114E40EE573AB8631925BF3] - [16/07/2016 17:13:30] - |A| - [376344] - C:\WINDOWS\system32\proDAD-PA-Support.dll [MD5.F6A078D3FC7853D5A220413A239660CC] - [18/07/2016 15:20:02] - |A| - [1603224] - C:\WINDOWS\system32\propsys.dll [MD5.C9B1B0285A5AA53774BF3D91891072E2] - [18/07/2016 15:20:15] - |A| - [296960] - C:\WINDOWS\system32\provengine.dll [MD5.C9AC70AC6FEBDCFE585436FD9E3901B1] - [18/07/2016 15:20:16] - |A| - [287232] - C:\WINDOWS\system32\provhandlers.dll [MD5.D08B38F8E8A995FC673E8D5ADABBFD13] - [18/07/2016 15:20:15] - |A| - [192000] - C:\WINDOWS\system32\provisioningcsp.dll [MD5.3F4BDBBA1F3BBECBA656503BD0C16BEA] - [18/07/2016 15:20:04] - |A| - [168960] - C:\WINDOWS\system32\provops.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\system32\ProximityToast [MD5.09291D797572201BF39B685E57B7C73B] - [18/07/2016 17:02:52] - |A| - [556032] - C:\WINDOWS\system32\PsmServiceExtHost.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [308736] - C:\WINDOWS\system32\pt-BR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [303616] - C:\WINDOWS\system32\pt-PT [MD5.C32ECB99AD25E9A04F01C8665DF29EF8] - [17/07/2016 14:41:13] - |N| - [19152] - C:\WINDOWS\system32\pwdrvio.sys [MD5.D619356B955EEFA642F5FF72755E8B3C] - [17/07/2016 14:41:12] - |N| - [12504] - C:\WINDOWS\system32\pwdspio.sys [MD5.9BF9758B9781BB630BFE7D4DD5F353B4] - [13/07/2016 11:55:22] - |A| - [3067392] - C:\WINDOWS\system32\pwNative.exe [MD5.F9941B95928AB5717C6AE871941A8F44] - [18/07/2016 17:01:22] - |A| - [387072] - C:\WINDOWS\system32\qdvd.dll [MD5.34D17C28C8B8DC7F98365A60300B40B4] - [18/07/2016 17:03:42] - |A| - [341504] - C:\WINDOWS\system32\RADCUI.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [24316] - C:\WINDOWS\system32\ras [MD5.4148FE81CAA1383F97FA4F8A21A4700C] - [18/07/2016 15:15:52] - |A| - [733184] - C:\WINDOWS\system32\rasapi32.dll [MD5.FCC66CE466375869F873C9DA3A3C9453] - [18/07/2016 15:14:38] - |A| - [947200] - C:\WINDOWS\system32\rasgcw.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\system32\RasToast [MD5.CAA3392FAD89C4BFE8263D20AD995D44] - [05/07/2016 18:59:30] - |A| - [2060032] - C:\WINDOWS\system32\RCoInstII64.dll [MD5.359320D3642C2D1A0695864B439B0AB3] - [05/07/2016 18:58:56] - |A| - [72520720] - C:\WINDOWS\system32\RCoRes64.dat [MD5.757F9AA7EA001014DC9352C6144301BF] - [18/07/2016 15:17:09] - |A| - [3053568] - C:\WINDOWS\system32\rdpcore.dll [MD5.00B6D59BBA3D3061EE5210970ACC758C] - [18/07/2016 17:02:50] - |A| - [4171264] - C:\WINDOWS\system32\rdpcorets.dll [MD5.9430C60EBCAE82C0D27050C3FA231D1D] - [18/07/2016 17:02:50] - |A| - [84480] - C:\WINDOWS\system32\rdpudd.dll [MD5.C439E5B6E3EB38C9C7611C393348503B] - [18/07/2016 17:02:49] - |A| - [1073152] - C:\WINDOWS\system32\RDXService.dll [MD5.B204C799C5903272284D802DBFCF8F37] - [18/07/2016 17:13:00] - |A| - [315392] - C:\WINDOWS\system32\RDXTaskFactory.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [2008] - C:\WINDOWS\system32\Recovery [MD5.2786EAC53204EC98E5DD85C1A9DBA965] - [18/07/2016 15:16:51] - |A| - [1087488] - C:\WINDOWS\system32\reseteng.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [76] - C:\WINDOWS\system32\restore [MD5.389BA5DE987326A4B47EB688C2B21247] - [05/07/2016 18:59:30] - |A| - [3094704] - C:\WINDOWS\system32\RltkAPO64.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [245248] - C:\WINDOWS\system32\ro-RO [MD5.BCAB1D642BA232943798713E6321CCFE] - [05/07/2016 18:59:30] - |A| - [321720] - C:\WINDOWS\system32\RP3DAA64.dll [MD5.AAEEEC8B77E56AC813FE9E02594B84FC] - [05/07/2016 18:59:30] - |A| - [321720] - C:\WINDOWS\system32\RP3DHT64.dll [MD5.B43C54F80CD53FAE6436D79EECA19E92] - [05/07/2016 18:59:30] - |A| - [1355616] - C:\WINDOWS\system32\RTCOM64.dll [MD5.6B0BE6CEB98453A496CAF8789D6D4B3D] - [05/07/2016 18:59:31] - |A| - [689888] - C:\WINDOWS\system32\RtDataProc64.dll [MD5.7952DB6EEC72F621A6EBB8E39BBA08A2] - [05/07/2016 18:59:31] - |A| - [214832] - C:\WINDOWS\system32\RTEED64A.dll [MD5.A302CB54C0543D2DC93417B18C814370] - [05/07/2016 18:59:31] - |A| - [88352] - C:\WINDOWS\system32\RTEEG64A.dll [MD5.41EBD514DB0C8D1085ECCBB42936BABB] - [05/07/2016 18:59:31] - |A| - [110984] - C:\WINDOWS\system32\RTEEL64A.dll [MD5.F3FBE3A2891375337E3290802B57F8C4] - [05/07/2016 18:59:31] - |A| - [387320] - C:\WINDOWS\system32\RTEEP64A.dll [MD5.A1A991A9C3BCCEF3A1884F64576A5DFF] - [05/07/2016 18:59:31] - |A| - [343712] - C:\WINDOWS\system32\RtlCPAPI64.dll [MD5.4B23EF6E28E1F5C959AC165175930FAB] - [05/07/2016 18:59:31] - |A| - [3199232] - C:\WINDOWS\system32\RtPgEx64.dll [MD5.F639956C751787DB0A1D8C6CB335925E] - [05/07/2016 18:58:56] - |A| - [2895104] - C:\WINDOWS\system32\RTSnMg64.cpl [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [299520] - C:\WINDOWS\system32\ru-RU [MD5.5E3427306DC41D80467C9B4ACDE7A9B5] - [18/07/2016 15:18:39] - |A| - [849920] - C:\WINDOWS\system32\samsrv.dll [MD5.EB9699F8F050E41A2661E56090FB9988] - [18/07/2016 15:17:02] - |A| - [992256] - C:\WINDOWS\system32\sbe.dll [MD5.4D82582733D9F437F544D3F8F98CE159] - [18/07/2016 15:14:58] - |A| - [1001472] - C:\WINDOWS\system32\schedsvc.dll [MD5.F34470B288B2EF590B3ECA8BA4C90D95] - [18/07/2016 15:15:47] - |A| - [233984] - C:\WINDOWS\system32\schtasks.exe [MD5.309B981F0EB10916BD0BF2972BB33841] - [18/07/2016 15:14:40] - |A| - [1213440] - C:\WINDOWS\system32\sdengin2.dll [MD5.723C6C3DE056D3EB76F7520BEF5947B4] - [18/07/2016 15:14:32] - |A| - [150528] - C:\WINDOWS\system32\sdrsvc.dll [MD5.C56BFF5D26E3CD34EEB79213B6220C14] - [18/07/2016 15:14:31] - |A| - [129536] - C:\WINDOWS\system32\sdshext.dll [MD5.8FB500C462988EE33368E6E099638384] - [18/07/2016 15:16:59] - |A| - [394240] - C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll [MD5.4E762D96FA52AB55A796E373C0557361] - [18/07/2016 15:16:53] - |A| - [203776] - C:\WINDOWS\system32\SearchFilterHost.exe [MD5.A5AE758495A6F7BAB269CCDC960CAAD6] - [18/07/2016 17:12:46] - |A| - [549888] - C:\WINDOWS\system32\SearchFolder.dll [MD5.38F120F3E9F4C87A4825F12B33849BA5] - [18/07/2016 15:17:20] - |A| - [938496] - C:\WINDOWS\system32\SearchIndexer.exe [MD5.877EAB65117EF1A49C28F815F10E3A87] - [18/07/2016 15:17:06] - |A| - [334848] - C:\WINDOWS\system32\SearchProtocolHost.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [4014] - C:\WINDOWS\system32\SecureBootUpdates [MD5.21E74A7A50345F64A2E494C6B6AE0DF2] - [18/07/2016 17:03:24] - |A| - [243712] - C:\WINDOWS\system32\SettingMonitor.dll [MD5.B66654D85A6C6F915E7D4827317739FA] - [18/07/2016 17:12:58] - |A| - [2125312] - C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll [MD5.318C685A15E02A8573DC3A2772804B21] - [18/07/2016 17:12:57] - |A| - [253440] - C:\WINDOWS\system32\SettingsHandlers_Maps.dll [MD5.1CFFDC8E62372CBD2C4C1AB9ADAA0C35] - [18/07/2016 17:13:05] - |A| - [3994624] - C:\WINDOWS\system32\SettingsHandlers_nt.dll [MD5.D2DAA7F5299D1612ACEF0C282BE4F47C] - [18/07/2016 17:03:09] - |A| - [492544] - C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll [MD5.7DF705D181132AAB5AE5B25A8FF32215] - [18/07/2016 17:03:24] - |A| - [613376] - C:\WINDOWS\system32\SettingSync.dll [MD5.6E8F12E9EF754A715D62B5EEA045BE62] - [18/07/2016 15:17:19] - |A| - [984576] - C:\WINDOWS\system32\SettingSyncCore.dll [MD5.9F1B8A631FD76E9702A58904D4F249BE] - [18/07/2016 15:17:23] - |A| - [566104] - C:\WINDOWS\system32\SettingSyncHost.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [1077792] - C:\WINDOWS\system32\setup [MD5.4B91350942AA13F7566277CC6899E142] - [13/07/2016 11:53:19] - |A| - [101984] - C:\WINDOWS\system32\setupempdrvx64.exe [MD5.70B0FB34458FCA020297A595205FC82F] - [18/07/2016 17:13:00] - |A| - [990208] - C:\WINDOWS\system32\SharedStartModel.dll [MD5.C821BB49409012C6CD024F21959CC051] - [18/07/2016 15:03:20] - |A| - [638976] - C:\WINDOWS\system32\ShareHost.dll [MD5.FD0F8299FDBEC22C8DBFA66CB4BD5B1B] - [18/07/2016 17:13:08] - |A| - [725776] - C:\WINDOWS\system32\SHCore.dll [MD5.6ADFA862EDA342F416C05C9E88A69899] - [18/07/2016 17:03:28] - |A| - [22561256] - C:\WINDOWS\system32\shell32.dll [MD5.509589754EDDE7F1EE879366F5692990] - [18/07/2016 17:12:56] - |A| - [182784] - C:\WINDOWS\system32\shutdownux.dll [MD5.C5D55EF423F535D5A6766DB727BEB7E5] - [18/07/2016 15:15:48] - |A| - [160768] - C:\WINDOWS\system32\SimAuth.dll [MD5.6CA35CF766C04B30BBE9F99CB70D1DE1] - [18/07/2016 15:15:53] - |A| - [193024] - C:\WINDOWS\system32\SimCfg.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [246784] - C:\WINDOWS\system32\sk-SK [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [242176] - C:\WINDOWS\system32\sl-SI [MD5.D098DA7DAAD8AF2A14BC4BBA4A7A95E0] - [05/07/2016 18:59:32] - |A| - [1023240] - C:\WINDOWS\system32\sl3apo64.dll [MD5.7F7244CF443F04C457BE4E31139208A7] - [05/07/2016 18:59:32] - |A| - [1847888] - C:\WINDOWS\system32\slcnt64.dll [MD5.00000000000000000000000000000000] - [05/07/2016 15:19:29] - |D| - [0] - C:\WINDOWS\system32\SleepStudy [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:06] - |D| - [53396] - C:\WINDOWS\system32\slmgr [MD5.123E1555149EEA372C6EC1034F6B197A] - [05/07/2016 18:59:32] - |A| - [258864] - C:\WINDOWS\system32\slprp64.dll [MD5.EA22B5EE15D03EF8CD76D2EAD7706B92] - [05/07/2016 18:59:32] - |A| - [2477520] - C:\WINDOWS\system32\sltech64.dll [MD5.9F77B66EC74300D30720B1001E2CD044] - [18/07/2016 15:03:22] - |A| - [1037824] - C:\WINDOWS\system32\SmartcardCredentialProvider.dll [MD5.00000000000000000000000000000000] - [04/07/2016 13:40:15] - |D| - [15545367] - C:\WINDOWS\system32\SMI [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [7918944] - C:\WINDOWS\system32\Speech [MD5.9E2BC2A7D1E3862327B5626CEE56C46E] - [18/07/2016 15:17:23] - |A| - [1487872] - C:\WINDOWS\system32\SpeechPal.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [7644036] - C:\WINDOWS\system32\Speech_OneCore [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [140154687] - C:\WINDOWS\system32\spool [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [6202821] - C:\WINDOWS\system32\spp [MD5.939D80772D59831E50B03CDBD99049DF] - [18/07/2016 15:21:09] - |A| - [1540224] - C:\WINDOWS\system32\sppobjs.dll [MD5.49B666BCCF59226549F64656584318EA] - [18/07/2016 15:15:07] - |A| - [6536256] - C:\WINDOWS\system32\sppsvc.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [24235] - C:\WINDOWS\system32\sppui [MD5.B5D83BCE06D70B120D8AC889EEE4A14A] - [18/07/2016 15:20:05] - |A| - [692136] - C:\WINDOWS\system32\sppwinob.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [249344] - C:\WINDOWS\system32\sr-Latn-CS [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [245760] - C:\WINDOWS\system32\sr-Latn-RS [MD5.331D6C8CF1AE5A8A81F7FD5C2D05B687] - [05/07/2016 18:59:32] - |A| - [467168] - C:\WINDOWS\system32\SRAPO64.dll [MD5.42A9DA319FBC535FECE2FADF436DB1E3] - [05/07/2016 18:59:32] - |A| - [341152] - C:\WINDOWS\system32\SRCOM.dll [MD5.5A6AB6123A9E61C2CCFC04834D2FCCD1] - [05/07/2016 18:59:33] - |A| - [381416] - C:\WINDOWS\system32\SRCOM64.dll [MD5.995974222B873687A88C25FFCDB644F7] - [18/07/2016 15:17:39] - |A| - [965632] - C:\WINDOWS\system32\SRH.dll [MD5.04ABF2BA35F85E88076A44B6FF19D3EE] - [18/07/2016 15:17:41] - |A| - [1716736] - C:\WINDOWS\system32\SRHInproc.dll [MD5.1749E02020F295E90C72C2B3C6B4D622] - [05/07/2016 18:59:33] - |A| - [1435152] - C:\WINDOWS\system32\SRRPTR64.dll [MD5.063175C2B8CFB37F4859C728D9EFCA64] - [05/07/2016 18:59:33] - |A| - [209544] - C:\WINDOWS\system32\SRSHP64.dll [MD5.00000000000000000000000000000000] - [04/07/2016 13:45:31] - |D| - [2322176] - C:\WINDOWS\system32\SRSLabs [MD5.748C9AA4411CBEBE74C410BE37E47496] - [05/07/2016 18:59:33] - |A| - [221976] - C:\WINDOWS\system32\SRSTSH64.dll [MD5.73207081F9A6F7212FCFAE0DC28D4BDD] - [05/07/2016 18:59:33] - |A| - [532384] - C:\WINDOWS\system32\SRSTSX64.dll [MD5.8D923204C3FFAA2C5A4CA5FD40BDFB9C] - [05/07/2016 18:59:33] - |A| - [166208] - C:\WINDOWS\system32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [2760704] - C:\WINDOWS\system32\sru [MD5.40B3D3F1F3DFF9C839F2FDAAB070D877] - [18/07/2016 17:03:33] - |A| - [465920] - C:\WINDOWS\system32\StikyNot.exe [MD5.96576465D2259ADDE056451DBCBEAF3D] - [18/07/2016 17:03:37] - |A| - [656896] - C:\WINDOWS\system32\sud.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [293376] - C:\WINDOWS\system32\sv-SE [MD5.681C50548D26B77E32C5A0ED3054A0C5] - [18/07/2016 17:02:22] - |A| - [3415040] - C:\WINDOWS\system32\SyncCenter.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:00] - |D| - [1698009] - C:\WINDOWS\system32\Sysprep [MD5.20B48DC4AF4492B31A756528444BDA8C] - [18/07/2016 15:17:02] - |A| - [304752] - C:\WINDOWS\system32\systemreset.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [1208092] - C:\WINDOWS\system32\SystemResetPlatform [MD5.7E6CF2485E67AE7AA84B0556612F22CA] - [18/07/2016 17:12:56] - |A| - [714240] - C:\WINDOWS\system32\SystemSettings.Handlers.dll [MD5.CAEF382AD301DB79D004254E400719B2] - [18/07/2016 17:03:14] - |A| - [492544] - C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll [MD5.7DE46FA7E3A14535E5D971C977F874D9] - [18/07/2016 17:03:01] - |A| - [374008] - C:\WINDOWS\system32\SystemSettingsAdminFlows.exe [MD5.FEC2E3FF1F1D79E569DE372A020D1909] - [18/07/2016 17:03:02] - |A| - [3585536] - C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll [MD5.064EDB04AB15F985E5E9DE0D9B236958] - [18/07/2016 15:14:39] - |A| - [429056] - C:\WINDOWS\system32\taskcomp.dll [MD5.2D27946C8EC1AA93A26FEC2C7909CD05] - [18/07/2016 15:14:46] - |A| - [299520] - C:\WINDOWS\system32\taskeng.exe [MD5.F86A7E3BA31FB9AEF5E6EF29B65E202E] - [18/07/2016 15:03:39] - |A| - [1238584] - C:\WINDOWS\system32\Taskmgr.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [471854] - C:\WINDOWS\system32\Tasks [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [229888] - C:\WINDOWS\system32\th-TH [MD5.5A1580ADA5F4F38DC1CD0E9C1B98C6BF] - [18/07/2016 17:12:54] - |A| - [2563584] - C:\WINDOWS\system32\themecpl.dll [MD5.B7BA7030B50FC782F44D28B63C28B535] - [18/07/2016 17:03:48] - |A| - [2902528] - C:\WINDOWS\system32\themeui.dll [MD5.6D21D0A95286DCD09E354B612F592EB7] - [04/07/2016 14:13:24] - |A| - [1988] - C:\WINDOWS\system32\ticrf.rat [MD5.00110FDAF3380A23D360AEA5551B8D03] - [18/07/2016 15:20:06] - |A| - [821760] - C:\WINDOWS\system32\TokenBroker.dll [MD5.F6222E15A014A6026CD7F860006407C4] - [18/07/2016 15:17:06] - |A| - [47616] - C:\WINDOWS\system32\TpmTasks.dll [MD5.E7AF5609667C0BF1BC80A9D2E2303C35] - [18/07/2016 15:17:34] - |A| - [3577344] - C:\WINDOWS\system32\tquery.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [289280] - C:\WINDOWS\system32\tr-TR [MD5.35548DDC03345511E3B3F6C1237FFD6F] - [18/07/2016 15:14:49] - |A| - [1040800] - C:\WINDOWS\system32\twinapi.appcore.dll [MD5.0C66FD155A553C3C1775F9EEE4C52F91] - [18/07/2016 17:13:09] - |A| - [701952] - C:\WINDOWS\system32\twinapi.dll [MD5.06A6BED5044BFA97C1988568DD628777] - [18/07/2016 15:16:29] - |A| - [2444800] - C:\WINDOWS\system32\twinui.appcore.dll [MD5.73B90D7C3DEF1941F783BE0391C0F057] - [18/07/2016 17:13:04] - |A| - [11545088] - C:\WINDOWS\system32\twinui.dll [MD5.127925766866C52F147A2FFC0C0358A5] - [18/07/2016 15:03:36] - |A| - [87040] - C:\WINDOWS\system32\tzautoupdate.dll [MD5.6DF9F08ED418A400857E5570E842A559] - [18/07/2016 17:01:19] - |A| - [838144] - C:\WINDOWS\system32\uDWM.dll [MD5.FA01865117A7529561E1F19FD0354D2E] - [18/07/2016 17:03:57] - |A| - [4170240] - C:\WINDOWS\system32\UIRibbon.dll [MD5.ECDD8B72980581EF23F5BA0AFF04767F] - [18/07/2016 17:03:57] - |A| - [584704] - C:\WINDOWS\system32\UIRibbonRes.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [241152] - C:\WINDOWS\system32\uk-UA [MD5.A09C212408747F8074D957375B9C486C] - [18/07/2016 15:14:47] - |A| - [268288] - C:\WINDOWS\system32\updatehandlers.dll [MD5.231099370F84D4AA4B373B0BD0B71D8F] - [18/07/2016 15:18:59] - |A| - [1729024] - C:\WINDOWS\system32\urlmon.dll [MD5.02DF62B54CEDC85DAC946FF3F01171F5] - [18/07/2016 17:03:58] - |A| - [1385472] - C:\WINDOWS\system32\usercpl.dll [MD5.210F58F5F18D1DBF0B6F75BE33D8B06C] - [18/07/2016 17:03:58] - |A| - [651776] - C:\WINDOWS\system32\UserLanguagesCpl.dll [MD5.50F7B408700BF28CF9986821E0486A16] - [18/07/2016 15:14:58] - |A| - [379392] - C:\WINDOWS\system32\usocore.dll [MD5.5D339458DA9FEA6E314817B7DDD4D351] - [18/07/2016 15:22:47] - |A| - [605184] - C:\WINDOWS\system32\vbscript.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [76012390] - C:\WINDOWS\system32\wbem [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:07] - |D| - [0] - C:\WINDOWS\system32\WCN [MD5.F2503C00653F06AD926553E2C4F69376] - [18/07/2016 15:18:20] - |A| - [1294336] - C:\WINDOWS\system32\wcnwiz.dll [MD5.D10864C1730172780C2D4BE633B9220A] - [16/07/2016 15:52:49] - |A| - [1795952] - C:\WINDOWS\system32\WdfCoInstaller01011.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [43262070] - C:\WINDOWS\system32\WDI [MD5.CFD91D429BA902F1E3EF09434BFEAF53] - [18/07/2016 17:04:01] - |A| - [1048576] - C:\WINDOWS\system32\WebcamUi.dll [MD5.F3EB6A22AFB3893ACD4E7C1B02382A3F] - [18/07/2016 17:01:52] - |A| - [262144] - C:\WINDOWS\system32\webcheck.dll [MD5.D41EC066D915E4825121AE2687596BC2] - [18/07/2016 15:19:43] - |A| - [496640] - C:\WINDOWS\system32\webio.dll [MD5.871DB0260278B46C50D17C5CF4AEB12F] - [18/07/2016 17:01:27] - |A| - [1291776] - C:\WINDOWS\system32\werconcpl.dll [MD5.B86D30AE36165FC84E56AAD4EFBCF527] - [18/07/2016 17:01:27] - |A| - [451584] - C:\WINDOWS\system32\werui.dll [MD5.8C837B999EE2D443E8C19677C4BB7F60] - [18/07/2016 15:14:32] - |A| - [677376] - C:\WINDOWS\system32\wiaaut.dll [MD5.ED82578312E8B2D2D1D2F87CD77695AC] - [18/07/2016 15:22:40] - |A| - [1387520] - C:\WINDOWS\system32\win32kbase.sys [MD5.4EC98235B7BFCA3705279A9E9242C648] - [18/07/2016 15:22:43] - |A| - [3589632] - C:\WINDOWS\system32\win32kfull.sys [MD5.02B2863417FF2E5E34BD42EBF8B49528] - [18/07/2016 15:20:01] - |A| - [841728] - C:\WINDOWS\system32\win32spl.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [1128] - C:\WINDOWS\system32\WinBioDatabase [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [50191360] - C:\WINDOWS\system32\WinBioPlugIns [MD5.CBCA5650B97DFE6D86E4F4DC0D3DD86B] - [18/07/2016 15:03:37] - |A| - [828928] - C:\WINDOWS\system32\Windows.AccountsControl.dll [MD5.A143C34D5DFADCDDBB88CC396DC1F802] - [18/07/2016 15:15:30] - |A| - [859136] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll [MD5.E9CEE634054C1EE9D3112A2E86190FEC] - [18/07/2016 15:15:24] - |A| - [330240] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.4F56CB4CE94272928D1F884A5798456C] - [18/07/2016 17:12:46] - |A| - [538112] - C:\WINDOWS\system32\Windows.Cortana.Desktop.dll [MD5.29BB9364FD70012F169516312CAB0FB7] - [18/07/2016 15:04:20] - |A| - [317440] - C:\WINDOWS\system32\Windows.Cortana.OneCore.dll [MD5.1849F8CCD27258F69EAABC334A87846C] - [18/07/2016 15:17:43] - |A| - [6973952] - C:\WINDOWS\system32\Windows.Data.Pdf.dll [MD5.7E6FCD52B7EE309145A51A286ED18224] - [18/07/2016 15:04:51] - |A| - [344064] - C:\WINDOWS\system32\Windows.Devices.Picker.dll [MD5.82AC452307257A4B3F08856EE84EE2EC] - [18/07/2016 15:04:51] - |A| - [892416] - C:\WINDOWS\system32\Windows.Devices.SmartCards.dll [MD5.7A576DA811BCF5843C909D9BC9AEC351] - [18/07/2016 15:15:35] - |A| - [522240] - C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll [MD5.E6AA08DC29AA637E861DAF0AB3E21888] - [18/07/2016 15:16:19] - |A| - [1567744] - C:\WINDOWS\system32\Windows.Globalization.dll [MD5.E17447519BC01492E3234C90890800D4] - [18/07/2016 15:14:42] - |A| - [368128] - C:\WINDOWS\system32\Windows.Graphics.dll [MD5.5E126FBE705D91361A3A26DAF9A55838] - [18/07/2016 15:17:21] - |A| - [2103296] - C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll [MD5.DEB8CA5DE728ECB09706765DFAC90DBA] - [18/07/2016 15:15:51] - |A| - [596480] - C:\WINDOWS\system32\Windows.Graphics.Printing.dll [MD5.56A8197D9FAE5D63ED0CED92BD03F4F8] - [18/07/2016 15:17:08] - |A| - [450048] - C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll [MD5.D907D75D41B373D2F8DBD9E0E8B041C1] - [18/07/2016 17:13:06] - |A| - [730352] - C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll [MD5.0E52D076B5FDCD59AEC112BD7665E2E7] - [18/07/2016 17:02:53] - |A| - [3428864] - C:\WINDOWS\system32\Windows.Media.dll [MD5.950575747FCDCAF5CD7692664DBFE903] - [18/07/2016 17:02:50] - |A| - [1434112] - C:\WINDOWS\system32\Windows.Media.Editing.dll [MD5.024199E28832EEF1418AC3E93894FB75] - [18/07/2016 15:03:45] - |A| - [376536] - C:\WINDOWS\system32\Windows.Media.MediaControl.dll [MD5.5712B5F645838BFC583AB4A5E9684572] - [18/07/2016 15:18:35] - |A| - [1575936] - C:\WINDOWS\system32\Windows.Media.Speech.dll [MD5.4DDF78E93CF079FD19D80CB45DA9611D] - [18/07/2016 15:17:15] - |A| - [1036288] - C:\WINDOWS\system32\Windows.Media.Streaming.dll [MD5.E7DA2262B7A9C793FEBD14088AE4C72F] - [18/07/2016 15:14:42] - |A| - [900608] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll [MD5.FC0F06DFE5FD20CCFCE17F3180746D24] - [18/07/2016 15:20:09] - |A| - [576000] - C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll [MD5.4FE86093AE50EDBB2C51F719AE366AA2] - [18/07/2016 15:19:51] - |A| - [697344] - C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll [MD5.720627CBA30152DFA93E8438BCEAA167] - [18/07/2016 15:19:50] - |A| - [708608] - C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll [MD5.E274C4B6C496B72CCE171CB56C51C41A] - [18/07/2016 17:12:46] - |A| - [51200] - C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll [MD5.7FA43A7587D5D6AA8FFE42A271CF2585] - [18/07/2016 15:16:53] - |A| - [45056] - C:\WINDOWS\system32\Windows.Speech.Pal.dll [MD5.17139E61D556444B6FCE67920E71D369] - [18/07/2016 15:18:34] - |A| - [2745856] - C:\WINDOWS\system32\Windows.StateRepository.dll [MD5.0B1DA49D8F816ED7CF44B112B2F348DD] - [18/07/2016 15:17:59] - |A| - [59904] - C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll [MD5.86236B9417AA659DF48C45162C148167] - [18/07/2016 15:18:04] - |A| - [64000] - C:\WINDOWS\system32\Windows.StateRepositoryClient.dll [MD5.12FEFF0CACF65E3FB5531E2D19728FB0] - [18/07/2016 15:19:51] - |A| - [337336] - C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll [MD5.4B80239138EB21B50A1FBA54FDB15860] - [18/07/2016 15:15:05] - |A| - [6605544] - C:\WINDOWS\system32\windows.storage.dll [MD5.D62B0829530BBBA204ECA98B57FC4C58] - [18/07/2016 15:15:34] - |A| - [817152] - C:\WINDOWS\system32\Windows.Storage.Search.dll [MD5.F35D067F84D5F8EE3ACEEC3188FF3B40] - [18/07/2016 17:12:53] - |A| - [414720] - C:\WINDOWS\system32\Windows.UI.BioFeedback.dll [MD5.324F99E7B2B6739370D398D3C79A6DFD] - [18/07/2016 17:12:52] - |A| - [475648] - C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll [MD5.1EF7B8D9AF97BA18A61E6256300A2E78] - [18/07/2016 17:12:57] - |A| - [1211904] - C:\WINDOWS\system32\Windows.UI.Cred.dll [MD5.E772B8EEE1D142622192ADFF4DA1618B] - [18/07/2016 17:04:03] - |A| - [673280] - C:\WINDOWS\system32\Windows.UI.dll [MD5.F099E147846A9CFF5D26E9292D77F8A9] - [18/07/2016 17:13:11] - |A| - [1797120] - C:\WINDOWS\system32\Windows.UI.Immersive.dll [MD5.C731DF7843CA87A97969FC182298D8F0] - [18/07/2016 17:03:56] - |A| - [2635776] - C:\WINDOWS\system32\Windows.UI.Logon.dll [MD5.AA39F6642940FD8D4781701AD73776AD] - [18/07/2016 17:12:51] - |A| - [188416] - C:\WINDOWS\system32\Windows.UI.PicturePassword.dll [MD5.552E1A170B36D372CA67A5990E95BF13] - [18/07/2016 17:12:48] - |A| - [6312448] - C:\WINDOWS\system32\Windows.UI.Search.dll [MD5.E269E5AE6F0B70FC5093DF5D438C5FD2] - [18/07/2016 17:03:56] - |A| - [1390080] - C:\WINDOWS\system32\Windows.UI.Shell.dll [MD5.2DEED9D59520DD7DF44C4D4F58C3B046] - [18/07/2016 15:15:13] - |A| - [16985088] - C:\WINDOWS\system32\Windows.UI.Xaml.dll [MD5.63660131B3B6F976F28E75F37DFB2F5F] - [18/07/2016 15:14:54] - |A| - [1776768] - C:\WINDOWS\system32\WindowsCodecs.dll [MD5.E249D7A2B7998EF00990E56190D738B1] - [18/07/2016 15:19:40] - |A| - [276480] - C:\WINDOWS\system32\WindowsCodecsExt.dll [MD5.4FBF7735D43C338B9F6A1F86116451E5] - [18/07/2016 17:04:02] - |A| - [28851224] - C:\WINDOWS\system32\WindowsCodecsRaw.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [8511517] - C:\WINDOWS\system32\WindowsPowerShell [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [150458368] - C:\WINDOWS\system32\winevt [MD5.1EEBC6859473037A1A671738AD083C7D] - [18/07/2016 15:19:11] - |A| - [3026944] - C:\WINDOWS\system32\wininet.dll [MD5.BB46F924BAF7128D44B25783ED785A18] - [18/07/2016 15:18:24] - |A| - [448000] - C:\WINDOWS\system32\winipcfile.dll [MD5.C1257DCFD6031469F154CF44E0769613] - [18/07/2016 15:18:25] - |A| - [1141248] - C:\WINDOWS\system32\winipcsecproc.dll [MD5.BB861E878479CCBCF55D4242AC400E36] - [18/07/2016 15:04:14] - |A| - [1317640] - C:\WINDOWS\system32\winload.efi [MD5.8C01DAF52F9923A4B9DF31F1D9331567] - [18/07/2016 15:04:14] - |A| - [1141504] - C:\WINDOWS\system32\winload.exe [MD5.96D121188D91FB4C9C878F30A3F7086F] - [18/07/2016 17:04:04] - |A| - [1552104] - C:\WINDOWS\system32\winmde.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [3784704] - C:\WINDOWS\system32\WinMetadata [MD5.5DB913462AD1D5EB8766E5A51922D661] - [18/07/2016 15:18:01] - |A| - [2012672] - C:\WINDOWS\system32\winmsipc.dll [MD5.C55144832FF73830BBBC0B5B6EED6383] - [18/07/2016 15:04:14] - |A| - [1030416] - C:\WINDOWS\system32\winresume.efi [MD5.11FB4531482E461A71E5303F53FFDC92] - [18/07/2016 15:04:14] - |A| - [874968] - C:\WINDOWS\system32\winresume.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:07] - |D| - [110108] - C:\WINDOWS\system32\winrm [MD5.6C647A171ACA3838441206BBE715B0D7] - [18/07/2016 17:04:04] - |A| - [198144] - C:\WINDOWS\system32\winsrv.dll [MD5.B26725818ECD6486A3FEB0509ED66CB3] - [18/07/2016 15:18:28] - |A| - [519680] - C:\WINDOWS\system32\WLanConn.dll [MD5.9E5D0971925AF8E8EBAB3A98991500BD] - [18/07/2016 15:18:18] - |A| - [510464] - C:\WINDOWS\system32\WlanMediaManager.dll [MD5.D3C6155DF570181F97488A3186E4E8E2] - [18/07/2016 15:18:06] - |A| - [412672] - C:\WINDOWS\system32\wlanui.dll [MD5.D78D829952282676116A92E1C5C3A89F] - [18/07/2016 15:04:44] - |A| - [37232] - C:\WINDOWS\system32\wldp.dll [MD5.E5830830FB987CB46C18AB55ECC7763A] - [18/07/2016 15:14:45] - |A| - [341504] - C:\WINDOWS\system32\wmicmiplugin.dll [MD5.6E415D9BFD8D1BC0354C3B0E4A0E1C56] - [18/07/2016 17:02:11] - |A| - [14252544] - C:\WINDOWS\system32\wmp.dll [MD5.E750AFEDBCC48016787CB4F6644923E4] - [18/07/2016 17:04:05] - |A| - [1847808] - C:\WINDOWS\system32\WMPDMC.exe [MD5.C9BB741EB879D6B5A6CDBE88315B030B] - [18/07/2016 17:04:05] - |A| - [373248] - C:\WINDOWS\system32\WmpDui.dll [MD5.9D86BE6C15D60535AE36AA0D8DECFC51] - [18/07/2016 15:16:59] - |A| - [394752] - C:\WINDOWS\system32\WMPhoto.dll [MD5.79F5E0E53F4D42D1DB0D83D719C551C9] - [18/07/2016 17:03:59] - |A| - [1554152] - C:\WINDOWS\system32\wmpmde.dll [MD5.FC3D54BD8FBD8A053223D1EC6E9103A4] - [18/07/2016 17:02:12] - |A| - [388896] - C:\WINDOWS\system32\wmpps.dll [MD5.3B6CCFF7AD385842A9638DCF654ABCD4] - [18/07/2016 17:01:26] - |A| - [1872896] - C:\WINDOWS\system32\workfolderssvc.dll [MD5.6D6E9C9C70E196F6833A96C267327368] - [18/07/2016 17:02:41] - |A| - [2876928] - C:\WINDOWS\system32\Wpc.dll [MD5.08C501FB351842DC6B5A34DFA705C28C] - [18/07/2016 17:02:37] - |A| - [1750440] - C:\WINDOWS\system32\WpcMon.exe [MD5.9E625D3F5AAC433191CF4F16174DDE05] - [18/07/2016 17:02:37] - |A| - [824320] - C:\WINDOWS\system32\WpcWebFilter.dll [MD5.1AC7CA0E0DA703106B6DFACD2C84E520] - [18/07/2016 17:02:41] - |A| - [2285568] - C:\WINDOWS\system32\WpcWebSync.dll [MD5.80625D0A23E439BCAA2C3021042A5EBF] - [18/07/2016 17:04:06] - |A| - [2088960] - C:\WINDOWS\system32\wpdshext.dll [MD5.C2F73C1C869B72BF897379A6B02CB5C2] - [18/07/2016 17:04:07] - |A| - [69120] - C:\WINDOWS\system32\WPDShServiceObj.dll [MD5.634E0909C598C5BA50E0890D7CAFD795] - [18/07/2016 17:02:37] - |A| - [870400] - C:\WINDOWS\system32\wpncore.dll [MD5.BA46DFBCD3D906776F0F803B6C0B5690] - [18/07/2016 15:16:58] - |A| - [185344] - C:\WINDOWS\system32\WSClient.dll [MD5.1E099AE79C6D58063E0B4F538732B87F] - [18/07/2016 15:17:03] - |A| - [3449168] - C:\WINDOWS\system32\WSService.dll [MD5.518ABEC8D3C1EEB1C64FDC3B77CD428C] - [18/07/2016 15:17:11] - |A| - [961536] - C:\WINDOWS\system32\WSShared.dll [MD5.8E908E944599C9134A209D5876884C07] - [18/07/2016 15:16:58] - |A| - [183808] - C:\WINDOWS\system32\WSSync.dll [MD5.CC270562CC41D32D118D9EA75E966FE5] - [18/07/2016 15:16:02] - |A| - [26408] - C:\WINDOWS\system32\wuauclt.exe [MD5.F2A9089A715EC55EA8A5C660F724A7B3] - [18/07/2016 15:16:41] - |A| - [2280448] - C:\WINDOWS\system32\wuaueng.dll [MD5.862FCF0385E0D94A2CD2FB4604096CDB] - [18/07/2016 15:04:52] - |A| - [200192] - C:\WINDOWS\system32\WUDFPlatform.dll [MD5.FA913C83823C2BA250E80AAE2E3905D1] - [18/07/2016 15:20:04] - |A| - [381952] - C:\WINDOWS\system32\wuuhext.dll [MD5.0C41EA00D56409637B157DAA3C7ECDE0] - [18/07/2016 15:18:53] - |A| - [808288] - C:\WINDOWS\system32\WWAHost.exe [MD5.6630413C9F5E87F0C097D77AD96CBBC3] - [18/07/2016 15:18:30] - |A| - [465920] - C:\WINDOWS\system32\wwanconn.dll [MD5.FB468F3E01B83C0878F024B8B15F8A78] - [18/07/2016 15:18:17] - |A| - [6572032] - C:\WINDOWS\system32\wwanmm.dll [MD5.928C7B3D285CD3485267E6B819748DA4] - [18/07/2016 17:04:10] - |A| - [4646912] - C:\WINDOWS\system32\xpsrchvw.exe [MD5.5FCE18E28E0439C147A16323961CD1FA] - [18/07/2016 15:04:42] - |A| - [3046400] - C:\WINDOWS\system32\xpsservices.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [209408] - C:\WINDOWS\system32\zh-CN [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [203776] - C:\WINDOWS\system32\zh-HK [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [203776] - C:\WINDOWS\system32\zh-TW [MD5.E57B9A2BBBBB39F369A1141472A3DDFD] - [18/07/2016 17:12:52] - |A| - [392192] - C:\WINDOWS\system32\zipfldr.dll [MD5.4C61671CA9D5C7E80DA62A3EC99FCAA2] - [17/07/2016 18:31:35] - |A| - [613473] - C:\WINDOWS\system32\Drivers\ccavsfi.dat [MD5.19863788DFFBE37CB63BF19D1FD5C247] - [16/07/2016 15:10:56] - |A| - [25864] - C:\WINDOWS\system32\Drivers\CLBStor.sys [MD5.C3EE731B310E6C563A47F80C0ADD39CD] - [16/07/2016 15:11:21] - |A| - [379144] - C:\WINDOWS\system32\Drivers\CLBUDF.sys [MD5.8B6143C42CD0A28325880C166D695702] - [02/07/2016 13:04:12] - |A| - [42968] - C:\WINDOWS\system32\Drivers\clwvd7.sys [MD5.7B0D718779B0AFC2156C9C55B0F4ECC6] - [11/07/2016 06:41:40] - |A| - [133944] - C:\WINDOWS\system32\Drivers\CmdCCAV.sys [MD5.309E3CFC5309CECD9317A69990716A87] - [18/07/2016 15:18:53] - |A| - [604928] - C:\WINDOWS\system32\Drivers\cng.sys [MD5.5779731037C856ECDE96328D41742DBF] - [13/07/2016 12:37:49] - |A| - [3550400] - C:\WINDOWS\system32\Drivers\COSService.exe [MD5.726E40B11612664486BB6C6105283C95] - [13/07/2016 12:12:10] - |A| - [30264] - C:\WINDOWS\system32\Drivers\dtproscsibus.sys [MD5.97BFC3BD9F910B24EB956FF3387C71CF] - [18/07/2016 15:22:38] - |A| - [1987936] - C:\WINDOWS\system32\Drivers\dxgkrnl.sys [MD5.66FDDD2004332EED0A8262E9762EB457] - [18/07/2016 15:19:41] - |A| - [393568] - C:\WINDOWS\system32\Drivers\dxgmms1.sys [MD5.91A2D07C017068FD2F11414E8D676EC5] - [18/07/2016 15:20:54] - |A| - [577376] - C:\WINDOWS\system32\Drivers\dxgmms2.sys [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:02] - |D| - [68608] - C:\WINDOWS\system32\Drivers\en-US [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:01] - |D| - [23679] - C:\WINDOWS\system32\Drivers\etc [MD5.83EF0C33B56360761AE2DDB86E47B2E8] - [13/07/2016 12:09:48] - |A| - [60968] - C:\WINDOWS\system32\Drivers\eubakup.sys [MD5.CCF2072C27B5F84447A0829014C43760] - [13/07/2016 12:09:46] - |A| - [48168] - C:\WINDOWS\system32\Drivers\EUBKMON.sys [MD5.44A0838432C8A31A5D6CBE0BF348CED6] - [13/07/2016 12:09:49] - |A| - [18472] - C:\WINDOWS\system32\Drivers\eudskacs.sys [MD5.D05585505CB20235E7C665158464551D] - [13/07/2016 12:09:49] - |A| - [192552] - C:\WINDOWS\system32\Drivers\EuFdDisk.sys [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:02] - |D| - [1479168] - C:\WINDOWS\system32\Drivers\fr-FR [MD5.7FD586369B597798535C098E63818AAC] - [16/07/2016 10:59:22] - |A| - [46960] - C:\WINDOWS\system32\Drivers\hitmanpro37.sys [MD5.547E9B25B4407A125D5F187E918BC217] - [13/07/2016 12:42:00] - |A| - [143904] - C:\WINDOWS\system32\Drivers\KeyCrypt64.sys [MD5.5DFF4CF4DF7FD11AE5A1DAD8C67619D2] - [18/07/2016 15:18:54] - |A| - [161632] - C:\WINDOWS\system32\Drivers\ksecpkg.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 14:48:05] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 13:43:52] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 13:45:53] - |AH| - [0] - C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [MD5.549DFD8240CF20BFBD88AD9D89325DBF] - [18/07/2016 15:18:36] - |A| - [530432] - C:\WINDOWS\system32\Drivers\nwifi.sys [MD5.EF94E21C3220AE3F8539542EC0B3FF06] - [18/07/2016 15:18:54] - |A| - [331616] - C:\WINDOWS\system32\Drivers\pci.sys [MD5.C66CC0494EF15D028C38A0F098B7A441] - [05/07/2016 18:59:00] - |A| - [5989809] - C:\WINDOWS\system32\Drivers\RTAIODAT.DAT [MD5.1CDA6D0A2345AA589949AE9C83853913] - [18/07/2016 15:07:04] - |A| - [277856] - C:\WINDOWS\system32\Drivers\sdbus.sys [MD5.C6F59E545B2BC2E1CF858C45B10B8BAD] - [13/07/2016 12:39:09] - |A| - [2575552] - C:\WINDOWS\system32\Drivers\SynchronizationService.exe [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [18/07/2016 17:03:47] - |A| - [2403168] - C:\WINDOWS\system32\Drivers\tcpip.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [19/07/2016 12:20:15] - |A| - [28272] - C:\WINDOWS\system32\Drivers\TrueSight.sys [MD5.00000000000000000000000000000000] - [04/07/2016 14:11:59] - |D| - [2419200] - C:\WINDOWS\system32\Drivers\UMDF [MD5.99C131567C10C25589E741E69A8F8AA3] - [13/07/2016 12:40:45] - |A| - [203680] - C:\WINDOWS\system32\Drivers\zam64.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [13/07/2016 12:40:37] - |A| - [203680] - C:\WINDOWS\system32\Drivers\zamguard64.sys [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:08] - |D| - [0] - C:\WINDOWS\syswow64\0409 [MD5.19157418D05756492D3F54751EC5B041] - [18/07/2016 17:10:59] - |A| - [546816] - C:\WINDOWS\syswow64\ActionCenterCPL.dll [MD5.00000000000000000000000000000000] - [17/07/2016 15:03:01] - |AD| - [10051212] - C:\WINDOWS\syswow64\Adobe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [2256224] - C:\WINDOWS\syswow64\AdvancedInstallers [MD5.00000000000000000000000000000000] - [12/07/2016 14:20:59] - |SHD| - [0] - C:\WINDOWS\syswow64\AI_RecycleBin [MD5.39B6FAE7DFE1B70034F253AB0BB96E2F] - [13/07/2016 11:46:59] - |A| - [19568] - C:\WINDOWS\syswow64\ampa.sys [MD5.BBB9376A3D8764A6763183340625FCEA] - [18/07/2016 17:10:02] - |A| - [70656] - C:\WINDOWS\syswow64\AppCapture.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\syswow64\AppLocker [MD5.E48A7C15B395A8F1537CE249183D508F] - [18/07/2016 17:10:05] - |A| - [190464] - C:\WINDOWS\syswow64\apprepapi.dll [MD5.8686191CF27D6707FC890A6CD4CB552A] - [18/07/2016 17:10:05] - |A| - [260096] - C:\WINDOWS\syswow64\apprepsync.dll [MD5.AE3444858CB88D033427C1E9D6FE749E] - [18/07/2016 17:10:54] - |A| - [738816] - C:\WINDOWS\syswow64\appwiz.cpl [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [256512] - C:\WINDOWS\syswow64\ar-SA [MD5.96E0F50ABD43C92B4B66154113C701DE] - [18/07/2016 17:10:54] - |A| - [2155008] - C:\WINDOWS\syswow64\authui.dll [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [13/07/2016 11:00:57] - |RASHOT| - [2] - C:\WINDOWS\syswow64\AUTOEXEC.NT [MD5.56BBCFD02C4C5248CAF8EAF8236A4674] - [18/07/2016 17:11:13] - |A| - [667648] - C:\WINDOWS\syswow64\AzureSettingSyncProvider.dll [MD5.312472050BECE16F51493C95CCE91B57] - [18/07/2016 17:10:02] - |A| - [334336] - C:\WINDOWS\syswow64\bcastdvr.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [227328] - C:\WINDOWS\syswow64\bg-BG [MD5.3BFBC5158CC4CA508FEC8284DB6727FD] - [18/07/2016 15:20:11] - |A| - [5205504] - C:\WINDOWS\syswow64\BingMaps.dll [MD5.8FCA45CED7353FD2DE1F78273A7CE7A4] - [13/07/2016 11:53:20] - |A| - [2662592] - C:\WINDOWS\syswow64\BootMan.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [952] - C:\WINDOWS\syswow64\Bthprops [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\syswow64\catroot [MD5.F73A29E416B33B577631A06177887B83] - [11/07/2016 06:41:58] - |A| - [432808] - C:\WINDOWS\syswow64\CcavGuard32.dll [MD5.09832B7D613BA199A3028B638349FC3E] - [04/07/2016 13:48:07] - |A| - [61917] - C:\WINDOWS\syswow64\CCCInstall_201607041348075187.log [MD5.4907E0A9216A6DCEAB351F534A97FAFC] - [18/07/2016 15:18:03] - |A| - [339456] - C:\WINDOWS\syswow64\certcli.dll [MD5.C34CC619C1F747F81D2C2C47D5C1B095] - [18/07/2016 15:17:22] - |A| - [2604032] - C:\WINDOWS\syswow64\CertEnroll.dll [MD5.31AC81040FBFB538619282F47C3ED884] - [18/07/2016 17:10:36] - |A| - [5660672] - C:\WINDOWS\syswow64\Chakra.dll [MD5.DFB970BC93678AFA2F95A51BF1506049] - [18/07/2016 15:17:03] - |A| - [64584] - C:\WINDOWS\syswow64\Clipc.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [328192] - C:\WINDOWS\syswow64\Com [MD5.03BF64E3FD79A5C4FD0B51659B164EDC] - [18/07/2016 17:10:56] - |A| - [965120] - C:\WINDOWS\syswow64\comdlg32.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [13861253] - C:\WINDOWS\syswow64\config [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [13/07/2016 11:00:57] - |RASHOT| - [2] - C:\WINDOWS\syswow64\CONFIG.NT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |SD| - [49954] - C:\WINDOWS\syswow64\Configuration [MD5.766F809BC576BC57FF3B7C343D1E8881] - [18/07/2016 15:17:28] - |A| - [1862008] - C:\WINDOWS\syswow64\CoreUIComponents.dll [MD5.ADCC41AF6513D5192E0C1A250D2ED4A1] - [18/07/2016 17:10:06] - |A| - [348672] - C:\WINDOWS\syswow64\CredProvDataModel.dll [MD5.2E7375FB616E7F729B077628F9BF2537] - [18/07/2016 17:10:05] - |A| - [220672] - C:\WINDOWS\syswow64\credprovs.dll [MD5.E247EAA09FE6397200205FA90BF87C1D] - [18/07/2016 15:16:27] - |A| - [1536600] - C:\WINDOWS\syswow64\crypt32.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [274944] - C:\WINDOWS\syswow64\cs-CZ [MD5.00C8B201BE1C9705906A484DBE5D6332] - [18/07/2016 15:16:48] - |A| - [4759040] - C:\WINDOWS\syswow64\d2d1.dll [MD5.4963662B1CBB0035FD5D6832824DC7B6] - [18/07/2016 15:16:23] - |A| - [2186864] - C:\WINDOWS\syswow64\d3d11.dll [MD5.4102898869C3F72FBD50E7A7D003F530] - [18/07/2016 15:17:21] - |A| - [1866104] - C:\WINDOWS\syswow64\d3d9.dll [MD5.9FFEF91F0BEE39FAE2305ACE3C11B4A8] - [18/07/2016 15:18:12] - |A| - [3695104] - C:\WINDOWS\syswow64\D3DCompiler_47.dll [MD5.86E39E9161C3D930D93822F1563C280D] - [05/07/2016 06:16:35] - |A| - [1998168] - C:\WINDOWS\syswow64\D3DX9_43.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [271872] - C:\WINDOWS\syswow64\da-DK [MD5.7CF445915FC12FA890EFE5D43AD8B2F9] - [18/07/2016 17:11:07] - |A| - [4078080] - C:\WINDOWS\syswow64\dbgeng.dll [MD5.83CF09D8FE73DC8FA7374C98B32243DF] - [18/07/2016 15:16:25] - |A| - [675064] - C:\WINDOWS\syswow64\dcomp.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [305664] - C:\WINDOWS\syswow64\de-DE [MD5.1E00F1B16E727B3D23F6516988F2E7EA] - [18/07/2016 17:10:58] - |A| - [502272] - C:\WINDOWS\syswow64\DevicePairing.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |SD| - [17920] - C:\WINDOWS\syswow64\DiagSvcs [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [5992704] - C:\WINDOWS\syswow64\Dism [MD5.1E506E10685E8774F12BF5E2F10197F1] - [18/07/2016 17:10:59] - |A| - [736768] - C:\WINDOWS\syswow64\Display.dll [MD5.A3F164387FAF9C571959C73361317F04] - [18/07/2016 17:10:09] - |A| - [442368] - C:\WINDOWS\syswow64\dlnashext.dll [MD5.415F514AA00B37A1772639F7B22BC305] - [18/07/2016 17:10:59] - |A| - [217600] - C:\WINDOWS\syswow64\dmdskmgr.dll [MD5.29C26A25041DC901A01A021D31B0FDD8] - [18/07/2016 17:10:59] - |A| - [292864] - C:\WINDOWS\syswow64\dot3ui.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [1146976] - C:\WINDOWS\syswow64\downlevel [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [3509818] - C:\WINDOWS\syswow64\drivers [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\syswow64\DriverStore [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - [04/07/2016 14:13:37] - |A| - [215943] - C:\WINDOWS\syswow64\dssec.dat [MD5.332384C9BF8D46044F3A5189A2E7C6FE] - [18/07/2016 15:14:43] - |A| - [1448960] - C:\WINDOWS\syswow64\dui70.dll [MD5.737FC213AB9B3494E8677D12F08B8703] - [18/07/2016 15:14:37] - |A| - [482816] - C:\WINDOWS\syswow64\duser.dll [MD5.0313658DF0E7A0F28F9580AF15B37531] - [18/07/2016 15:16:28] - |A| - [1626112] - C:\WINDOWS\syswow64\dwmcore.dll [MD5.DE4C532C704002ED07B523208327629C] - [18/07/2016 15:19:50] - |A| - [1987072] - C:\WINDOWS\syswow64\DWrite.dll [MD5.7CDA291CF22B91DDBB88B5089EBE25CE] - [18/07/2016 15:16:22] - |A| - [521152] - C:\WINDOWS\syswow64\dxgi.dll [MD5.6AA3C6E88196938932ADE02296C33458] - [18/07/2016 17:10:17] - |A| - [268800] - C:\WINDOWS\syswow64\dxtrans.dll [MD5.733B5C5DCFEB74A288F69272A79FCBF7] - [18/07/2016 17:10:10] - |A| - [248320] - C:\WINDOWS\syswow64\eapp3hst.dll [MD5.19D8F7D29B8B94071DAC6453690BB5CA] - [18/07/2016 17:10:10] - |A| - [284160] - C:\WINDOWS\syswow64\eappcfg.dll [MD5.5642D8C9041FF6F1EE88E42C90639CA8] - [18/07/2016 17:10:10] - |A| - [96256] - C:\WINDOWS\syswow64\eappgnui.dll [MD5.4FAB17214FC37489C59B19CED55D4B7F] - [18/07/2016 17:10:10] - |A| - [238592] - C:\WINDOWS\syswow64\eapphost.dll [MD5.9160F82BF248F5CD2A5CA4C109369D41] - [18/07/2016 17:10:10] - |A| - [55808] - C:\WINDOWS\syswow64\eappprxy.dll [MD5.21CB86D69B268182994F981471FCBB82] - [18/07/2016 17:10:17] - |A| - [18674176] - C:\WINDOWS\syswow64\edgehtml.dll [MD5.EA11A61E656D6CC6F5001F8366B2BA08] - [18/07/2016 17:10:11] - |A| - [279040] - C:\WINDOWS\syswow64\edputil.dll [MD5.051FDE1463E8468FACFC38C63B4D8FE3] - [18/07/2016 17:10:36] - |A| - [442880] - C:\WINDOWS\syswow64\efswrt.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [299520] - C:\WINDOWS\syswow64\el-GR [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:08] - |D| - [0] - C:\WINDOWS\syswow64\en [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [218624] - C:\WINDOWS\syswow64\en-GB [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [1638912] - C:\WINDOWS\syswow64\en-US [MD5.D238D6B4D5BCFCF244D2F2286BC1DC16] - [13/07/2016 11:53:18] - |A| - [14944] - C:\WINDOWS\syswow64\epmntdrv.sys [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [295424] - C:\WINDOWS\syswow64\es-ES [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [237568] - C:\WINDOWS\syswow64\es-MX [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [213504] - C:\WINDOWS\syswow64\et-EE [MD5.980F2EEDACFEBD6C371A165046FD6237] - [13/07/2016 11:53:21] - |A| - [21088] - C:\WINDOWS\syswow64\EuEpmGdi.dll [MD5.886CDC85E0B6C9AC2547F919E5B224A3] - [13/07/2016 11:53:18] - |A| - [10208] - C:\WINDOWS\syswow64\EuGdiDrv.sys [MD5.BC98A3374DAB7CE9E600A667FDCD9F96] - [18/07/2016 15:14:38] - |A| - [193536] - C:\WINDOWS\syswow64\ExecModelClient.dll [MD5.B6113983ED77D6FE99BDEE461E7BE004] - [18/07/2016 17:10:11] - |A| - [4074160] - C:\WINDOWS\syswow64\explorer.exe [MD5.23D61B1CFA38F287D8C31A4816315454] - [18/07/2016 17:10:11] - |A| - [4413440] - C:\WINDOWS\syswow64\ExplorerFrame.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |SD| - [21460799] - C:\WINDOWS\syswow64\F12 [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [274432] - C:\WINDOWS\syswow64\fi-FI [MD5.955DC56DC263DBF2B433829192D88CD9] - [16/07/2016 14:03:44] - |A| - [828408] - C:\WINDOWS\syswow64\FlashPlayerApp.exe [MD5.26144B5C2B08E127298A71BF79D10B48] - [16/07/2016 14:03:44] - |A| - [176632] - C:\WINDOWS\syswow64\FlashPlayerCPLApp.cpl [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:08] - |D| - [3215360] - C:\WINDOWS\syswow64\fr [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [242176] - C:\WINDOWS\syswow64\fr-CA [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [38132093] - C:\WINDOWS\syswow64\fr-FR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [0] - C:\WINDOWS\syswow64\FxsTmp [MD5.64B619A6CE464E494651950794CE8264] - [18/07/2016 17:10:52] - |A| - [541184] - C:\WINDOWS\syswow64\GamePanel.exe [MD5.67BA16BD6265C9E401A3814137ECF8F4] - [18/07/2016 17:10:11] - |A| - [2578432] - C:\WINDOWS\syswow64\gameux.dll [MD5.4F79496B51E1A67B496FF6A407D22D30] - [18/07/2016 15:18:26] - |A| - [1467392] - C:\WINDOWS\syswow64\GdiPlus.dll [MD5.CE6B18828214380ADC39DF6D37F3FC40] - [05/07/2016 07:26:48] - |A| - [17134] - C:\WINDOWS\syswow64\GeneStor.INF [MD5.7BB466A82CD38CCBEE666D475BB2F3D2] - [18/07/2016 15:14:31] - |A| - [199680] - C:\WINDOWS\syswow64\GlobCollationHost.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [244736] - C:\WINDOWS\syswow64\he-IL [MD5.C0D3B98EB0C657DDEB0C033D01C6D9E7] - [18/07/2016 17:10:59] - |A| - [574976] - C:\WINDOWS\syswow64\hgcpl.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [221696] - C:\WINDOWS\syswow64\hr-HR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [278016] - C:\WINDOWS\syswow64\hu-HU [MD5.9E2490246907BC5DFF0D06E975A98FE9] - [18/07/2016 15:17:55] - |A| - [12288] - C:\WINDOWS\syswow64\IconCodecService.dll [MD5.ECD81B99477AB4A93D7838EB40B870D0] - [04/07/2016 14:13:37] - |A| - [8798] - C:\WINDOWS\syswow64\icrav03.rat [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [37145] - C:\WINDOWS\syswow64\icsxml [MD5.9459503897809956B533141003277298] - [18/07/2016 17:11:03] - |A| - [92160] - C:\WINDOWS\syswow64\IdCtrls.dll [MD5.973057A6623492B1620B0167D320BD4D] - [18/07/2016 17:11:03] - |A| - [1526272] - C:\WINDOWS\syswow64\ieapfltr.dll [MD5.350ED2186E2C0E80ABCE270C9A52647E] - [18/07/2016 17:10:19] - |A| - [12128256] - C:\WINDOWS\syswow64\ieframe.dll [MD5.608F7830161D98DBDD6324F74E9165C4] - [18/07/2016 17:11:04] - |A| - [2921880] - C:\WINDOWS\syswow64\iertutil.dll [MD5.8A62CEED5A0DD6C76C921F8B47187CA3] - [18/07/2016 17:10:17] - |A| - [477184] - C:\WINDOWS\syswow64\ieui.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [19984051] - C:\WINDOWS\syswow64\IME [MD5.447D69BB274546D00C8DBF23C2DBDBCE] - [18/07/2016 17:11:02] - |A| - [2050048] - C:\WINDOWS\syswow64\inetcpl.cpl [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\inetsrv [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [200192] - C:\WINDOWS\syswow64\InputMethod [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [1187840] - C:\WINDOWS\syswow64\InstallShield [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\Ipmi [MD5.CADC1F6669EC3F9143A33D1342C2410E] - [13/07/2016 12:47:34] - |A| - [214528] - C:\WINDOWS\syswow64\ISCM32.dll [MD5.ED5D4435EC628F9EBB6AEC8A1D3FA41D] - [13/07/2016 12:47:34] - |A| - [721263] - C:\WINDOWS\syswow64\ISCM64.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [301056] - C:\WINDOWS\syswow64\it-IT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [222720] - C:\WINDOWS\syswow64\ja-JP [MD5.0B6A790F69FC2D67EEFF6F015EF24C5B] - [18/07/2016 15:19:44] - |A| - [800768] - C:\WINDOWS\syswow64\JpMapControl.dll [MD5.79C50C86572AF5891D1196569C9D2EB1] - [18/07/2016 17:10:37] - |A| - [3663360] - C:\WINDOWS\syswow64\jscript9.dll [MD5.F45E83301A6C99D342C600B5B29BCD71] - [18/07/2016 17:10:20] - |A| - [1557776] - C:\WINDOWS\syswow64\KernelBase.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [220672] - C:\WINDOWS\syswow64\ko-KR [MD5.6D9EE5BD98B4606D0AC2C9F1AEC0C6CB] - [04/07/2016 14:35:18] - |A| - [50650] - C:\WINDOWS\syswow64\license.rtf [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [74981] - C:\WINDOWS\syswow64\Licenses [MD5.EEB99F0E02F9243F18691C75CD16AEE4] - [18/07/2016 15:16:58] - |A| - [207872] - C:\WINDOWS\syswow64\licensingdiag.exe [MD5.D7BDD6C833746E64F1652D6CDE47701F] - [18/07/2016 17:10:21] - |A| - [372224] - C:\WINDOWS\syswow64\LockAppBroker.dll [MD5.236FB0CAF33B0EB94893BF7299F3D00D] - [18/07/2016 17:10:21] - |A| - [254656] - C:\WINDOWS\syswow64\LockAppHost.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\LogFiles [MD5.644CE64AB3ED902711CB0B86CF4ECA22] - [18/07/2016 17:10:20] - |A| - [434688] - C:\WINDOWS\syswow64\LogonController.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [218624] - C:\WINDOWS\syswow64\lt-LT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [219648] - C:\WINDOWS\syswow64\lv-LV [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [24255554] - C:\WINDOWS\syswow64\Macromed [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [33460] - C:\WINDOWS\syswow64\MailContactsCalendarSync [MD5.3F695F3A23A019E6DF7BAC57276B1E77] - [18/07/2016 15:19:57] - |A| - [349696] - C:\WINDOWS\syswow64\MapConfiguration.dll [MD5.CB84B6382E21D875D0EC9665CD6908B8] - [18/07/2016 15:20:00] - |A| - [711680] - C:\WINDOWS\syswow64\MapControlCore.dll [MD5.B7299EF9D5D4C7D480AC5A8ACEA402E1] - [18/07/2016 15:19:39] - |A| - [87040] - C:\WINDOWS\syswow64\MapsBtSvc.dll [MD5.AF1D02B5F78B3D0522458E8240672582] - [18/07/2016 15:18:29] - |A| - [673280] - C:\WINDOWS\syswow64\MbaeApiPublic.dll [MD5.1CDEF66CFD26AF241D8546896F77B8A5] - [18/07/2016 15:18:04] - |A| - [489984] - C:\WINDOWS\syswow64\mbsmsapi.dll [MD5.F3B12C931650835388F43DB2DF606657] - [18/07/2016 15:14:49] - |A| - [511320] - C:\WINDOWS\syswow64\mf.dll [MD5.1FD3F9722119BDF7B8CFF0ECD1E84EA6] - [05/07/2016 10:16:10] - |A| - [1060864] - C:\WINDOWS\syswow64\mfc71.dll [MD5.B572C03916EC3A8BE05CB2199D4A3263] - [18/07/2016 17:10:22] - |A| - [451936] - C:\WINDOWS\syswow64\MFCaptureEngine.dll [MD5.59976482DB1C9F2F41DF62AA9A1B01C5] - [18/07/2016 17:10:21] - |A| - [2062336] - C:\WINDOWS\syswow64\MFMediaEngine.dll [MD5.57D00F9D60519705D37BAFB852771443] - [18/07/2016 17:10:28] - |A| - [1118208] - C:\WINDOWS\syswow64\mfnetsrc.dll [MD5.A489CECF560EA0421C04277904210395] - [18/07/2016 17:10:28] - |A| - [925576] - C:\WINDOWS\syswow64\mfplat.dll [MD5.734C17FFE65F9E0436BDAD566A613D8C] - [18/07/2016 15:14:40] - |A| - [32040] - C:\WINDOWS\syswow64\mfpmp.exe [MD5.3B5A60CFD5EA636133A0A9F8CD4EDC45] - [18/07/2016 17:10:26] - |A| - [709176] - C:\WINDOWS\syswow64\mfsvr.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [3314648] - C:\WINDOWS\syswow64\migration [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [867168] - C:\WINDOWS\syswow64\migwiz [MD5.D5ACEA2845E642A7ABF383C316CABDA6] - [18/07/2016 15:20:30] - |A| - [6295552] - C:\WINDOWS\syswow64\mos.dll [MD5.E4873BE74A0BE6F30A6948F882E6E7FC] - [18/07/2016 15:19:43] - |A| - [50176] - C:\WINDOWS\syswow64\MosHostClient.dll [MD5.0BBEA534AB25CEBFE72BD191FF84F593] - [18/07/2016 15:19:42] - |A| - [59904] - C:\WINDOWS\syswow64\MosStorage.dll [MD5.9D5C3A40554E6C01E6B4C9A888286452] - [04/07/2016 14:13:38] - |A| - [209408] - C:\WINDOWS\syswow64\msclmd.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [46592] - C:\WINDOWS\syswow64\MSDRM [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [53538] - C:\WINDOWS\syswow64\MsDtc [MD5.BEF902286DC49188F8435B1C2474AE96] - [18/07/2016 17:10:17] - |A| - [687616] - C:\WINDOWS\syswow64\msfeeds.dll [MD5.E5DD7B8A4023B9277C434405849BB43A] - [18/07/2016 15:17:17] - |A| - [2680320] - C:\WINDOWS\syswow64\msftedit.dll [MD5.01ECA12A5BF2D571FCE11C05419C3E50] - [18/07/2016 17:10:15] - |A| - [19347968] - C:\WINDOWS\syswow64\mshtml.dll [MD5.1EEC0939B2B99EF1F53B14D9205041AD] - [18/07/2016 17:11:10] - |A| - [282624] - C:\WINDOWS\syswow64\msieftp.dll [MD5.D4DE4F98D350823BACCA6D7F753D74D4] - [18/07/2016 17:10:29] - |A| - [6471168] - C:\WINDOWS\syswow64\mspaint.exe [MD5.C2230C9A5F4DA4FE5EF9462047429082] - [18/07/2016 15:17:56] - |A| - [32768] - C:\WINDOWS\syswow64\msscntrs.dll [MD5.B27FEB21C56278185E7B7A77722C6819] - [18/07/2016 17:11:12] - |A| - [777728] - C:\WINDOWS\syswow64\MsSpellCheckingFacility.dll [MD5.F3C7017623E0F1F04016E5041A106FC8] - [18/07/2016 15:18:07] - |A| - [119296] - C:\WINDOWS\syswow64\mssph.dll [MD5.4BC42306D03B539D0EDDD81CC0AE0CD3] - [18/07/2016 15:18:13] - |A| - [244736] - C:\WINDOWS\syswow64\mssphtb.dll [MD5.6500AB640E37FBFBE0D57B24F8BC6F30] - [18/07/2016 15:18:34] - |A| - [1984000] - C:\WINDOWS\syswow64\mssrch.dll [MD5.EF539679E1F6FA5DFDCE4D013A3D37CF] - [18/07/2016 15:20:07] - |A| - [6740992] - C:\WINDOWS\syswow64\mstscax.dll [MD5.2FE56BAE736FE2AD20950ECED0FFD6D1] - [18/07/2016 15:18:10] - |A| - [1588224] - C:\WINDOWS\syswow64\msxml3.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [20120] - C:\WINDOWS\syswow64\MUI [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [268288] - C:\WINDOWS\syswow64\nb-NO [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\NDF [MD5.E3E6CA2D3FAADDEE4FC8A934FA42FA3D] - [18/07/2016 17:11:10] - |A| - [1171456] - C:\WINDOWS\syswow64\netcenter.dll [MD5.F99386465A196CA0129AE92307FF472D] - [18/07/2016 17:11:10] - |A| - [197120] - C:\WINDOWS\syswow64\netplwiz.dll [MD5.F964FA5FA4FAB1B2D9E6638A0CF0D7E7] - [18/07/2016 17:11:10] - |A| - [2679808] - C:\WINDOWS\syswow64\netshell.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [52224] - C:\WINDOWS\syswow64\networklist [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [285184] - C:\WINDOWS\syswow64\nl-NL [MD5.631450FBA9C8677C00F5A577905ECE36] - [18/07/2016 15:19:28] - |A| - [784896] - C:\WINDOWS\syswow64\NMAA.dll [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - [04/07/2016 14:13:39] - |A| - [741] - C:\WINDOWS\syswow64\NOISE.DAT [MD5.ABFB6150CA07482BCF3D3FDE3B62152A] - [18/07/2016 17:11:11] - |A| - [309760] - C:\WINDOWS\syswow64\ntprint.dll [MD5.34B1DD62B3F090A0466241F84F1E9AE0] - [18/07/2016 17:10:31] - |A| - [802816] - C:\WINDOWS\syswow64\ntshrui.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |SD| - [3872256] - C:\WINDOWS\syswow64\Nui [MD5.77D3FB612C75A70CDA55889616DF3969] - [18/07/2016 15:16:55] - |A| - [205312] - C:\WINDOWS\syswow64\oemlicense.dll [MD5.F0781A46DFE3A6C48FCA23FCDDA69B4B] - [18/07/2016 17:10:06] - |A| - [957608] - C:\WINDOWS\syswow64\ole32.dll [MD5.FC03376F464F07369BC07A6D9BE8CA8D] - [18/07/2016 17:11:11] - |A| - [88576] - C:\WINDOWS\syswow64\olepro32.dll [MD5.61D86AEAE520B20FD3AE5C68327239EB] - [18/07/2016 15:16:58] - |A| - [400896] - C:\WINDOWS\syswow64\OneDriveSettingSyncProvider.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [655552] - C:\WINDOWS\syswow64\oobe [MD5.040A1A606FE5DCFA8034D793F113AB72] - [13/07/2016 11:26:44] - |A| - [250] - C:\WINDOWS\syswow64\PARTIZAN.TXT [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [281600] - C:\WINDOWS\syswow64\pl-PL [MD5.53903FCDBE698C8804D0B479F4F5E29B] - [18/07/2016 17:10:32] - |A| - [517632] - C:\WINDOWS\syswow64\PlayToManager.dll [MD5.ED3335C188873DD766C73C98F06A3BEA] - [18/07/2016 15:19:28] - |A| - [216576] - C:\WINDOWS\syswow64\PlayToReceiver.dll [MD5.ED363EC037EBC7A072B23923A4651731] - [04/07/2016 13:42:30] - |A| - [2718208] - C:\WINDOWS\syswow64\PrintConfig.dll [MD5.65585F1DB21193BA2DEB7C034984E2E8] - [18/07/2016 17:10:32] - |A| - [519168] - C:\WINDOWS\syswow64\PrintDialogs.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:10] - |D| - [430506] - C:\WINDOWS\syswow64\Printing_Admin_Scripts [MD5.AF3369020E352540743E7664F7CAA189] - [18/07/2016 15:17:19] - |A| - [1355336] - C:\WINDOWS\syswow64\propsys.dll [MD5.404EA5D1E9451EAB6D37403B7CFAD736] - [18/07/2016 15:14:38] - |A| - [123392] - C:\WINDOWS\syswow64\ProximityCommon.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [286720] - C:\WINDOWS\syswow64\pt-BR [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [281088] - C:\WINDOWS\syswow64\pt-PT [MD5.9484654938AE332E2BD2EFEA8F596376] - [18/07/2016 17:10:09] - |A| - [569856] - C:\WINDOWS\syswow64\qdvd.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [24316] - C:\WINDOWS\syswow64\ras [MD5.B34DE2B803625C572C664C495FC3F720] - [18/07/2016 17:11:12] - |A| - [846336] - C:\WINDOWS\syswow64\rasgcw.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\RasToast [MD5.CB82FEFF538C7889DD58EF66B8FDB9FD] - [18/07/2016 17:11:16] - |A| - [2632192] - C:\WINDOWS\syswow64\rdpcore.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [781] - C:\WINDOWS\syswow64\Recovery [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\restore [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [223232] - C:\WINDOWS\syswow64\ro-RO [MD5.00000000000000000000000000000000] - [04/07/2016 13:45:15] - |D| - [6177376] - C:\WINDOWS\syswow64\RTCOM [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [277504] - C:\WINDOWS\syswow64\ru-RU [MD5.836FF4B7A3AC93E7D659F4FCCF7E0309] - [18/07/2016 17:10:40] - |A| - [779264] - C:\WINDOWS\syswow64\sbe.dll [MD5.4A8E1182ECF552141C2C165B0A137E50] - [18/07/2016 17:10:37] - |A| - [186880] - C:\WINDOWS\syswow64\schtasks.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:29:47] - |D| - [132824] - C:\WINDOWS\syswow64\sda [MD5.8DBFE13F50BE7578913003EE5256AEBE] - [18/07/2016 15:17:59] - |A| - [282624] - C:\WINDOWS\syswow64\Search.ProtocolHandler.MAPI2.dll [MD5.D0B4D167CB9BA37A62BA8E7B7934F517] - [18/07/2016 17:11:12] - |A| - [460800] - C:\WINDOWS\syswow64\SearchFolder.dll [MD5.F370A686221023EC003D96BB1FBA57A0] - [18/07/2016 15:18:29] - |A| - [760320] - C:\WINDOWS\syswow64\SearchIndexer.exe [MD5.4C629B1F6E54578C7875057FD5C53E5F] - [18/07/2016 15:17:59] - |A| - [282624] - C:\WINDOWS\syswow64\SearchProtocolHost.exe [MD5.E2C0139812E0030B26F2E7B156C726A4] - [18/07/2016 17:11:13] - |A| - [184832] - C:\WINDOWS\syswow64\SettingMonitor.dll [MD5.D69DDC0073FA31032D7F9379D054679F] - [18/07/2016 17:11:13] - |A| - [503296] - C:\WINDOWS\syswow64\SettingSync.dll [MD5.0162996989471778328E929D58B1041E] - [18/07/2016 15:17:22] - |A| - [754176] - C:\WINDOWS\syswow64\SettingSyncCore.dll [MD5.D00ACFADE7EE80F0C45CC0B94EB5D21A] - [18/07/2016 15:17:10] - |A| - [465760] - C:\WINDOWS\syswow64\SettingSyncHost.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [871456] - C:\WINDOWS\syswow64\setup [MD5.0CA49026F2DA1F2D3BEE9CD779AA806D] - [13/07/2016 11:53:19] - |A| - [88160] - C:\WINDOWS\syswow64\setupempdrv03.exe [MD5.245BCE64F9396340F4E84FB140DD6CA6] - [18/07/2016 15:17:14] - |A| - [489984] - C:\WINDOWS\syswow64\ShareHost.dll [MD5.B726B6583C0E880B59BE3C4463C27BAB] - [18/07/2016 17:11:13] - |A| - [569752] - C:\WINDOWS\syswow64\SHCore.dll [MD5.3EEAC377D273ABB2B6FB02DBFE8E307E] - [18/07/2016 17:10:37] - |A| - [21123320] - C:\WINDOWS\syswow64\shell32.dll [MD5.E71CB29D5B7F76DD58677381CBFE6847] - [18/07/2016 17:11:15] - |A| - [129024] - C:\WINDOWS\syswow64\SimAuth.dll [MD5.42D425CA43C93CC578D1AEA96D1E39F0] - [18/07/2016 17:11:15] - |A| - [157696] - C:\WINDOWS\syswow64\SimCfg.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [223744] - C:\WINDOWS\syswow64\sk-SK [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [220672] - C:\WINDOWS\syswow64\sl-SI [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:10] - |D| - [53396] - C:\WINDOWS\syswow64\slmgr [MD5.1CB309C3183A1249C0F3241BB3BA66DD] - [18/07/2016 17:10:54] - |A| - [736768] - C:\WINDOWS\syswow64\SmartcardCredentialProvider.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\SMI [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [4296032] - C:\WINDOWS\syswow64\Speech [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [5916276] - C:\WINDOWS\syswow64\Speech_OneCore [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [1412430] - C:\WINDOWS\syswow64\spp [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [24235] - C:\WINDOWS\syswow64\sppui [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [228864] - C:\WINDOWS\syswow64\sr-Latn-CS [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [224768] - C:\WINDOWS\syswow64\sr-Latn-RS [MD5.8B70A4CDB39E270F7F892C82BDB641A5] - [18/07/2016 15:16:03] - |A| - [799744] - C:\WINDOWS\syswow64\SRH.dll [MD5.0B1427CECB2D744C61E841DF0B905592] - [18/07/2016 15:16:14] - |A| - [1445888] - C:\WINDOWS\syswow64\SRHInproc.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\sru [MD5.2311952A48D5D22080073E5AD4621509] - [18/07/2016 17:11:15] - |A| - [629760] - C:\WINDOWS\syswow64\sud.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [272896] - C:\WINDOWS\syswow64\sv-SE [MD5.2F7684C2601F30ED0A5AFCB3AD295152] - [18/07/2016 17:11:10] - |A| - [3301376] - C:\WINDOWS\syswow64\SyncCenter.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:10] - |D| - [0] - C:\WINDOWS\syswow64\sysprep [MD5.E7AF52CE93D93984F11E5021024CA085] - [18/07/2016 17:11:16] - |A| - [356352] - C:\WINDOWS\syswow64\taskcomp.dll [MD5.FBA0E803ED70D649630DCA8EEC625414] - [18/07/2016 17:11:17] - |A| - [240640] - C:\WINDOWS\syswow64\taskeng.exe [MD5.38F874DC40AED7FE90ABED3006FF20B9] - [18/07/2016 17:10:04] - |A| - [1083656] - C:\WINDOWS\syswow64\Taskmgr.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\syswow64\Tasks [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [209920] - C:\WINDOWS\syswow64\th-TH [MD5.212B595D06DB8A90B540E970E493CD6F] - [18/07/2016 17:11:17] - |A| - [2519552] - C:\WINDOWS\syswow64\themecpl.dll [MD5.F843B18F29E440CB4599F3674E03B0A5] - [18/07/2016 17:10:41] - |A| - [2849792] - C:\WINDOWS\syswow64\themeui.dll [MD5.6D21D0A95286DCD09E354B612F592EB7] - [04/07/2016 14:13:39] - |A| - [1988] - C:\WINDOWS\syswow64\ticrf.rat [MD5.4C5CD8F1A3B88B8B7B9F57F2E256FAFC] - [18/07/2016 15:19:46] - |A| - [639488] - C:\WINDOWS\syswow64\TokenBroker.dll [MD5.A233DD6D55CDBC80890E6D0702F727B5] - [18/07/2016 15:18:44] - |A| - [2771968] - C:\WINDOWS\syswow64\tquery.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [268800] - C:\WINDOWS\syswow64\tr-TR [MD5.A5B6DDDF137C8118B93D00404510741D] - [18/07/2016 15:14:48] - |A| - [836760] - C:\WINDOWS\syswow64\twinapi.appcore.dll [MD5.643BBA6FB3DA30DC0294F14D72EEFAAB] - [18/07/2016 17:10:41] - |A| - [581632] - C:\WINDOWS\syswow64\twinapi.dll [MD5.409D5D7EB68EDC5E5751A1F437F8C58E] - [18/07/2016 15:14:56] - |A| - [2000896] - C:\WINDOWS\syswow64\twinui.appcore.dll [MD5.A582CC5D97DA29AFE99024BBE96673F3] - [18/07/2016 17:10:42] - |A| - [9919488] - C:\WINDOWS\syswow64\twinui.dll [MD5.D613DBA2E2D43264B6D5C1933F3A71FC] - [18/07/2016 17:10:45] - |A| - [3459584] - C:\WINDOWS\syswow64\UIRibbon.dll [MD5.FC4E7D3027D748E2D131C9DED39D4976] - [18/07/2016 17:10:45] - |A| - [584704] - C:\WINDOWS\syswow64\UIRibbonRes.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [219648] - C:\WINDOWS\syswow64\uk-UA [MD5.7D5E17FC31FA563A94A8251AF8ADDEE4] - [18/07/2016 15:16:26] - |A| - [1498624] - C:\WINDOWS\syswow64\urlmon.dll [MD5.32E42A131A187BCAD87EA3A2A09498B9] - [18/07/2016 17:11:17] - |A| - [1249280] - C:\WINDOWS\syswow64\usercpl.dll [MD5.C41C3339364B262957110B2C6C32FF3D] - [18/07/2016 17:11:17] - |A| - [573440] - C:\WINDOWS\syswow64\UserLanguagesCpl.dll [MD5.88A5A640F1C46936CEA62B7B42969E8E] - [18/07/2016 15:14:49] - |A| - [502784] - C:\WINDOWS\syswow64\vbscript.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [15831338] - C:\WINDOWS\syswow64\wbem [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:10] - |D| - [0] - C:\WINDOWS\syswow64\WCN [MD5.B6A9C98BFE60CB8DC992033108F3C4F0] - [18/07/2016 17:11:17] - |A| - [1226752] - C:\WINDOWS\syswow64\wcnwiz.dll [MD5.94B32AFBC8D832B3CC39C87DACCF4CEE] - [18/07/2016 17:11:18] - |A| - [879616] - C:\WINDOWS\syswow64\WebcamUi.dll [MD5.86FBB78A2D77D9BDD58F0D72A2E4D934] - [18/07/2016 17:10:19] - |A| - [230400] - C:\WINDOWS\syswow64\webcheck.dll [MD5.D6D84F133DC05DB51FE689BB2066D43E] - [18/07/2016 15:19:39] - |A| - [405504] - C:\WINDOWS\syswow64\webio.dll [MD5.A3E1888B827AD9132A35657C48C9762B] - [18/07/2016 17:11:18] - |A| - [578048] - C:\WINDOWS\syswow64\wiaaut.dll [MD5.E78E204A005D6DDEBBFA453380D6E847] - [18/07/2016 15:15:31] - |A| - [585216] - C:\WINDOWS\syswow64\Windows.AccountsControl.dll [MD5.162EE6B2FD2EBF008AF0B12C7E07A6D8] - [18/07/2016 15:19:27] - |A| - [250880] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.40C2D19E230CDCBA7707DB5C5A9C6419] - [18/07/2016 15:17:31] - |A| - [5323776] - C:\WINDOWS\syswow64\Windows.Data.Pdf.dll [MD5.5A9CDDA8859CDA201006EE7BB84BC673] - [18/07/2016 15:19:31] - |A| - [254976] - C:\WINDOWS\syswow64\Windows.Devices.Picker.dll [MD5.257C46467A3C9FA96EA59B8B7DFCCA75] - [18/07/2016 15:19:30] - |A| - [559616] - C:\WINDOWS\syswow64\Windows.Devices.SmartCards.dll [MD5.ED87A6D9B014FC9D5CF57B9D7F54EA15] - [18/07/2016 15:16:55] - |A| - [386560] - C:\WINDOWS\syswow64\Windows.Devices.WiFiDirect.dll [MD5.5AF1EAB54122BA45CA59C10FAF3CC558] - [18/07/2016 15:14:46] - |A| - [1228800] - C:\WINDOWS\syswow64\Windows.Globalization.dll [MD5.CF97D32C0BD24525307676C04F4A32DF] - [18/07/2016 15:18:18] - |A| - [298496] - C:\WINDOWS\syswow64\Windows.Graphics.dll [MD5.B99334A08D3E9CE2D4A4BFB8BBC4CB76] - [18/07/2016 15:18:20] - |A| - [1448960] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.3D.dll [MD5.50B851ADFFAC3B2EFD1B5DE4D8A94277] - [18/07/2016 15:17:07] - |A| - [468992] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.dll [MD5.BD869430C7B7CCD5FE0C3D9D6D344953] - [18/07/2016 17:10:36] - |A| - [2798080] - C:\WINDOWS\syswow64\Windows.Media.dll [MD5.734026191E38F421D62D0067D89B0E35] - [18/07/2016 17:10:33] - |A| - [1063936] - C:\WINDOWS\syswow64\Windows.Media.Editing.dll [MD5.76B34D04F94D7A8D47763C4E8285F88B] - [18/07/2016 15:18:27] - |A| - [1117184] - C:\WINDOWS\syswow64\Windows.Media.Speech.dll [MD5.A4879DCB9CBE6F67661F0EF4D5A59092] - [18/07/2016 15:15:41] - |A| - [835072] - C:\WINDOWS\syswow64\Windows.Media.Streaming.dll [MD5.B39E043BCB704FF6F0D0DEADBCBA754D] - [18/07/2016 17:10:29] - |A| - [683008] - C:\WINDOWS\syswow64\Windows.Networking.BackgroundTransfer.dll [MD5.C40419A7C19D8C10AD7F7C923044FCFF] - [18/07/2016 15:19:48] - |A| - [523776] - C:\WINDOWS\syswow64\Windows.Security.Authentication.OnlineId.dll [MD5.97C7434D1268B8AA10A615415C92CE9A] - [18/07/2016 15:19:32] - |A| - [496128] - C:\WINDOWS\syswow64\Windows.Security.Authentication.Web.Core.dll [MD5.80BD175A8820F5D1C0913DE1BA2A0400] - [18/07/2016 17:10:45] - |A| - [40960] - C:\WINDOWS\syswow64\Windows.Shell.Search.UriHandler.dll [MD5.937208F90E70A7A415F05932ABD72DFB] - [18/07/2016 15:15:32] - |A| - [34304] - C:\WINDOWS\syswow64\Windows.Speech.Pal.dll [MD5.CF034E3697C5CA79777F94116D57C6A6] - [18/07/2016 15:16:18] - |A| - [2179584] - C:\WINDOWS\syswow64\Windows.StateRepository.dll [MD5.492C152E65A4F59D0FDDE2F2E0C34DE8] - [18/07/2016 15:15:26] - |A| - [48128] - C:\WINDOWS\syswow64\Windows.StateRepositoryBroker.dll [MD5.10882529EF2A92C7E5ACCC0E6EDF8390] - [18/07/2016 15:15:31] - |A| - [48640] - C:\WINDOWS\syswow64\Windows.StateRepositoryClient.dll [MD5.4BBFE28B6732D30D01C8880CEB254BB5] - [18/07/2016 15:15:49] - |A| - [256192] - C:\WINDOWS\syswow64\Windows.Storage.ApplicationData.dll [MD5.394B995CB6ADFEED1A37DD15FADE5068] - [18/07/2016 15:20:58] - |A| - [5240960] - C:\WINDOWS\syswow64\windows.storage.dll [MD5.414967EA08650001DD671FEFE37633E7] - [18/07/2016 17:11:07] - |A| - [645632] - C:\WINDOWS\syswow64\Windows.Storage.Search.dll [MD5.A65CFA79A13690155545A5FEEEC4FC42] - [18/07/2016 17:10:44] - |A| - [283136] - C:\WINDOWS\syswow64\Windows.UI.BioFeedback.dll [MD5.70BE5D31CD548715F88398D7B56E99B5] - [18/07/2016 17:10:44] - |A| - [315904] - C:\WINDOWS\syswow64\Windows.UI.BlockedShutdown.dll [MD5.541C337FA4551C852FA4371AD3BF9C5B] - [18/07/2016 17:10:44] - |A| - [764928] - C:\WINDOWS\syswow64\Windows.UI.Cred.dll [MD5.8F81BC95794B0C17812988D44D000170] - [18/07/2016 17:10:48] - |A| - [1582080] - C:\WINDOWS\syswow64\Windows.UI.Immersive.dll [MD5.E43E3D372FB0B976124C3A4F080556C6] - [18/07/2016 17:10:45] - |A| - [1799680] - C:\WINDOWS\syswow64\Windows.UI.Logon.dll [MD5.23F74037E71A1D1D827A3F0DDCB8A697] - [18/07/2016 17:10:45] - |A| - [4404736] - C:\WINDOWS\syswow64\Windows.UI.Search.dll [MD5.D8F75D59301833722BFB4893A47F57F2] - [18/07/2016 15:22:20] - |A| - [13018112] - C:\WINDOWS\syswow64\Windows.UI.Xaml.dll [MD5.236B3202BBB1FCD6C3319A994056E108] - [18/07/2016 15:20:00] - |A| - [1522160] - C:\WINDOWS\syswow64\WindowsCodecs.dll [MD5.702A77C8EB30026CF6C16F9B1439F166] - [18/07/2016 15:15:34] - |A| - [238592] - C:\WINDOWS\syswow64\WindowsCodecsExt.dll [MD5.FFA3300F8C8542A92015C7FF48A16AF9] - [18/07/2016 17:10:47] - |A| - [28083144] - C:\WINDOWS\syswow64\WindowsCodecsRaw.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [7659212] - C:\WINDOWS\syswow64\WindowsPowerShell [MD5.21BE44272CAC55D1B6C88C1E0BA78F8E] - [18/07/2016 15:16:28] - |A| - [2501632] - C:\WINDOWS\syswow64\wininet.dll [MD5.CEEA8FA78E1652BB7219FC118E9F67EE] - [18/07/2016 17:10:33] - |A| - [330752] - C:\WINDOWS\syswow64\winipcfile.dll [MD5.BEC15702CE3242133B95F0E2C69FFC88] - [18/07/2016 17:10:33] - |A| - [980480] - C:\WINDOWS\syswow64\winipcsecproc.dll [MD5.EACDCB7EA7696B10EF5CC65040A44923] - [18/07/2016 17:10:48] - |A| - [1349640] - C:\WINDOWS\syswow64\winmde.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [3784704] - C:\WINDOWS\syswow64\WinMetadata [MD5.2086CC9E5A8C75F246A75EE606988B77] - [18/07/2016 17:10:33] - |A| - [1508352] - C:\WINDOWS\syswow64\winmsipc.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:10] - |D| - [110108] - C:\WINDOWS\syswow64\winrm [MD5.A34D69536B85ECC59AEA49716FEB4D1E] - [13/07/2016 11:54:55] - |A| - [82] - C:\WINDOWS\syswow64\winsevr.dat [MD5.5A0B501B638941EAF2BEABCE3C645769] - [18/07/2016 17:11:18] - |A| - [413696] - C:\WINDOWS\syswow64\WLanConn.dll [MD5.9208E440059270395C320190BFA9EE0E] - [18/07/2016 17:11:19] - |A| - [368128] - C:\WINDOWS\syswow64\wlanui.dll [MD5.BF370250794A9405AD153A4C1A4F5BBD] - [18/07/2016 17:10:06] - |A| - [32552] - C:\WINDOWS\syswow64\wldp.dll [MD5.87755FF83726D908224C08C180D42C72] - [18/07/2016 17:10:27] - |A| - [12586496] - C:\WINDOWS\syswow64\wmp.dll [MD5.5A69A6CB031970F5E0BBD4E967D32924] - [18/07/2016 17:10:48] - |A| - [1497088] - C:\WINDOWS\syswow64\WMPDMC.exe [MD5.6B50CF0D71F727CEDF49216FD4AC0FB9] - [18/07/2016 17:10:49] - |A| - [290304] - C:\WINDOWS\syswow64\WmpDui.dll [MD5.A7CD30176029F60B56F5590E37310103] - [18/07/2016 17:10:32] - |A| - [339968] - C:\WINDOWS\syswow64\WMPhoto.dll [MD5.FC42E59329315A30F397490033055D28] - [18/07/2016 17:10:31] - |A| - [2217984] - C:\WINDOWS\syswow64\Wpc.dll [MD5.B33928C3DED11908104A38E0C3090F7F] - [18/07/2016 17:10:31] - |A| - [572928] - C:\WINDOWS\syswow64\WpcWebFilter.dll [MD5.968DD3AA844E40932950709FD9CB9556] - [18/07/2016 17:11:19] - |A| - [1976832] - C:\WINDOWS\syswow64\wpdshext.dll [MD5.75869FD635879D9B0DCED6B6E4FEFDCD] - [18/07/2016 17:11:19] - |A| - [57344] - C:\WINDOWS\syswow64\WPDShServiceObj.dll [MD5.E194854E2E34A6A92E80184A3AD3F548] - [04/07/2016 18:51:13] - |A| - [941992] - C:\WINDOWS\syswow64\WPShellExt64.dll [MD5.9A6B1DB1667CDD276A208F5AE5646948] - [18/07/2016 15:15:28] - |A| - [151552] - C:\WINDOWS\syswow64\WSClient.dll [MD5.C1BC1E550265405CFD8D57FCE0679F2D] - [04/07/2016 18:26:12] - |A| - [159120] - C:\WINDOWS\syswow64\WSCM32.dll [MD5.7F1BCEB73A2D298E9A53DF7437F26BFB] - [04/07/2016 18:26:12] - |A| - [727952] - C:\WINDOWS\syswow64\WSCM64.dll [MD5.B61C9BA4E125BC5FFF338D7B11BAC6EC] - [18/07/2016 15:15:42] - |A| - [805888] - C:\WINDOWS\syswow64\WSShared.dll [MD5.3E97CC7E938C4D15FCC27EC33C898606] - [18/07/2016 15:15:32] - |A| - [153088] - C:\WINDOWS\syswow64\WSSync.dll [MD5.D0A2BA04B1E3F6C1F0E52F65D97EF39D] - [18/07/2016 15:18:30] - |A| - [703840] - C:\WINDOWS\syswow64\WWAHost.exe [MD5.FC26697351E186D415E53BF83D37DAAD] - [18/07/2016 17:10:50] - |A| - [3555840] - C:\WINDOWS\syswow64\xpsrchvw.exe [MD5.F459F8A639AE35E8ECA718832BEDDB53] - [18/07/2016 17:10:55] - |A| - [2102272] - C:\WINDOWS\syswow64\xpsservices.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:25:44] - |D| - [10400] - C:\WINDOWS\syswow64\XPSViewer [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [198144] - C:\WINDOWS\syswow64\zh-CN [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [192000] - C:\WINDOWS\syswow64\zh-HK [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [192000] - C:\WINDOWS\syswow64\zh-TW [MD5.B18B0885CEFFA800A8C39EBDF41CE5A8] - [18/07/2016 17:10:51] - |A| - [347648] - C:\WINDOWS\syswow64\zipfldr.dll [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:08] - |D| - [8704] - C:\WINDOWS\syswow64\Drivers\en-US [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:08] - |D| - [29184] - C:\WINDOWS\syswow64\Drivers\fr-FR [MD5.EF558A02D734A1403583E95CCEEC2487] - [05/07/2016 17:14:13] - |A| - [27552] - C:\WINDOWS\syswow64\Drivers\HWiNFO64A.SYS [MD5.00000000000000000000000000000000] - [04/07/2016 14:24:08] - |D| - [3072] - C:\WINDOWS\syswow64\Drivers\UMDF ---------- | Drives W: [12/05/2016 12:04:54] - |A| - (.Copyright © 1999-2012 - BASS.) - [219136] - (2.4.9.0) - W:\bass.dll [12/05/2016 12:04:54] - |A| - (.Copyright © 2005-2012 by radio42: Bernd Niedergesaess, Germany. http://www.bass.radio42.com/ - bn@radio42.com - BASS.NET API for .Net.) - [638976] - (2.4.9.1) - W:\Bass.Net.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2003-2009 - BASSCD.) - [35328] - (2.4.3.1) - W:\basscd.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [48128] - (2.4.1.0) - W:\bassflac.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2005-2010 - BASSmix.) - [33280] - (2.4.4.0) - W:\bassmix.dll [12/05/2016 12:04:55] - |A| - (.Copyright © 2012 - BASSOPUS.) - [103424] - (0.0.0.1) - W:\bassopus.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [34816] - (2.4.4.0) - W:\basswma.dll [12/05/2016 12:04:56] - |A| - (.Copyright © 2007-2009 - BASSWV.) - [59904] - (2.4.1.0) - W:\basswv.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [9416] - (2.4.3.0) - W:\bass_alac.dll [12/05/2016 12:04:56] - |A| - (.2003-2006, MaresWEB - Monkey's Audio add-on for the BASS library.) - [81408] - (2.4.0.1) - W:\bass_ape.dll [12/05/2016 12:04:57] - |A| - (.2003-2006, MaresWEB - Musepack add-on for the BASS library.) - [45056] - (2.4.1.0) - W:\bass_mpc.dll [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBXPExt.) - [68608] - (4.5.7.6229) - W:\CDBXP.dll [01/07/2016 14:26:10] - |A| - (.Copyright 2008 Canneverbe Limited - CDBurnerXP C#Code.) - [1250304] - (4.5.7.6229) - W:\CsLib.dll [01/07/2016 14:27:10] - |A| - (. - .) - [135168] - (15.6.0.0) - W:\Interop.RocketDivision.StarBurnX.dll [01/07/2016 14:27:36] - |A| - (. - .) - [442880] - (13.0.0.0) - W:\LogicNP.FileView.dll [12/05/2016 12:05:09] - |A| - (. - .) - [337408] - (13.0.0.0) - W:\LogicNP.FolderView.dll [01/07/2016 14:27:44] - |A| - (. - .) - [136704] - (13.0.0.0) - W:\LogicNP.ShComboBox.dll [01/07/2016 14:27:56] - |A| - (.Copyright © James Newton-King 2008 - Json.NET .NET 2.0.) - [491008] - (6.0.3.17227) - W:\Newtonsoft.Json.dll [01/07/2016 14:28:23] - |A| - (.Copyright (C)2004-2015 - SPTD Interface Library.) - [58672] - (2.2.0.0) - W:\sptdintf.dll [12/05/2016 12:05:15] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2016. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3622784] - (15.6.1.1025) - W:\StarBurn.dll [01/07/2016 14:28:45] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2016. - StarBurnX CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/7/8/2010.) - [3644808] - (15.6.96.5) - W:\StarBurnX15.dll [01/07/2016 14:28:53] - |A| - (.Copyright © 2014 - TagSharp.) - [421888] - (1.0.0.0) - W:\taglib-sharp.dll [14/07/2016 03:58:35] - |A| - (.© Reimage 2013 - Reimage Express Downloader.) - [591624] - (1.0.3.9) - W:\ReimageExpress.exe [14/07/2016 04:03:31] - |A| - (. - Ashampoo Media Sync Setup .) - [12641832] - (1.0.2.0) - W:\ashampoo_media_sync_e1.0.2_sm.exe [13/05/2016 06:34:57] - |A| - (.-.) - [97557896] - (0.0.0.0) - W:\CyberLink_MediaEspresso7.5_MEX160302-01.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP command line version.) - [25712] - (4.5.7.6229) - W:\cdbxpcmd.exe [12/05/2016 12:04:58] - |A| - (.Copyright © 2002-2008 Canneverbe Limited - CDBurnerXP.) - [1746544] - (4.5.7.6229) - W:\cdbxpp.exe [01/07/2016 14:28:59] - |A| - (.Copyright 2008 Canneverbe Limited - CDBurnerXP Updater.) - [21616] - (4.5.7.6229) - W:\updater.exe [12/05/2016 12:06:17] - |A| - (.-.) - [1598] - (0.0.0.0) - W:\UserSettings.ini [12/05/2016 12:04:59] - |A| - (.-.) - [24] - (0.0.0.0) - W:\Config.ini M: J: I: [24/06/2016 11:24:11] - |A| - (.2005-2006© by sarkos and Tuxmouraille (GPL) - Framakey Starter pour Windows XP.) - [188397] - (0.2.2.2) - I:\start.exe H: [14/03/2015 03:48:01] - |A| - (.© 2015 Western Digital Technologies, Inc. - Unlock Utility for WD Encrypted Drive.) - [2081624] - (1.2.0.9) - H:\WD Drive Unlock.exe [01/11/2011 22:39:30] - |A| - (.-.) - [79] - (0.0.0.0) - H:\autorun.inf F: E: D: [10/06/2016 09:49:59] - |A| - (.-.) - [44] - (0.0.0.0) - D:\language.ini ---------- | C: [19/07/2016 16:42:19] - |SHD| - [387] - C:\$RECYCLE.BIN [04/07/2016 13:38:47] - |D| - [1208092] - C:\$SysReset [14/07/2016 06:50:02] - |D| - [345] - C:\@RestoreQuarantine [20/07/2016 06:20:30] - |D| - [92382023] - C:\AdsFix [MD5.94AACD0BB790D80689AF5790B256A652] - [20/07/2016 06:20:51] - |A| - (.-.) - [3786] - (0.0.0.0) - C:\AdsFix.txt [15/07/2016 15:52:04] - |D| - [1023077] - C:\AdwCleaner [10/06/2016 11:10:09] - |D| - [126954006] - C:\AMD [MD5.E058FDBB6999DE0D28819DA6A0BABD0E] - [13/07/2016 11:47:28] - |H| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [17/07/2016 13:14:52] - |RASHD| - [3] - C:\Autorun.inf [02/08/2012 04:02:18] - |SHD| - [18199836] - C:\Boot [MD5.0DBACCF6F62484244F6A48B7584019A8] - [30/10/2015 10:13:43] - |RASH| - (.-.) - [400228] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/10/2015 10:13:44] - |N| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [10/06/2016 10:13:42] - |D| - [0] - C:\Config.Msi [MD5.DB42011BE360E93E82A86FEC4BA126A7] - [12/07/2016 11:48:41] - |A| - (.-.) - [952] - (0.0.0.0) - C:\DelFix.txt [26/07/2012 09:22:08] - |SD| - [0] - C:\Documents and Settings [19/06/2016 15:01:42] - |D| - [0] - C:\Downloads [MD5.7F3249873BC5E1593D5ACF6C244B0284] - [22/02/2011 18:00:42] - |A| - (.-.) - [729] - (0.0.0.0) - C:\drvopt.ini [MD5.3F252A8134EEEAB15324F3BE01FA2756] - [24/06/2016 08:33:23] - |A| - (.-.) - [3562] - (0.0.0.0) - C:\EamClean.log [19/07/2016 04:20:16] - |D| - [0] - C:\EverySync [15/07/2016 18:22:32] - |D| - [86413571] - C:\FRST [07/01/2013 13:49:41] - |D| - [3785648] - C:\hp [MD5.E2EF79EE6E04EF21F6D3665FCBB206D4] - [20/01/2016 12:20:16] - |A| - (.-.) - [51412] - (0.0.0.0) - C:\License.rtf [23/06/2016 18:11:13] - |D| - [0] - C:\Log [MD5.B8757B5EFEFFA88B375A3818194A5709] - [20/07/2016 06:35:30] - |A| - (.-.) - [35271] - (0.0.0.0) - C:\Look_my_hardware.tmp [14/07/2016 07:02:57] - |D| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 09:30:46] - |N| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2016 03:30:36] - |ASH| - (.-.) - [3489660928] - (0.0.0.0) - C:\pagefile.sys [25/06/2016 18:31:09] - |D| - [11162351] - C:\PcPinPoint [MD5.2F74B657971E6E5476E5DF4F2F6F4131] - [15/07/2016 18:33:29] - |A| - (.-.) - [13030] - (0.0.0.0) - C:\PDOXUSRS.NET [04/07/2016 14:13:00] - |D| - [0] - C:\PerfLogs [04/07/2016 13:40:15] - |RD| - [5380349208] - C:\Program Files [04/07/2016 13:40:15] - |RD| - [11766959379] - C:\Program Files (x86) [04/07/2016 14:13:00] - |HD| - [2823356079] - C:\ProgramData [20/07/2016 06:10:50] - |D| - [262073] - C:\QuickDiag [MD5.AA61497F73BC1F3FFEF69DB1E23F8E3D] - [20/07/2016 06:11:05] - |A| - (.-.) - [468772] - (0.0.0.0) - C:\QuickDiag.txt [01/08/2012 19:05:35] - |SHD| - [302183507] - C:\Recovery [21/06/2016 13:33:44] - |D| - [0] - C:\SauvegardePersonnelle [MD5.E401F896A58F4736BF0D3A6580667D72] - [11/07/2016 17:14:23] - |A| - (.-.) - [215] - (0.0.0.0) - C:\summary.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/06/2016 07:40:55] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [02/08/2012 05:15:28] - |AD| - [1021170935] - C:\SWSETUP [10/06/2016 07:40:53] - |SHD| - [0] - C:\System Volume Information [01/08/2012 11:57:15] - |D| - [38369859] - C:\SYSTEM.SAV [23/06/2016 15:25:46] - |D| - [1024] - C:\Temp [26/06/2016 12:38:46] - |D| - [0] - C:\TsTemp [14/07/2016 15:55:14] - |AD| - [46607009] - C:\UsbFix [04/07/2016 13:40:15] - |RD| - [229320446104] - C:\Users [26/06/2016 06:11:46] - |D| - [429355369] - C:\VTRoot [04/07/2016 13:40:15] - |D| - [19720209781] - C:\Windows [04/07/2016 14:33:54] - |D| - [4189193582] - C:\Windows.old [11/06/2016 06:38:23] - |D| - [2342] - C:\_Backup ---------- | C:\WINDOWS [04/07/2016 14:13:01] - |D| - [802] - C:\WINDOWS\addins [17/07/2016 14:07:21] - |D| - [7389] - C:\WINDOWS\amlog [MD5.5C5F66B72868C46D9DC872AF5B2233B0] - [13/07/2016 11:46:58] - |A| - (.-.) - [1920624] - (0.0.0.0) - C:\WINDOWS\ampa.exe [MD5.F7800E92FC8BF0DD62C778CDA9597D36] - [17/07/2016 14:06:13] - |A| - (.-.) - [424] - (0.0.0.0) - C:\WINDOWS\ampa.ini [04/07/2016 14:13:01] - |D| - [36195302] - C:\WINDOWS\appcompat [04/07/2016 14:13:01] - |D| - [12360910] - C:\WINDOWS\AppPatch [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\AppReadiness [04/07/2016 14:13:00] - |RSD| - [1026603331] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 13:45:01] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [04/07/2016 14:13:01] - |D| - [241412] - C:\WINDOWS\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\WINDOWS\bfsvc.exe [04/07/2016 14:13:01] - |D| - [32716961] - C:\WINDOWS\Boot [MD5.F46CDE72D2676FF2BD9EE309780629E0] - [04/07/2016 13:42:18] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat2.dat [04/07/2016 14:13:01] - |D| - [2380376] - C:\WINDOWS\Branding [04/07/2016 13:55:34] - |D| - [48105304] - C:\WINDOWS\CbsTemp [04/07/2016 14:13:01] - |D| - [8970858] - C:\WINDOWS\Cursors [04/07/2016 14:13:01] - |D| - [3200850] - C:\WINDOWS\debug [04/07/2016 14:13:01] - |RD| - [20934] - C:\WINDOWS\DesktopTileResources [04/07/2016 14:13:01] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [04/07/2016 14:13:01] - |D| - [4217368] - C:\WINDOWS\diagnostics [04/07/2016 14:24:00] - |D| - [0] - C:\WINDOWS\DigitalLocker [04/07/2016 14:13:01] - |SD| - [0] - C:\WINDOWS\Downloaded Program Files [04/07/2016 14:13:01] - |HD| - [44568] - C:\WINDOWS\ELAMBKUP [04/07/2016 14:24:00] - |D| - [0] - C:\WINDOWS\en-US [MD5.538E0206CB36BDBF84CEA11A167D4593] - [17/07/2016 14:15:48] - |AH| - (.-.) - [3213] - (0.0.0.0) - C:\WINDOWS\EPMBatch.ept [12/07/2016 11:48:46] - |D| - [85343332] - C:\WINDOWS\ERUNT [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 17:13:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.494) - C:\WINDOWS\explorer.exe [04/07/2016 14:13:01] - |RSD| - [356947094] - C:\WINDOWS\Fonts [04/07/2016 14:24:00] - |D| - [134144] - C:\WINDOWS\fr-FR [04/07/2016 14:13:01] - |D| - [20838848] - C:\WINDOWS\Globalization [04/07/2016 14:13:01] - |D| - [1589372] - C:\WINDOWS\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [18/07/2016 15:17:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.494) - C:\WINDOWS\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\WINDOWS\hh.exe [04/07/2016 14:13:01] - |D| - [173194846] - C:\WINDOWS\IME [04/07/2016 14:13:01] - |RD| - [6840341] - C:\WINDOWS\ImmersiveControlPanel [04/07/2016 14:08:46] - |D| - [78165895] - C:\WINDOWS\INF [04/07/2016 14:34:22] - |D| - [931024796] - C:\WINDOWS\InfusedApps [04/07/2016 14:13:01] - |D| - [36258450] - C:\WINDOWS\InputMethod [04/07/2016 14:13:01] - |SHD| - [814700197] - C:\WINDOWS\Installer [05/07/2016 17:16:08] - |D| - [0] - C:\WINDOWS\IObit [04/07/2016 14:13:01] - |D| - [89407] - C:\WINDOWS\L2Schemas [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\LiveKernelReports [04/07/2016 14:13:01] - |D| - [44486284] - C:\WINDOWS\Logs [04/07/2016 14:13:01] - |RSD| - [20145669] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - |N| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [04/07/2016 14:13:00] - |D| - [775355119] - C:\WINDOWS\Microsoft.NET [04/07/2016 14:13:01] - |D| - [2371] - C:\WINDOWS\Migration [18/07/2016 15:50:54] - |D| - [0] - C:\WINDOWS\Minidump [04/07/2016 14:13:01] - |RD| - [470257] - C:\WINDOWS\MiracastView [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.60336413E419C2EA5E215F1A32061E40] - [30/10/2015 09:19:28] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [244736] - (10.0.10586.0) - C:\WINDOWS\notepad.exe [MD5.D186A7FEAF8DBB8A935672AAB915741F] - [19/07/2016 10:44:27] - |A| - (.-.) - [1516816] - (0.0.0.0) - C:\WINDOWS\ntbtlog.txt [04/07/2016 14:25:44] - |D| - [199124] - C:\WINDOWS\OCR [04/07/2016 14:13:01] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [04/07/2016 14:34:22] - |DC| - [0] - C:\WINDOWS\Panther [04/07/2016 14:13:01] - |D| - [28864584] - C:\WINDOWS\Performance [MD5.CBCF91BD4020C02571750227D8228F2D] - [19/07/2016 03:30:29] - |A| - (.-.) - [258256] - (0.0.0.0) - C:\WINDOWS\PFRO.log [04/07/2016 14:13:01] - |D| - [1136442] - C:\WINDOWS\PLA [04/07/2016 14:13:01] - |D| - [2566565] - C:\WINDOWS\PolicyDefinitions [04/07/2016 14:13:01] - |D| - [31834453] - C:\WINDOWS\prefetch [04/07/2016 14:13:01] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [04/07/2016 14:13:01] - |D| - [1297393] - C:\WINDOWS\Provisioning [04/07/2016 14:13:01] - |RD| - [770223] - C:\WINDOWS\PurchaseDialog [MD5.D9D56AFAA121BD6B4206F7FF3DA84BBA] - [30/10/2015 09:17:48] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.10586.0) - C:\WINDOWS\regedit.exe [04/07/2016 14:13:01] - |D| - [1102632] - C:\WINDOWS\registration [MD5.5A6945B399F0881F3AA2DFC97BEB1C7E] - [14/07/2016 05:02:17] - |A| - (.-.) - [56] - (0.0.0.0) - C:\WINDOWS\REIMAGE.del [04/07/2016 14:13:01] - |D| - [3424794] - C:\WINDOWS\rescache [04/07/2016 14:13:01] - |D| - [3728883] - C:\WINDOWS\Resources [MD5.BAFE98D46BAB095F7935C444DBF9A884] - [25/06/2016 16:15:30] - |A| - (.TODO: (c) . - RtCRU.) - [4330200] - (1.11.0.0) - C:\WINDOWS\RtCRU64.exe [04/07/2016 14:13:01] - |D| - [0] - C:\WINDOWS\SchCache [04/07/2016 14:13:01] - |D| - [121229] - C:\WINDOWS\schemas [04/07/2016 14:13:01] - |D| - [3637248] - C:\WINDOWS\security [04/07/2016 14:31:14] - |D| - [61170500] - C:\WINDOWS\ServiceProfiles [04/07/2016 13:40:15] - |D| - [89507339] - C:\WINDOWS\servicing [04/07/2016 14:28:55] - |D| - [42] - C:\WINDOWS\Setup [04/07/2016 14:13:01] - |D| - [9383] - C:\WINDOWS\ShellNew [04/07/2016 14:13:01] - |D| - [3070736] - C:\WINDOWS\SKB [04/07/2016 13:44:47] - |D| - [200824076] - C:\WINDOWS\SoftwareDistribution [04/07/2016 14:13:01] - |D| - [103543755] - C:\WINDOWS\Speech [04/07/2016 14:13:01] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - |N| - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\WINDOWS\splwow64.exe [04/07/2016 14:13:01] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [04/07/2016 14:13:10] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [04/07/2016 13:40:15] - |D| - [4508976230] - C:\WINDOWS\System32 [04/07/2016 14:13:02] - |D| - [155460814] - C:\WINDOWS\SystemApps [04/07/2016 14:13:02] - |D| - [18175861] - C:\WINDOWS\SystemResources [04/07/2016 14:13:02] - |D| - [1397192950] - C:\WINDOWS\syswow64 [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\TAPI [04/07/2016 14:13:03] - |D| - [8078] - C:\WINDOWS\Tasks [04/07/2016 14:13:03] - |D| - [5936] - C:\WINDOWS\Temp [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\tracing [04/07/2016 14:13:03] - |D| - [43083340] - C:\WINDOWS\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - |N| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [04/07/2016 14:13:03] - |D| - [12420] - C:\WINDOWS\Vss [04/07/2016 14:13:03] - |D| - [15729830] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [04/07/2016 14:13:10] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - |N| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [18/07/2016 12:55:56] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\WINDOWS\winhlp32.exe [MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - [17/07/2016 17:59:12] - |A| - (.-.) - [85] - (0.0.0.0) - C:\WINDOWS\wininit.ini [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [13/07/2016 11:00:57] - |RASHOT| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\winstart.bat [04/07/2016 13:40:15] - |D| - [8452548421] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - |N| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - |N| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\WINDOWS\write.exe [MD5.F691124942E224C67954A51782A306E7] - [20/07/2016 04:54:54] - |A| - (.-.) - [450049] - (0.0.0.0) - C:\WINDOWS\ZAM.krnl.trace [MD5.09C5F0D4E38B71E19645D643CCE74E6F] - [20/07/2016 04:54:54] - |A| - (.-.) - [438352] - (0.0.0.0) - C:\WINDOWS\ZAM_Guard.krnl.trace ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [04/07/2016 19:01:03] - C:\WINDOWS\Installer\135be1.msi : (LCL - e-Carte Bleue LCL) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/07/2016 12:01:33] - C:\WINDOWS\Installer\21ad29.msi : (Rebit Pro - Rebit, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/06/2015 18:00:00] - C:\WINDOWS\Installer\23c57a.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/02/2016 09:39:18] - C:\WINDOWS\Installer\24166f.msi : (swMSM - Adobe Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 19:57:14] - C:\WINDOWS\Installer\268a3a.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:10:27] - C:\WINDOWS\Installer\268a45.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/07/2011 20:36:38] - C:\WINDOWS\Installer\268a4d.msi : ( - DivX, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:30:13] - C:\WINDOWS\Installer\268b92.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:33:02] - C:\WINDOWS\Installer\268caf.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/06/2016 14:41:34] - C:\WINDOWS\Installer\268cc3.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/06/2016 23:22:41] - C:\WINDOWS\Installer\268cc7.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/06/2016 19:30:38] - C:\WINDOWS\Installer\268ccb.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 21:25:01] - C:\WINDOWS\Installer\268ccf.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/11/2015 18:45:46] - C:\WINDOWS\Installer\278f0b1.msi : (Media Go Network Downloader - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 11:00:04] - C:\WINDOWS\Installer\278f0b8.msi : (Media Go Video Playback Engine-2.20.103.05220 - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/11/2015 21:22:47] - C:\WINDOWS\Installer\278f0be.msi : (Media Go - Sony. Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:51:37] - C:\WINDOWS\Installer\3429b56.msi : (PDF Architect 4 View Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:52:52] - C:\WINDOWS\Installer\3429b5c.msi : (PDF Architect 4 Edit Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:53:09] - C:\WINDOWS\Installer\3429b62.msi : (PDF Architect 4 Create Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:53:39] - C:\WINDOWS\Installer\3429b68.msi : (Manager - 2015 pdfforge GmbH. All rights reserved) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 09:56:16] - C:\WINDOWS\Installer\3429b74.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 10:04:10] - C:\WINDOWS\Installer\3603535.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:34:20] - C:\WINDOWS\Installer\3bc50b.msi : (LWS Help_main - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:18] - C:\WINDOWS\Installer\3bc511.msi : (LWS Webcam Software - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:16] - C:\WINDOWS\Installer\3bc517.msi : (CameraHelperMsi - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2012 19:55:20] - C:\WINDOWS\Installer\3bc51d.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2012 00:15:18] - C:\WINDOWS\Installer\3bc523.msi : (LWS Facebook - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:19:08] - C:\WINDOWS\Installer\3bc529.msi : (LWS Gallery - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:36:58] - C:\WINDOWS\Installer\3bc52f.msi : (LWS Launcher - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:12] - C:\WINDOWS\Installer\3bc535.msi : (LWS Motion Detection - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:22] - C:\WINDOWS\Installer\3bc53b.msi : (LWS Pictures And Video - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2011 04:51:16] - C:\WINDOWS\Installer\3bc541.msi : (LWS Twitter - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/06/2011 05:26:48] - C:\WINDOWS\Installer\3bc547.msi : (LWS WLM Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:14:28] - C:\WINDOWS\Installer\3bc54d.msi : (LWS YouTube Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/07/2016 15:11:57] - C:\WINDOWS\Installer\49e5ab.msi : (Program - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/07/2016 07:44:32] - C:\WINDOWS\Installer\5ffebd.msi : (COMODO Cloud Antivirus - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:24] - C:\WINDOWS\Installer\975fd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 10:49:56] - C:\WINDOWS\Installer\97603.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:16] - C:\WINDOWS\Installer\97609.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:22] - C:\WINDOWS\Installer\9760f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:30] - C:\WINDOWS\Installer\97615.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:36] - C:\WINDOWS\Installer\9761b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:44] - C:\WINDOWS\Installer\97621.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:52] - C:\WINDOWS\Installer\97627.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:00] - C:\WINDOWS\Installer\9762d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:06] - C:\WINDOWS\Installer\97633.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:16] - C:\WINDOWS\Installer\97639.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:22] - C:\WINDOWS\Installer\9763f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:30] - C:\WINDOWS\Installer\97645.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:38] - C:\WINDOWS\Installer\9764b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:46] - C:\WINDOWS\Installer\97651.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:54] - C:\WINDOWS\Installer\97657.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:02] - C:\WINDOWS\Installer\9765d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:10] - C:\WINDOWS\Installer\97663.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:18] - C:\WINDOWS\Installer\97669.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:26] - C:\WINDOWS\Installer\9766f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:34] - C:\WINDOWS\Installer\97675.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:42] - C:\WINDOWS\Installer\9767b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:50] - C:\WINDOWS\Installer\97681.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:58] - C:\WINDOWS\Installer\97687.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:06] - C:\WINDOWS\Installer\9768d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:40] - C:\WINDOWS\Installer\97693.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:07:30] - C:\WINDOWS\Installer\97699.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:12] - C:\WINDOWS\Installer\9769f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/06/2016 04:41:00] - C:\WINDOWS\Installer\a77355.msi : (Epson Software Updater - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:11] - C:\WINDOWS\Installer\aadb48.msi : (PDF Architect 4 Secure Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:35] - C:\WINDOWS\Installer\aadb4f.msi : (PDF Architect 4 Convert Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:16] - C:\WINDOWS\Installer\aadb56.msi : (PDF Architect 4 Review Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:21] - C:\WINDOWS\Installer\aadb5d.msi : (PDF Architect 4 Insert Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:33:14] - C:\WINDOWS\Installer\aadb64.msi : (PDF Architect 4 Forms Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 14:45:04] - C:\WINDOWS\Installer\b498c0.msi : (PDF Architect 4 OCR Module - pdfforge GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2016 12:09:58] - C:\WINDOWS\Installer\b64844.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/08/2015 00:00:00] - C:\WINDOWS\Installer\b6484b.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 08:45:36] - C:\WINDOWS\Installer\b64859.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2015 17:11:46] - C:\WINDOWS\Installer\e9fb70.msi : (Installs WD Security - Western Digital Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2016 11:47:42] - C:\WINDOWS\Installer\e9fb77.msi : (Installs WD Drive Utilities - Western Digital Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/04/2016 11:59:48] - C:\WINDOWS\Installer\e9fb7e.msi : (WD Backup plugin - Western Digital Technologies, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/07/2016 13:47:18] - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:04] - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:55] - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe () - () [16/07/2016 20:15:58] - [143630] - C:\WINDOWS\Installer\{0c8ebb00-4909-459c-8347-b2068b7f0319}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:37] - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:42] - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:52] - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:56] - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:11] - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:59] - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:53] - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:16] - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe () - () [17/07/2016 15:03:26] - [10134] - C:\WINDOWS\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:33] - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe () - () [06/07/2016 15:00:10] - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe (Copyright (C) SEIKO EPSON CORPORATION 2010-2013.) - (E-Web Print Preview) [04/07/2016 13:46:49] - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe () - () [16/07/2016 18:44:56] - [143630] - C:\WINDOWS\Installer\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:17] - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:01] - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:15] - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe () - () [16/07/2016 15:29:30] - [291445] - C:\WINDOWS\Installer\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:12] - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe () - () [06/07/2016 14:55:42] - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe (Copyright (C) 2011) - (EProjManager Application) [04/07/2016 13:47:07] - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:13] - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe () - () [16/07/2016 16:28:44] - [75223] - C:\WINDOWS\Installer\{ADD5DB49-72CF-11D8-9D75-000129760D75}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:49] - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe () - () [13/07/2016 12:36:48] - [22435552] - C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}\uninstall.exe (� 2008-2010 COMODO Security Solutions, Inc.) - (COMODO BackUp setup) [04/07/2016 13:47:09] - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:02] - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:44] - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe () - () [16/07/2016 15:17:27] - [97873] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:05] - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe () - () [04/07/2016 19:01:17] - [85744] - C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}\ARPPRODUCTICON.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [04/07/2016 19:01:17] - [85744] - C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}\LCL.exe1_F32AB5F9185E46FC88A6FFD15F46598C.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [04/07/2016 19:01:17] - [85744] - C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}\LCL.exe_135876AAA9EB40DDA9DC1DCFBEBE069C.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [04/07/2016 19:01:17] - [52976] - C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}\UNINST_Uninstall_L_1821748D692B49ADAB1778192E277919.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [16/07/2016 20:17:34] - [70668] - C:\WINDOWS\Installer\{D36DD326-7280-11D8-97C8-000129760CBE}\ARPPRODUCTICON.exe () - () [04/07/2016 15:13:59] - [10134] - C:\WINDOWS\Installer\{D4378A80-C713-11DF-9399-005056C00008}\ARPPRODUCTICON.exe () - () [04/07/2016 15:13:59] - [32038] - C:\WINDOWS\Installer\{D4378A80-C713-11DF-9399-005056C00008}\RunProductNameDskt_985F828E0E98429F9C05EF3BDE7568F7_1.exe () - () [04/07/2016 15:13:59] - [32038] - C:\WINDOWS\Installer\{D4378A80-C713-11DF-9399-005056C00008}\RunProductNameShor_985F828E0E98429F9C05EF3BDE7568F7.exe () - () [16/07/2016 18:30:04] - [138560] - C:\WINDOWS\Installer\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\ARPPRODUCTICON.exe () - () [16/07/2016 16:37:23] - [82613] - C:\WINDOWS\Installer\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:22] - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe () - () [04/07/2016 13:47:08] - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:50] - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe () - () [04/07/2016 13:46:45] - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe () - () [17/07/2016 16:10:25] - [14863480] - C:\WINDOWS\Installer\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}\uninstall.exe (© 2008-2012 Comodo Security Solutions, Inc.) - (COMODO PC TuneUp setup) ---------- | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\WINDOWS\System32\ieuinit.inf [26/10/2012 16:42:24] - [29494] - C:\WINDOWS\System32\lvcoin64.ini [04/07/2016 14:00:41] - [1848398] - C:\WINDOWS\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\WINDOWS\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\WINDOWS\System32\WimBootCompress.ini [05/07/2016 07:26:48] - [17134] - C:\WINDOWS\Syswow64\GeneStor.INF [30/10/2015 09:19:39] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [30/10/2015 09:18:25] - [2269] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | [jean-] [10/06/2016 20:03:44] - |D| - [2391] - C:\Users\jean-\.android [13/06/2016 07:11:26] - |D| - [1240] - C:\Users\jean-\.cache [26/06/2016 10:41:34] - |D| - [130524] - C:\Users\jean-\.VirtualBox [04/07/2016 13:54:53] - |HD| - [1547527879] - C:\Users\jean-\AppData [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Application Data [10/06/2016 11:01:11] - |RD| - [412] - C:\Users\jean-\Contacts [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Cookies [10/06/2016 10:59:41] - |RD| - [115733647228] - C:\Users\jean-\Desktop [16/06/2016 09:16:23] - |D| - [5620710129] - C:\Users\jean-\Doctor Web [10/06/2016 10:59:41] - |RD| - [29046938134] - C:\Users\jean-\Documents [10/06/2016 10:59:41] - |RD| - [7387409484] - C:\Users\jean-\Downloads [14/06/2016 06:35:45] - |RD| - [51255596602] - C:\Users\jean-\Dropbox [10/06/2016 10:59:41] - |RD| - [32710] - C:\Users\jean-\Favorites [10/06/2016 10:59:41] - |RD| - [3658] - C:\Users\jean-\Links [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Local Settings [12/07/2016 14:51:43] - |D| - [0] - C:\Users\jean-\MediaEspresso [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Menu Démarrer [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Mes documents [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Modèles [10/06/2016 10:59:41] - |RD| - [1769781815] - C:\Users\jean-\Music [04/07/2016 13:54:53] - |ASH| - [1835008] - C:\Users\jean-\ntuser.dat [04/07/2016 13:54:55] - |ASH| - [458752] - C:\Users\jean-\ntuser.dat.LOG1 [04/07/2016 13:54:55] - |ASH| - [20480] - C:\Users\jean-\ntuser.dat.LOG2 [16/07/2016 06:07:00] - |ASH| - [65536] - C:\Users\jean-\ntuser.dat{45428003-4b0a-11e6-b97f-4c72b9f956a2}.TM.blf [16/07/2016 06:07:00] - |ASH| - [524288] - C:\Users\jean-\ntuser.dat{45428003-4b0a-11e6-b97f-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [16/07/2016 06:07:00] - |ASH| - [524288] - C:\Users\jean-\ntuser.dat{45428003-4b0a-11e6-b97f-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [04/07/2016 13:54:55] - |ASH| - [65536] - C:\Users\jean-\NTUSER.DAT{786831fd-41db-11e6-b965-8a5c5cb95714}.TM.blf [04/07/2016 13:54:55] - |ASH| - [524288] - C:\Users\jean-\NTUSER.DAT{786831fd-41db-11e6-b965-8a5c5cb95714}.TMContainer00000000000000000001.regtrans-ms [04/07/2016 13:54:55] - |ASH| - [524288] - C:\Users\jean-\NTUSER.DAT{786831fd-41db-11e6-b965-8a5c5cb95714}.TMContainer00000000000000000002.regtrans-ms [04/07/2016 13:59:11] - |SH| - [20] - C:\Users\jean-\ntuser.ini [10/06/2016 11:07:58] - |RD| - [16040321074] - C:\Users\jean-\OneDrive [10/06/2016 10:59:41] - |RD| - [70439659] - C:\Users\jean-\Pictures [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Recent [10/06/2016 10:59:41] - |RD| - [282] - C:\Users\jean-\Saved Games [04/07/2016 13:59:24] - |RD| - [1875] - C:\Users\jean-\Searches [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\SendTo [26/06/2016 05:35:59] - |A| - [0] - C:\Users\jean-\Sti_Trace.log [01/07/2016 09:40:35] - |D| - [0] - C:\Users\jean-\ultracopier [10/06/2016 10:59:41] - |RD| - [113104619] - C:\Users\jean-\Videos [26/06/2016 10:45:11] - |D| - [0] - C:\Users\jean-\VirtualBox VMs [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Voisinage d'impression [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\Voisinage réseau [14/06/2016 10:48:05] - |A| - [2219008] - C:\Users\jean-\ZHPDiag3.exe [04/07/2016 13:59:20] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Adobe [14/07/2016 11:22:35] - |D| - [6765170] - C:\Users\jean-\AppData\Roaming\Anvsoft [15/07/2016 13:48:09] - |D| - [6462] - C:\Users\jean-\AppData\Roaming\Apowersoft [12/07/2016 12:28:42] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Ashampoo Slideshow Studio HD 4 [04/07/2016 14:06:42] - |D| - [0] - C:\Users\jean-\AppData\Roaming\ATI [09/07/2016 05:49:56] - |D| - [5128] - C:\Users\jean-\AppData\Roaming\Auslogics [05/07/2016 10:03:45] - |D| - [16073691] - C:\Users\jean-\AppData\Roaming\AVAST Software [13/07/2016 10:02:44] - |D| - [5760788] - C:\Users\jean-\AppData\Roaming\BitTorrent [05/07/2016 10:21:49] - |D| - [19457164] - C:\Users\jean-\AppData\Roaming\Comodo [04/07/2016 15:08:44] - |D| - [1872230] - C:\Users\jean-\AppData\Roaming\CyberLink [13/07/2016 12:12:08] - |D| - [0] - C:\Users\jean-\AppData\Roaming\DAEMON Tools Pro [17/07/2016 06:14:33] - |D| - [0] - C:\Users\jean-\AppData\Roaming\DivX [04/07/2016 18:46:15] - |D| - [229855232] - C:\Users\jean-\AppData\Roaming\Downloaded Installations [05/07/2016 09:58:37] - |D| - [280916] - C:\Users\jean-\AppData\Roaming\Dropbox [05/07/2016 08:17:00] - |D| - [4495183] - C:\Users\jean-\AppData\Roaming\DVDVideoSoft [18/07/2016 18:16:33] - |D| - [384] - C:\Users\jean-\AppData\Roaming\EASEUS [13/07/2016 11:28:45] - |D| - [64] - C:\Users\jean-\AppData\Roaming\epm [06/07/2016 14:56:31] - |D| - [6777] - C:\Users\jean-\AppData\Roaming\Epson [18/07/2016 18:15:22] - |D| - [53976606] - C:\Users\jean-\AppData\Roaming\eufsc [05/07/2016 09:40:51] - |D| - [54422] - C:\Users\jean-\AppData\Roaming\GlarySoft [13/07/2016 10:14:41] - |D| - [0] - C:\Users\jean-\AppData\Roaming\IceDragon [05/07/2016 17:13:27] - |D| - [2153002] - C:\Users\jean-\AppData\Roaming\IObit [19/07/2016 13:57:47] - |D| - [38029] - C:\Users\jean-\AppData\Roaming\JAM Software [18/07/2016 09:18:48] - |D| - [32208] - C:\Users\jean-\AppData\Roaming\KC Softwares [04/07/2016 14:58:31] - |D| - [345] - C:\Users\jean-\AppData\Roaming\Leadertech [04/07/2016 14:50:26] - |D| - [492] - C:\Users\jean-\AppData\Roaming\Macromedia [04/07/2016 13:54:53] - |SD| - [778052] - C:\Users\jean-\AppData\Roaming\Microsoft [17/07/2016 15:46:00] - |D| - [1252] - C:\Users\jean-\AppData\Roaming\mov Audio Extractor [05/07/2016 11:33:14] - |D| - [146035397] - C:\Users\jean-\AppData\Roaming\Mozilla [19/07/2016 10:55:54] - |D| - [87] - C:\Users\jean-\AppData\Roaming\MPC-HC [17/07/2016 15:46:30] - |D| - [0] - C:\Users\jean-\AppData\Roaming\New Version Available [04/07/2016 18:48:45] - |D| - [606] - C:\Users\jean-\AppData\Roaming\Nitro [05/07/2016 09:52:45] - |D| - [214356] - C:\Users\jean-\AppData\Roaming\PDF Architect 4 [17/07/2016 15:56:12] - |AD| - [9217859] - C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious [16/07/2016 17:13:37] - |D| - [48913] - C:\Users\jean-\AppData\Roaming\proDAD [15/07/2016 16:14:49] - |D| - [16698] - C:\Users\jean-\AppData\Roaming\ProductData [05/07/2016 06:14:18] - |D| - [183286004] - C:\Users\jean-\AppData\Roaming\Sony [05/07/2016 06:18:37] - |D| - [822] - C:\Users\jean-\AppData\Roaming\Sony Corporation [04/07/2016 18:03:36] - |D| - [0] - C:\Users\jean-\AppData\Roaming\spotmau [14/07/2016 14:39:22] - |D| - [300856] - C:\Users\jean-\AppData\Roaming\StartMenuX [04/07/2016 14:54:26] - |D| - [13553443] - C:\Users\jean-\AppData\Roaming\TeraCopy [19/07/2016 19:32:34] - |D| - [8440268] - C:\Users\jean-\AppData\Roaming\Thunderbird [12/07/2016 07:13:00] - |D| - [29261131] - C:\Users\jean-\AppData\Roaming\UsbFix [13/07/2016 10:41:33] - |D| - [0] - C:\Users\jean-\AppData\Roaming\UserData [04/07/2016 18:03:31] - |A| - [87647] - C:\Users\jean-\AppData\Roaming\userenv.xml [13/07/2016 12:12:39] - |D| - [6991871] - C:\Users\jean-\AppData\Roaming\uTorrent [14/07/2016 15:50:06] - |D| - [10578] - C:\Users\jean-\AppData\Roaming\Western Digital [05/07/2016 11:43:14] - |D| - [1731864] - C:\Users\jean-\AppData\Roaming\Wondershare [05/07/2016 09:10:29] - |D| - [1051608] - C:\Users\jean-\AppData\Roaming\Wondershare Free YouTube Downloader [04/07/2016 18:28:53] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Wondershare Video Converter Free [15/07/2016 18:23:18] - |D| - [133525] - C:\Users\jean-\AppData\Roaming\ZHP [16/07/2016 07:35:29] - |D| - [126992] - C:\Users\jean-\AppData\Local\Acelogix [04/07/2016 14:02:29] - |D| - [0] - C:\Users\jean-\AppData\Local\ActiveSync [04/07/2016 14:07:10] - |D| - [8] - C:\Users\jean-\AppData\Local\AMD [13/07/2016 12:35:12] - |D| - [29153] - C:\Users\jean-\AppData\Local\AntiLogger Free [15/07/2016 13:47:53] - |D| - [3883624] - C:\Users\jean-\AppData\Local\Apowersoft [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\AppData\Local\Application Data [12/07/2016 11:26:23] - |D| - [366364] - C:\Users\jean-\AppData\Local\ashampoo [04/07/2016 14:06:42] - |D| - [66104] - C:\Users\jean-\AppData\Local\ATI [12/07/2016 11:57:42] - |D| - [0] - C:\Users\jean-\AppData\Local\CEF [04/07/2016 14:04:46] - |D| - [22225000] - C:\Users\jean-\AppData\Local\Comms [13/07/2016 10:14:16] - |D| - [815117] - C:\Users\jean-\AppData\Local\Comodo [12/07/2016 13:11:15] - |D| - [10188505] - C:\Users\jean-\AppData\Local\CrashDumps [18/07/2016 04:47:18] - |D| - [0] - C:\Users\jean-\AppData\Local\CrashRpt [04/07/2016 15:08:33] - |D| - [28512656] - C:\Users\jean-\AppData\Local\CyberLink [04/07/2016 15:12:07] - |D| - [43752960] - C:\Users\jean-\AppData\Local\Downloaded Installations [05/07/2016 09:56:49] - |D| - [273171037] - C:\Users\jean-\AppData\Local\Dropbox [12/07/2016 11:57:20] - |D| - [44032] - C:\Users\jean-\AppData\Local\Free Download Manager [19/07/2016 13:44:13] - |D| - [522] - C:\Users\jean-\AppData\Local\FreemakeVideoConverter [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\AppData\Local\Historique [13/07/2016 12:52:55] - |D| - [82] - C:\Users\jean-\AppData\Local\iSkysoft [04/07/2016 15:02:54] - |D| - [2914129] - C:\Users\jean-\AppData\Local\Logitech® Webcam Software [04/07/2016 13:54:53] - |D| - [198213453] - C:\Users\jean-\AppData\Local\Microsoft [04/07/2016 14:07:29] - |D| - [87469] - C:\Users\jean-\AppData\Local\MicrosoftEdge [05/07/2016 11:33:15] - |D| - [26496596] - C:\Users\jean-\AppData\Local\Mozilla [04/07/2016 13:59:21] - |D| - [87288172] - C:\Users\jean-\AppData\Local\Packages [05/07/2016 09:53:55] - |D| - [2877] - C:\Users\jean-\AppData\Local\PDFCreator [04/07/2016 15:08:58] - |D| - [40960] - C:\Users\jean-\AppData\Local\Power2Go10 [04/07/2016 14:53:23] - |D| - [0] - C:\Users\jean-\AppData\Local\Programs [04/07/2016 14:02:22] - |D| - [0] - C:\Users\jean-\AppData\Local\Publishers [05/07/2016 06:17:34] - |D| - [9975] - C:\Users\jean-\AppData\Local\Sony [04/07/2016 13:54:53] - |D| - [2724231] - C:\Users\jean-\AppData\Local\Temp [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\AppData\Local\Temporary Internet Files [19/07/2016 19:32:35] - |D| - [15076946] - C:\Users\jean-\AppData\Local\Thunderbird [04/07/2016 13:59:17] - |D| - [12001280] - C:\Users\jean-\AppData\Local\TileDataLayer [04/07/2016 13:59:37] - |D| - [370] - C:\Users\jean-\AppData\Local\VirtualStore [04/07/2016 14:54:35] - |D| - [82] - C:\Users\jean-\AppData\Local\Wondershare [13/07/2016 12:35:12] - |D| - [7006816] - C:\Users\jean-\AppData\Local\Zemana [05/07/2016 10:03:45] - |D| - [1140] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup [13/07/2016 10:03:33] - |A| - [2726] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk [04/07/2016 13:59:24] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [17/07/2016 15:45:35] - |A| - [1340] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\mov Audio Extractor.lnk [04/07/2016 13:54:55] - |SHD| - [0] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [04/07/2016 13:54:53] - |RD| - [32747] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [13/07/2016 12:13:58] - |A| - [2686] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [04/07/2016 13:54:53] - |RD| - [3888] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [04/07/2016 13:54:53] - |RD| - [2927] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [04/07/2016 13:59:25] - |RD| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/07/2016 16:10:24] - |D| - [2630] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COMODO [04/07/2016 13:59:24] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/07/2016 13:43:20] - |D| - [1525] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [04/07/2016 13:54:53] - |D| - [170] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [04/07/2016 14:08:45] - |A| - [2409] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [19/07/2016 09:43:48] - |A| - [971] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PortableApps.com Platform.lnk [04/07/2016 13:59:25] - |RD| - [1574] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [04/07/2016 14:53:08] - |D| - [2043] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier [04/07/2016 13:54:53] - |RD| - [5318] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [04/07/2016 14:56:00] - |D| - [1706] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier [04/07/2016 13:54:53] - |RSD| - [7238] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [04/07/2016 13:59:25] - |ASH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [18/07/2016 18:15:38] - |A| - [1400] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EaseUS EverySync.lnk ---------- | [Public] [10/06/2016 11:01:11] - |RHD| - [196] - C:\Users\Public\AccountPictures [04/07/2016 15:24:09] - |D| - [16932] - C:\Users\Public\CyberLink [30/10/2015 09:24:24] - |RHD| - [869509] - C:\Users\Public\Desktop [04/07/2016 14:13:09] - |ASH| - [174] - C:\Users\Public\desktop.ini [30/10/2015 09:24:24] - |RD| - [716298776] - C:\Users\Public\Documents [30/10/2015 09:24:24] - |RD| - [174] - C:\Users\Public\Downloads [04/07/2016 14:13:01] - |RHD| - [1135] - C:\Users\Public\Libraries [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Music [30/10/2015 09:24:24] - |RD| - [8854459] - C:\Users\Public\Pictures [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [04/07/2016 13:47:23] - |D| - [304] - C:\ProgramData\AMD [13/07/2016 11:54:43] - |D| - [121] - C:\ProgramData\AomeiBR [04/07/2016 13:58:02] - |SHD| - [31418298234] - C:\ProgramData\Application Data [05/07/2016 13:03:50] - |D| - [523938] - C:\ProgramData\Ashampoo [04/07/2016 14:06:42] - |D| - [186] - C:\ProgramData\ATI [09/07/2016 05:50:02] - |D| - [0] - C:\ProgramData\Auslogics [04/07/2016 13:58:02] - |SHD| - [869509] - C:\ProgramData\Bureau [11/07/2016 14:52:06] - |D| - [3122] - C:\ProgramData\CLSK [04/07/2016 14:13:00] - |D| - [0] - C:\ProgramData\Comms [17/07/2016 16:04:27] - |D| - [65088207] - C:\ProgramData\COMODO [04/07/2016 15:01:09] - |D| - [59186607] - C:\ProgramData\CyberLink [13/07/2016 12:11:01] - |D| - [1816] - C:\ProgramData\DAEMON Tools Pro [16/07/2016 15:42:29] - |D| - [4086116] - C:\ProgramData\DivX [04/07/2016 13:58:02] - |SHD| - [716298776] - C:\ProgramData\Documents [05/07/2016 09:56:49] - |D| - [526322] - C:\ProgramData\Dropbox [05/07/2016 17:17:44] - |D| - [10722319] - C:\ProgramData\EPSON [16/07/2016 04:53:37] - |D| - [0] - C:\ProgramData\explauncher [19/07/2016 13:43:14] - |D| - [10911810] - C:\ProgramData\Freemake [13/07/2016 12:09:07] - |D| - [0] - C:\ProgramData\Glarysoft [06/07/2016 13:55:17] - |D| - [1988250] - C:\ProgramData\HitmanPro [12/07/2016 11:55:45] - |D| - [122] - C:\ProgramData\Informer Technologies, Inc [04/07/2016 15:02:36] - |D| - [1500564] - C:\ProgramData\install_clap [04/07/2016 14:54:14] - |D| - [317293] - C:\ProgramData\IObit [13/07/2016 12:43:26] - |D| - [4515725] - C:\ProgramData\iSkysoft [13/07/2016 12:45:49] - |D| - [5191] - C:\ProgramData\iSkysoft iMedia Converter Deluxe [16/07/2016 04:53:29] - |D| - [0] - C:\ProgramData\launcher [04/07/2016 14:59:10] - |D| - [259] - C:\ProgramData\LogiShrd [15/07/2016 14:15:06] - |D| - [54455] - C:\ProgramData\Malwarebytes [19/07/2016 08:45:10] - |D| - [13091564] - C:\ProgramData\Malwarebytes Anti-Exploit [04/07/2016 13:58:02] - |SHD| - [306111] - C:\ProgramData\Menu Démarrer [04/07/2016 14:13:00] - |SD| - [1710697028] - C:\ProgramData\Microsoft [04/07/2016 14:06:36] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [04/07/2016 18:58:22] - |D| - [376] - C:\ProgramData\migrateos [19/07/2016 13:57:30] - |D| - [293182] - C:\ProgramData\MindGems [04/07/2016 13:58:02] - |SHD| - [0] - C:\ProgramData\Modèles [04/07/2016 18:48:02] - |D| - [35130762] - C:\ProgramData\Nitro [04/07/2016 13:46:10] - |D| - [55864988] - C:\ProgramData\Package Cache [05/07/2016 09:50:50] - |D| - [168974274] - C:\ProgramData\PDF Architect 4 [11/07/2016 16:58:21] - |D| - [36] - C:\ProgramData\PDVD [16/07/2016 17:13:31] - |D| - [66867486] - C:\ProgramData\proDAD [15/07/2016 14:16:48] - |D| - [443] - C:\ProgramData\ProductData [13/07/2016 12:01:28] - |D| - [105016264] - C:\ProgramData\Rebit [04/07/2016 14:13:01] - |D| - [1000] - C:\ProgramData\regid.1991-06.com.microsoft [13/07/2016 11:02:41] - |D| - [0] - C:\ProgramData\RegRun [13/07/2016 12:31:11] - |D| - [607554] - C:\ProgramData\RogueKiller [18/07/2016 13:46:01] - |D| - [1754] - C:\ProgramData\RogueKillerPE [04/07/2016 14:13:01] - |D| - [0] - C:\ProgramData\SoftwareDistribution [05/07/2016 06:17:21] - |D| - [12893] - C:\ProgramData\Sony Corporation [14/07/2016 10:50:02] - |D| - [674148] - C:\ProgramData\Spybot - Search & Destroy [14/07/2016 14:40:09] - |D| - [5622] - C:\ProgramData\StartMenuX [04/07/2016 15:02:36] - |D| - [8598745] - C:\ProgramData\SUPPORTDIR [04/07/2016 15:06:10] - |AD| - [0] - C:\ProgramData\Temp [04/07/2016 18:02:55] - |D| - [5640] - C:\ProgramData\TuneUp360 [06/07/2016 15:01:29] - |D| - [4680] - C:\ProgramData\UDL [04/07/2016 14:13:01] - |D| - [2498] - C:\ProgramData\USOPrivate [04/07/2016 13:44:55] - |D| - [1695744] - C:\ProgramData\USOShared [14/07/2016 14:29:36] - |D| - [84076] - C:\ProgramData\Western Digital [04/07/2016 14:54:47] - |D| - [13439520] - C:\ProgramData\Wondershare [04/07/2016 18:13:22] - |D| - [1419] - C:\ProgramData\Wondershare Application Common Data [04/07/2016 18:13:37] - |D| - [2036] - C:\ProgramData\Wondershare Free YouTube Downloader [04/07/2016 18:51:04] - |D| - [58928] - C:\ProgramData\Wondershare Player [04/07/2016 18:25:39] - |D| - [5629] - C:\ProgramData\Wondershare Video Converter Free [04/07/2016 14:52:59] - |D| - [485333281] - C:\ProgramData\Wondershare Video Editor [14/07/2016 15:45:30] - |D| - [0] - C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [04/07/2016 14:13:09] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [04/07/2016 13:58:02] - |SHD| - [305937] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [04/07/2016 14:13:00] - |RD| - [305937] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [04/07/2016 14:13:00] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [04/07/2016 14:13:00] - |RD| - [15666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [04/07/2016 14:13:00] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/07/2016 13:47:50] - |D| - [4373] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [13/07/2016 11:47:14] - |D| - [2914] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 6.0 [05/07/2016 13:06:20] - |D| - [5441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [05/07/2016 06:12:06] - |D| - [1608] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau [17/07/2016 15:56:15] - |D| - [1157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blockulicious [05/07/2016 10:21:23] - |D| - [8516] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [13/07/2016 12:25:16] - |A| - [2091] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ActionDirector 1.1 (64-Bit).lnk [11/07/2016 15:03:17] - |RD| - [39598] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite [16/07/2016 18:18:25] - |RD| - [2288] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 7 [04/07/2016 17:49:30] - |A| - [2486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PresenterLink+.lnk [04/07/2016 15:42:14] - |A| - [2414] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink VideoMeeting+.lnk [16/07/2016 14:17:16] - |A| - [1970] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7 Mirror.lnk [16/07/2016 14:17:15] - |A| - [2248] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 7.lnk [13/07/2016 12:12:09] - |D| - [1910] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [18/07/2016 18:15:20] - |ASH| - [1566] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |A| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |A| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [16/07/2016 15:44:11] - |D| - [4969] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [19/07/2016 04:06:12] - |D| - [1314] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [05/07/2016 08:22:04] - |D| - [8696] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [04/07/2016 19:01:17] - |D| - [4688] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL [18/07/2016 18:15:37] - |D| - [2846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS EverySync 3.0 [13/07/2016 11:55:19] - |D| - [3175] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0 [13/07/2016 12:09:42] - |D| - [2721] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 9.2 [14/07/2016 11:00:33] - |D| - [2871] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans [06/07/2016 14:58:56] - |D| - [2051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [06/07/2016 14:37:11] - |D| - [7064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [19/07/2016 13:57:30] - |D| - [5079] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size [19/07/2016 13:43:20] - |D| - [1443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [06/07/2016 13:57:17] - |D| - [3982] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [30/10/2015 09:19:28] - |A| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [13/07/2016 12:52:00] - |D| - [1211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft [05/07/2016 09:54:01] - |D| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [04/07/2016 14:57:57] - |D| - [1733] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [04/07/2016 14:13:00] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [19/07/2016 08:45:29] - |D| - [2483] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit [13/07/2016 11:54:47] - |D| - [3333] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1 [30/10/2015 09:17:57] - |A| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [17/07/2016 15:45:34] - |D| - [2674] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mov Audio Extractor [05/07/2016 10:12:41] - |A| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [19/07/2016 19:26:13] - |A| - [1292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [16/07/2016 17:12:15] - |D| - [1406] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue [04/07/2016 18:48:10] - |A| - [2503] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 5.lnk [04/07/2016 15:13:59] - |D| - [3354] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Migrate OS to SSD™ 4.0 [05/07/2016 09:50:31] - |D| - [5672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [30/10/2015 09:19:28] - |A| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [13/07/2016 12:03:59] - |D| - [1153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit Pro [13/07/2016 12:32:09] - |D| - [923] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [18/07/2016 13:50:20] - |D| - [953] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKillerPE [05/07/2016 06:18:08] - |D| - [1984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [14/07/2016 14:56:08] - |D| - [2790] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X [04/07/2016 14:13:00] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [04/07/2016 14:13:00] - |RD| - [4033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [04/07/2016 14:13:00] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [04/07/2016 14:53:36] - |D| - [4249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy [19/07/2016 13:57:45] - |D| - [5298] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [14/07/2016 14:24:41] - |D| - [4845] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital [13/07/2016 12:45:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer [13/07/2016 12:43:02] - |D| - [1320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Downloader [04/07/2016 14:54:25] - |D| - [46226] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [13/07/2016 12:41:42] - |D| - [3765] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free [14/07/2016 04:56:38] - |D| - [1165] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [04/07/2016 14:13:09] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [14/07/2016 11:20:18] - |D| - [126898391] - C:\Program Files (x86)\Anvsoft [13/07/2016 11:46:42] - |AD| - [53806429] - C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0 [05/07/2016 13:02:05] - |D| - [399773098] - C:\Program Files (x86)\Ashampoo [04/07/2016 13:46:33] - |AD| - [106367910] - C:\Program Files (x86)\ATI Technologies [04/07/2016 13:40:15] - |D| - [398915876] - C:\Program Files (x86)\Common Files [05/07/2016 10:16:22] - |D| - [125733926] - C:\Program Files (x86)\Comodo [04/07/2016 15:03:25] - |AD| - [5620173386] - C:\Program Files (x86)\CyberLink [04/07/2016 14:13:08] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [16/07/2016 15:42:33] - |D| - [8932831] - C:\Program Files (x86)\DivX [05/07/2016 09:56:49] - |D| - [251271176] - C:\Program Files (x86)\Dropbox [05/07/2016 08:18:28] - |AD| - [1326341009] - C:\Program Files (x86)\DVDVideoSoft [04/07/2016 19:01:17] - |D| - [317944] - C:\Program Files (x86)\e-Carte Bleue [13/07/2016 11:21:31] - |D| - [903606323] - C:\Program Files (x86)\EaseUS [06/07/2016 14:54:41] - |D| - [2947568] - C:\Program Files (x86)\EPSON [06/07/2016 14:37:09] - |AD| - [233857814] - C:\Program Files (x86)\EPSON Software [19/07/2016 13:57:29] - |D| - [5939373] - C:\Program Files (x86)\Folder Size [05/07/2016 08:21:54] - |D| - [20645164] - C:\Program Files (x86)\FreeCodecPack [19/07/2016 13:41:09] - |D| - [81616759] - C:\Program Files (x86)\Freemake [05/07/2016 07:26:48] - |D| - [17134] - C:\Program Files (x86)\Genesyslogic [05/07/2016 09:39:57] - |D| - [0] - C:\Program Files (x86)\Glarysoft [05/07/2016 09:56:14] - |D| - [8808168] - C:\Program Files (x86)\Google [05/07/2016 09:56:31] - |D| - [7807856] - C:\Program Files (x86)\GUM907.tmp [04/07/2016 15:04:53] - |HD| - [241017497] - C:\Program Files (x86)\InstallShield Installation Information [04/07/2016 14:13:00] - |D| - [2154939] - C:\Program Files (x86)\Internet Explorer [13/07/2016 12:43:25] - |D| - [160204677] - C:\Program Files (x86)\iSkysoft [19/07/2016 13:57:43] - |D| - [5910723] - C:\Program Files (x86)\JAM Software [05/07/2016 09:52:57] - |AD| - [158072643] - C:\Program Files (x86)\K-Lite Codec Pack [13/07/2016 12:41:38] - |D| - [197482] - C:\Program Files (x86)\KeyCryptSDK [04/07/2016 14:57:56] - |D| - [38884251] - C:\Program Files (x86)\Logitech [19/07/2016 08:44:59] - |D| - [6807368] - C:\Program Files (x86)\Malwarebytes Anti-Exploit [15/07/2016 14:15:06] - |D| - [4024186] - C:\Program Files (x86)\Malwarebytes Anti-Malware [05/07/2016 06:11:38] - |D| - [28382294] - C:\Program Files (x86)\Microsoft [04/07/2016 14:13:00] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [17/07/2016 15:44:35] - |AD| - [121436692] - C:\Program Files (x86)\mov Audio Extractor [05/07/2016 10:12:37] - |D| - [260719] - C:\Program Files (x86)\Mozilla Maintenance Service [19/07/2016 19:25:18] - |D| - [88533157] - C:\Program Files (x86)\Mozilla Thunderbird [04/07/2016 14:25:40] - |D| - [25757] - C:\Program Files (x86)\MSBuild [11/07/2016 15:49:30] - |D| - [54782380] - C:\Program Files (x86)\NewBlue [04/07/2016 18:48:02] - |D| - [27237984] - C:\Program Files (x86)\Nitro [04/07/2016 15:04:53] - |D| - [65460881] - C:\Program Files (x86)\NSIS Uninstall Information [05/07/2016 09:52:01] - |AD| - [6636048] - C:\Program Files (x86)\PDF Architect 4 [04/07/2016 14:25:40] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [05/07/2016 06:16:27] - |D| - [160359540] - C:\Program Files (x86)\Sony [12/07/2016 11:58:59] - |D| - [10484459] - C:\Program Files (x86)\Sony Media Go Install [14/07/2016 10:47:12] - |D| - [94975775] - C:\Program Files (x86)\Spybot - Search & Destroy 2 [04/07/2016 14:53:08] - |D| - [23102104] - C:\Program Files (x86)\Supercopier [14/07/2016 14:23:44] - |AD| - [66311316] - C:\Program Files (x86)\Western Digital [04/07/2016 14:13:00] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [04/07/2016 14:13:00] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [04/07/2016 14:13:00] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [04/07/2016 14:13:00] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [04/07/2016 14:13:00] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [04/07/2016 14:13:00] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [04/07/2016 14:13:00] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [04/07/2016 14:13:00] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [04/07/2016 14:13:00] - |SD| - [2685232] - C:\Program Files (x86)\WindowsPowerShell [13/07/2016 12:42:32] - |D| - [8010151] - C:\Program Files (x86)\Wise [04/07/2016 14:55:19] - |D| - [415631065] - C:\Program Files (x86)\Wondershare [15/07/2016 18:31:29] - |D| - [202442514] - C:\Program Files (x86)\ZebHelpProcess [13/07/2016 12:40:24] - |AD| - [10323221] - C:\Program Files (x86)\Zemana AntiLogger Free [13/07/2016 12:38:39] - |AD| - [16081174] - C:\Program Files (x86)\Zemana AntiMalware ---------- | C:\Program Files [04/07/2016 13:44:42] - |D| - [96636696] - C:\Program Files\AMD [04/07/2016 13:47:20] - |AD| - [5595872] - C:\Program Files\ATI Technologies [04/07/2016 13:40:15] - |D| - [92029722] - C:\Program Files\Common Files [13/07/2016 12:36:52] - |D| - [97770235] - C:\Program Files\COMODO [11/07/2016 15:23:11] - |D| - [2531490028] - C:\Program Files\CyberLink [13/07/2016 12:11:22] - |D| - [55323989] - C:\Program Files\DAEMON Tools Pro [04/07/2016 14:13:08] - |ASH| - [174] - C:\Program Files\desktop.ini [16/07/2016 15:43:26] - |D| - [2125120] - C:\Program Files\DivX [15/07/2016 07:50:38] - |D| - [3509689] - C:\Program Files\EPSON [04/07/2016 13:58:02] - |SHD| - [92029722] - C:\Program Files\Fichiers communs [06/07/2016 13:55:55] - |AD| - [11744976] - C:\Program Files\HitmanPro [04/07/2016 14:13:00] - |D| - [2776230] - C:\Program Files\Internet Explorer [04/07/2016 14:47:15] - |D| - [46921935] - C:\Program Files\Lavasoft [13/07/2016 11:54:31] - |AD| - [58654964] - C:\Program Files\MiniTool Partition Wizard Free 9.1 [05/07/2016 10:09:37] - |AD| - [106977406] - C:\Program Files\Mozilla Firefox [04/07/2016 14:25:40] - |D| - [25757] - C:\Program Files\MSBuild [11/07/2016 15:50:06] - |D| - [70721537] - C:\Program Files\NewBlue [04/07/2016 18:48:02] - |D| - [121488170] - C:\Program Files\Nitro [04/07/2016 15:13:36] - |D| - [105864724] - C:\Program Files\Paragon Software [05/07/2016 09:52:01] - |AD| - [306745529] - C:\Program Files\PDF Architect 4 [05/07/2016 09:50:15] - |D| - [34753145] - C:\Program Files\PDFCreator [16/07/2016 17:13:28] - |AD| - [4540643] - C:\Program Files\proDAD [04/07/2016 13:45:15] - |D| - [44101568] - C:\Program Files\Realtek [13/07/2016 12:03:55] - |D| - [67605555] - C:\Program Files\Rebit [04/07/2016 14:25:40] - |D| - [36850857] - C:\Program Files\Reference Assemblies [13/07/2016 12:31:19] - |AD| - [48698464] - C:\Program Files\RogueKiller [18/07/2016 13:50:10] - |D| - [39671819] - C:\Program Files\RogueKillerPE [14/07/2016 14:39:22] - |AD| - [18493352] - C:\Program Files\Start Menu X [04/07/2016 14:53:35] - |AD| - [6506587] - C:\Program Files\TeraCopy [04/07/2016 14:56:00] - |D| - [22453209] - C:\Program Files\Ultracopier [04/07/2016 13:44:55] - |HD| - [0] - C:\Program Files\Uninstall Information [04/07/2016 14:13:00] - |D| - [11400666] - C:\Program Files\Windows Defender [04/07/2016 14:13:00] - |D| - [8974456] - C:\Program Files\Windows Journal [04/07/2016 14:13:00] - |D| - [6322176] - C:\Program Files\Windows Mail [04/07/2016 14:13:00] - |D| - [5394547] - C:\Program Files\Windows Media Player [04/07/2016 14:13:00] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [04/07/2016 14:13:00] - |D| - [7862330] - C:\Program Files\Windows NT [04/07/2016 14:13:00] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [04/07/2016 14:13:00] - |D| - [258280] - C:\Program Files\Windows Portable Devices [04/07/2016 14:13:00] - |SHD| - [0] - C:\Program Files\Windows Sidebar [04/07/2016 14:13:00] - |HD| - [998737035] - C:\Program Files\WindowsApps [04/07/2016 14:13:00] - |SD| - [2856133] - C:\Program Files\WindowsPowerShell [04/07/2016 14:52:59] - |D| - [291826105] - C:\Program Files\Wondershare ---------- | C:\Program Files (x86)\Common Files [15/07/2016 18:32:12] - |D| - [2014588] - C:\Program Files (x86)\Common Files\Borland Shared [04/07/2016 15:04:49] - |D| - [34529296] - C:\Program Files (x86)\Common Files\CyberLink [16/07/2016 15:43:01] - |D| - [37301248] - C:\Program Files (x86)\Common Files\DivX Shared [05/07/2016 08:18:59] - |D| - [135818315] - C:\Program Files (x86)\Common Files\DVDVideoSoft [19/07/2016 13:43:15] - |D| - [631296] - C:\Program Files (x86)\Common Files\Freemake Shared [16/07/2016 15:09:41] - |D| - [1150965] - C:\Program Files (x86)\Common Files\InstallShield [14/07/2016 15:44:33] - |D| - [0] - C:\Program Files (x86)\Common Files\IObit [13/07/2016 12:52:38] - |D| - [6104905] - C:\Program Files (x86)\Common Files\iSkysoft [04/07/2016 13:46:11] - |AD| - [90787536] - C:\Program Files (x86)\Common Files\logishrd [04/07/2016 14:13:00] - |D| - [16022961] - C:\Program Files (x86)\Common Files\Microsoft Shared [11/07/2016 15:50:04] - |D| - [286720] - C:\Program Files (x86)\Common Files\NewBlue [12/07/2016 07:59:19] - |D| - [1488873] - C:\Program Files (x86)\Common Files\Nikon [05/07/2016 09:52:01] - |AD| - [737280] - C:\Program Files (x86)\Common Files\PDF Software [04/07/2016 14:13:00] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [05/07/2016 06:17:21] - |D| - [22422184] - C:\Program Files (x86)\Common Files\Sony Shared [04/07/2016 14:13:00] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System [14/07/2016 14:31:21] - |AD| - [5339277] - C:\Program Files (x86)\Common Files\Western Digital [04/07/2016 14:54:33] - |D| - [34601047] - C:\Program Files (x86)\Common Files\Wondershare ---------- | C:\Program Files\Common files [14/07/2016 11:57:56] - |D| - [1839998] - C:\Program Files\Common files\AV [05/07/2016 17:18:16] - |D| - [152640] - C:\Program Files\Common files\EPSON [04/07/2016 14:15:55] - |D| - [0] - C:\Program Files\Common files\Lavasoft [04/07/2016 13:45:54] - |D| - [23196117] - C:\Program Files\Common files\logishrd [04/07/2016 14:13:00] - |D| - [39440272] - C:\Program Files\Common files\microsoft shared [11/07/2016 15:50:35] - |D| - [352768] - C:\Program Files\Common files\NewBlue [04/07/2016 18:48:01] - |D| - [16539614] - C:\Program Files\Common files\Nitro [04/07/2016 14:13:00] - |D| - [2702] - C:\Program Files\Common files\Services [04/07/2016 14:13:00] - |D| - [10505611] - C:\Program Files\Common files\System ---------- | Tasks [MD5.2BAD441F2AF4D40CF1160343E6D2D7DF] - [05/07/2016 09:57:03] - |A| - [1212] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.6218BC79CAC9A52CF17B13BB98953FC1] - [05/07/2016 09:57:04] - |A| - [1216] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.5E097A5D7A7DFA542D40E1197C2FB9D0] - [05/07/2016 17:18:16] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {C7585BD3-EA9F-42A5-8895-DEB12E50A980}.job [MD5.532AD52E9B13B600B59E3E9B96CE5F5C] - [05/07/2016 17:18:53] - |A| - [765] - C:\WINDOWS\Tasks\EPSON XP-710 Series Invitation {CECF00F4-C802-4D19-A8D9-021F15DFDFB7}.job [MD5.D3CAD76C6F1F53819E3B0AE19C21AEE3] - [05/07/2016 17:18:16] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {C7585BD3-EA9F-42A5-8895-DEB12E50A980}.job [MD5.D7E5010101C1FC65142CB5D94E7BB7C1] - [05/07/2016 17:18:53] - |A| - [951] - C:\WINDOWS\Tasks\EPSON XP-710 Series Update {CECF00F4-C802-4D19-A8D9-021F15DFDFB7}.job [MD5.D76259E84989C46E89C182ABEA237CD1] - [05/07/2016 09:56:39] - |A| - [1104] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.9CC27E95DB893AF59B7034590906ECD6] - [05/07/2016 09:56:39] - |A| - [1108] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.00000000000000000000000000000000] - [14/07/2016 15:25:47] - |D| - [0] - C:\WINDOWS\Tasks\ImCleanDisabled [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [04/07/2016 13:41:41] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.FF103FA641C6F7258D74A57D25C62057] - [05/07/2016 10:05:15] - |A| - [2686] - C:\WINDOWS\System32\Tasks\avastBCLS-1-5-21-2956268689-1280340557-608612402-1001 : C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [MD5.35881027BC837CB9381DB38A8A3CD92F] - [16/07/2016 15:39:49] - |A| - [3296] - C:\WINDOWS\System32\Tasks\DeviceDetector7.5 : C:\Program Files (x86)\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [MD5.C3FB1DBA862F5E4509BA85EC3096613D] - [05/07/2016 09:57:04] - |A| - [4044] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.826F09EFF444B90D8263F922DDC6A52B] - [05/07/2016 09:57:04] - |A| - [4276] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.EE98179C4A291D0B6F654AB9AA1AF151] - [05/07/2016 17:18:16] - |A| - [3970] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {C7585BD3-EA9F-42A5-8895-DEB12E50A980} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.43A49C769D4F41E5BCBE8254118BF520] - [05/07/2016 17:18:53] - |A| - [3970] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Invitation {CECF00F4-C802-4D19-A8D9-021F15DFDFB7} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.F0A7C98EF8CFA884225D82279DA366FF] - [05/07/2016 17:18:16] - |A| - [4148] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {C7585BD3-EA9F-42A5-8895-DEB12E50A980} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.7B8DD5F21242498AEDFDBD6C9F922E09] - [05/07/2016 17:18:53] - |A| - [4148] - C:\WINDOWS\System32\Tasks\EPSON XP-710 Series Update {CECF00F4-C802-4D19-A8D9-021F15DFDFB7} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.1E0873C844475468E4142A7ED3F9377E] - [05/07/2016 09:56:39] - |A| - [3934] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.1F658FC4A05541E1ACFEEF6FBF0BBA3D] - [05/07/2016 09:56:39] - |A| - [4166] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.D861CAA217D07E2561FA2B07E3E0849A] - [05/07/2016 09:55:56] - |A| - [2798] - C:\WINDOWS\System32\Tasks\klcp_update : "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:02] - |D| - [426242] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [14/07/2016 10:51:52] - |D| - [0] - C:\WINDOWS\System32\Tasks\Safer-Networking [MD5.7740111991B5E4F5AA39617CDF337C05] - [04/07/2016 14:08:35] - |A| - [4176] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2C6FFD4A-47DA-4070-AAE5-86112A3E9256} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [04/07/2016 14:13:03] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "{FFBE6CE3-1CCB-499F-9F28-FE20B37C2BE3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{75E7149A-BB4A-424B-BA33-3A7EF71EB93A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{57EC5D18-8394-4AC8-A692-FF5CAF942D36}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{829CF0EE-1D11-4EDA-B45E-D9D5576485E6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{FBDCC87D-6512-4064-9CC9-F29CC5567F53}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D439C743-210E-4662-9550-1134AC091805}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B79CCB6F-13EB-4E38-9C92-B7DAEB49534B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{939B94A3-34A4-49BB-B622-51EC650CBCAE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{24EFC25E-F763-441F-81E9-E593CD8900C4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{3745F71E-514C-4354-9C79-F098DDCD7C1C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{14BD0A29-4A32-4C5B-8610-30F6F3BD03F7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{84310FDE-E71A-47B4-B584-7F90BF487429}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C2191F06-B3EE-4255-85FE-CA3E3D93BB48}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{18B8EF81-5AFF-420E-9C9C-3F12B1D8F7F0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{64610E98-EE85-448C-B3F6-841DF152930A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{9C73DA0B-6096-472F-AADA-7AD3A3BEBDB0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{63465B1B-A5CA-44EC-96B9-98A746C45DB9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{0DD6E0C1-E0EB-45E6-9581-9462C7AC1E68}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F931457E-9F7D-4D01-824C-BE10A9F6750F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{6FA94FC1-B6C5-4087-A99B-F287C3C28DD3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe|Name=CyberLink VideoMeetingPlus|Desc=CyberLink VideoMeetingPlus| "{FC1D9CEA-4207-485D-8BFF-C95642F15C0A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{CAC443E4-D87F-49B4-9F4E-6F703282C3CE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{44509C68-DC40-4A97-9427-3F6D5BD270CD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{62C88160-4B00-44F7-815A-3BC7507966F6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A6063264-9937-44D9-92E0-AFF3AE57D8A7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{3CDFCEDE-632C-4302-9941-EC39E446E277}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{EC50A7A1-56AD-47EA-B743-32F4BDC3E9F8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{BED6840B-2A40-42AE-B94F-6588F154F1C5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{98E80A39-6F1B-4173-94A5-23F147EDDA89}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C776D598-93E0-497B-B2EA-312EE5AB8CDC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{0309B23B-CB65-4996-A4E5-F455CAC1F486}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{AFAEA13E-5B2A-4ACE-9AF3-634CF94234EA}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{FF7EE0C8-EE63-411A-AE0A-E03AA35DD5FB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{5468EAFB-F7AA-4369-B85F-E36A76FFD91D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{C5FC58E8-FC5F-43F5-BB78-688F519C9293}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{85DE42CE-9037-43A5-A8F2-6DC6CF0494FD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{C0A75A69-5AA7-4565-83C3-60EFDA9335CF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{2ED49721-2DE5-47C3-9EAB-57910B75620A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{A8B5F6FB-9490-4119-8D55-6CA32A51EA9A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1C3C736C-60BA-4A51-9481-B990BA2E83C0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F2CD8283-6112-4277-8425-4CB1BA5FA240}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{CF836F9F-53B5-4C2C-AC47-BE405B917CBC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{FFD11D5E-F05F-45DA-83D3-107BFE3DF48D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1E3D32EC-3B81-463A-B3D4-E0D8BD44DAC9}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1901F63F-16A4-41B3-85E4-AF20FC1A712E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{5488D789-0602-49E7-989C-CC1BDCC124A7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{840B3CF1-26C9-4866-BDAB-6A5015078688}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe|Name=Free Torrent Download (ANY)|Desc=Free Torrent Download (ANY)|EmbedCtxt=Free Torrent Download (ANY)|Edge=TRUE| "{94E90628-3206-4AB0-985E-E3A8D6AFD149}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe|Name=Free Torrent Download (ANY)|Desc=Free Torrent Download (ANY)|EmbedCtxt=Free Torrent Download (ANY)| "{04CBB899-8EF4-458B-BFD1-014D5193FE8B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)| "{A27446BC-24F6-4CE3-B36B-5592DB6B500E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)| "{16D661F4-F232-4D8A-A82C-F18E382B712F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{DD1B2147-243F-400D-A5E4-7041098476B2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{B503E00C-1896-46D1-8CA6-3987337C00E1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{C26EA141-5CC2-41EB-B9A6-17D3802550E5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DBC25351-B81F-467D-8530-6C4BC725BF65}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (TCP-In) (jean-)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{B212FAA5-012E-47DA-8E79-E09C3D71F996}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (TCP-Out) (jean-)|Desc=Allow µTorrent network traffic| "{D25F353D-1D34-49C0-95E8-53CE681FCB18}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (UDP-In) (jean-)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{73E97C42-80C1-4ADE-988E-78515B8B4328}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (jean-)| "{3DDDE52D-3006-46D1-AB77-3D229C946436}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (jean-)| "{515D8838-ACC3-4E5C-9BC6-ECC0C43FFBCB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (UDP-Out) (jean-)|Desc=Allow µTorrent network traffic| "{263A0F17-AFE2-4F50-9A5A-DB56915B9F4F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{F18D9F12-A147-4F0E-9341-79B85583EBBD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe|Name=TbService.exe| "{506F5925-37A3-450E-BFF1-1AE3D09D39E5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{A76EFBB2-8333-4CB3-AB66-27D4AC3B776A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe|Name=Local TBConsoleUI.exe| "{F0862DF8-43C9-4ECC-B928-5C92746C2D56}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{59104552-6E56-4123-93C4-2FF7BF8DB78E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=Local TodoBackupService.exe| "{FCF68C71-15C5-46FE-A664-671E46901798}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe|Name=μTorrent (TCP-In) (jean-)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{B7DF5B2B-748F-4D38-AC05-B4AC40BD42F1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe|Name=μTorrent (TCP-Out) (jean-)|Desc=Allow µTorrent network traffic| "{CEED0048-1336-4C49-8AD3-E8DAC091011D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe|Name=μTorrent (UDP-In) (jean-)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{FB4E43E9-EBA1-43F9-BB4A-C9A5F13C8C22}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (jean-)| "{715E81A4-CA59-4AC8-88BE-99C6093FAAC3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (jean-)| "{4EC88E52-F158-403B-B56C-775039858076}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Users\jean-\AppData\Roaming\uTorrent\uTorrent.exe|Name=μTorrent (UDP-Out) (jean-)|Desc=Allow µTorrent network traffic| "TCP Query User{3E404E9C-F96C-4745-B7B1-288BBD8107A3}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe|Name=Todo PCTrans|Desc=Todo PCTrans|Defer=User| "UDP Query User{58CA560D-36FA-4D41-BA05-ABD13E1A336A}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe|Name=Todo PCTrans|Desc=Todo PCTrans|Defer=User| "{B385C56C-85E8-4667-B405-76B5D85956EE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\IObit\Surfing Protection\FFNativeMessage.exe|Name=SP_FF| "{36A6DA44-9AEC-4885-884E-44614174F578}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\IObit\Surfing Protection\FFNativeMessage.exe|Name=SP_FF| "{5CC6BF6E-8339-41F6-8096-259F17DDCB82}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=EaseUS_SMART| "{9CBF4D2D-26AE-4E5E-9C56-C8A9E4DAD2EC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe|Name=EaseUS_SMART| "{366026E6-9E09-4EEA-8909-C703EE443494}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{715ABB72-67FB-4C8C-8F70-EDBD89EE2F3A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{07AA7D9B-C937-4610-8E34-140A7C2091E2}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{8A179BB5-2637-466D-95E2-6F7D89C23AE8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{7026D596-815B-4AC5-8940-2E88550779C0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe|Name=CyberLink PowerDVD16|Desc=CyberLink PowerDVD16| "{AEED3FEF-CE65-4870-B336-FD7FE03CE20B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe|Name=CyberLink PowerDVD 16 Media Server Service|Desc=CyberLink Media Server| "{9F5E0BEA-7830-4D7B-ADBE-E26156392281}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe|Name=CyberLink PowerDVD16 Agent|Desc=CyberLink PowerDVD16 Agent| "{7ECF5D2A-724D-45C3-BCB2-EA57E7351B92}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe|Name=CyberLink PowerDVD16 Movie Module|Desc=CyberLink PowerDVD16 Movie Module| "{8473D1B3-8544-4ED7-B49E-41061890C881}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD16\CastingStation.exe|Name=CyberLink PowerDVD16 CastingStation|Desc=CyberLink PowerDVD16 CastingStation| "TCP Query User{A8064AE8-6CBA-412B-A1EC-D72343F79773}C:\Users\jean-\Desktop\AdsFix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=19844|App=C:\Users\jean-\Desktop\AdsFix.exe|Name=AdsFix|Desc=AdsFix|Enable=yes|Defer=User| "UDP Query User{8012CD5F-78FA-489A-B2C4-2168ADE624EB}C:\Users\jean-\Desktop\AdsFix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=19844|App=C:\Users\jean-\Desktop\AdsFix.exe|Name=AdsFix|Desc=AdsFix|Enable=yes|Defer=User| "{33620DFC-ADF9-4EAA-9D23-CAAAA448B0F8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| "{48AEE739-0646-4472-9284-3E05CF2A3CE3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{392BCB27-5263-4A7D-BD20-576E2DFB8486}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2956268689-1280340557-608612402-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A8064AE8-6CBA-412B-A1EC-D72343F79773}C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=19844|App=C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe|Name=AdsFix|Desc=AdsFix|Enable=yes|Defer=User| "UDP Query User{8012CD5F-78FA-489A-B2C4-2168ADE624EB}C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=19844|App=C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe|Name=AdsFix|Desc=AdsFix|Enable=yes|Defer=User| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\jean-\Desktop\quickdiag_2_01.07.2016.4.exe"=C:\Users\jean-\Desktop\quickdiag_2_01.07.2016.4.exe:*:Enabled:quickdiag_2_01.07.2016.4 "C:\Users\jean-\Desktop\AdsFix.exe"=C:\Users\jean-\Desktop\AdsFix.exe:*:Enabled:AdsFix "C:\Users\jean-\Desktop\adsfix_3_18.07.2016.2.exe"=C:\Users\jean-\Desktop\adsfix_3_18.07.2016.2.exe:*:Enabled:adsfix_3_18.07.2016.2 "C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe"=C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe:*:Enabled:adsfix_3_19.07.2016.2 "C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe"=C:\Users\jean-\Desktop\quickdiag_2_17.07.2016.1.exe:*:Enabled:quickdiag_2_17.07.2016.1 ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem4.inf,%ClassName%;Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem29.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [11/07/2016 06:41:40] - (1.3.1079.265) - (COMODO - COMODO Cloud Antivirus Driver) - C:\WINDOWS\system32\DRIVERS\CmdCCAV.sys [07/10/2014 13:14:42] - (7.0.0.1618) - (COMODO Security Solutions Inc. - COMODO BackUp Minifilter Driver) - C:\WINDOWS\system32\DRIVERS\CBReparse.sys [07/10/2014 13:14:42] - (1.0.0.975) - (COMODO Security Solutions Inc. - COMODO BackUp Safe FileSystem Driver) - C:\WINDOWS\system32\DRIVERS\CBUFS.sys [07/10/2014 13:14:40] - (1.0.0.972) - (COMODO Security Solutions Inc. - COMODO Backup Disk Driver) - C:\WINDOWS\system32\DRIVERS\bdisk.sys [07/10/2014 13:14:44] - (7.0.0.1619) - (COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Driver) - C:\WINDOWS\system32\DRIVERS\cbvd.sys [17/07/2016 14:41:13] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\pwdrvio.sys [13/07/2016 12:09:46] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\drivers\EUBKMON.sys [13/07/2016 12:09:48] - (1.0.1.0) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver) - C:\WINDOWS\system32\drivers\eubakup.sys [16/07/2016 15:10:56] - (5.0.0.10524) - (Cyberlink Co.,Ltd. - Cyberlink Storage Helper Driver (WindowsNT5.x)) - C:\WINDOWS\system32\DRIVERS\CLBStor.sys [13/07/2016 12:40:37] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\WINDOWS\System32\drivers\zamguard64.sys [13/07/2016 12:40:45] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\WINDOWS\System32\drivers\zam64.sys [14/07/2016 10:50:36] - (2.5.42.0) - (Safer-Networking Ltd. -) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [05/07/2016 17:14:13] - (8.98.0.0) - (REALiX(tm) - HWiNFO AMD64 Kernel Driver) - C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [13/07/2016 12:09:49] - (1.0.0.1) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver) - C:\WINDOWS\system32\drivers\EuFdDisk.sys [13/07/2016 12:09:49] - (1.2.0.1) - (CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver) - C:\WINDOWS\system32\drivers\eudskacs.sys [19/07/2016 08:44:59] - (0.0.0.0) - ( -) - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [25/06/2016 16:04:33] - (2.1.0.17) - (Qualcomm Atheros, Inc. - Killer e2200 PCI-E Gigabit Ethernet Controller) - C:\WINDOWS\System32\drivers\L1C63x64.sys [10/06/2016 11:53:02] - (2.0.0.3505) - (CyberLink - CyberLink Virtual CDROM Bus Enumerator) - C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [07/10/2014 13:14:46] - (1.0.0.973) - (COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Bus Driver) - C:\WINDOWS\System32\drivers\vdbus.sys [13/07/2016 12:12:10] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtproscsibus.sys [02/07/2016 13:04:12] - (1.2.0.7524) - (CyberLink Corporation - CyberLink WebCam Virtual Driver) - C:\WINDOWS\system32\DRIVERS\clwvd7.sys [10/06/2016 12:22:10] - (2.0.0.8821) - (CyberLink Corporation - CyberLink WebCam Virtual Driver) - C:\WINDOWS\system32\DRIVERS\clwvdVM.sys [10/06/2016 12:22:17] - (1.0.1.1522) - (CyberLink - Virtual Audio-In Device) - C:\WINDOWS\system32\drivers\clvad.sys [12/11/2015 22:50:10] - (1.1.0.0) - (Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SAM) driver) - C:\WINDOWS\System32\drivers\wdcsam64.sys [25/06/2016 15:54:29] - (4.5.0.6) - (GenesysLogic - GeneStor) - C:\WINDOWS\system32\DRIVERS\GeneStor.sys [13/07/2016 12:42:00] - (1.8.2.320) - (Zemana Ltd. - Zemana AntiLogger Free) - C:\WINDOWS\system32\DRIVERS\KeyCrypt64.sys [17/07/2016 17:22:58] - (0.0.0.0) - ( -) - C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys [16/07/2016 15:11:21] - (5.0.0.10524) - (CyberLink Corporation. - UDF File System Driver) - C:\WINDOWS\System32\Drivers\CLBUDF.SYS [16/07/2016 17:54:44] - (1.4.0.10501) - (CyberLink Corp. -) - C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: FCBUFS Activity Monitor - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: extendedbase - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 77 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 78 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="PNP_TDI" - Service.Name="HitmanProScheduler" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="agp440" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="avchv" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bdisk" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="FCBUFS Activity Monitor" - SystemDriver.Name="CBUFS" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="cbvd" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLBStor" LoadOrderGroup.Name="File System" - SystemDriver.Name="CLBUDF" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CLVirtualBus01" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="cmdccav" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="extendedbase" - SystemDriver.Name="CompFilter64" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Base" - SystemDriver.Name="dg_ssudbus" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="dtproscsibus" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="epp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="fcvsc" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gagp30kx" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="PlugPlay" - Service.Name="RtkAudioService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="keycrypt" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="L1C" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="nv_agp" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Reparse" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uagp35" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="FSFilter Content Screener" - SystemDriver.Name="UI5IFS" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uliagpkx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="vdbus" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wpcfltr" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WSDPrintDevice" LoadOrderGroup.Name="Base" - SystemDriver.Name="WSDScan" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys S0 - ADP80XX () -> System32\drivers\ADP80XX.SYS S0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S0 - amdsata () -> System32\drivers\amdsata.sys S0 - amdsbs () -> System32\drivers\amdsbs.sys S0 - amdxata () -> System32\drivers\amdxata.sys S0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys S0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys S0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - bdisk (Comodo Disk Raw Access Filter) -> system32\DRIVERS\bdisk.sys R0 - CBUFS (CBUFS) -> system32\DRIVERS\CBUFS.sys R0 - cbvd (Comodo Backup Virtual Disk) -> system32\DRIVERS\cbvd.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - cmdccav (cmdccav) -> system32\DRIVERS\CmdCCAV.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys S0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys S0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys S0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - EUBAKUP (EUBAKUP) -> system32\drivers\eubakup.sys R0 - EUBKMON (EUBKMON) -> system32\drivers\EUBKMON.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys S0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys S0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys S0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys S0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys S0 - intelide () -> System32\drivers\intelide.sys S0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys S0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys S0 - LSI_SAS () -> System32\drivers\lsi_sas.sys S0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys S0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys S0 - LSI_SSS () -> System32\drivers\lsi_sss.sys S0 - megasas () -> System32\drivers\megasas.sys S0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys S0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys S0 - nvraid () -> System32\drivers\nvraid.sys S0 - nvstor () -> System32\drivers\nvstor.sys S0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys S0 - pciide () -> System32\drivers\pciide.sys S0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys S0 - percsas2i () -> System32\drivers\percsas2i.sys S0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - pwdrvio (pwdrvio) -> system32\pwdrvio.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - Reparse (Reparse) -> system32\DRIVERS\CBReparse.sys S0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys S0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys S0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys S0 - stexstor () -> System32\drivers\stexstor.sys R0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys S0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys S0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys S0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys S0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys S0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys S0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys S0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys S0 - vsmraid () -> System32\drivers\vsmraid.sys S0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys R1 - CLBStor (InstantBurn Storage Helper Driver) -> system32\DRIVERS\CLBStor.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys S1 - epp (epp) -> \??\I:\BARROW 2 & WIDEN 100% SéCURISé\BIN64\epp.sys R1 - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys R1 - EUDSKACS (EUDSKACS) -> \??\C:\WINDOWS\system32\drivers\eudskacs.sys R1 - EUFDDISK (EUFDDISK) -> \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys R1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys R1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys R1 - HWiNFO32 (HWiNFO32/64 Kernel Driver) -> \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - SDHookDriver (Hook Test Driver) -> \??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys R1 - ZAM (ZAM Helper Driver) -> \??\C:\WINDOWS\System32\drivers\zam64.sys R1 - ZAM_Guard (ZAM Guard Driver) -> \??\C:\WINDOWS\System32\drivers\zamguard64.sys R2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe R2 - AMD FUEL Service (AMD FUEL Service) -> "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService R2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ccavsrv (ccavsrv) -> C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe -service R2 - CLBUDF (CyberLink InstantBurn UDF Filesystem) -> (?) R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - COSService.exe (COMODO Online Storage Service) -> C:\Program Files\COMODO\COMMON\COSService.exe R2 - CPluginService (CPluginService) -> "C:\Program Files\COMODO\PC TuneUP\CPluginService.exe" R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - EaseUS Agent (Service Agent EaseUS) -> "C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe" R2 - EpsonScanSvc (Epson Scanner Service) -> C:\WINDOWS\system32\EscSvc64.exe R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - Freemake Improver (Freemake Improver) -> "C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe" S2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - IceDragonUpdater (COMODO IceDragon Update Service) -> C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S2 - LiveUpdateSvc (LiveUpdate) -> C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe R2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - MbaeSvc (Malwarebytes Anti-Exploit Service) -> "C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe" R2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys R2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2f7da (Hôte de synchronisation_2f7da) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3b90b (Hôte de synchronisation_3b90b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3bd0c (Hôte de synchronisation_3bd0c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3f5a1 (Hôte de synchronisation_3f5a1) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_443bd (Hôte de synchronisation_443bd) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4479b (Hôte de synchronisation_4479b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_494d6 (Hôte de synchronisation_494d6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - OneSyncSvc_54349 (Hôte de synchronisation_54349) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5ae57 (Hôte de synchronisation_5ae57) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5f5c6 (Hôte de synchronisation_5f5c6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_75145 (Hôte de synchronisation_75145) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_ae38b (Hôte de synchronisation_ae38b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RichVideo64 (Cyberlink RichVideo64 Service(CRVS)) -> "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys R2 - RtkAudioService (Realtek Audio Service) -> C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys R2 - SynchronizationService.exe (COMODO BackUp Service) -> C:\Program Files\COMODO\COMMON\SynchronizationService.exe R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UI5IFS (Ashampoo Uninstaller FileSystemChanges Driver) -> \??\C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - WbioSrvc (@%systemroot%\system32\wbiosrvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k WbioSvcGroup R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - {41E8078B-96D9-42DC-8789-A1CF102CD880} (Power Control [2016/07/16 18:02:23]) -> \??\C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl S3 - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys S3 - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys S3 - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys S3 - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys S3 - AJRouter (@%SystemRoot%\system32\AJRouter.dll,-2) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - ALG (@%SystemRoot%\system32\Alg.exe,-112) -> %SystemRoot%\System32\alg.exe S3 - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys R3 - amdkmdag () -> \SystemRoot\system32\DRIVERS\atikmdag.sys R3 - amdkmdap () -> \SystemRoot\system32\DRIVERS\atikmpag.sys R3 - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys S3 - ampa (ampa) -> \??\C:\WINDOWS\system32\ampa.sys S3 - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys S3 - AppIDSvc (@%systemroot%\system32\appidsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R3 - Appinfo (@%systemroot%\system32\appinfo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - AppReadiness (@%SystemRoot%\System32\AppReadiness.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k AppReadiness S3 - AppXSvc (@%SystemRoot%\system32\appxdeploymentserver.dll,-1) -> %systemroot%\system32\svchost.exe -k wsappx S3 - AsyncMac (@%systemroot%\system32\rascfg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys S3 - avchv (@oem1.inf,%ServiceDesc%;avchv Function Driver) -> \SystemRoot\System32\drivers\avchv.sys S3 - bcmfn (@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service) -> \SystemRoot\System32\drivers\bcmfn.sys S3 - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys S3 - BDESVC (@%SystemRoot%\system32\bdesvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - BingDesktopUpdate (Bing Desktop Update service) -> "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" R3 - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys S3 - Browser (@%systemroot%\system32\browser.dll,-100) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys S3 - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys S3 - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys S3 - BthHFSrv (@%SystemRoot%\System32\BthHFSrv.dll,-103) -> %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation S3 - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys S3 - bthserv (@%SystemRoot%\System32\bthserv.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys S3 - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys S3 - CareMon (CareMon) -> "C:\Program Files (x86)\Wondershare\1-Click PC Care\CareMon.exe" S3 - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys S3 - ClipSVC (@%SystemRoot%\system32\ClipSVC.dll,-103) -> %SystemRoot%\System32\svchost.exe -k wsappx R3 - clvad () -> \SystemRoot\system32\drivers\clvad.sys R3 - CLVirtualBus01 (@oem2.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator) -> \SystemRoot\System32\drivers\CLVirtualBus01.sys R3 - clwvd7 (@oem32.inf,%clwvd.DeviceDesc% Service;CyberLink WebCam Virtual Driver 7.0 Service) -> \SystemRoot\system32\DRIVERS\clwvd7.sys R3 - clwvdVM (@oem14.inf,%clwvd.DeviceDesc% Service;Camera for VideoMeeting+/PresenterLink+ Service) -> \SystemRoot\system32\DRIVERS\clwvdVM.sys S3 - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys S3 - CompFilter64 (UVCCompositeFilter) -> \SystemRoot\System32\drivers\lvbflt64.sys R3 - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys S3 - COMSysApp (@comres.dll,-947) -> %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} R3 - condrv (Console Driver) -> System32\drivers\condrv.sys S3 - cpuz134 (cpuz134) -> \??\C:\Users\jean-\AppData\Local\Temp\cpuz134\cpuz134_x64.sys S3 - dbupdate (Service Mise à jour Dropbox (dbupdate)) -> "C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /svc S3 - dbupdatem (Service Mise à jour Dropbox (dbupdatem)) -> "C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /medsvc S3 - DcpSvc (@%SystemRoot%\system32\dcpsvc.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - defragsvc (@%SystemRoot%\system32\defragsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k defragsvc S3 - DeviceInstall (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S3 - DevQueryBroker (@%SystemRoot%\system32\DevQueryBroker.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - DfSdkS (Service de Défragmentation) -> C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe S3 - dg_ssudbus (@oem21.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)) -> \SystemRoot\System32\drivers\ssudbus.sys S3 - diagnosticshub.standardcollector.service (@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000) -> %SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe S3 - DigitalWave.Update.Service (Digital Wave Update Service) -> "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" R3 - Disc Soft Pro Bus Service (Disc Soft Pro Bus Service) -> "C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe" S3 - DmEnrollmentSvc (@%systemroot%\system32\Windows.Internal.Management.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys S3 - dmwappushservice (@%SystemRoot%\system32\dmwappushsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - dot3svc (@%systemroot%\system32\dot3svc.dll,-1102) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys S3 - DsmSvc (@%SystemRoot%\system32\DeviceSetupManager.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - DsSvc (@%SystemRoot%\system32\dssvc.dll,-10003) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - dtproscsibus (@oem30.inf,%DTPROSCSIBUS.DeviceDesc%;DAEMON Tools Pro Virtual SCSI Bus) -> \SystemRoot\System32\drivers\dtproscsibus.sys R3 - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys S3 - Eaphost (@%systemroot%\system32\eapsvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - EFS (@%SystemRoot%\system32\efssvc.dll,-100) -> %SystemRoot%\System32\lsass.exe S3 - embeddedmode (@%SystemRoot%\system32\embeddedmodesvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - EntAppSvc (@EnterpriseAppMgmtSvc.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel S3 - epmntdrv (epmntdrv) -> \??\C:\WINDOWS\system32\epmntdrv.sys S3 - EpsonCustomerResearchParticipation (EpsonCustomerResearchParticipation) -> "C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe" S3 - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys S3 - ESLoadService (ESLoadService) -> "C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\ESLoadService.exe" S3 - EuGdiDrv (EuGdiDrv) -> \??\C:\WINDOWS\system32\EuGdiDrv.sys S3 - exfat (exFAT File System Driver) -> (?) R3 - fastfat (FAT12/16/32 File System Driver) -> (?) S3 - Fax (@%systemroot%\system32\fxsresm.dll,-118) -> %systemroot%\system32\fxssvc.exe S3 - fcvsc () -> \SystemRoot\System32\drivers\fcvsc.sys S3 - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys R3 - fdPHost (@%systemroot%\system32\fdPHost.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R3 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - fhsvc (@%systemroot%\system32\fhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys S3 - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys S3 - FontCache3.0.0.0 (@%SystemRoot%\system32\PresentationHost.exe,-3309) -> %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe S3 - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys S3 - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys S3 - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys R3 - GeneStor (@oem11.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver) -> \SystemRoot\system32\DRIVERS\GeneStor.sys S3 - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys S3 - gupdatem (Service Google Update (gupdatem)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc R3 - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys S3 - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys S3 - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys S3 - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys S3 - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys S3 - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys R3 - hidserv (@%SystemRoot%\System32\hidserv.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys S3 - hitmanpro37 (HitmanPro 3.7 Support Driver) -> \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys S3 - HitmanProScheduler (HitmanPro Scheduler) -> C:\Program Files\HitmanPro\hmpsched.exe S3 - HomeGroupListener (@%SystemRoot%\System32\ListSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - HomeGroupProvider (@%SystemRoot%\System32\provsvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R3 - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys S3 - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys S3 - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys S3 - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys S3 - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys S3 - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys S3 - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys S3 - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys S3 - icssvc (@%SystemRoot%\System32\tetheringservice.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - IEEtwCollectorService (@%SystemRoot%\system32\ieetwcollectorres.dll,-1000) -> %SystemRoot%\system32\IEEtwCollector.exe /V R3 - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys S3 - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys S3 - IoQos (@%SystemRoot%\system32\drivers\ioqos.sys,-100) -> system32\drivers\ioqos.sys S3 - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys S3 - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys S3 - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys S3 - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys S3 - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys R3 - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys R3 - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys R3 - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys R3 - keycrypt () -> system32\DRIVERS\KeyCrypt64.sys R3 - KeyIso (@keyiso.dll,-100) -> %SystemRoot%\system32\lsass.exe R3 - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys S3 - KtmRm (@comres.dll,-2946) -> %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation R3 - L1C (@oem3.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller) -> \SystemRoot\System32\drivers\L1C63x64.sys S3 - lfsvc (@%SystemRoot%\System32\lfsvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - LicenseManager (@%SystemRoot%\system32\licensemanagersvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - lltdsvc (@%SystemRoot%\system32\lltdres.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalService R3 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S3 - LVRS64 (@oem25.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver) -> \SystemRoot\system32\DRIVERS\lvrs64.sys S3 - LVUVC64 (@oem20.inf,%PID_081B_DD%(UVC);Logitech HD Webcam C310(UVC)) -> \SystemRoot\system32\DRIVERS\lvuvc64.sys S3 - MessagingService (@%SystemRoot%\system32\MessagingService.dll,-100) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_3b90b (MessagingService_3b90b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_3bd0c (MessagingService_3bd0c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_3f5a1 (MessagingService_3f5a1) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_443bd (MessagingService_443bd) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_4479b (MessagingService_4479b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_494d6 (MessagingService_494d6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_54349 (MessagingService_54349) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_5ae57 (MessagingService_5ae57) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_5f5c6 (MessagingService_5f5c6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_75145 (MessagingService_75145) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - MessagingService_ae38b (MessagingService_ae38b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys S3 - Modem () -> system32\drivers\modem.sys R3 - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys R3 - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys R3 - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys S3 - MozillaMaintenance (Mozilla Maintenance Service) -> "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" R3 - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys S3 - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys R3 - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys R3 - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys S3 - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys S3 - MSDTC (@comres.dll,-2797) -> %SystemRoot%\System32\msdtc.exe S3 - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys S3 - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys S3 - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys S3 - MSiSCSI (@%SystemRoot%\system32\iscsidsc.dll,-5000) -> %systemroot%\system32\svchost.exe -k netsvcs S3 - msiserver (@%SystemRoot%\system32\msimsg.dll,-27) -> %systemroot%\system32\msiexec.exe /V S3 - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\system32\DRIVERS\MSKSSRV.sys S3 - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\system32\DRIVERS\MSPCLOCK.sys S3 - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\system32\DRIVERS\MSPQM.sys S3 - MsRPC () -> (?) S3 - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\system32\DRIVERS\MSTEE.sys S3 - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys S3 - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys S3 - NcaSvc (@%SystemRoot%\system32\ncasvc.dll,-3009) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R3 - NcbService (@%SystemRoot%\system32\ncbservice.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - NcdAutoSetup (@%SystemRoot%\system32\NcdAutoSetup.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork S3 - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys S3 - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys S3 - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys S3 - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> System32\DRIVERS\ndistapi.sys S3 - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys R3 - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys S3 - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys S3 - ndiswanlegacy (@%systemroot%\system32\rascfg.dll,-32014) -> System32\DRIVERS\ndiswan.sys S3 - ndproxy () -> System32\DRIVERS\NDProxy.sys S3 - Netman (@%SystemRoot%\system32\netman.dll,-109) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R3 - netprofm (@%SystemRoot%\system32\netprofmsvc.dll,-202) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - NetSetupSvc (@%SystemRoot%\system32\NetSetupSvc.dll,-3) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - NgcCtnrSvc (@%SystemRoot%\System32\NgcCtnrSvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - NgcSvc (@%SystemRoot%\System32\ngcsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - NitroReaderDriverReadSpool5 (NitroPDFReaderDriverCreatorReadSpool5) -> "C:\Program Files\Nitro\Reader 5\NitroPDFReaderDriverService5x64.exe" R3 - NTFS () -> (?) S3 - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys S3 - PDF Architect 4 (PDF Architect 4) -> "C:\Program Files\PDF Architect 4\ws.exe" S3 - PDF Architect 4 CrashHandler (PDF Architect 4 CrashHandler) -> "C:\Program Files\PDF Architect 4\crash-handler-ws.exe" S3 - PDF Architect 4 Creator (PDF Architect 4 Creator) -> "C:\Program Files\PDF Architect 4\creator-ws.exe" S3 - PerfHost (@%systemroot%\sysWow64\perfhost.exe,-2) -> %SystemRoot%\SysWow64\perfhost.exe S3 - PhoneSvc (@%SystemRoot%\system32\PhoneserviceRes.dll,-10000) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - PimIndexMaintenanceSvc (@%SystemRoot%\system32\UserDataAccessRes.dll,-15001) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_3b90b (Données de contacts_3b90b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_3bd0c (Données de contacts_3bd0c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_3f5a1 (Données de contacts_3f5a1) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_443bd (Données de contacts_443bd) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_4479b (Données de contacts_4479b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_494d6 (Données de contacts_494d6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R3 - PimIndexMaintenanceSvc_54349 (Données de contacts_54349) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_5ae57 (Données de contacts_5ae57) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_5f5c6 (Données de contacts_5f5c6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_75145 (Données de contacts_75145) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - PimIndexMaintenanceSvc_ae38b (Données de contacts_ae38b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - pla (@%systemroot%\system32\pla.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R3 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-200) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch S3 - PNRPAutoReg (@%SystemRoot%\system32\pnrpauto.dll,-8002) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S3 - PolicyAgent (@%SystemRoot%\System32\polstore.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted S3 - PptpMiniport (@%systemroot%\system32\rascfg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys S3 - PrintNotify (@C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll,-1) -> %SystemRoot%\system32\svchost.exe -k print S3 - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys S3 - pwdspio (pwdspio) -> \??\C:\WINDOWS\system32\pwdspio.sys S3 - QWAVE (@%SystemRoot%\system32\qwave.dll,-1) -> %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys S3 - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys S3 - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys S3 - RasAuto (@%Systemroot%\system32\rasauto.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - Rasl2tp (@%systemroot%\system32\rascfg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys S3 - RasMan (@%Systemroot%\system32\rasmans.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> System32\DRIVERS\raspppoe.sys S3 - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys R3 - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys S3 - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys S3 - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys S3 - Rebit-Pro-Svc (Rebit Pro Backup Service) -> "C:\Program Files\Rebit\Rebit Pro\Rebit-Pro-Svc.exe" S3 - ReFSv1 () -> (?) S3 - RetailDemo (@%SystemRoot%\System32\RDXService.dll,-256) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - RpcLocator (@%systemroot%\system32\Locator.exe,-2) -> %SystemRoot%\system32\locator.exe S3 - RTSUER (@oem5.inf,%RtsUER%;Realtek USB Card Reader - UER) -> \SystemRoot\system32\Drivers\RtsUer.sys S3 - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys S3 - ScDeviceEnum (@%SystemRoot%\System32\ScDeviceEnum.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys S3 - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys S3 - SDRSVC (@%SystemRoot%\system32\sdrsvc.dll,-107) -> %SystemRoot%\system32\svchost.exe -k SDRSVC S3 - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys S3 - seclogon (@%SystemRoot%\system32\seclogon.dll,-7001) -> %windir%\system32\svchost.exe -k netsvcs S3 - SensorDataService (@%SystemRoot%\system32\SensorDataService.exe,-101) -> %SystemRoot%\System32\SensorDataService.exe S3 - SensorService (@%SystemRoot%\System32\sensorservice.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - SensrSvc (@%SystemRoot%\System32\sensrsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys S3 - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys S3 - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys S3 - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys S3 - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys S3 - SessionEnv (@%SystemRoot%\System32\SessEnv.dll,-1026) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys S3 - SharedAccess (@%SystemRoot%\system32\ipnathlp.dll,-106) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - smphost (@%SystemRoot%\System32\smphost.dll,-102) -> %SystemRoot%\System32\svchost.exe -k smphost S3 - SmsRouter (@%SystemRoot%\System32\SmsRouterSvc.dll,-10001) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys R3 - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys R3 - srvnet () -> System32\DRIVERS\srvnet.sys R3 - SSDPSRV (@%systemroot%\system32\ssdpsrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - SstpSvc (@%SystemRoot%\system32\sstpsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - ssudmdm (@oem22.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudmdm.sys S3 - ssudqcfilter (@oem21.inf,%ssudqcfilter.SvcDesc%;SAMSUNG Mobile USB QCRMNET Filter Driver) -> \SystemRoot\System32\drivers\ssudqcfilter.sys R3 - StateRepository (@%SystemRoot%\system32\windows.staterepository.dll,-1) -> %SystemRoot%\system32\svchost.exe -k appmodel S3 - StorSvc (@%SystemRoot%\System32\StorSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - svsvc (@%SystemRoot%\system32\svsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys S3 - swprv (@%SystemRoot%\System32\swprv.dll,-103) -> %SystemRoot%\System32\svchost.exe -k swprv S3 - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys S3 - TabletInputService (@%SystemRoot%\system32\TabSvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - TapiSrv (@%SystemRoot%\system32\tapisrv.dll,-10100) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys S3 - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys S3 - TermService (@%SystemRoot%\System32\termsrv.dll,-268) -> %SystemRoot%\System32\svchost.exe -k NetworkService S3 - TieringEngineService (@%SystemRoot%\system32\TieringEngineService.exe,-702) -> %SystemRoot%\system32\TieringEngineService.exe R3 - TimeBroker (@%windir%\system32\TimeBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys S3 - TrueSight () -> \??\C:\Windows\System32\drivers\TrueSight.sys S3 - TrustedInstaller (@%SystemRoot%\servicing\TrustedInstaller.exe,-100) -> %SystemRoot%\servicing\TrustedInstaller.exe S3 - TsUsbFlt () -> system32\drivers\tsusbflt.sys S3 - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys S3 - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys S3 - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys S3 - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys S3 - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys S3 - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys S3 - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys S3 - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys S3 - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys S3 - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys S3 - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys S3 - UI0Detect (@%SystemRoot%\system32\ui0detect.exe,-101) -> %SystemRoot%\system32\UI0Detect.exe R3 - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys R3 - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys S3 - UmRdpService (@%SystemRoot%\system32\umrdp.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - UnistoreSvc (@%SystemRoot%\system32\UserDataAccessRes.dll,-10003) -> %SystemRoot%\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_3b90b (Stockage des données utilisateur_3b90b) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_3bd0c (Stockage des données utilisateur_3bd0c) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_3f5a1 (Stockage des données utilisateur_3f5a1) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_443bd (Stockage des données utilisateur_443bd) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_4479b (Stockage des données utilisateur_4479b) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_494d6 (Stockage des données utilisateur_494d6) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup R3 - UnistoreSvc_54349 (Stockage des données utilisateur_54349) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_5ae57 (Stockage des données utilisateur_5ae57) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_5f5c6 (Stockage des données utilisateur_5f5c6) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_75145 (Stockage des données utilisateur_75145) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - UnistoreSvc_ae38b (Stockage des données utilisateur_ae38b) -> C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup S3 - upnphost (@%systemroot%\system32\upnphost.dll,-213) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S3 - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys S3 - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys S3 - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys S3 - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;Pilote USB audio (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys R3 - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Pilote parent générique USB Microsoft) -> \SystemRoot\System32\drivers\usbccgp.sys S3 - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys R3 - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys R3 - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys S3 - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys R3 - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys S3 - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys S3 - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\system32\DRIVERS\usbscan.sys S3 - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys R3 - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS S3 - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys S3 - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS S3 - UserDataSvc (@%SystemRoot%\system32\UserDataAccessRes.dll,-14001) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_3b90b (Accès aux données utilisateur_3b90b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_3bd0c (Accès aux données utilisateur_3bd0c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_3f5a1 (Accès aux données utilisateur_3f5a1) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_443bd (Accès aux données utilisateur_443bd) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_4479b (Accès aux données utilisateur_4479b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_494d6 (Accès aux données utilisateur_494d6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R3 - UserDataSvc_54349 (Accès aux données utilisateur_54349) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_5ae57 (Accès aux données utilisateur_5ae57) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_5f5c6 (Accès aux données utilisateur_5f5c6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_75145 (Accès aux données utilisateur_75145) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UserDataSvc_ae38b (Accès aux données utilisateur_ae38b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S3 - UsoSvc (@%systemroot%\system32\usocore.dll,-102) -> %systemroot%\system32\svchost.exe -k netsvcs R3 - VaultSvc (@%SystemRoot%\system32\vaultsvc.dll,-1003) -> %SystemRoot%\system32\lsass.exe R3 - vdbus (@oem31.inf,%vdbus.SVCDESC%;Virtual Disk Bus Enumerator) -> \SystemRoot\System32\drivers\vdbus.sys R3 - vds (@%SystemRoot%\system32\vds.exe,-100) -> %SystemRoot%\System32\vds.exe S3 - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys S3 - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys S3 - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys S3 - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys S3 - vmicguestinterface (@%systemroot%\system32\icsvc.dll,-801) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmicheartbeat (@%systemroot%\system32\icsvc.dll,-101) -> %systemroot%\system32\svchost.exe -k ICService S3 - vmickvpexchange (@%systemroot%\system32\icsvc.dll,-201) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmicrdv (@%systemroot%\system32\icsvc.dll,-601) -> %systemroot%\system32\svchost.exe -k ICService S3 - vmicshutdown (@%systemroot%\system32\icsvc.dll,-301) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmictimesync (@%systemroot%\system32\icsvc.dll,-401) -> %systemroot%\system32\svchost.exe -k LocalServiceNetworkRestricted S3 - vmicvmsession (@%systemroot%\system32\icsvc.dll,-901) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vmicvss (@%systemroot%\system32\icsvc.dll,-501) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys S3 - VSS (@%systemroot%\system32\vssvc.exe,-102) -> %systemroot%\system32\vssvc.exe S3 - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys R3 - W32Time (@%SystemRoot%\system32\w32time.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService S3 - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys S3 - WalletService (@%SystemRoot%\System32\WalletService.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k appmodel S3 - wanarp (@%systemroot%\system32\rascfg.dll,-32011) -> System32\DRIVERS\wanarp.sys S3 - wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> System32\DRIVERS\wanarp.sys S3 - wbengine (@%systemroot%\system32\wbengine.exe,-104) -> "%systemroot%\system32\wbengine.exe" S3 - wcncsvc (@%SystemRoot%\system32\wcncsvc.dll,-3) -> %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation S3 - WcsPlugInService (@%SystemRoot%\system32\WcsPlugInService.dll,-200) -> %SystemRoot%\system32\svchost.exe -k wcssvc S3 - WD Backup Drive Helper (WD Backup Drive Helper) -> C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} S3 - WD Backup Snapshot (WD Backup Snapshot) -> C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} S3 - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys R3 - WDC_SAM (@oem29.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver) -> \SystemRoot\System32\drivers\wdcsam64.sys S3 - WDDriveService (WD Drive Manager) -> "C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe" S3 - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys R3 - WdiServiceHost (@%systemroot%\system32\wdi.dll,-502) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - WdiSystemHost (@%systemroot%\system32\wdi.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted S3 - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys S3 - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys S3 - WdNisSvc (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320) -> "%ProgramFiles%\Windows Defender\NisSrv.exe" S3 - Wecsvc (@%SystemRoot%\system32\wecsvc.dll,-200) -> %SystemRoot%\system32\svchost.exe -k NetworkService S3 - WEPHOSTSVC (@%systemroot%\system32\wephostsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k WepHostSvcGroup S3 - wercplsupport (@%SystemRoot%\System32\wercplsupport.dll,-101) -> %SystemRoot%\System32\svchost.exe -k netsvcs S3 - WiaRpc (@%SystemRoot%\system32\wiarpc.dll,-2) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - WIMMount (WIMMount) -> system32\drivers\wimmount.sys S3 - WinDefend (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310) -> "%ProgramFiles%\Windows Defender\MsMpEng.exe" S3 - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys S3 - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS S3 - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys S3 - WlanSvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S3 - wlidsvc (@%SystemRoot%\system32\wlidsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys S3 - wmiApSrv (@%Systemroot%\system32\wbem\wmiapsrv.exe,-110) -> %systemroot%\system32\wbem\WmiApSrv.exe S3 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" S3 - workfolderssvc (@%systemroot%\system32\workfolderssvc.dll,-102) -> %SystemRoot%\System32\svchost.exe -k LocalService S3 - wpcfltr (Family Safety Filter Driver) -> system32\DRIVERS\wpcfltr.sys S3 - WPDBusEnum (@%SystemRoot%\system32\wpdbusenum.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys S3 - WpnService (@%SystemRoot%\system32\wpnservice.dll,-1) -> %systemroot%\system32\svchost.exe -k wswpnservice S3 - WSDPrintDevice (@wsdprint.inf,%WSDPrintDevice.SVCDESC%;WSD Print Support) -> \SystemRoot\System32\drivers\WSDPrint.sys S3 - WSDScan (@sti.inf,%WSDScan.SvcDesc%;Prise en charge de la numérisation WSD) -> \SystemRoot\system32\DRIVERS\WSDScan.sys S3 - WSService (@%SystemRoot%\system32\WSService.dll,-103) -> %SystemRoot%\System32\svchost.exe -k wsappx R3 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs R3 - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys R3 - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> system32\drivers\WudfRd.sys R3 - wudfsvc (@%SystemRoot%\system32\wudfsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R3 - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys R3 - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys S3 - WwanSvc (@%SystemRoot%\System32\wwansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork S3 - XblAuthManager (@%systemroot%\system32\XblAuthManager.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - XblGameSave (@%systemroot%\system32\XblGameSave.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys S3 - XboxNetApiSvc (@%systemroot%\system32\XboxNetApiSvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S3 - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys S3 - ZAMSvc (ZAM Controller Service) -> "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service S4 - AxInstSV (@%SystemRoot%\system32\AxInstSV.dll,-103) -> %SystemRoot%\system32\svchost.exe -k AxInstSVGroup R4 - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys S4 - CDPSvc (@%SystemRoot%\system32\cdpsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S4 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs S4 - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys S4 - DiagTrack (@%SystemRoot%\system32\diagtrack.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc S4 - Netlogon (@%SystemRoot%\System32\netlogon.dll,-102) -> %systemroot%\system32\lsass.exe S4 - NetTcpPortSharing (@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201) -> %systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe S4 - p2pimsvc (@%SystemRoot%\system32\pnrpsvc.dll,-8004) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S4 - p2psvc (@%SystemRoot%\system32\p2psvc.dll,-8006) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S4 - PNRPsvc (@%SystemRoot%\system32\pnrpsvc.dll,-8000) -> %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet S4 - RemoteAccess (@%Systemroot%\system32\mprdim.dll,-200) -> %SystemRoot%\System32\svchost.exe -k netsvcs S4 - RemoteRegistry (@regsvc.dll,-1) -> %SystemRoot%\system32\svchost.exe -k localService S4 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation S4 - SCPolicySvc (@%SystemRoot%\System32\certprop.dll,-13) -> %SystemRoot%\system32\svchost.exe -k netsvcs S4 - SNMPTRAP (@%SystemRoot%\system32\snmptrap.exe,-3) -> %SystemRoot%\System32\snmptrap.exe S4 - tzautoupdate (@%SystemRoot%\system32\tzautoupdate.dll,-200) -> %SystemRoot%\system32\svchost.exe -k LocalService R4 - udfs (udfs) -> system32\DRIVERS\udfs.sys S4 - WebClient (@%systemroot%\system32\webclnt.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S4 - WerSvc (@%SystemRoot%\System32\wersvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k WerSvcGroup S4 - WinHttpAutoProxySvc (@%SystemRoot%\system32\winhttp.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S4 - WinRM (@%Systemroot%\system32\wsmsvc.dll,-101) -> %SystemRoot%\System32\svchost.exe -k NetworkService S4 - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys ---------- | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.D1F059A530620DCF71303B525D52CA97] - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [21141.48 Ko] - (8.1.1.1500) - C:\WINDOWS\System32\Drivers\atikmdag.sys [MD5.AD96CC96B6A0CEE8910A13679426C970] - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [658.48 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\Drivers\atikmpag.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.AF3E1ABAB951FC9064267ED76268F41B] - [16/02/2016 16:52:38] - (.Copyright (C) BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - [104.98 Ko] - (7.0.0.12) - C:\WINDOWS\System32\Drivers\bdfndisf6.sys [MD5.C7C6393C540A1EE534BCEE74626DE987] - [07/10/2014 13:14:40] - (.© 2014 COMODO Security Solutions Inc. - COMODO Backup Disk Driver.) - [83.48 Ko] - (1.0.0.972) - C:\WINDOWS\System32\Drivers\bdisk.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.D7F279E28D757821232E7AF1DFDC57BA] - [07/10/2014 13:14:42] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Minifilter Driver.) - [658.36 Ko] - (7.0.0.1618) - C:\WINDOWS\System32\Drivers\CBreparse.sys [MD5.10CDB598B555D2A06DA52A6C2D5F7DFE] - [07/10/2014 13:14:42] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Safe FileSystem Driver.) - [225.3 Ko] - (1.0.0.975) - C:\WINDOWS\System32\Drivers\CBUFS.sys [MD5.8D73FFFD9762EECF7680C4368A38B653] - [07/10/2014 13:14:44] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Driver.) - [661.86 Ko] - (7.0.0.1619) - C:\WINDOWS\System32\Drivers\cbvd.sys [MD5.19863788DFFBE37CB63BF19D1FD5C247] - [16/07/2016 15:10:56] - (.Copyright(C) Cyberlink Co.,Ltd. - Cyberlink Storage Helper Driver (WindowsNT5.x).) - [25.26 Ko] - (5.0.0.10524) - C:\WINDOWS\System32\Drivers\CLBStor.sys [MD5.C3EE731B310E6C563A47F80C0ADD39CD] - [16/07/2016 15:11:21] - (.Copyright (C) CyberLink Corporation. - UDF File System Driver.) - [370.26 Ko] - (5.0.0.10524) - C:\WINDOWS\System32\Drivers\CLBUDF.sys [MD5.EFC50A6C4C6B6F9AA09AFAC5C15881B6] - [10/06/2016 12:22:17] - (.Copyright (C) CyberLink 2015- - Virtual Audio-In Device.) - [39.44 Ko] - (1.0.1.1522) - C:\WINDOWS\System32\Drivers\clvad.sys [MD5.0C7626AFB2419207B2ABCB6F8AEA334F] - [10/06/2016 11:53:02] - (.Copyright (C) 2014 CyberLink - CyberLink Virtual CDROM Bus Enumerator.) - [100.76 Ko] - (2.0.0.3505) - C:\WINDOWS\System32\Drivers\CLVirtualBus01.sys [MD5.8B6143C42CD0A28325880C166D695702] - [02/07/2016 13:04:12] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [41.96 Ko] - (1.2.0.7524) - C:\WINDOWS\System32\Drivers\clwvd7.sys [MD5.0FBA6EDE873360E0AD44BB74A8B1ED85] - [10/06/2016 12:22:10] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [53.95 Ko] - (2.0.0.8821) - C:\WINDOWS\System32\Drivers\clwvdVM.sys [MD5.7B0D718779B0AFC2156C9C55B0F4ECC6] - [11/07/2016 06:41:40] - (.2005-2016 COMODO. - COMODO Cloud Antivirus Driver.) - [130.8 Ko] - (1.3.1079.265) - C:\WINDOWS\System32\Drivers\CmdCCAV.sys [MD5.726E40B11612664486BB6C6105283C95] - [13/07/2016 12:12:10] - (.Copyright (C) 2000-2015 - DAEMON Tools Pro Virtual SCSI Bus Driver.) - [29.55 Ko] - (5.28.0.0) - C:\WINDOWS\System32\Drivers\dtproscsibus.sys [MD5.83EF0C33B56360761AE2DDB86E47B2E8] - [13/07/2016 12:09:48] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Driver.) - [59.54 Ko] - (1.0.1.0) - C:\WINDOWS\System32\Drivers\eubakup.sys [MD5.CCF2072C27B5F84447A0829014C43760] - [13/07/2016 12:09:46] - (.-.) - [47.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\EUBKMON.sys [MD5.44A0838432C8A31A5D6CBE0BF348CED6] - [13/07/2016 12:09:49] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Access Driver.) - [18.04 Ko] - (1.2.0.1) - C:\WINDOWS\System32\Drivers\eudskacs.sys [MD5.D05585505CB20235E7C665158464551D] - [13/07/2016 12:09:49] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - Disk Backup Image Preview Driver.) - [188.04 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\EuFdDisk.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.27C992DA9AC769D1826D897766D7A246] - [25/06/2016 15:54:29] - (.Copyright (c) 2013 - GeneStor.) - [112.99 Ko] - (4.5.0.6) - C:\WINDOWS\System32\Drivers\GeneStor.sys [MD5.7FD586369B597798535C098E63818AAC] - [16/07/2016 10:59:22] - (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) - [45.86 Ko] - (1.3.8.12) - C:\WINDOWS\System32\Drivers\hitmanpro37.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.547E9B25B4407A125D5F187E918BC217] - [13/07/2016 12:42:00] - (.Zemana Ltd. - Zemana AntiLogger Free.) - [140.53 Ko] - (1.8.2.320) - C:\WINDOWS\System32\Drivers\KeyCrypt64.sys [MD5.A9E95471762BFCC39B1A3C391F00A2A1] - [25/06/2016 16:04:33] - (.2015 Rivet Networks, LLC. - Killer e2200 PCI-E Gigabit Ethernet Controller.) - [158.07 Ko] - (2.1.0.17) - C:\WINDOWS\System32\Drivers\L1C63x64.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.81F2B52C47B8AD32CC4FF967FC8D73DA] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Filter Driver.) - [26.16 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvbflt64.sys [MD5.A0A527569856B9814E8920F52EBB67F5] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Kernel Audio Improvement Filter Driver.) - [343.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvrs64.sys [MD5.415E344294D1C0D04627B29146F68481] - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Driver.) - [4646.66 Ko] - (13.80.853.0) - C:\WINDOWS\System32\Drivers\lvuvc64.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.5455252E556F4BBDA7874F5A9DF88BBD] - [01/08/2013 14:12:34] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4966.75 Ko] - (6.0.1.7829) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.AE4607D7C7AA83A863BFA214483E8EE4] - [25/06/2016 16:15:32] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS USB READER Driver.) - [404.21 Ko] - (10.0.10586.31222) - C:\WINDOWS\System32\Drivers\RtsUer.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.D722BC26F7431A4DA9A183E56CA9FEE3] - [25/04/2016 00:35:52] - (.Copyright ⓒ SAMSUNG - SAMSUNG USB Composite Device Driver (MSS Ver.3).) - [126.13 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.36C3697CA09B23C77BDF95A6B0B57310] - [25/04/2016 00:35:58] - (.Copyright ⓒ SAMSUNG - SAMSUNG Android Modem Device Driver (MSS Ver.3).) - [216.63 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.C1ED726BA51C0A470E196F9BD9BD75CC] - [25/04/2016 00:36:00] - (.(c) QUALCOMM, Inc. - Filter Driver for the Qualcomm USB Driver Stack.) - [63.13 Ko] - (1.0.2.5) - C:\WINDOWS\System32\Drivers\ssudqcfilter.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [19/07/2016 12:20:15] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Drivers\TrueSight.sys [MD5.7181DACBD6699770F027A049594A3DCF] - [07/10/2014 13:14:46] - (.© 2014 COMODO Security Solutions Inc. - COMODO BackUp Vritual Disk Bus Driver.) - [806.68 Ko] - (1.0.0.973) - C:\WINDOWS\System32\Drivers\vdbus.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.A556768CC1FA4F36022BEE2F0EDE2566] - [12/11/2015 22:50:10] - (.© 2006-2015 Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SAM) driver.) - [26.25 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\wdcsam64.sys [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [13/07/2016 12:40:45] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zam64.sys [MD5.99C131567C10C25589E741E69A8F8AA3] - [13/07/2016 12:40:37] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\zamguard64.sys [MD5.EF558A02D734A1403583E95CCEEC2487] - [05/07/2016 17:14:13] - (.Copyright (c)1999-2015 Martin Malík - REALiX - HWiNFO AMD64 Kernel Driver.) - [26.91 Ko] - (8.98.0.0) - C:\WINDOWS\Syswow64\Drivers\HWiNFO64A.SYS ---------- | Uninstall [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Avast Browser Cleanup] : (Avast Browser Cleanup.-.AVAST Software) -> "C:\Users\jean-\AppData\Roaming\AVAST Software\Browser Cleanup\browsercleanup.exe" /setup [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BitTorrent] : (BitTorrent.-.BitTorrent Inc.) -> "%APPDATA%\BitTorrent\BitTorrent.exe" /UNINSTALL [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC1] : (.-.) -> [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\uTorrent] : (µTorrent.-.BitTorrent Inc.) -> "%APPDATA%\uTorrent\uTorrent.exe" /UNINSTALL [HKU\S-1-5-21-2956268689-1280340557-608612402-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1] : (Apowersoft Online Launcher version 1.4.4.-.APOWERSOFT LIMITED) -> "C:\Users\jean-\AppData\Local\Apowersoft\Apowersoft Online Launcher\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8B3D7924-ED89-486B-8322-E8594065D5CB_is1] : (RogueKiller version 12.-.Adlice Software) -> "C:\Program Files\RogueKiller\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BEC55C5D-D6D0-4A41-B82C-264EC5EE8052_is1] : (RogueKillerPE version 1.-.Adlice Software) -> "C:\Program Files\RogueKillerPE\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Pro] : (DAEMON Tools Pro.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Pro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON XP-710 Series] : (EPSON XP-710 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IINSLPE.EXE /R /APD /P:"EPSON XP-710 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HitmanPro37] : (HitmanPro 3.7.-.SurfRight B.V.) -> "C:\Program Files\HitmanPro\HitmanPro.exe" /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Exploit_is1] : (Malwarebytes Anti-Exploit version 1.8.1.2563.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Exploit\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0.1 (x64 en-US)] : (Mozilla Firefox 47.0.1 (x64 en-US).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\proDAD-Adorage-3.0] : (proDAD Adorage 3.0 (64bit).-.proDAD GmbH) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeraCopy_is1] : (TeraCopy 2.3.-.Code Sector) -> "C:\Program Files\TeraCopy\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Filmora_is1] : (Wondershare Filmora(Build 7.3.1).-.Wondershare Software) -> "C:\Program Files\Wondershare\Filmora\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.pdfforge GmbH) -> C:\Program Files\PDFCreator\unins000.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{001676F2-4A2D-4D85-9A00-ED2A54DCFF81}] : (PDF Architect 4 Forms Module.-.pdfforge GmbH) -> MsiExec.exe /X{001676F2-4A2D-4D85-9A00-ED2A54DCFF81} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1] : (MiniTool Partition Wizard Free 9.1.-.MiniTool Solution Ltd.) -> "C:\Program Files\MiniTool Partition Wizard Free 9.1\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0}] : (PDF Architect 4 Create Module.-.pdfforge GmbH) -> MsiExec.exe /I{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0893CB6D-8936-4882-8303-8C0769AA6750}] : (PDF Architect 4 View Module.-.pdfforge GmbH) -> MsiExec.exe /I{0893CB6D-8936-4882-8303-8C0769AA6750} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DC5FA19-8E63-4777-AEB7-FEFDA6C3C057}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{115C1C6A-15A2-48B1-A599-79F1AA1A03F6}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20334FA5-6CD5-48FC-B5F9-D34D75E07845}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{28349A67-1D99-45A6-A1C1-C5B6D1DF937A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3E494002-985C-4908-B72C-5B4DD15BE090}_is1] : (Start Menu X version 5.87.-.OrdinarySoft) -> "C:\Program Files\Start Menu X\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{43419429-3CD8-40A2-8245-D7C8CC59D27E}] : (PDF Architect 4 Secure Module.-.pdfforge GmbH) -> MsiExec.exe /X{43419429-3CD8-40A2-8245-D7C8CC59D27E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100}] : (Nitro Reader 5.-.Nitro) -> MsiExec.exe /X{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D}] : (Rebit Pro (64-bit).-.Rebit, Inc.) -> MsiExec.exe /I{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7BFE8C40-F176-4320-91AC-39B08E1C623E}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7F697B24-63AE-4433-8DF6-36F8171CAB70}] : (PDF Architect 4 Edit Module.-.pdfforge GmbH) -> MsiExec.exe /X{7F697B24-63AE-4433-8DF6-36F8171CAB70} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{857BC7F8-F054-4324-9CAA-108661EA3C8D}] : (PDF Architect 4 Insert Module.-.pdfforge GmbH) -> MsiExec.exe /X{857BC7F8-F054-4324-9CAA-108661EA3C8D} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8}] : (PDF Architect 4 Convert Module.-.pdfforge GmbH) -> MsiExec.exe /X{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{915D3B70-542D-4DEE-8F98-AA75FBADEFBA}] : (PDF Architect 4 OCR Module.-.pdfforge GmbH) -> MsiExec.exe /X{915D3B70-542D-4DEE-8F98-AA75FBADEFBA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{92565CD9-F8E0-4330-BEEC-A6041F79A880}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{92565CD9-F8E0-4330-BEEC-A6041F79A880}_AdAwareUpdater] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA}] : (Epson Customer Research Participation.-.Seiko Epson Corporation) -> MsiExec.exe /I{B26449A6-6007-4460-B4FE-C4776115BCEA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}] : (COMODO BackUp.-.COMODO) -> C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4378A80-C713-11DF-9399-005056C00008}] : (Paragon Migrate OS to SSD™ 4.0.-.Paragon Software) -> MsiExec.exe /I{D4378A80-C713-11DF-9399-005056C00008} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D806EA29-CA16-43E5-9B63-CD591B0AF432}] : (PDF Architect 4 Review Module.-.pdfforge GmbH) -> MsiExec.exe /X{D806EA29-CA16-43E5-9B63-CD591B0AF432} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7366CA8-7179-77AE-E712-BA18D70A0A07}] : (AMD Fuel.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}] : (CPCTuneUp.-.COMODO) -> C:\WINDOWS\Installer\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Shockwave Player] : (Adobe Shockwave Player 12.2.-.Adobe Systems, Inc.) -> "C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Any Audio Converter] : (Any Audio Converter 5.9.7.-.Anvsoft) -> C:\Program Files (x86)\Anvsoft\Any Audio Converter\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Aomei Partition Assistant_is1] : (.-.) -> C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0\unins000.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Blockulicious_is1] : (Blockulicious version 1.0.0.-.Phrozen SAS) -> "C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Comodo Cloud Antivirus_list_uninstall] : (COMODO Cloud Antivirus.-.Comodo) -> C:\ProgramData\COMODO\CCAV\installer\ccavstart.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Comodo IceDragon] : (Comodo IceDragon.-.COMODO) -> "C:\Program Files (x86)\Comodo\IceDragon\uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DivX Setup] : (Configuration DivX.-.DivX, LLC) -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS EverySync_is1] : (EaseUS EverySync 3.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS EverySync\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Partition Master_is1] : (EaseUS Partition Master 11.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Todo Backup_is1] : (EaseUS Todo Backup Free 9.2.-.CHENGDU YIWO Tech Development Co., Ltd) -> "C:\Program Files (x86)\EaseUS\Todo Backup\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EaseUS Todo PCTrans_is1] : (EaseUS Todo PCTrans 9.0.-.EaseUS) -> "C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON Scanner] : (EPSON Scan.-.Seiko Epson Corporation) -> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Studio_is1] : (Free Studio.-.Digital Wave Ltd) -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe /app FreeStudio [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Video to MP3 Converter_is1] : (Free Video to MP3 Converter.-.Digital Wave Ltd) -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe /app FreeVideoToMP3Converter [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Freemake Video Converter_is1] : (Freemake Video Converter version 4.1.9.-.Ellora Assets Corporation) -> "C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{0c8ebb00-4909-459c-8347-b2068b7f0319}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{0c8ebb00-4909-459c-8347-b2068b7f0319}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}] : (CyberLink Media Suite 14.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\iSkysoft iMedia Converter Deluxe_is1] : (iSkysoft iMedia Converter Deluxe(Build 8.7.0.5).-.iSkysoft Software) -> "C:\Program Files (x86)\iSkysoft\VCU\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] : (K-Lite Codec Pack 12.2.5 Full.-.KLCP) -> "C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\mov Audio Extractor_is1] : (mov Audio Extractor 9.1.5.-.CoolMedia Co.,Ltd.) -> "C:\Program Files (x86)\mov Audio Extractor\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Thunderbird 45.2.0 (x86 fr)] : (Mozilla Thunderbird 45.2.0 (x86 fr).-.Mozilla) -> C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NewBlue Video Essentials for Windows] : (NewBlue Video Essentials for Windows.-.NewBlue) -> "C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Supercopier] : (Supercopier 1.2.1.0.-.Supercopier) -> C:\Program Files (x86)\Supercopier\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TreeSize Free_is1] : (TreeSize Free V3.4.5.-.JAM Software) -> "C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Ultracopier] : (Ultracopier 1.2.3.0.-.Ultracopier) -> C:\Program Files\Ultracopier\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Usbfix] : (UsbFix Basic.-.El Desaparecido - www.usbfix.net - www.sosvirus.net) -> C:\UsbFix\Un-UsbFix.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] : (Wise Memory Optimizer 3.32.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Video Downloader_is1] : (Wise Video Downloader 1.61.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Video Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Player_is1] : (Wondershare Player(Build 1.6.1).-.Wondershare) -> "C:\Program Files (x86)\Wondershare\Player\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare TidyMyMusic_is1] : (Wondershare TidyMyMusic(Build 1.5.0.1).-.Wondershare Software) -> "C:\Program Files (x86)\Wondershare\TidyMyMusic\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wondershare Video Converter Free_is1] : (Wondershare Video Converter Free(Build 6.0.1.0).-.Wondershare Software) -> "C:\Program Files (x86)\Wondershare\VideoConverterFree\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WUCCCApp] : (AMD Catalyst Control Center.-.AMD) -> "C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}] : (CyberLink YouCam 7.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1] : (AOMEI Partition Assistant Standard Edition 6.0.-.AOMEI Technology Co., Ltd.) -> "C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07326A3E-02B3-1078-25D7-B8666BA8FE15}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}] : (Epson Easy Photo Print 2.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}\setup.exe" -runfromtemp -l0x040c UNINST -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}] : (LWS Pictures And Video.-.Logitech) -> MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1] : (Ashampoo Snap 9.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0C5A57BA-435E-43F3-8040-ADF08D715C8A}] : (CyberLink Travel Pack 3.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{0C5A57BA-435E-43F3-8040-ADF08D715C8A}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{0C5A57BA-435E-43F3-8040-ADF08D715C8A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0c8ebb00-4909-459c-8347-b2068b7f0319}] : (CyberLink OEM Share Pack 2.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{0c8ebb00-4909-459c-8347-b2068b7f0319}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10AC3DD9-90D5-4560-930A-FFB939849175}] : (CyberLink VideoMeeting+.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{10AC3DD9-90D5-4560-930A-FFB939849175}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{10AC3DD9-90D5-4560-930A-FFB939849175} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}] : (CameraHelperMsi.-.Logitech) -> MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}] : (LWS Help_main.-.Logitech) -> MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}] : (LWS Twitter.-.Logitech) -> MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE}] : (Media Go Video Playback Engine 2.20.103.05220.-.Sony) -> MsiExec.exe /X{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}\Setup.exe" -uninstall -l0x40c [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1AD99E77-37CC-744E-39CA-67F6FD34565A}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 14.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}] : (LWS YouTube Plugin.-.Logitech) -> MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}] : (WD Security.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}\WDSecuritySetup.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1] : (Folder Size 3.4.0.0.-.MindGems, Inc.) -> "C:\Program Files (x86)\Folder Size\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}] : (CyberLink WaveEditor 2.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{38251B9A-C44B-42D9-9A6A-0697986E334A}] : (Manager.-.2015 pdfforge GmbH. All rights reserved) -> MsiExec.exe /I{38251B9A-C44B-42D9-9A6A-0697986E334A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4209F371-7DE5-9DF2-5DEF-91667EBBBBC5}_is1] : (Ashampoo UnInstaller 6.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48996CDD-DD81-4197-93FE-0971E73C5CA7}] : (WD Drive Utilities.-.Western Digital Technologies, Inc.) -> MsiExec.exe /X{48996CDD-DD81-4197-93FE-0971E73C5CA7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48F22622-1CC2-4A83-9C1E-644DD96F832D}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}] : (WD Backup.-.Western Digital Technologies, Inc) -> MsiExec.exe /I{4AACAFC7-951A-4215-B430-3DFCFF2E6CED} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1] : (Wondershare Helper Compact 2.5.0.-.Wondershare) -> "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconduct Corp.) -> C:\WINDOWS\RtCRU64.exe /u [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}] : (Media Go.-.Sony) -> MsiExec.exe /X{65256C0D-3FE7-4D2E-BB3E-53F1175481C8} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BADCD73-E925-46F7-A295-FF2448632728}] : (CyberLink PowerDirector 14.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{6BADCD73-E925-46F7-A295-FF2448632728}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{6BADCD73-E925-46F7-A295-FF2448632728} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6BF9F374-EC67-4808-A90C-F127DE6D989D}] : (Epson E-Web Print.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{6BF9F374-EC67-4808-A90C-F127DE6D989D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}] : (LWS Gallery.-.Logitech) -> MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{71E66D3F-A009-44AB-8784-75E2819BA4BA}] : (LWS Motion Detection.-.Logitech) -> MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}] : (CyberLink Wedding Pack.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}] : (CyberLink PhotoDirector 7.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7984FCA5-1BB6-46e6-91E2-ED5C301AF11A} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}] : (CyberLink PresenterLink+.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7A3F3715-7953-4247-8B5C-5D03050B9EA9}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7A3F3715-7953-4247-8B5C-5D03050B9EA9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}] : (WD Security.-.Western Digital Technologies, Inc.) -> MsiExec.exe /X{7CC2EDF2-83EC-4707-BDD3-72469236A6CC} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}] : (CyberLink PowerDVD 16.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}] : (CyberLink Power2Go 10.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{7E2D87F3-F3BC-4fa5-9F72-BF021ED66CB3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82CA1714-13EA-F419-91FE-12834424745E}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}] : (LWS Launcher.-.Logitech) -> MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.SEIKO EPSON CORPORATION) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8792EE1C-91A0-43A7-977A-E710C4223C96}] : (CyberLink ActionDirector 1.1.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{8792EE1C-91A0-43A7-977A-E710C4223C96}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{8792EE1C-91A0-43A7-977A-E710C4223C96} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}] : (LWS Webcam Software.-.Logitech) -> MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}] : (CyberLink MediaEspresso 7.5.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{8D149BE2-6542-4F6A-AEC4-7D61E6DCAEFB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1] : (Zemana AntiMalware.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiMalware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}] : (CyberLink MediaShow 6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1] : (Ashampoo Slideshow Studio HD 4.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Slideshow Studio HD 4\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1] : (Ashampoo Privacy Protector.-.Ashampoo GmbH & Co. KG) -> "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}] : (VC80CRTRedist - 8.0.50727.6195.-.DivX, Inc) -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}] : (LWS WLM Plugin.-.Logitech) -> MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9E04F23D-3E2E-4A62-AEBF-8BC952394295}] : (COMODO Cloud Antivirus.-.COMODO) -> MsiExec.exe /X{9E04F23D-3E2E-4A62-AEBF-8BC952394295} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A80DB23D-0618-405B-89D9-28F99814E287}_is1] : (AntiLogger Free version 1.8.2.320.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiLogger Free\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}] : (WD Backup.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}\WD Backup.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ADD5DB49-72CF-11D8-9D75-000129760D75}] : (CyberLink PowerBackup 2.6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B839153C-D4D2-F89C-5033-0A160C62706B}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1EA3764-1138-AE27-AD63-549BAD99BA15}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C52148B9-19E0-433A-9422-3451B1BEE20F}] : (Media Go Network Downloader.-.Sony) -> MsiExec.exe /X{C52148B9-19E0-433A-9422-3451B1BEE20F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] : (CyberLink LabelPrint 2.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7AA3D65-1F84-4590-AFAA-0777A04B6687}] : (Epson Software Updater.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{C7AA3D65-1F84-4590-AFAA-0777A04B6687} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}] : (LCL.-.e-Carte Bleue LCL) -> MsiExec.exe /I{CB94CFB5-AE04-4A66-9445-D2798D2F42EE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D16A31F9-276D-4968-A753-FFEAC56995D0}] : (Epson Print CD.-.SEIKO EPSON CORPORATION) -> "C:\Program Files (x86)\InstallShield Installation Information\{D16A31F9-276D-4968-A753-FFEAC56995D0}\setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D36DD326-7280-11D8-97C8-000129760CBE}] : (PhotoNow.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D40EB009-0499-459c-A8AF-C9C110766215}] : (Logitech Webcam Software.-.Logitech Inc.) -> "C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=FRA /guid="{D40EB009-0499-459c-A8AF-C9C110766215}" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}] : (CyberLink PowerProducer 6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3D04529-6EDB-11D8-A372-0050BAE317E1}] : (CyberLink PowerDVD Copy 1.5.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E817E580-6318-AFC8-2102-322C73117EC4}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}] : (WD Drive Utilities.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}\WDDriveUtilitiesSetup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F77474EE-EB6C-C87B-88AF-3310C848E068}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC216422-E2C7-47BF-8010-F858811CC86C}] : (CyberLink Holiday Pack vol 7.-.CyberLink Corp.) -> C:\Program Files (x86)\NSIS Uninstall Information\{FC216422-E2C7-47BF-8010-F858811CC86C}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{FC216422-E2C7-47BF-8010-F858811CC86C} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}] : (LWS Facebook.-.Logitech) -> MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} ---------- | Ports ---------- | Microsoft Specifications CheckID: SESDPInst_x641{7CC2EDF2-83EC-4707-BDD3-72469236A6CC} - VersionNT64 -> SESDPInst_x64 CheckID: CrossFeature1{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D} - CopyOfPlatformFiles = "yes" -> CrossFeature CheckID: SESDPInst_x641{48996CDD-DD81-4197-93FE-0971E73C5CA7} - VersionNT64 -> SESDPInst_x64 ---------- | CLSID ---------- | Listing No Microsoft signed files | system32 (Not necessary Malwares) [MD5.05794775F92F240DCA71A84F690619B2] - |D| - [17/07/2016 13:14:15] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\system32\.crusader [MD5.C65F3DD5C512B0E73984DB406B5512F7] - |D| - [30/10/2015 09:17:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@edptoastimage.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |D| - [30/10/2015 09:18:12] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@language_notification_icon.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |D| - [30/10/2015 09:18:10] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@optionalfeatures.png [MD5.9971B035154F5C54948B73A86D6C6874] - |D| - [30/10/2015 09:18:14] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@TileEmpty1x1Image.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |D| - [30/10/2015 09:17:39] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\system32\@WiFiNotificationIcon.png [MD5.E928E5009E2B1F4D956E57990D456054] - |D| - [13/07/2016 11:53:35] - (.-.) - [30.46 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ambakdrv.sys [MD5.4B10D8998C824DD84AD597F9E058F6F0] - |D| - [30/07/2015 21:58:04] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amde31a.dat [MD5.C7628FE6341B7919D2F62DB9057DB4FC] - |D| - [21/10/2015 02:14:42] - (.-.) - [208.48 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdgfxinfo64.dll [MD5.AF1928F5E15921A29877C2E18626F80E] - |D| - [21/10/2015 02:14:42] - (.-.) - [139.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdhdl64.dll [MD5.DDEB20626133878B0CE79CCE29B031B9] - |D| - [23/07/2015 11:52:32] - (.-.) - [814.26 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdicdxx.dat [MD5.82CAB4EAF1E1CBA85AE5DEBB4C068EE2] - |D| - [21/10/2015 02:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [616.48 Ko] - (1.0.3.8) - C:\WINDOWS\system32\amdlvr64.dll [MD5.C366C5A2EE8F1F586691E4511AB56040] - |D| - [21/10/2015 02:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [6529.48 Ko] - (9.1.10.83) - C:\WINDOWS\system32\amdmantle64.dll [MD5.3960C946E67311C9831550AEDC649C3A] - |D| - [21/10/2015 02:14:54] - (.-.) - [460.27 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdmiracast.dll [MD5.4CA9A0DF33972919623BBFF8FBD1A501] - |D| - [21/10/2015 02:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [57.98 Ko] - (1.6.0.0) - C:\WINDOWS\system32\amdmmcl6.dll [MD5.7BA9A6BBF176D945D7B201865897E158] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26898.98 Ko] - (0.8.0.0) - C:\WINDOWS\system32\amdocl12cl64.dll [MD5.AFF92249DA8E62FF8C6D2B89977D3245] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46673.98 Ko] - (10.0.1800.11) - C:\WINDOWS\system32\amdocl64.dll [MD5.8305AA2FEBE5CAD45AB8D208C17DA930] - |D| - [21/10/2015 02:14:44] - (.-.) - [1168 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdocl_as64.exe [MD5.187EB6A72565FAAF01AAE0CDD63DE56F] - |D| - [21/10/2015 02:14:44] - (.-.) - [1045.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amdocl_ld64.exe [MD5.2B79CD2445F85D54959702583ECBCC04] - |D| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\system32\amdpcom64.dll [MD5.23AFD7AB2C2358CACFB8BBC6E4B7EF7C] - |D| - [13/07/2016 11:53:35] - (.-.) - [148.46 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ammntdrv.sys [MD5.39B6FAE7DFE1B70034F253AB0BB96E2F] - |D| - [13/07/2016 11:46:59] - (.-.) - [19.11 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ampa.sys [MD5.609C2E5B69EB5D4F7131F7DF1107396B] - |D| - [13/07/2016 11:53:36] - (.-.) - [17.96 Ko] - (0.0.0.0) - C:\WINDOWS\system32\amwrtdrv.sys [MD5.926C753C058B5E589CF38AAC72166702] - |D| - [30/10/2015 09:17:41] - (.-.) - [404.84 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ApnDatabase.xml [MD5.9B034D049D1C6EC9BED55D2F27D86ED9] - |D| - [20/06/2016 21:02:50] - (.-.) - [2.13 Ko] - (0.0.0.0) - C:\WINDOWS\system32\AppxProvisioning.xml [MD5.28DF09388444100467873AC906FD6CB2] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1226.98 Ko] - (7.15.20.1301) - C:\WINDOWS\system32\atiadlxx.dll [MD5.53650482B8E621276DC55E50C9FB2FEE] - |D| - [22/08/2015 01:53:34] - (.-.) - [646.87 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiapfxx.blb [MD5.CC2470CA903EA355A24F05520D79BDB8] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [366.98 Ko] - (6.14.10.1001) - C:\WINDOWS\system32\atiapfxx.exe [MD5.279066332FA267076E3BEE81C4297F87] - |D| - [21/10/2015 02:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [62.98 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticalcl64.dll [MD5.3A0F17C7C8E37DCEAE1DA76B7D761702] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15356.98 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticaldd64.dll [MD5.D22A08EE217DE15B6A41AE518B4F4FBE] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [69.48 Ko] - (6.14.10.1848) - C:\WINDOWS\system32\aticalrt64.dll [MD5.BE92AD0155D4A23D0073AF51BE808B29] - |D| - [21/10/2015 02:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1445.13 Ko] - (8.17.10.1404) - C:\WINDOWS\system32\aticfx64.dll [MD5.B565601728AF96EEFCF7E9CDE3CDD2BE] - |D| - [21/10/2015 02:14:46] - (.2002-2012 - Graphics DEM.) - [440.48 Ko] - (4.5.5711.37472) - C:\WINDOWS\system32\atidemgy.dll [MD5.8700278344BED8D4A3A5AC2875359584] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11804.69 Ko] - (8.17.10.625) - C:\WINDOWS\system32\atidxx64.dll [MD5.69F82C40A189962A65F6D5A02DF8599F] - |D| - [21/10/2015 02:14:46] - (.-.) - [164.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atieah64.exe [MD5.B96BD9F5B2B0CD6549EE59FD242A6D56] - |D| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [667.48 Ko] - (6.14.11.1199) - C:\WINDOWS\system32\atieclxx.exe [MD5.521248FA26458669BAAE6AB7DB21F3AC] - |D| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [249.48 Ko] - (6.14.11.1199) - C:\WINDOWS\system32\atiesrxx.exe [MD5.E4F96DFF0501430BF7C6E90841A7282D] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [81.98 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atig6pxx.dll [MD5.86F2AE002AF9222F34937823B98753C2] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [161.48 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atig6txx.dll [MD5.0C3156664885AF41100B63853EBCE037] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiglpxx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |D| - [06/11/2014 10:53:26] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiicdxx.dat [MD5.FE4E7138E51DA7EF01E51F28128A7F53] - |D| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\system32\atimpc64.dll [MD5.C84C24F13663EF5A59C1E598A350C8C3] - |D| - [21/10/2015 02:14:46] - (.Copyright ฉ 2009 AMD - Multi-language DPPE DLL.) - [37.48 Ko] - (6.14.10.1002) - C:\WINDOWS\system32\atimuixx.dll [MD5.7D9CCB5DD8837D6AC954956A5812112C] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30054.98 Ko] - (6.14.10.13399) - C:\WINDOWS\system32\atio6axx.dll [MD5.0E89795F721B2BC02D0A12C470750DF6] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODCLI Application.) - [58.48 Ko] - (1.0.0.1) - C:\WINDOWS\system32\ATIODCLI.exe [MD5.C7A506822BE45CD42415710979CDAE7F] - |D| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODE Application.) - [333.48 Ko] - (1.0.0.1) - C:\WINDOWS\system32\ATIODE.exe [MD5.3FE40633FC3BC5AE41EACDA0E1BA72FE] - |D| - [21/10/2015 02:14:46] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [194.98 Ko] - (6.14.11.25) - C:\WINDOWS\system32\atitmm64.dll [MD5.067CED045532C58B46E6527BCE3CB47F] - |D| - [21/10/2015 02:14:54] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [127.02 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiu9p64.dll [MD5.AC6970C74B7457B291BB2C0035AA7DAE] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8657.15 Ko] - (9.14.10.1128) - C:\WINDOWS\system32\atiumd64.dll [MD5.486D6985E7B7826DBBEAE12755851027] - |D| - [22/08/2015 01:55:34] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\system32\atiumd6a.cap [MD5.0A9CA09952D768F768D2903F984102DC] - |D| - [21/10/2015 02:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8771.91 Ko] - (8.14.10.513) - C:\WINDOWS\system32\atiumd6a.dll [MD5.AE81C76C930DD6875E5D9C6BEA2F0966] - |D| - [21/10/2015 02:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [158.43 Ko] - (8.14.1.6463) - C:\WINDOWS\system32\atiuxp64.dll [MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |D| - [24/07/2015 21:44:06] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativce02.dat [MD5.B974290EEE645249EE212FF62DD0824A] - |D| - [30/07/2015 22:00:06] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |D| - [29/05/2015 01:00:42] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |D| - [29/05/2015 00:58:32] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |D| - [29/05/2015 01:21:32] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |D| - [29/05/2015 01:17:24] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |D| - [29/05/2015 01:15:12] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |D| - [29/05/2015 01:10:58] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |D| - [29/05/2015 01:08:18] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |D| - [22/08/2015 01:54:10] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |D| - [22/08/2015 01:54:10] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ativvsvl.dat [MD5.D638E3AD81E149A75EEF59E9C743E27C] - |D| - [04/07/2016 14:13:19] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\system32\AutoWorkplace.exe.config [MD5.22D9945B4AAE36DD59620A918F2E65F4] - |D| - [30/10/2015 09:17:46] - (.-.) - [3096 Ko] - (0.0.0.0) - C:\WINDOWS\system32\boot.sdi [MD5.E62444E02CC404B7616916C816F14940] - |D| - [13/07/2016 11:53:21] - (.-.) - [3480.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\BootMan.exe [MD5.405E1EF8E3C88E9BCD2853382BB12430] - |D| - [30/10/2015 09:19:28] - (.-.) - [22.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\bopomofo.uce [MD5.6EC6A5D8C388FCE5792805DC8C736E87] - |D| - [30/10/2015 09:17:40] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [92 Ko] - (1.0.0.1) - C:\WINDOWS\system32\BthpanContextHandler.dll [MD5.6E5DAEBB08D93B3630F2DA9B4FACC05B] - |D| - [30/10/2015 09:18:10] - (.Copyright (C) 2008 - Application ContextH.) - [54 Ko] - (1.0.0.1) - C:\WINDOWS\system32\BWContextHandler.dll [MD5.781173CAA32FC380415CAE7BC81A7FAD] - |D| - [11/07/2016 06:42:04] - (.2005-2016 COMODO. - COMODO Cloud Antivirus.) - [544.16 Ko] - (1.3.1079.265) - C:\WINDOWS\system32\CcavGuard64.dll [MD5.CCEAEFAA4DF2F399E9A179D942FEB23C] - |D| - [30/10/2015 09:18:01] - (.-.) - [163.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\chs_singlechar_pinyin.dat [MD5.F2D598B11C294EE360FDA0D3E81DA7EC] - |D| - [21/10/2015 02:14:48] - (.-.) - [237.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\clinfo.exe [MD5.A0E91D21C945781D03EA0BA1C95F821E] - |D| - [21/10/2015 02:14:48] - (.AMD. - CoInstaller DLL.) - [853.98 Ko] - (1.0.5.9) - C:\WINDOWS\system32\coinst_15.20.dll [MD5.0A0BE64EA194B257EA8CCA49DBA37F9B] - |D| - [05/07/2016 18:59:10] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.46 Ko] - (1.0.0.4) - C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll [MD5.B2241C7E71A7CA5B4CE86FB28FA97373] - |D| - [30/10/2015 09:18:07] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-appcmd.searchconnector-ms [MD5.2B405BCB2A2BDEC47D35D0A921E5B10B] - |D| - [30/10/2015 09:18:06] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-contacts.searchconnector-ms [MD5.8A063B4755E352DD772D43D5E8123BBB] - |D| - [30/10/2015 09:18:06] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-history.searchconnector-ms [MD5.A727FC8376E18F7506A6BB6BC389E602] - |D| - [30/10/2015 09:18:07] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-music.searchconnector-ms [MD5.80CC9D3D6A70AAA255C0FEDB4C7BB692] - |D| - [30/10/2015 09:18:06] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-paths.searchconnector-ms [MD5.1420FE34B31CBD3B81011E03ACAD94F2] - |D| - [30/10/2015 09:18:07] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-protocol.searchconnector-ms [MD5.E7B53AF004BEE5112F787A6E5B04D737] - |D| - [30/10/2015 09:18:06] - (.-.) - [10.85 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms [MD5.ACB02726235DF588BF8D5A4FF54379DF] - |D| - [30/10/2015 09:18:06] - (.-.) - [7.6 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms [MD5.0E3D116A4DC1D2ABDD0692C6173E09E6] - |D| - [30/10/2015 09:18:06] - (.-.) - [6.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms [MD5.A71D446195E2B8090621C884D5DC3532] - |D| - [18/07/2016 15:04:46] - (.-.) - [2594.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\CoreUIComponents.dll [MD5.15D61F52DE9B272284D77BA822EC8477] - |D| - [05/07/2016 18:59:10] - (.©Conexant Systems Inc. - Conexant APO.) - [1570.44 Ko] - (1.58.0.0) - C:\WINDOWS\system32\CX64APO.dll [MD5.306B90493D00011EB635E161C6C024B8] - |D| - [30/10/2015 09:17:57] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |D| - [04/07/2016 14:13:20] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DefaultQuestions.json [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |D| - [26/10/2012 16:42:24] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\system32\DevManagerCore.dll [MD5.F938469DAF278EE42E32CE2ED5400172] - |D| - [30/10/2015 09:17:46] - (.-.) - [90.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\DiskSnapshot.conf [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - |D| - [04/07/2016 14:13:20] - (.-.) - [210.88 Ko] - (0.0.0.0) - C:\WINDOWS\system32\dssec.dat [MD5.30B4EC182373056C7AE758B72B83E8D5] - |D| - [30/10/2015 09:17:52] - (.-.) - [166.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EditionUpgradeHelper.dll [MD5.33D9CB37446952603C170F80B2C897BB] - |D| - [30/10/2015 09:17:52] - (.-.) - [28 Ko] - (0.0.0.0) - C:\WINDOWS\system32\efsext.dll [MD5.C96635C52C5464AB2CEDA6500067F19D] - |D| - [13/07/2016 11:53:19] - (.-.) - [17.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\epmntdrv.sys [MD5.B69A265AD9328E2027C18D84C3D49959] - |D| - [13/07/2016 11:53:21] - (.-.) - [17.09 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EuEpmGdi.dll [MD5.08C997734B2CECE882656BB2855E6E76] - |D| - [13/07/2016 11:53:19] - (.-.) - [10.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EuGdiDrv.sys [MD5.93E76CF7B04EC33A1E9E0FD7546D3603] - |D| - [30/10/2015 09:17:45] - (.-.) - [17.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\EventViewer_EventDetails.xsl [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |D| - [10/06/2016 12:33:41] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\system32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |D| - [10/06/2016 12:33:05] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\system32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - |D| - [10/06/2016 12:33:06] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2013. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.4.0.0) - C:\WINDOWS\system32\E_ILMBLPE.DLL [MD5.3C7D1E4786522EA69600111D7A7135EB] - |D| - [13/07/2016 11:58:56] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. - EaseUS Todo Backup Application.) - [23.54 Ko] - (3.0.0.1) - C:\WINDOWS\system32\fbnative.exe [MD5.BB6A5A7F6D0A270E98C8CBF2A5C97268] - |D| - [04/07/2016 13:40:34] - (.-.) - [197.88 Ko] - (0.0.0.0) - C:\WINDOWS\system32\FNTCACHE.DAT [MD5.7EB29DBB6CB2CACD1C7027B8E050DED8] - |D| - [30/10/2015 09:18:09] - (.-.) - [24.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\GamePanelExternalHook.dll [MD5.0FEE8DB559981D7F06E26042ECD8D671] - |D| - [30/10/2015 09:17:39] - (.-.) - [73.87 Ko] - (0.0.0.0) - C:\WINDOWS\system32\gatherNetworkInfo.vbs [MD5.4FDED87068052EEB9B72A97FDBC141DB] - |D| - [30/10/2015 09:19:28] - (.-.) - [23.44 Ko] - (0.0.0.0) - C:\WINDOWS\system32\gb2312.uce [MD5.9E04178868C8EE9AE1E37CB116D0A62A] - |D| - [25/06/2016 15:54:29] - (.Copyright (C) 2014 - GeneStor co-installer.) - [125.02 Ko] - (1.0.0.1) - C:\WINDOWS\system32\GSCoinst.dll [MD5.E635EEC491CBD436095B4300C3E9C4C9] - |D| - [30/10/2015 09:17:57] - (.-.) - [340.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\HrtfApo.dll [MD5.77071BF934BEF16D5F02E31624258A91] - |D| - [21/10/2015 02:14:48] - (.-.) - [108.98 Ko] - (0.0.0.0) - C:\WINDOWS\system32\hsa-thunk64.dll [MD5.ECD81B99477AB4A93D7838EB40B870D0] - |D| - [04/07/2016 14:13:21] - (.-.) - [8.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\icrav03.rat [MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - |D| - [30/10/2015 09:19:28] - (.-.) - [59.04 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ideograf.uce [MD5.6B31D08801D3A3F51B59FB1DB14E4A01] - |D| - [30/10/2015 09:18:41] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ieuinit.inf [MD5.652C6CF73BE7AD53D8EECB92D37F3EDE] - |D| - [30/10/2015 09:18:01] - (.-.) - [181.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ism32k.dll [MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - |D| - [30/10/2015 09:19:28] - (.-.) - [6.79 Ko] - (0.0.0.0) - C:\WINDOWS\system32\kanji_1.uce [MD5.529BBD63519BBD654EF328454019693F] - |D| - [30/10/2015 09:19:28] - (.-.) - [8.29 Ko] - (0.0.0.0) - C:\WINDOWS\system32\kanji_2.uce [MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - |D| - [30/10/2015 09:19:28] - (.-.) - [12.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\korean.uce [MD5.251C002837808A2F421A73CB9F8E2239] - |D| - [30/10/2015 09:17:36] - (.Copyright © 1996-1999 Fraunhofer Institut Integrierte Schaltungen IIS - MPEG Layer-3 Audio Codec for MSACM.) - [85 Ko] - (1.9.0.401) - C:\WINDOWS\system32\l3codeca.acm [MD5.9C0B73FE241261A8C447407DDA4EC7F3] - |D| - [30/10/2015 09:17:36] - (.Copyright © 2004 Fraunhofer IIS - MPEG Audio Layer-3 Codec for MSACM.) - [180 Ko] - (3.4.0.0) - C:\WINDOWS\system32\l3codecp.acm [MD5.050BC9351A3386458B696F8BCA78B27B] - |D| - [30/10/2015 09:17:57] - (.-.) - [145.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\LargeRoom.bin [MD5.531FE5A2634D87A078017259F21D9736] - |D| - [30/10/2015 09:18:19] - (.-.) - [206.97 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lcphrase.tbl [MD5.D3C85593F8C4576FCF9B42AC48CA4368] - |D| - [30/10/2015 09:18:19] - (.-.) - [23.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lcptr.tbl [MD5.6D9EE5BD98B4606D0AC2C9F1AEC0C6CB] - |D| - [04/07/2016 14:35:18] - (.-.) - [49.46 Ko] - (0.0.0.0) - C:\WINDOWS\system32\license.rtf [MD5.B65E8E52916A527F88486875EE291AA8] - |D| - [26/10/2012 16:42:22] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |D| - [26/10/2012 16:42:22] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LogiDPPApp.exe [MD5.4D4248F6D008D86D5575EE5B154971AE] - |D| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\lvco1380853.dll [MD5.FF510CF2A7FA73192E7DB06D7C311799] - |D| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Video Codec.) - [171.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\lvcod64.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |D| - [26/10/2012 16:42:24] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lvcoin64.ini [MD5.83EF82141C2F7550A31ACA1E87D7B664] - |D| - [04/07/2016 13:45:55] - (.-.) - [32.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\lvcoinst.log [MD5.B4CD287DFAA6578AC763A3800F0C2DC8] - |D| - [26/10/2012 16:42:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LVUI64.dll [MD5.CCFDDF84B42198B0AAD27D11ACFD254E] - |D| - [26/10/2012 16:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.80.853.0) - C:\WINDOWS\system32\LVUIRC64.dll [MD5.D3F4E00C322EDA78873848BE75ACC8A4] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [132.98 Ko] - (9.1.10.83) - C:\WINDOWS\system32\mantle64.dll [MD5.EA33454E28EE1F3CA432DA87203DA24F] - |D| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [100.98 Ko] - (9.1.10.83) - C:\WINDOWS\system32\mantleaxl64.dll [MD5.BC74BDA8DC53F722C2CA686071600AE2] - |D| - [30/10/2015 09:17:57] - (.-.) - [107.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MediumRoom.bin [MD5.ED434A3EBE29070A7E0138C42482EB93] - |D| - [30/10/2015 09:18:14] - (.-.) - [657.31 Ko] - (0.0.0.0) - C:\WINDOWS\system32\mlang.dat [MD5.AB416599057FFDC84E28BBB6DA69EADC] - |D| - [20/06/2016 21:03:58] - (.-.) - [229.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MTF.dll [MD5.72534830694CCABA9A5CBA33F9771C63] - |D| - [20/06/2016 21:04:07] - (.-.) - [254.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\MTFServer.dll [MD5.86166DAA04A6C154826508304CC6D4AC] - |D| - [30/10/2015 09:17:40] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NdfEventView.xml [MD5.C146E873B22C3B300B21A859FE66C27A] - |D| - [30/10/2015 09:17:39] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml [MD5.E8DB44BFF95FE45512A7751B7B9D3C27] - |D| - [04/07/2016 18:48:16] - (.Copyright (C) 2000-2011 Nitro PDF Software - Windows NT Nitro Print PDF Interface Driver.) - [31.16 Ko] - (7.0.0.1) - C:\WINDOWS\system32\nitrolocalmon10.dll [MD5.BA1E173808A9EF0ED3A71DA9AE680718] - |D| - [04/07/2016 18:48:16] - (.Copyright (C) 2000-2011 Nitro PDF Software - Windows NT Nitro Print PDF Interface Driver.) - [19.66 Ko] - (7.0.0.1) - C:\WINDOWS\system32\nitrolocalui10.dll [MD5.79BD0E63A9E54ED8AFFD19F43B5B83F2] - |D| - [20/06/2016 21:02:52] - (.Copyright (C) Nokia 2013 - master branch.) - [258 Ko] - (8.1.0.65535) - C:\WINDOWS\system32\NmaDirect.dll [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - |D| - [04/07/2016 14:13:22] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\NOISE.DAT [MD5.5D27362AF3BCAA75A418F5416A35934E] - |D| - [30/10/2015 09:17:55] - (.-.) - [0.26 Ko] - (0.0.0.0) - C:\WINDOWS\system32\odbcconf.rsp [MD5.DE4FA2E0FBF5D7CAF54977DE21949EC2] - |D| - [04/07/2016 14:13:22] - (.-.) - [15.33 Ko] - (0.0.0.0) - C:\WINDOWS\system32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |D| - [30/10/2015 09:17:50] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\system32\onlinesetup.cmd [MD5.F192E1998A5F6826BE6955F6EAE7CDA1] - |D| - [21/10/2015 02:14:42] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [71.98 Ko] - (2.0.4.0) - C:\WINDOWS\system32\OpenCL.dll [MD5.42D2360079B1DF3230024AE920737367] - |D| - [30/10/2015 09:17:57] - (.-.) - [45.81 Ko] - (0.0.0.0) - C:\WINDOWS\system32\OutdoorAudioEnvironment.bin [MD5.66D58077CC739E4B8166E33AB0BA4639] - |D| - [30/10/2015 09:18:09] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pcl.sep [MD5.D17374CC12B32B76AE375877612AB386] - |D| - [05/07/2016 09:50:44] - (.Copyright (c) by pdfforge - pdfcmon.) - [117.26 Ko] - (0.8.4.0) - C:\WINDOWS\system32\pdfcmon.dll [MD5.07A15DD04EDF82309DA3284CB5F790B5] - |D| - [04/07/2016 14:18:00] - (.-.) - [135.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfc009.dat [MD5.FECBB2918A5C1AEB45620DA8232373BA] - |D| - [04/07/2016 14:24:48] - (.-.) - [151.91 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |D| - [04/07/2016 14:18:00] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |D| - [04/07/2016 14:24:48] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfd00C.dat [MD5.73459E478768D945DA94E1FB8E4F4713] - |D| - [04/07/2016 14:18:00] - (.-.) - [717.09 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfh009.dat [MD5.5CBB90DEAC6B08F5F648EE373844D50F] - |D| - [04/07/2016 14:24:48] - (.-.) - [804.94 Ko] - (0.0.0.0) - C:\WINDOWS\system32\perfh00C.dat [MD5.CCA8304DBA81F8A4132F8FE75F70C94B] - |D| - [04/07/2016 14:00:41] - (.-.) - [1805.08 Ko] - (0.0.0.0) - C:\WINDOWS\system32\PerfStringBackup.INI [MD5.52B10B6E184443323D4291FFFE96977A] - |D| - [17/10/2012 11:05:54] - (.(C) 2009-2012 COMODO Security Solutions Inc. - COMODO System Utilities.) - [31.21 Ko] - (1.1.4464.33) - C:\WINDOWS\system32\powerremover.exe [MD5.0225FC6F0D91F84B44CE252487D8D725] - |D| - [16/07/2016 17:13:36] - (.Copyright (C) 2008-2013 - Video-Codec by proDAD.) - [593.02 Ko] - (1.0.18.0) - C:\WINDOWS\system32\prodad-codec.dll [MD5.E5FCE41A5114E40EE573AB8631925BF3] - |D| - [16/07/2016 17:13:30] - (.Copyright (C) 2008 - Part of the proDAD.) - [367.52 Ko] - (1.0.4.0) - C:\WINDOWS\system32\proDAD-PA-Support.dll [MD5.C09741B9886EF0D15EC3B1443352FB62] - |D| - [30/10/2015 09:18:09] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pscript.sep [MD5.007893E8374C766471239EB291BA8C17] - |D| - [30/10/2015 09:17:45] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\system32\psmodulediscoveryprovider.mof [MD5.C32ECB99AD25E9A04F01C8665DF29EF8] - |D| - [17/07/2016 14:41:13] - (.-.) - [18.7 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pwdrvio.sys [MD5.D619356B955EEFA642F5FF72755E8B3C] - |D| - [17/07/2016 14:41:12] - (.-.) - [12.21 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pwdspio.sys [MD5.9BF9758B9781BB630BFE7D4DD5F353B4] - |D| - [13/07/2016 11:55:22] - (.-.) - [2995.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\pwNative.exe [MD5.3A77C18665A4C8428768CE186A5BC1EF] - |D| - [30/10/2015 09:17:39] - (.-.) - [1.78 Ko] - (0.0.0.0) - C:\WINDOWS\system32\rasctrnm.h [MD5.0A9F9AF06369A9EE130F19313A711743] - |D| - [17/10/2012 11:05:54] - (.(C) 2009-2012 COMODO Security Solutions Inc. - COMODO System Utilities.) - [27.71 Ko] - (1.1.4464.33) - C:\WINDOWS\system32\regdefrag.exe [MD5.C6CA43573C21CA6392F57F238C8391FC] - |D| - [26/10/2012 16:42:22] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\WINDOWS\system32\Repository.reg [MD5.226BBC4490EA49B69B407742A85A2D92] - |D| - [30/10/2015 09:19:26] - (.-.) - [8.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ResPriHMImageList [MD5.7153DD25B2D727B7281780A3DF33C877] - |D| - [30/10/2015 09:19:26] - (.-.) - [8.16 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ResPriImageList [MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - |D| - [30/10/2015 09:17:50] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\system32\RestartManager.mof [MD5.3F75A221A01F68D6CE67FE99A868BD8F] - |D| - [30/10/2015 09:17:50] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\system32\RestartManagerUninstall.mof [MD5.BCAB1D642BA232943798713E6321CCFE] - |D| - [05/07/2016 18:59:30] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.18 Ko] - (6.0.6001.18) - C:\WINDOWS\system32\RP3DAA64.dll [MD5.AAEEEC8B77E56AC813FE9E02594B84FC] - |D| - [05/07/2016 18:59:30] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.18 Ko] - (6.0.6001.18) - C:\WINDOWS\system32\RP3DHT64.dll [MD5.EABD549516BF670A684743EEE6A1ADA9] - |D| - [25/06/2016 16:15:32] - (.Copyright (C) 2014 - RtCRX.) - [81.21 Ko] - (1.11.9600.0) - C:\WINDOWS\system32\RtCRX64.dll [MD5.7952DB6EEC72F621A6EBB8E39BBA08A2] - |D| - [05/07/2016 18:59:31] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.8 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEED64A.dll [MD5.A302CB54C0543D2DC93417B18C814370] - |D| - [05/07/2016 18:59:31] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.28 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEG64A.dll [MD5.41EBD514DB0C8D1085ECCBB42936BABB] - |D| - [05/07/2016 18:59:31] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEL64A.dll [MD5.F3FBE3A2891375337E3290802B57F8C4] - |D| - [05/07/2016 18:59:31] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.24 Ko] - (6.1.6001.33) - C:\WINDOWS\system32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |D| - [30/10/2015 09:19:26] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ScavengeSpace.xml [MD5.00E5FCFD833151F7CBDE607E2F7AFEB4] - |D| - [30/10/2015 09:19:28] - (.-.) - [5.66 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance.png [MD5.5719BFC9CFDA7A9C059A71A47A0E6383] - |D| - [30/10/2015 09:19:28] - (.-.) - [2.56 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance_Alert.png [MD5.099BA37F81C044F6B2609537FDB7D872] - |D| - [30/10/2015 09:19:28] - (.-.) - [6.72 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SecurityAndMaintenance_Error.png [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |D| - [30/10/2015 09:17:43] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\settings.dat [MD5.4B91350942AA13F7566277CC6899E142] - |D| - [13/07/2016 11:53:19] - (.-.) - [99.59 Ko] - (0.0.0.0) - C:\WINDOWS\system32\setupempdrvx64.exe [MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - |D| - [30/10/2015 09:19:28] - (.-.) - [16.35 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ShiftJIS.uce [MD5.D098DA7DAAD8AF2A14BC4BBA4A7A95E0] - |D| - [05/07/2016 18:59:32] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [999.26 Ko] - (3.5.3.3) - C:\WINDOWS\system32\sl3apo64.dll [MD5.7F7244CF443F04C457BE4E31139208A7] - |D| - [05/07/2016 18:59:32] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [1804.58 Ko] - (3.5.3.3) - C:\WINDOWS\system32\slcnt64.dll [MD5.3903BCAB32A4A853DFA54962112D4D02] - |D| - [30/10/2015 09:17:53] - (.-.) - [139.55 Ko] - (0.0.0.0) - C:\WINDOWS\system32\slmgr.vbs [MD5.123E1555149EEA372C6EC1034F6B197A] - |D| - [05/07/2016 18:59:32] - (.TODO: (c) . - TODO: .) - [252.8 Ko] - (1.0.0.1) - C:\WINDOWS\system32\slprp64.dll [MD5.EA22B5EE15D03EF8CD76D2EAD7706B92] - |D| - [05/07/2016 18:59:32] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [2419.45 Ko] - (3.5.3.3) - C:\WINDOWS\system32\sltech64.dll [MD5.1C6F12AA3D178A0A953E8005B3CD4CDE] - |D| - [30/10/2015 09:17:57] - (.-.) - [68.14 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SmallRoom.bin [MD5.331D6C8CF1AE5A8A81F7FD5C2D05B687] - |D| - [05/07/2016 18:59:32] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.22 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRAPO64.dll [MD5.42A9DA319FBC535FECE2FADF436DB1E3] - |D| - [05/07/2016 18:59:32] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRCOM.dll [MD5.5A6AB6123A9E61C2CCFC04834D2FCCD1] - |D| - [05/07/2016 18:59:33] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.48 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRCOM64.dll [MD5.C1AA14DBA23EB5AE5044727DF182FE5C] - |D| - [30/10/2015 09:17:46] - (.-.) - [54.8 Ko] - (0.0.0.0) - C:\WINDOWS\system32\srms.dat [MD5.1749E02020F295E90C72C2B3C6B4D622] - |D| - [05/07/2016 18:59:33] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.52 Ko] - (4.0.0.59) - C:\WINDOWS\system32\SRRPTR64.dll [MD5.063175C2B8CFB37F4859C728D9EFCA64] - |D| - [05/07/2016 18:59:33] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.63 Ko] - (1.1.0.0) - C:\WINDOWS\system32\SRSHP64.dll [MD5.748C9AA4411CBEBE74C410BE37E47496] - |D| - [05/07/2016 18:59:33] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.77 Ko] - (1.1.4.0) - C:\WINDOWS\system32\SRSTSH64.dll [MD5.73207081F9A6F7212FCFAE0DC28D4BDD] - |D| - [05/07/2016 18:59:33] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.91 Ko] - (3.2.0.0) - C:\WINDOWS\system32\SRSTSX64.dll [MD5.8D923204C3FFAA2C5A4CA5FD40BDFB9C] - |D| - [05/07/2016 18:59:33] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.31 Ko] - (1.1.3.0) - C:\WINDOWS\system32\SRSWOW64.dll [MD5.B59958CD06C9F89C39281FB12F1BB233] - |D| - [30/10/2015 09:18:42] - (.-.) - [513.74 Ko] - (0.0.0.0) - C:\WINDOWS\system32\staticurllist.bin [MD5.30F5568679A54042F99CA9EC1102EBCD] - |D| - [30/10/2015 09:19:28] - (.-.) - [91.51 Ko] - (0.0.0.0) - C:\WINDOWS\system32\SubRange.uce [MD5.81B14F1AD906AC1CF9102796C97A54FE] - |D| - [30/10/2015 09:18:09] - (.-.) - [3.24 Ko] - (0.0.0.0) - C:\WINDOWS\system32\sysprint.sep [MD5.58A67EC6B00A54A69DC364194CA171E0] - |D| - [30/10/2015 09:18:09] - (.-.) - [3.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\sysprtj.sep [MD5.31B010EF50D54D548B4B8B211F421318] - |D| - [30/10/2015 09:18:10] - (.-.) - [1.63 Ko] - (0.0.0.0) - C:\WINDOWS\system32\tcpbidi.xml [MD5.D602CA245CC6774A0981B607F0675609] - |D| - [30/10/2015 09:18:09] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\tcpmon.ini [MD5.6D21D0A95286DCD09E354B612F592EB7] - |D| - [04/07/2016 14:13:24] - (.-.) - [1.94 Ko] - (0.0.0.0) - C:\WINDOWS\system32\ticrf.rat [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |D| - [30/10/2015 09:17:47] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WdsUnattendTemplate.xml [MD5.039C8233D4FCE424F5CA9427EF771942] - |D| - [30/10/2015 09:18:19] - (.-.) - [213.34 Ko] - (0.0.0.0) - C:\WINDOWS\system32\weretw.dll [MD5.D87FB0D2599BAE25F3A6D29589AF0D98] - |D| - [30/10/2015 09:17:49] - (.-.) - [2.22 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WimBootCompress.ini [MD5.2BA7DF05213968EFC98867E03687CEDB] - |D| - [30/10/2015 09:17:59] - (.-.) - [401.5 Ko] - (0.0.0.0) - C:\WINDOWS\system32\Windows.Perception.Stub.dll [MD5.E0974EE3F592223A950B3B0C04797212] - |D| - [30/10/2015 09:19:39] - (.-.) - [1.61 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WindowsCodecsRaw.txt [MD5.7EF8F3CADE2DE177F96B5A5B581D73FF] - |D| - [30/10/2015 09:17:43] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\system32\winrm.cmd [MD5.9D7684F978EBD77E6A3EA7EF1330B946] - |D| - [30/10/2015 09:17:43] - (.-.) - [199.32 Ko] - (0.0.0.0) - C:\WINDOWS\system32\winrm.vbs [MD5.965E1F4E54E12010DDDC7F71950C9C53] - |D| - [30/10/2015 09:17:50] - (.http://www.sqlite.org/copyright.html - SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - [642.46 Ko] - (3.8.8.3) - C:\WINDOWS\system32\winsqlite3.dll [MD5.C30C621748C66CE751B19B2788559A3E] - |D| - [30/10/2015 09:18:42] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wpcmon.png [MD5.F1DF7849450DBC5D5C3A464E8A791C8C] - |D| - [30/10/2015 09:18:42] - (.-.) - [1485.18 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WpcNBModel.bin [MD5.B6B479B04C64AF5EF36C24EBDF278302] - |D| - [30/10/2015 09:18:03] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wpr.config.xml [MD5.930423065AB3F5DB52D5726C7FC66385] - |D| - [30/10/2015 09:17:43] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\WINDOWS\system32\wsmanconfig_schema.xml [MD5.D6CBFA113B69C491DE370E85EBAC80E9] - |D| - [30/10/2015 09:17:43] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WsmPty.xsl [MD5.B2EDF82825D979928AE07CBE9C7A2160] - |D| - [30/10/2015 09:17:43] - (.-.) - [2.37 Ko] - (0.0.0.0) - C:\WINDOWS\system32\WsmTxt.xsl [MD5.9D6B8FC71167D22849424084F0F3D9E9] - |D| - [30/10/2015 09:19:41] - (.-.) - [74.28 Ko] - (0.0.0.0) - C:\WINDOWS\system32\xpsrchvw.xml [MD5.684DDBD6ED4066B10660A3A06655B59A] - |D| - [30/10/2015 09:17:42] - (.-.) - [3.92 Ko] - (0.0.0.0) - C:\WINDOWS\system32\xwizard.dtd ---------- | Installer [HKCR\Installer\Products\00bbe8c09094c95438742b60b8f73091] : OEM Share Pack -> C:\WINDOWS\Installer\{0c8ebb00-4909-459c-8347-b2068b7f0319}\ARPPRODUCTICON.exe [HKCR\Installer\Products\07B3D519D245EED4F889AA57BFDAFEAB] : PDF Architect 4 OCR Module -> C:\WINDOWS\Installer\{915D3B70-542D-4DEE-8F98-AA75FBADEFBA}\ocr_icon [HKCR\Installer\Products\085E718E81368CFA122023C23711E74C] : CCC Help Polish -> C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\08A8734D317CFD1139990005650C0080] : Paragon Migrate OS to SSD™ 4.0 -> C:\WINDOWS\Installer\{D4378A80-C713-11DF-9399-005056C00008}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0CCA1DC70DD34984097CFBA231C670D4] : [HKCR\Installer\Products\0D4A6A5A500250A2E212948580FC59DE] : CCC Help Norwegian -> C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0F76E360892CA2A8F06A481C35224A0E] : ccc-utility64 -> C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\10743651ECAB9444B8525176ADC8F93D] : CameraHelperMsi [HKCR\Installer\Products\13B3A47134C4DD3468F6379CBD88B784] : LWS Twitter [HKCR\Installer\Products\1D5F27E1E3559FFC603AC8A55F70DDC1] : CCC Help French -> C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\224612CF7C2EFB7408018F8518C18CC6] : [HKCR\Installer\Products\241A5D4605DBE627DEE92D05D8A2712E] : Catalyst Control Center InstallProxy -> C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\25E8C8C9A2A4D674B9C07CFE43048F0F] : [HKCR\Installer\Products\2EB941D82456A6F4EA4CD7166ECDEABF] : [HKCR\Installer\Products\2F676100D2A458D4A900DEA245CDFF18] : PDF Architect 4 Forms Module -> C:\WINDOWS\Installer\{001676F2-4A2D-4D85-9A00-ED2A54DCFF81}\forms_icon [HKCR\Installer\Products\2FDE2CC7CE387074DB3D276429636ACC] : WD Security -> C:\WINDOWS\Installer\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}\icon.ico [HKCR\Installer\Products\307BCCF8FBF37e944AF38AE1729D0BE7] : MediaShow -> C:\WINDOWS\Installer\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\37DCDAB6529E7F642A59FF4284367282] : [HKCR\Installer\Products\37E58BB129D0A406A0FA7CAA5D3E3A6C] : CCC Help English -> C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3A56CBC8BA0456EDC21B99A7DB8ADF86] : CCC Help Turkish -> C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3C1BCDF6CDE9CBC374C3DD58DEE54049] : CCC Help German -> C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3EFCAE7DA6CBbb842BC8D4FB1328523E] : PowerProducer -> C:\WINDOWS\Installer\{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3F78D2E7CB3F5af4F927FB20E16DC63B] : [HKCR\Installer\Products\4171AC28AE31914F19EF2138444247E5] : CCC Help Italian -> C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42B796F7EA363344D86F638F71C1BA07] : PDF Architect 4 Edit Module -> C:\WINDOWS\Installer\{7F697B24-63AE-4433-8DF6-36F8171CAB70}\edit_icon [HKCR\Installer\Products\42C6FBF1Df1C10144AB2C065F4E9E897] : [HKCR\Installer\Products\42D78011D76588D7966C7D0AB8F5C474] : Catalyst Control Center - Branding -> C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4673AE1C831172EADA3645B9DA99AB51] : CCC Help Japanese -> C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\472D7398182C4E24C8BD0A2BFD791998] : LWS Webcam Software [HKCR\Installer\Products\473F9FB676CE80849AC01F72EDD689D9] : Epson E-Web Print -> C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe [HKCR\Installer\Products\4920FD12D9B61474BAF62BBABF2D83E7] : LWS YouTube Plugin [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\5104B339816461748A822598CF3061F5] : VC80CRTRedist - 8.0.50727.6195 [HKCR\Installer\Products\5173F3A735977424B8C5D53050B0E99A] : [HKCR\Installer\Products\554590D7179DC4D4E9DFA96F6A85F4A3] : Bing Bureau -> C:\WINDOWS\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}\icon.ico [HKCR\Installer\Products\56D3AA7C48F10954FAAA70770AB46678] : Epson Software Updater -> C:\WINDOWS\Installer\{C7AA3D65-1F84-4590-AFAA-0777A04B6687}\icon.ico [HKCR\Installer\Products\591761FF4EE90C64C87DBF3A54E788BA] : LWS Facebook [HKCR\Installer\Products\59EBDD8FEBCD5B303595ED631041E612] : CCC Help Danish -> C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\5ACF48976BB16e64192EDEC503A11FA1] : [HKCR\Installer\Products\5BFC49BC40EA66A449542D97D8F224EE] : LCL -> C:\WINDOWS\Installer\{CB94CFB5-AE04-4A66-9445-D2798D2F42EE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5C9D7C552C04F0E468B30DFA4CCA1200] : Nitro Reader 5 -> C:\WINDOWS\Installer\{55C7D9C5-40C2-4E0F-863B-D0AFC4AC2100}\Reader.ico [HKCR\Installer\Products\5E16E053C2C6C3F2A341E790A46B3D0A] : CCC Help Spanish -> C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\623DD63D08278D11798C00109267C0EB] : PhotoNow -> C:\WINDOWS\Installer\{D36DD326-7280-11D8-97C8-000129760CBE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\66122D971C874DA2407EDB22DB85DF64] : CCC Help Chinese Traditional -> C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68ADF0FAB7E6C6A1154D34FA0581E12D] : AMD Catalyst Control Center -> C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6A94462B700606444BEF4C771651CBAE] : Epson Customer Research Participation [HKCR\Installer\Products\6AA82BF801D532C45852DE7D8A70C48B] : PDF Architect 4 Convert Module -> C:\WINDOWS\Installer\{8FB28AA6-5D10-4C23-8525-EDD7A8074CB8}\convert_icon [HKCR\Installer\Products\72BCCFF8D2EEF85DA5DBDEC5609BE118] : CCC Help Swedish -> C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe [HKCR\Installer\Products\77E99DA1CC73E44793AC766FDF4365A5] : Catalyst Control Center Localization All -> C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\797ECA52ADBEB4E090F6F99EA7E1A2F6] : CCC Help Russian -> C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\WINDOWS\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7CFACAA4A15951244B03D3CFFFE2C6DE] : WD Backup [HKCR\Installer\Products\89201680EA92B5443BD7FEEB50089276] : LWS Pictures And Video [HKCR\Installer\Products\8AC6637E9717EA777E21AB817DA0A070] : AMD Fuel -> C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BA31D3CA8644710D160BDA9EAA831B1] : CCC Help Czech -> C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F7CB758450F4234C9AA016816AEC3D8] : PDF Architect 4 Insert Module -> C:\WINDOWS\Installer\{857BC7F8-F054-4324-9CAA-108661EA3C8D}\insert_icon [HKCR\Installer\Products\924914348DC32A0428547D8CCC952DE7] : PDF Architect 4 Secure Module -> C:\WINDOWS\Installer\{43419429-3CD8-40A2-8245-D7C8CC59D27E}\secure_icon [HKCR\Installer\Products\92540D3EBDE68D113A270005AB3E711E] : PowerDVD Copy -> C:\WINDOWS\Installer\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\92AE608D61AC5E34B936DC95B1A04F23] : PDF Architect 4 Review Module -> C:\WINDOWS\Installer\{D806EA29-CA16-43E5-9B63-CD591B0AF432}\review_icon [HKCR\Installer\Products\94BD5DDAFC278D11D95700109267D057] : PowerBackup -> C:\WINDOWS\Installer\{ADD5DB49-72CF-11D8-9D75-000129760D75}\ARPPRODUCTICON.exe [HKCR\Installer\Products\966BDC60F6BB7B74F9383ABECC79790E] : PDF Architect 4 Create Module -> C:\WINDOWS\Installer\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0}\create_icon [HKCR\Installer\Products\9B84125C0E91A334492243151BEB2EF0] : Media Go Network Downloader -> C:\WINDOWS\Installer\{C52148B9-19E0-433A-9422-3451B1BEE20F}\Media_Go_icon [HKCR\Installer\Products\9C58CB7154AE7A484FBD0C6DB3EB89ED] : Media Go Video Playback Engine 2.20.103.05220 -> C:\WINDOWS\Installer\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE}\MediaGo__0001.ico [HKCR\Installer\Products\9DD3CA015D09065439A0FF9B93481957] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A748067A9D4CFE7E17F6706CBC6F1B74] : CCC Help Thai -> C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A9B15283B44C9D24A9A6607989E633A4] : Manager [HKCR\Installer\Products\AB75A5C0E5343F340804DA0FD817C5A8] : [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B67AEAD9F05E27245A5910428E6255D3] : LWS WLM Plugin [HKCR\Installer\Products\BD536147AD63FCB4BB25F0C4C1E4D0BF] : Wedding Pack -> C:\WINDOWS\Installer\{741635DB-36DA-4BCF-BB52-0F4C1C4E0DFB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C0DBE580E42F49BED633A222FE465CFC] : CCC Help Finnish -> C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C1EE29780A197A3479A77E014C22C369] : [HKCR\Installer\Products\C2F1EB77C255E834E8B6C48061DBCED5] : Rebit Pro (64-bit) -> C:\WINDOWS\Installer\{77BE1F2C-552C-438E-8E6B-4C0816BDEC5D}\InstallerIcon [HKCR\Installer\Products\C351938B2D4DC98F0533A061C02607B6] : CCC Help Portuguese -> C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C3AF8C38AE4F4C6438293DEC5373836D] : LWS Launcher [HKCR\Installer\Products\C3CE67F61B43E63479BF845CD8B7DEDC] : LWS Gallery [HKCR\Installer\Products\C51E70D24A9A6D8D3D1729CE78975E78] : CCC Help Hungarian -> C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC67F423DD8D78D47BD74DFAE5A17A3B] : [HKCR\Installer\Products\D0C652567EF3E2D4BBE3351F7145188C] : Media Go -> C:\WINDOWS\Installer\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}\mediago.ico [HKCR\Installer\Products\D32F40E9E2E326A4EAFBB89C25932459] : COMODO Cloud Antivirus -> C:\WINDOWS\Installer\{9E04F23D-3E2E-4A62-AEBF-8BC952394295}\icon.ico [HKCR\Installer\Products\D4DC8700641B77D4C80F62B8631C3ACE] : [HKCR\Installer\Products\D6BC3980639828843830C87096AA7605] : PDF Architect 4 View Module -> C:\WINDOWS\Installer\{0893CB6D-8936-4882-8303-8C0769AA6750}\main_icon [HKCR\Installer\Products\DDC6998418DD791439EF90177EC3C57A] : WD Drive Utilities -> C:\WINDOWS\Installer\{48996CDD-DD81-4197-93FE-0971E73C5CA7}\icon.ico [HKCR\Installer\Products\DED17A5318AD313153A2CEA8B072FDB3] : CCC Help Chinese Standard -> C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E3A623703B208701527D8B66B68AEF51] : CCC Help Korean -> C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E6121561DA7E0524291ABFE86D31199C] : LWS Help_main [HKCR\Installer\Products\EE47477FC6BEB78C88FA33018C840E86] : CCC Help Greek -> C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3D66E17900ABA447848572E18B94AAB] : LWS Motion Detection [HKCR\Installer\Products\F75D59AC3CF97DD0C76363F2478D0CE4] : CCC Help Dutch -> C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe ---------- | ADS @C:\ProgramData\Temp:E965A533 ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 954G No No 1 953,525,167 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: AMI System Manufacturer: Hewlett-Packard System Product Name: CQ2904EF Logical Drives Mask: 0x006c53fc Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante adsfix_3_19.07.2016.2.exe, version : 19.7.2016.2, horodatage : 0x578dcfb6 Nom du module défaillant : adsfix_3_19.07.2016.2.exe, version : 19.7.2016.2, horodatage : 0x578dcfb6 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00021545 ID du processus défaillant : 0x830 Heure de début de l’application défaillante : 0x01d1e23e05e4b41c Chemin d’accès de l’application défaillante : C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe Chemin d’accès du module défaillant: C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe ID de rapport : 61a6e79c-e652-447c-a181-602e6624ca4f Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Nom du module défaillant : DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000089f1 ID du processus défaillant : 0x420 Heure de début de l’application défaillante : 0x01d1e23df1faa628 Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 60abaa48-589b-4cf1-a5aa-6ef9bca6941b Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_CacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_CacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_AudioCacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files\cyberlink\photodirector7\kernel\ces\CES_AudioCacheAgent.exe.Manifest ». Assembly dépendant PDR.X,type="win32",version="1.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ Échec de la procédure d’ouverture pour le service « WmiApRpl » dans la DLL « C:\WINDOWS\system32\wbem\wmiaprpl.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Windows ne parvient pas à charger la DLL de compteur extensible rdyboost. Le premier mot (DWORD) de la section Données contient le code d’erreur Windows. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état. ------------ Échec de la procédure d’ouverture pour le service « Lsa » dans la DLL « C:\Windows\System32\Secur32.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « ESENT » dans la DLL « C:\WINDOWS\system32\esentprf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Nom de l’application défaillante adsfix_3_19.07.2016.2.exe, version : 19.7.2016.2, horodatage : 0x578dcfb6 Nom du module défaillant : adsfix_3_19.07.2016.2.exe, version : 19.7.2016.2, horodatage : 0x578dcfb6 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000211de ID du processus défaillant : 0x15f4 Heure de début de l’application défaillante : 0x01d1e1cce15d3775 Chemin d’accès de l’application défaillante : C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe Chemin d’accès du module défaillant: C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe ID de rapport : a240c49a-333d-4eb4-821d-c8aa4b65f0fe Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante FolderSize.exe, version : 3.4.0.0, horodatage : 0x53284d8b Nom du module défaillant : KERNELBASE.dll, version : 10.0.10586.494, horodatage : 0x5775e78b Code d’exception : 0x0eedfade Décalage d’erreur : 0x000bdae8 ID du processus défaillant : 0x1550 Heure de début de l’application défaillante : 0x01d1e1bf82f32544 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Folder Size\FolderSize.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\KERNELBASE.dll ID de rapport : 1439766f-057c-4584-ac49-b13f26e48127 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Échec de la création d’un point de restauration (Processus = C:\Program Files (x86)\Wondershare\1-Click PC Care\1ClickPCCare.exe Files (x86)\Wondershare\1-Click PC Care\1ClickPCCare.exe"  ; Description = Wondershare 1-Click PC Care's restore point ; Erreur = 0x8007043c). ------------ Nom de l’application défaillante DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Nom du module défaillant : DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000089f1 ID du processus défaillant : 0xba0 Heure de début de l’application défaillante : 0x01d1e1b5b7768cea Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 201ac491-bee3-4546-8da5-537c89ec99fc Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Nom du module défaillant : DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000089f1 ID du processus défaillant : 0xbe0 Heure de début de l’application défaillante : 0x01d1e1b014d43178 Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 9939f338-e759-4b09-acd7-5610ce7086f1 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Nom du module défaillant : DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000089f1 ID du processus défaillant : 0x808 Heure de début de l’application défaillante : 0x01d1e1a71c6a483d Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : 47a15538-8926-4462-8ce9-d6096e4c5ad5 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Nom du module défaillant : DTShellHlp.exe, version : 7.1.0.595, horodatage : 0x56fa4c10 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000089f1 ID du processus défaillant : 0xb08 Heure de début de l’application défaillante : 0x01d1e1a7131d6158 Chemin d’accès de l’application défaillante : C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe Chemin d’accès du module défaillant: C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe ID de rapport : ae705ef1-c2fa-47de-93b4-aaf8e346874a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ ----------( EOF)---------- - 7919 | 08:08:35