--------------- QuickDiag | g3n-h@ckm@n | V3_22.01.17.3 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 22/01/2017 20:31:57 Updated 22/01/2017 | 19.40 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Bruno (Administrator)] - [BRUNO-PC] (S-1-5-21-1413675022-3679237491-1003182551-1000) System: Microsoft Windows 7 Édition Intégrale - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Intégrale |C:\Windows|\Device\Harddisk1\Partition2 Boot : Normal boot PC: MS-7850 - MSI - IdNumber: To be filled by O.E.M. - UUID: 00000000-0000-0000-0000-D8CB8AEA4DFD Processor : X64 - 3200 Mhz - Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz BIOS Date: 03/30/15 12:56:41 Ver: V2.9B0 - en|US|iso8859-1 - American Megatrends Inc. - S/N: To be filled by O.E.M. - V2.9 - HPQOEM - 1072009 CoreTemp : 29.8 Celsius ----------| Extended ---------- | SoundDevice AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002\5&12270A9E&0&0001 Line 6 UX2 - Status: OK - Manufacturer: Line 6 - PNPDeviceID: USB\VID_0E41&PID_4151\6&25FA9FE2&0&1 ---------- | Video AMD Radeon R5 200 Series - Resolution: 1280x960 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_6779&SUBSYS_52301682&REV_00\4&23E0F855&0&0008 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 1073741824 Inegrated Video Chipset DeviceName: AMD Radeon R5 200 Series - DriverVersion: 8.14.01.6413 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\bdmjpeg64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25640 - Manufacturer: - Status: OK c:\windows\system32\bdmpegv64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 70200 - Manufacturer: - Status: OK c:\windows\system32\bdmpega64.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 70712 - Manufacturer: - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:0 % ---------- | Network WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_78501462&REV_0C\4&325D67BA&0&00E5 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 RAS Async Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 8315 | Free (MB) : 6847 Pagefile = Total (MB) : 8313 | Free (MB) : 6979 Virtual = Total (MB) : 4194 | Free (MB) : 4020 Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: - Manufacturer: Kingston - PartNumber: KHX1866C10D3/8G - S/N: 7A361562 ---------- | SID Users Administrateur : [S-1-5-21-1413675022-3679237491-1003182551-500] Bruno : [S-1-5-21-1413675022-3679237491-1003182551-1000] HomeGroupUser$ : [S-1-5-21-1413675022-3679237491-1003182551-1003] Invité : [S-1-5-21-1413675022-3679237491-1003182551-501] Administrateurs : [S-1-5-32-544] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-1413675022-3679237491-1003182551-1002] WinRMRemoteWMIUsers__ : [S-1-5-21-1413675022-3679237491-1003182551-1001] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [WINDOWS 7] | Total : 80.27 Go | Free : 42.28 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA 2] | Total : 196.92 Go | Free : 44.84 Go -> NTFS [SATA] E:\ -> [Fixed] | [MUSIC] | Total : 75.94 Go | Free : 29.42 Go -> NTFS [SATA] F:\ -> [Fixed] | [DATA 1] | Total : 30.1 Go | Free : 7.94 Go -> NTFS [SATA] I:\ -> [Fixed] | [Sauvegardes] | Total : 100 Go | Free : 49.48 Go -> NTFS [SATA] Disk Usage Information [2 total Physical Disks] Physical Drive #1 [F:, C:, E:] : Read:66,185 bytes/sec, Written:1,017,600 bytes/sec Max Read:66,185 bytes/sec, Max Write:1,017,600 bytes/sec Physical Drive #0 [D:, I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:66,185 bytes/sec, Write Maximum:1,017,600 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : IDE\DISKMAXTOR_STM3320820AS_____________________3.AAE___\5&21452306&0&1.0.0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKST3200826AS_____________________________3.03____\5&33FED3AB&0&0.0.0 ---------- | Windows updates Last detection : 2017-01-11 09:42:01 Downloaded last ones : 2017-01-11 09:47:03 Installed last ones : 2017-01-11 09:50:32 Windows Is Activated ---------- | Browsers FF : 50.1.0.6186 (©Firefox and Mozilla Developers; available under the MPL 2 license.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 24.0.0.186 FlashPlayer Plugin : 24.0.0.194 ---------- | Security AV : Avast Antivirus Enabled AS : Avast Antivirus Enabled AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 10/09/2016 13:30:13] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 444 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23572) = C:\Windows\System32\smss.exe [14/12/2016 09:59:28] CPU Usage:0 % 708 | [Owner : | Parent : 584() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 00:52:37] CPU Usage:0 % 768 | [Owner : | Parent : 708(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.23403) = C:\Windows\System32\services.exe [25/09/2016 21:38:30] CPU Usage:0 % 812 | [Owner : | Parent : 716() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.23403) = C:\Windows\System32\winlogon.exe [25/09/2016 21:38:30] CPU Usage:0 % 840 | [Owner : | Parent : 708(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23642) = C:\Windows\System32\lsass.exe [11/01/2017 10:46:55] CPU Usage:0 % 848 | [Owner : | Parent : 708(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.23403) = C:\Windows\System32\lsm.exe [25/09/2016 21:38:30] CPU Usage:0 % 940 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 320 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 476 | [Owner : | Parent : 768(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1180) = C:\Windows\System32\atiesrxx.exe [24/04/2015 09:35:16] CPU Usage:0 % 480 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 956 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 1044 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 1068 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 1256 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 1360 | [Owner : | Parent : 768(services.exe) | ?????] - (.AVAST Software - avast! Service.) - (12.3.3154.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [18/09/2016 12:56:30] CPU Usage:0 % 1412 | [Owner : | Parent : 476(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1180) = C:\Windows\System32\atieclxx.exe [24/04/2015 09:35:16] CPU Usage:0 % 1696 | [Owner : Bruno | Parent : 956(svchost.exe) | 5.66 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7601.23403) = C:\Windows\System32\dwm.exe [25/09/2016 21:38:32] CPU Usage:0 % 1744 | [Owner : Bruno | Parent : 768(services.exe) | 12.71 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.23403) = C:\Windows\System32\taskhost.exe [25/09/2016 21:38:30] CPU Usage:0 % 1752 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.23403) = C:\Windows\System32\spoolsv.exe [25/09/2016 21:38:30] CPU Usage:0 % 1788 | [Owner : Bruno | Parent : 1672() | 66.4 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe [12/10/2016 08:05:35] CPU Usage:0 % 1860 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 1992 | [Owner : | Parent : 768(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.21.1354) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [19/12/2016 22:38:14] CPU Usage:0 % 2068 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 2184 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 2032 | [Owner : Bruno | Parent : 1788(explorer.exe) | 8.49 Mo] - (.-.) - (0.0.0.0) = C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anti_AdAnti.exe [07/01/2017 09:54:37] CPU Usage:0 % 2284 | [Owner : Bruno | Parent : 2700() | 28.24 Mo] - (.AVAST Software - avast! Antivirus.) - (12.3.3154.23) = C:\Program Files\AVAST Software\Avast\avastui.exe [15/11/2016 11:07:58] CPU Usage:0 % 1380 | [Owner : Bruno | Parent : 2700() | 5.03 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [12/12/2016 19:21:48] CPU Usage:0 % 1392 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.23403) = C:\Windows\System32\SearchIndexer.exe [25/09/2016 21:38:48] CPU Usage:0 % 3156 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [09/09/2016 14:23:44] CPU Usage:0 % 3452 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 4012 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7601.23403) = C:\Windows\System32\svchost.exe [25/09/2016 21:38:06] CPU Usage:0 % 3664 | [Owner : | Parent : 480(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.23471) = C:\Windows\System32\audiodg.exe [12/10/2016 08:05:53] CPU Usage:0 % 3204 | [Owner : Bruno | Parent : 1788(explorer.exe) | 25.58 Mo] - (.SosVirus - QuickDiag.) - (22.1.17.3) = C:\Users\Bruno\Desktop\QuickDiag.exe [22/01/2017 20:18:45] CPU Usage:0 % 2840 | [Owner : | Parent : 1392(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.23403) = C:\Windows\System32\SearchProtocolHost.exe [25/09/2016 21:38:48] CPU Usage:0 % 1460 | [Owner : Système | Parent : 1392(SearchIndexer.exe) | 8.29 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.23403) = C:\Windows\System32\SearchFilterHost.exe [25/09/2016 21:38:48] CPU Usage:0 % 2908 | [Owner : | Parent : 768(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.23403) = C:\Windows\System32\sppsvc.exe [25/09/2016 21:38:20] CPU Usage:0 % ---------- | MD5 [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [12/10/2016 08:05:35] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3154 Ko] - (6.1.7601.23537) : C:\Windows\Explorer.exe [MD5.156685D32876F14D8E52BC6070004100] - [25/09/2016 21:38:28] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.23403) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 00:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.0B5A8B1E0A3CF06802CEF191FC802736] - [14/12/2016 09:59:28] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23572) : C:\Windows\System32\Kernel32.dll [MD5.1F9335A2C68B65E7D95985FA50968EA0] - [11/01/2017 10:46:55] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23642) : C:\Windows\System32\lsass.exe [MD5.4B1099E362ADAF9A4FA9B06D76294349] - [25/09/2016 21:38:32] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.23403) : C:\Windows\System32\rpcss.dll [MD5.51138BEEA3E2C21EC44D0932C71762A8] - [28/11/2016 11:48:21] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [43.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.38382A6B73FB37EF692DCBD882AB1FC4] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [320 Ko] - (6.1.7601.23403) : C:\Windows\System32\services.exe [MD5.2F50120369617267F94C0A139542EB7C] - [25/09/2016 21:38:06] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7601.23403) : C:\Windows\System32\svchost.exe [MD5.34BA256FBF83457F9D5E51A56DB54542] - [14/12/2016 09:59:31] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985.5 Ko] - (6.1.7601.23594) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [09/09/2016 14:22:48] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.9562F469F07315BE916AE3B780E2C42C] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [445 Ko] - (6.1.7601.23403) : C:\Windows\System32\Winlogon.exe [MD5.6621364405B22FB2C642CDB6B6DE751C] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [484.5 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\afd.sys [MD5.C8AA50005E6461D5C2C247DBABBF2008] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.23 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\atapi.sys [MD5.EC679A83A2F4FE01A69E1E93178328C6] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.73 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.7200A15FCDDECA736E97D2815A32A54F] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [146.5 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9B38580063D281A99E68EF5813022A5F] - [12/10/2016 08:05:58] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [104 Ko] - (6.1.7601.23542) : C:\Windows\System32\Drivers\dfsc.sys [MD5.45DAAFD1056B8942C5038EFFD285658D] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.55CCD3E5E4DA18FCF0598F42249D47DF] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.9774AA4661A30E0ADCEA48B5A1B9F4B7] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\ipnat.sys [MD5.632E8A00090E4F85F304E152C92C7F2C] - [11/01/2017 10:46:55] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23642) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.8664770EC3CF87492AD1CDDA424FD3CB] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [926.73 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\ndis.sys [MD5.E47D571FEC2C76E867935109AB2A770C] - [25/09/2016 22:09:39] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys [MD5.DF54A465B6C6AA7A306D03B9B1D2B61E] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.23 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0E75370C05A7AB23E3B05840BA9E1935] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [09/09/2016 14:23:02] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.596C9872717441BF3550927731C1AFE6] - [25/09/2016 21:38:48] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [162.5 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\rdpdr.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 01:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.B2875D7ABB82867DC3AA03D991940201] - [25/09/2016 22:16:49] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1851.73 Ko] - (6.1.7601.23496) : C:\Windows\System32\Drivers\tcpip.sys [MD5.106269AB8623435C130A33DCA499A7EF] - [25/09/2016 21:38:30] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\tdx.sys [MD5.B52F1F5F55CD773BA89E5739B82E9C34] - [25/09/2016 21:37:56] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [290.23 Ko] - (6.1.7601.23403) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.AVAST Software.-.avast! Shell Extension.) - (12.3.3154.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.40.2.0) -- C:\Program Files\WinRAR\rarext.dll (.Crystal Rich Ltd.-.LockHunter Explorer Extension.) - (1.0.0.1) -- C:\Program Files\LockHunter\LHShellExt64.dll (.Free Time.-.FormatFactory Shell Menu Module.) - (1.0.0.3) -- C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Anti_AdAnti - (Anti_AdAnti.exe [Startup]) - User: Bruno-PC\Bruno [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 "DelayedExpansion"=0 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1 "MRUList"=ba "b"=C:\Users\Bruno\AppData\Roaming\1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 "DelayedExpansion"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 "DelayedExpansion"=0 ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] : "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON] : "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=9516a030-05a8-40f7-b3c2-d6a3e5f "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 "ConnectDCTimeout"=20000 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "AutoChkTimeOut"=2 [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "ServicesPipeTimeout"=60000 [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "Authentication Packages"=msv1_0 "LsaPid"=840 "SecureBoot"=1 "ProductType"=1 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "enabledcom"=y ---------- | .LNK ---------- | AppCertDlls | AppInit_DLLs ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=0 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=0 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=100 "PaintDesktopVersion"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0xA012018010000000 "Wallpaper"=C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [08/09/2016 16:22:46] "WaitToKillAppTimeout"=200 "AutoEndTasks"=1 "LogPixels"=120 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=255 "NoThumbnailCache"=1 "DisableThumbnailsOnNetworkFolders"=1 "NoDrives"=0 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003A20010000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=404 "Browse For Folder Height"=354 "ThumbnailQuality"=80 "Reason Setting"=255 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=0 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=0 "ListviewShadow"=0 "TaskbarAnimations"=0 "StartMenuInit"=4 "NoNetCrawling"=1 "FolderContentsInfoTip"=0 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=1 "TaskbarGlomLevel"=2 "Start_PowerButtonAction"=2 "Start_MinMFU"=10 "Start_JumpListItems"=10 "Start_AdminToolsRoot"=2 "StartMenuAdminTools"=1 ""=0 "ShowSuperHidden"=0 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x060000000800000007000000050000000400000003000000020000000100000000000000FFFFFFFF "0"=0x730069006C0065006E00630065000000 "1"=0x6D006F0075007200690072000000 "2"=0x6C006900730074000000 "3"=0x53006500610066000000 "4"=0x730069007200650074000000 "5"=0x720061006D0062006C00650072000000 "7"=0x710073006B007900650073002E007300790073000000 "8"=0x61006C00690066006900640065002E007300790073000000 "6"=0x710072006C007900670072002E007300790073000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=0 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=0 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "DisableStartupSound"=1 "DisableStatusMessages"=1 "VerboseStatus"=0 "DisableRegistryTools"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=128 "SmartScreenEnabled"=Off "MultipleInvokePromptMinimum"=10000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 "EncryptionContextMenu"=1 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=0 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=0 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "DisableStartupSound"=1 "DisableStatusMessages"=1 "VerboseStatus"=0 "DisableRegistryTools"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=416 "MaxCachedTiles10X"=QBKISEKZCWBV42622 "SmartScreenEnabled"=Off [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=0 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=Explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "RunLogonScriptsNormally"=1 "LegalNotice Text"= "SFCDisable"=0 "System"= [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=0 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AUTORESTARTSHELL"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=ComFile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\System32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=ComFile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\System32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ---------- | AppcompatFlags [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=3B09C40 DVDSetup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "SIGN.MEDIA=1291597 Autorun.exe"=1 "D:\logiciels\Guitar Rig 5\setup.exe"=1 "D:\logiciels\Office 2007\SETUP.EXE"=1 "D:\logiciels\Transcribe\xscsetup.exe"=1 "D:\logiciels\VueScan.8.6.62\vuesca86.exe"=1 "D:\logiciels\Norton\SRD\INSTALL\SETUP.EXE"=1 ""=1 "D:\logiciels\winrar 330 fr\wrar330fr.exe"=1 "D:\logiciels\POD Farm v2.59 Installer.exe"=1 "C:\AMD\Packages\Apps\Radeon-Crimson-16.9.2-vc1232-161003\vcredist_x86\vcredist_x86.exe"=1 "C:\AMD\Packages\Apps\Radeon-Crimson-16.9.2-vc1264-64bit-161003\vcredist_x64\vcredist_x64.exe"=1 "D:\logiciels\LGPCSuite_Setup.exe"=1 "C:\Users\Bruno\AppData\Local\Temp\jre-8u121-windows-au.exe"=1 "C:\Users\Bruno\Downloads\jxpiinstall.exe"=1 "C:\Users\Bruno\Desktop\ComboFix.exe"=1 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:Software\Swearware\dump [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify"=0 "UpdatesDisableNotify"=0 [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 "FirewallDisableNotify"=0 "AntiVirusDisableNotify"=0 "UpdatesDisableNotify"=0 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0xE9BB34F6E209D201 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 localhost ---------- | @ [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "XMLHTTP"=1 "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "UseThemes"=1 "SmoothScroll"=1 "StatusBarWeb"=1 "ForceGDIPlus"=0 "AlwaysShowMenus"=0 "SuppressScriptDebuggerDialog"=0 "CSS_Compat"=doctype "Expand Alt Text"=no "Display Inline Videos"=1 "Print_Background"=no "Use Stylesheets"=1 "Show image placeholders"=0 "DisableScriptDebuggerIE"=yes "Move System Caret"=no "Enable AutoImageResize"=yes "UseHR"=0 "Q300829"=0 "Cleanup HTCs"=0 "XDomainRequest"=1 "DOMStorage"=1 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "Start Page Redirect Cache AcceptLangs"=fr-FR "Check_Associations"=no "Friendly http errors"=yes "ImageStoreRandomFolder"=xykfibq "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x3DC61AD0B71FD201 "DefSpellLang"=fr-FR "ScriptDebugger_EnableHiddenTabs"=0 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "ShutdownWaitForOnUnload"=0 "DNSPreresolution"=8 "SpellChecking"=1 "LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8} "DisablePasswordReveal"=0 "DisableRequiresActiveXPrompt"= "GotoIntranetSiteForSingleWordEntry"=0 "AutoSearch"=1 "PredictedViewExpansion"=100 "PredictedViewChangeThreshold"=10 "PredictedViewChangeThresholdPaint"=10 "ContentLayerCacheExpansion"=300 "RenderingLoopMaxTime"=250 "NscSingleExpand"=0 "Error Dlg Displayed On Every Error"=no "NotifyDownloadComplete"=yes "Disable Diagnostics Mode"=no "EnableAlternativeCodec"=yes "JScriptProfileCacheEventDelay"=5000 "CrossfadeMinTimeoutInMS"=30000 "CrossfadeMaxTimeoutInMS"=30000 "CrossfadeCurrentTimeoutInMS"=30000 "ScrollTimeoutInMS"=6000 "IE10RunOnceLastShown"=0 "IE10TourNoShow"=0 "IE10TourShown"=1 "IE10RecommendedSettingsNo"=0 "HangRecovery"=1 "DesktopTransparentCoverWindowTime"=8 "TSEnable"=1 "Isolation"=PMIL "Isolation64Bit"=0 "IsolationImmersive"=PMEM "MinIEEnabled"=1 "FormSuggest Passwords"=yes "FormSuggest PW Ask"=yes "RefcountTracker"=0 "TabDragOnSingleProc"=0 "ForceBFCacheCandidacyPass"=0 "Fasterback"=1 "BackForwardInstrumentation"=0 "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP "Start Page_TIMESTAMP"=0xCAE66003F636D201 "OperationalData"=5 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF21000000210000004103000079020000 "CompatibilityFlags"=0 "Start Page Redirect Cache_TIMESTAMP"=0x74FBA216F736D201 "IE10TourShownTime"=0x628A24D0B71FD201 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "UseClearType"=no "DisableFirstRunCustomize"=3 "RunOnceHasShown"=1 "RunOnceComplete"=1 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=IEUser@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0xCA75E71F7B17D201 "DisableCachingOfSSLPages"=1 "WarnonZoneCrossing"=1 "EnableNegotiate"=1 "ProxyEnable"=0 "MigrateProxy"=1 "DnsCacheTimeout"=7200 "KeepAliveTimeout"=300000 "ReceiveTimeout"=60000 "ServerInfoTimeOut"=300000 "SocketReceiveBufferLength"=65536 "SocketSendBufferLength"=65536 "GlobalUserOffline"=0 "EnableAutodial"=0 "NoNetAutodial"=0 "ProxyHttp1.1"=1 "EnablePunycode"=1 "ShowPunycode"=0 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "ProxyOverride"=*.local "WarNonBadCertReceving"=1 "WarNonHTTPSToHTTPRedirect"=1 "CertificateRevocation"=1 "EnableSPDY3_0"=0 "BackgroundConnections"=1 "EnableSSL3Fallback"=1 "SyncMode5"=4 "WarnonBadCertRecving"=1 "WarnOnPostRedirect"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131231726100295256&GUID=4BB123CC-697A-43A0-93A8-E01B2557B8C2 "StatusBarWeb"=1 "SearchControlWidth"=300 "ForceGDIPlus"=0 "AlwaysShowMenus"=0 "MaxRenderLine"=4000 "UseClearType"=yes "Page_Transitions"=1 "Use_DlgBox_Colors"=yes "Anchor Underline"=yes "Display Inline Images"=yes "Display Inline Videos"=1 "Play_Background_Sounds"=yes "Play_Animations"=yes "Print_Background"=0 "SmoothScroll"=1 "XMLHTTP"=1 "Show image placeholders"=0 "Disable Script Debugger"=yes "Enable AutoImageResize"=yes "XDomainRequest"=1 "DOMStorage"=1 "IE8RunOnceLastShown"=0 "IE8RunOncePerInstallCompleted"=0 "IE8TourNoShow"=0 "IE8TourShown"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangResistance"=0 "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "TabProcGrowth"=Medium "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 [HKLM\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// "gopher"=gopher:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files "TcpAutotuning"=0 "ProxyEnable"=0 "UrlEncoding"=0 "SecureProtocols"=160 "EnableHttp1_1"=1 "ProxyHttp1.1"=1 "ShowPunycode"=0 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "DisableCachingOfSSLPages"=0 "WarnOnPost"=0x01000000 "WarnonBadCertRecving"=1 "WarnOnPostRedirect"=0 "WarnOnZoneCrossing"=1 "WarnOnHTTPSToHTTPRedirect"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131231726100295256&GUID=4BB123CC-697A-43A0-93A8-E01B2557B8C2 "TabProcGrowth"=Medium "Print_Background"=0 "AlwaysShowMenus"=0 "StatusBarWeb"=1 "SearchControlWidth"=300 "ForceGDIPlus"=0 "DEPOff"=0 "MaxRenderLine"=4000 "UseClearType"=yes "Page_Transitions"=1 "Use_DlgBox_Colors"=yes "Anchor Underline"=yes "Display Inline Images"=yes "Display Inline Videos"=1 "Play_Background_Sounds"=yes "Play_Animations"=yes "SmoothScroll"=1 "XMLHTTP"=1 "Show image placeholders"=0 "Disable Script Debugger"=yes "Enable AutoImageResize"=yes "XDomainRequest"=1 "DOMStorage"=1 "IE8RunOnceLastShown"=0 "IE8RunOncePerInstallCompleted"=0 "IE8TourNoShow"=0 "IE8TourShown"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangResistance"=0 "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files "UrlEncoding"=0 "SecureProtocols"=160 "EnableHttp1_1"=1 "ProxyHttp1.1"=1 "ShowPunycode"=0 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "DisableCachingOfSSLPages"=0 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SIOI | SSODL | SEH | URLSH | STS [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [18/09/2016 12:56:33] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll ---------- | Toolbar [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "ShowDiscussionButton"=Yes "Locked"=1 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Position"=1 "ITBar7Layout"=0x13000000000000000000000020000000100000000000000001000000800600005E010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "ShowSearchSuggestionsGlobal"=1 "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 "UpgradeTime"=0xEFB640C7B71FD201 "TopResult"=1 "ShowSearchSuggestionsInAddressGlobal"=1 "KnownProvidersUpgradeTime"=0x1CCF90C4B71FD201 "Version"=4 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "ShowSearchSuggestionsGlobal"=1 "DisplayQuickPick"=1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "ShowSearchSuggestionsGlobal"=1 "DisplayQuickPick"=1 ---------- | Extensions [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () - [] ---------- | SearchScopes [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (C:\Program Files\Microsoft Silverlight\5.1.50709.0\) - Silverlight.Configuration.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00AB3925-B470-4264-B354-03E373074F23}] - (C:\Program Files\AVAST Software\Avast) - aswWrcIELoader32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\System32) - msdt.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1753B788-C64C-4D57-B6BC-95C48992C4A7}] - (C:\Windows\System32) - msspellcheckingfacility.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (C:\Program Files\Microsoft Silverlight\5.1.50709.0\) - agcp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files\Java\jre1.8.0_121\bin) - jp2launcher.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Program Files\Java\jre1.8.0_121\bin) - javaws.exe : C:\Program Files (x86)\Java\jre1.8.0_121\bin\wsdetect.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\system32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] - (%SystemRoot%\System32) - wisptis.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files\Java\jre1.8.0_121\bin) - ssvagent.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\system32\Macromed\Flash) - FlashUtil64_24_0_0_186_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFCB3198-32F3-4E8B-9539-4324694ED664}] - (C:\Program Files\Adblock Plus for IE\) - AdblockPlusEngine.exe : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] - (C:\Program Files (x86)\Microsoft Office\Office12) - winword.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\) - Silverlight.Configuration.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00AB3925-B470-4264-B354-03E373074F23}] - (C:\Program Files\AVAST Software\Avast) - aswWrcIELoader32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\SysWOW64) - msdt.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1753B788-C64C-4D57-B6BC-95C48992C4A7}] - (C:\Windows\SysWOW64) - msspellcheckingfacility.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\) - agcp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] - (C:\Program Files (x86)\Microsoft Office\Office12) - EXCEL.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files (x86)\Java\jre1.8.0_121\bin) - jp2launcher.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Program Files (x86)\Java\jre1.8.0_121\bin) - javaws.exe : C:\Program Files (x86)\Java\jre1.8.0_121\bin\wsdetect.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{643CDDDA-BB87-4B3D-BB82-E8BF99DBF2C6}] - (C:\Program Files (x86)\Microsoft Office\Office12) - EXCEL.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC06A6F-4C88-4707-8DEC-61017CB50E1E}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7278BD0-7970-47D6-8954-99B2343EED88}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF) - RdrCEF.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files (x86)\Java\jre1.8.0_121\bin) - ssvagent.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA1750F5-7ECC-4DAA-AA46-CFC6EE89A953}] - (C:\Program Files (x86)\Microsoft Office\Office12) - winword.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil32_24_0_0_186_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFCB3198-32F3-4E8B-9539-4324694ED664}] - (C:\Program Files\Adblock Plus for IE\) - AdblockPlusEngine.exe : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ---------- | Ext\Settings [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}] : : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}] : : shdocvw.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}] : : C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFCB3198-32F3-4E8B-9539-4324694ED664}] : : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ---------- | Ext\Stats [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0468C085-CA5B-11D0-AF08-00609797F0E0}] : : C:\PROGRA~2\MICROS~1\Office12\OUTLCTL.DLL [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}] : : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}] : : shdocvw.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFCB3198-32F3-4E8B-9539-4324694ED664}] : : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [18/01/2017 11:03:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [18/01/2017 11:03:33] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [18/01/2017 11:03:34] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [18/01/2017 11:03:33] ---------- | Chrome [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej] [HKLM\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 24.0.0.194 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.121.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 24.0.0.194 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{BB25D6E6-0F47-4F3D-8BF4-7881202587C9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{BB25D6E6-0F47-4F3D-8BF4-7881202587C9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BB25D6E6-0F47-4F3D-8BF4-7881202587C9}] "DhcpNameServer"=192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] - () - [8,0,7600,17136] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - [1,1,1,9] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - [6,1,7601,17514] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{66C64F22-FC60-4E6C-A6B5-F0D580E680CE}] - () - [11,0,9600,0] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - [12,0,7601,23517] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D715857-A67C-4C2F-A929-038448584D63}] - () - [11,0,9600,0] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - [6,1,7601,23537] - -> [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,7601,23517] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,7601,23517] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - [1,1,1,9] - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [6,1,7601,17514] - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{63DF5C4B-E3BF-3346-A033-C57B22F44C9E}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{66C64F22-FC60-4E6C-A6B5-F0D580E680CE}] - (Enable TLS1.1 and 1.2) - [11,0,9600,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -EnableTLS [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,7601,23517] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [6,1,7601,17514] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D715857-A67C-4C2F-A929-038448584D63}] - (Disable SSL3) - [11,0,9600,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -DisableSSL3 [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - [6,1,7601,23537] - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U shell32.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - [11,0,9600,0] - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,0,9600,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [6,3,9600,18537] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - [12,0,7601,23517] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - [12,0,7601,23517] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - [1,1,1,9] - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - [6,1,7601,17514] - -> "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - [4,71,1113,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - [5,6,0,8833] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{63DF5C4B-E3BF-3346-A033-C57B22F44C9E}] - (.NET Framework) - [4,0,30319,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - [12,0,7601,23517] - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - [4,9,9,2] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - [6,1,7601,17514] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - [2,0,50727,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - [6,1,7601,23537] - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U shell32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - [] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - [] - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - [11,0,9600,18537] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - [2,0,50727,1] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - [11,0,9600,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - [6,3,9600,18537] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - [5,0,00,0] - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] - (.NET Framework) - [4,0,30319,0] - -> ---------- | Applications [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Classes\Applications\GuitarPro.exe] : "C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe" "%1" [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Classes\Applications\Transcribe.exe] : "C:\Program Files (x86)\Transcribe!\Transcribe.exe" "%1" [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Classes\Applications\wrar330fr.exe] : "D:\logiciels\winrar 330 fr\wrar330fr.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\VCDMount.exe] : "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDMount.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VCDMount.exe] : "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDMount.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: WPD Association LUA Virtual Factory - AppID: {00393519-3A67-4507-A2B8-85146167ACA7} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: Virtual Factory for Biometrics - AppID: {0142e4d1-fb7a-11dc-ba4a-000ffe7ab428} Name: QTUIPanelControl - AppID: {02C4F32F-C02D-419B-8889-5CBF2FBD7F3D} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: WPDBusEnum - AppID: {03f25b41-e981-4675-a256-27d1393e7488} Name: Device Display Object Function Discovery Provider - AppID: {04626806-2243-4354-ab44-4ade718d09df} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: SymSnapService - AppID: {0D9FFFC1-608C-4850-9240-429D6A49F1E8} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: ehRec - AppID: {0E11CB54-4C4A-4B37-AE0B-E93CEE60E646} Name: mcGlidHost - AppID: {0F8DD0B7-D5A6-4C0C-BA04-8A2CA3CE5EE1} Name: Vista Elevated Windows Update Web Control - AppID: {11c058e0-9f3e-4c90-a459-2553f2f9e011} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: DelayAPO - AppID: {158401D3-257E-422E-9033-9C465D3F262E} Name: AppleSoftwareUpdateAdmin - AppID: {16D99191-6280-4B33-A2F5-04805A0FC582} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: SBEServer - AppID: {1A26548E-BC18-4DB0-B60C-75E8491D34AB} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: wpcao.dll - AppID: {1E5300BE-0762-4527-8140-C0FF22DDFC56} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: WatAdmin Service - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A716} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: Sensors Sensor Configuration Helper - AppID: {2331D136-E39D-4019-92D6-7CE5579962FB} Name: TabBtnEx - AppID: {25351F98-BEC9-4BA0-A1F7-D9D69225E52F} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: JZipShell - AppID: {2e3a0cb2-68e6-4399-9a32-f5d5512b87e9} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: IPBusEnum - AppID: {344ED43D-D086-4961-86A6-1106F4ACAD9B} Name: REXServerCOM - AppID: {35a41a10-9133-447d-92cd-c7dd2aff6f27} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: DevicePairingHandler.dll - AppID: {383b69fa-5486-49da-91f5-d63c24c8e9d0} Name: Windows Media Center Search Protocol Handler - AppID: {3B07977C-7A38-455D-AAD5-88500A360D24} Name: StarBurnXLib - AppID: {3DD7EA49-B5E1-4493-895D-C73562138FC0} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: MSTTS DecObj Class Surrogate - AppID: {3F6B5E16-092A-41ED-930B-0B4125D91D4E} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: InkWatson - AppID: {43332d9a-f3a9-4de4-be9a-0fa730bc311d} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Health Key and Certificate Management - AppID: {46298684-0fd3-47f3-94b3-65650c65b36a} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ehmsas - AppID: {4EFC572D-7C9C-455C-99F3-CA4D6838E55B} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: AvastGUIProxy - AppID: {5020EF2C-60F4-47BE-8918-A167229B11EE} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: Offline Files Service - AppID: {52551A19-B337-498d-AE75-2283E29902DE} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Watson subscriber for SENS Network Events - AppID: {58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: PrintBrmEngine - AppID: {5C797117-3B23-4549-A6D8-475AB3B62228} Name: Virtual Factory for Display CPL - AppID: {5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: Found New Hardware Wizard - AppID: {658A269B-B922-4e62-B519-50B1CF0787D1} Name: McxMdeOutputProfile - AppID: {659A3105-82A2-49F9-B7E4-263766BDF1DD} Name: AvAScr - AppID: {66A841F2-956C-4631-BFE7-C90225F417D6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: SoftwareUpdateApp - AppID: {6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Sensors CPL Change Device Permission LUA Helper - AppID: {6CE51F75-0448-438e-B9CA-69C352A248A7} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows SideShow AutoWake Configuration Helper - AppID: {71B804C5-5577-471D-8FE5-C4A45B654EB8} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: Sensors CPL Change Description LUA Helper - AppID: {76AE5F57-B7C9-421f-B55E-FB25144317B6} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: AVSVideoConverterHost - AppID: {77E2A9EF-E803-484B-A2CF-096203A756E3} Name: OInfoP12 - AppID: {782A624F-C836-4135-B845-D45174463039} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: NIHelperUAC - AppID: {7E3CE842-609C-4B58-953A-787F7B79F09A} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: GPMC Reporting - AppID: {7f9bbc82-ba5f-4448-8622-ef76b8d007e6} Name: RecuvaShell - AppID: {80109467-DE5A-42A1-9445-7E3952C80B6E} Name: WlanConn - AppID: {825FC848-87F7-4F26-9EF6-43964094FF98} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: APSDaemon - AppID: {85187E17-383D-4EC5-B8D6-D9466EE3DD92} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: Mcx2Setup Class - AppID: {893CFE8F-CD6B-412E-A2F0-10840D69E858} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: Virtual Factory for Action Center CPL - AppID: {8D26D9AA-5DA8-4b95-949A-B74954A229A6} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: WMPDMCCore - AppID: {92C2A9B3-4228-438E-8A7B-EF110987764C} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: QuickTimePlayerSvr - AppID: {99ED6837-E8B5-42cf-9434-B15BDEF08E45} Name: Default Location CPL Data Handler LUA Helper - AppID: {9A630456-078D-43d3-9F1D-DF7A5BC0FA44} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: Windows Parental Controls - AppID: {A2D8CFE7-7BA4-4bad-B86B-851376B59134} Name: MhegVM - AppID: {A3637A1F-8CD0-4DA3-9EF5-CC0BD38AF308} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: NetProjW - AppID: {A5FFF81C-DB47-4658-A890-474CE0A3E729} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Windows Media Player Encoder Helper Class - AppID: {A9D431C2-6D56-4727-9690-ADBE66B9184A} Name: V2iPlugin - AppID: {AA013A40-AE1C-43E9-B774-D543300275AB} Name: AVSGraphics - AppID: {AB5F2678-2773-44c4-A637-33DFBC51233B} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: NAP Agent Service - AppID: {B292921D-AF50-400c-9B75-0C57A7F29BA1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: ehRecvr - AppID: {b622553e-eadb-445e-9493-c3df5af99268} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: WwanAdvui - AppID: {b70cc729-28ae-11dd-9676-000000000000} Name: NPSDM - AppID: {B7ECAE27-FED1-4342-9476-5D0CE8313993} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: QtMovExporter - AppID: {BF454B06-2233-4C3D-9CD9-168DA91D7FCA} Name: ExportController - AppID: {C03E0431-0CA9-46B8-95FB-CDE2E93888C5} Name: otkloadr - AppID: {C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: ehVid - AppID: {C3812B04-E2F1-4E53-95F8-B2363C198946} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Nap Elevated COM class - AppID: {c5bbbd35-e321-468a-9884-6708aa083f83} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: LocationDisp - AppID: {CBDC4B31-CBE4-4A5B-BECF-64B29E47D2AD} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: SharedAccess - AppID: {ce166e40-1e72-45b9-94c9-3b2050e8f180} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: %systemroot%\system32\colorui.dll - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Windows SideShow Device Configuration Helper - AppID: {D3667F1E-CCB8-4A69-99DF-59A2B2A6753F} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: ghost - AppID: {D58F39FF-953E-4F45-898F-59F243B9A523} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: Bluewire unpairing elevation surrogate - AppID: {D88EC52B-8D57-49e1-9EB3-4D267D68A2AE} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: MFCongestionController - AppID: {DE77B1FA-E898-42A0-B647-DFB567BFD89B} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: EhEtwServer - AppID: {E1990E85-DFE4-4410-82CE-C74C57BF6E8E} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Sensors PropertyPage Host - AppID: {E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45e1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: Windows SideShow PropertyPage Host - AppID: {F056D291-A2AB-45f7-8EE4-40454493B351} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F} Name: LHShellExt - AppID: {F27D387F-00BA-4520-A616-1F9CFE561309} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Windows Update Agent User Interface - AppID: {f62fdd2e-66d2-423b-9a04-f71ea00f892a} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: Microsoft.Aspnet.Snapin.AspNetManagementUtility.4 - AppID: {F75B6772-91E4-4D2F-9D44-61A447109C2B} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: ehSched - AppID: {FA018B44-5E9F-4875-B127-5085A1B02ABD} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: NPSC - AppID: {FF8C909E-B6B8-4367-8735-96340EC04A43} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: WPD Association LUA Virtual Factory - AppID: {00393519-3A67-4507-A2B8-85146167ACA7} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: Virtual Factory for Biometrics - AppID: {0142e4d1-fb7a-11dc-ba4a-000ffe7ab428} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: WPDBusEnum - AppID: {03f25b41-e981-4675-a256-27d1393e7488} Name: Device Display Object Function Discovery Provider - AppID: {04626806-2243-4354-ab44-4ade718d09df} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: SymSnapService - AppID: {0D9FFFC1-608C-4850-9240-429D6A49F1E8} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: ehRec - AppID: {0E11CB54-4C4A-4B37-AE0B-E93CEE60E646} Name: mcGlidHost - AppID: {0F8DD0B7-D5A6-4C0C-BA04-8A2CA3CE5EE1} Name: Vista Elevated Windows Update Web Control - AppID: {11c058e0-9f3e-4c90-a459-2553f2f9e011} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: DelayAPO - AppID: {158401D3-257E-422E-9033-9C465D3F262E} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: SBEServer - AppID: {1A26548E-BC18-4DB0-B60C-75E8491D34AB} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: wpcao.dll - AppID: {1E5300BE-0762-4527-8140-C0FF22DDFC56} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: WatAdmin Service - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A716} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: Sensors Sensor Configuration Helper - AppID: {2331D136-E39D-4019-92D6-7CE5579962FB} Name: TabBtnEx - AppID: {25351F98-BEC9-4BA0-A1F7-D9D69225E52F} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: JZipShell - AppID: {2e3a0cb2-68e6-4399-9a32-f5d5512b87e9} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: IPBusEnum - AppID: {344ED43D-D086-4961-86A6-1106F4ACAD9B} Name: REXServerCOM - AppID: {35a41a10-9133-447d-92cd-c7dd2aff6f27} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: DevicePairingHandler.dll - AppID: {383b69fa-5486-49da-91f5-d63c24c8e9d0} Name: Windows Media Center Search Protocol Handler - AppID: {3B07977C-7A38-455D-AAD5-88500A360D24} Name: StarBurnXLib - AppID: {3DD7EA49-B5E1-4493-895D-C73562138FC0} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: MSTTS DecObj Class Surrogate - AppID: {3F6B5E16-092A-41ED-930B-0B4125D91D4E} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: InkWatson - AppID: {43332d9a-f3a9-4de4-be9a-0fa730bc311d} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Health Key and Certificate Management - AppID: {46298684-0fd3-47f3-94b3-65650c65b36a} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ehmsas - AppID: {4EFC572D-7C9C-455C-99F3-CA4D6838E55B} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: AvastGUIProxy - AppID: {5020EF2C-60F4-47BE-8918-A167229B11EE} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: Offline Files Service - AppID: {52551A19-B337-498d-AE75-2283E29902DE} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Watson subscriber for SENS Network Events - AppID: {58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: PrintBrmEngine - AppID: {5C797117-3B23-4549-A6D8-475AB3B62228} Name: Virtual Factory for Display CPL - AppID: {5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: Found New Hardware Wizard - AppID: {658A269B-B922-4e62-B519-50B1CF0787D1} Name: McxMdeOutputProfile - AppID: {659A3105-82A2-49F9-B7E4-263766BDF1DD} Name: AvAScr - AppID: {66A841F2-956C-4631-BFE7-C90225F417D6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Sensors CPL Change Device Permission LUA Helper - AppID: {6CE51F75-0448-438e-B9CA-69C352A248A7} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows SideShow AutoWake Configuration Helper - AppID: {71B804C5-5577-471D-8FE5-C4A45B654EB8} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: Sensors CPL Change Description LUA Helper - AppID: {76AE5F57-B7C9-421f-B55E-FB25144317B6} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: AVSVideoConverterHost - AppID: {77E2A9EF-E803-484B-A2CF-096203A756E3} Name: OInfoP12 - AppID: {782A624F-C836-4135-B845-D45174463039} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: NIHelperUAC - AppID: {7E3CE842-609C-4B58-953A-787F7B79F09A} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: GPMC Reporting - AppID: {7f9bbc82-ba5f-4448-8622-ef76b8d007e6} Name: RecuvaShell - AppID: {80109467-DE5A-42A1-9445-7E3952C80B6E} Name: WlanConn - AppID: {825FC848-87F7-4F26-9EF6-43964094FF98} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: APSDaemon - AppID: {85187E17-383D-4EC5-B8D6-D9466EE3DD92} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: Mcx2Setup Class - AppID: {893CFE8F-CD6B-412E-A2F0-10840D69E858} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: Virtual Factory for Action Center CPL - AppID: {8D26D9AA-5DA8-4b95-949A-B74954A229A6} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: WMPDMCCore - AppID: {92C2A9B3-4228-438E-8A7B-EF110987764C} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: Default Location CPL Data Handler LUA Helper - AppID: {9A630456-078D-43d3-9F1D-DF7A5BC0FA44} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: Windows Parental Controls - AppID: {A2D8CFE7-7BA4-4bad-B86B-851376B59134} Name: MhegVM - AppID: {A3637A1F-8CD0-4DA3-9EF5-CC0BD38AF308} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: NetProjW - AppID: {A5FFF81C-DB47-4658-A890-474CE0A3E729} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Windows Media Player Encoder Helper Class - AppID: {A9D431C2-6D56-4727-9690-ADBE66B9184A} Name: V2iPlugin - AppID: {AA013A40-AE1C-43E9-B774-D543300275AB} Name: AVSGraphics - AppID: {AB5F2678-2773-44c4-A637-33DFBC51233B} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: NAP Agent Service - AppID: {B292921D-AF50-400c-9B75-0C57A7F29BA1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: ehRecvr - AppID: {b622553e-eadb-445e-9493-c3df5af99268} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: WwanAdvui - AppID: {b70cc729-28ae-11dd-9676-000000000000} Name: NPSDM - AppID: {B7ECAE27-FED1-4342-9476-5D0CE8313993} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: QtMovExporter - AppID: {BF454B06-2233-4C3D-9CD9-168DA91D7FCA} Name: otkloadr - AppID: {C04E4E5E-89E6-43C0-92BD-D3F2C7FBA5C4} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: ehVid - AppID: {C3812B04-E2F1-4E53-95F8-B2363C198946} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Nap Elevated COM class - AppID: {c5bbbd35-e321-468a-9884-6708aa083f83} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: LocationDisp - AppID: {CBDC4B31-CBE4-4A5B-BECF-64B29E47D2AD} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: SharedAccess - AppID: {ce166e40-1e72-45b9-94c9-3b2050e8f180} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: %systemroot%\system32\colorui.dll - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Windows SideShow Device Configuration Helper - AppID: {D3667F1E-CCB8-4A69-99DF-59A2B2A6753F} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: ghost - AppID: {D58F39FF-953E-4F45-898F-59F243B9A523} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: Bluewire unpairing elevation surrogate - AppID: {D88EC52B-8D57-49e1-9EB3-4D267D68A2AE} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: MFCongestionController - AppID: {DE77B1FA-E898-42A0-B647-DFB567BFD89B} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: EhEtwServer - AppID: {E1990E85-DFE4-4410-82CE-C74C57BF6E8E} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Sensors PropertyPage Host - AppID: {E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45e1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: Windows SideShow PropertyPage Host - AppID: {F056D291-A2AB-45f7-8EE4-40454493B351} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F} Name: LHShellExt - AppID: {F27D387F-00BA-4520-A616-1F9CFE561309} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Windows Update Agent User Interface - AppID: {f62fdd2e-66d2-423b-9a04-f71ea00f892a} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: Microsoft.Aspnet.Snapin.AspNetManagementUtility.4 - AppID: {F75B6772-91E4-4D2F-9D44-61A447109C2B} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: ehSched - AppID: {FA018B44-5E9F-4875-B127-5085A1B02ABD} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: NPSC - AppID: {FF8C909E-B6B8-4367-8735-96340EC04A43} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{04626806-2243-4354-ab44-4ade718d09df}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{04626806-2243-4354-ab44-4ade718d09df}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{04626806-2243-4354-ab44-4ade718d09df}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0E11CB54-4C4A-4B37-AE0B-E93CEE60E646}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{0E11CB54-4C4A-4B37-AE0B-E93CEE60E646}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0E11CB54-4C4A-4B37-AE0B-E93CEE60E646}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0E11CB54-4C4A-4B37-AE0B-E93CEE60E646}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0F8DD0B7-D5A6-4C0C-BA04-8A2CA3CE5EE1}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{0F8DD0B7-D5A6-4C0C-BA04-8A2CA3CE5EE1}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0F8DD0B7-D5A6-4C0C-BA04-8A2CA3CE5EE1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0F8DD0B7-D5A6-4C0C-BA04-8A2CA3CE5EE1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1E5300BE-0762-4527-8140-C0FF22DDFC56}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1E5300BE-0762-4527-8140-C0FF22DDFC56}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1E5300BE-0762-4527-8140-C0FF22DDFC56}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A716}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A716}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A716}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A716}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A716}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{2331D136-E39D-4019-92D6-7CE5579962FB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2331D136-E39D-4019-92D6-7CE5579962FB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2331D136-E39D-4019-92D6-7CE5579962FB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37B05236-FFB5-4D42-B0C8-4A36CBF1BE62}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37B05236-FFB5-4D42-B0C8-4A36CBF1BE62}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{383b69fa-5486-49da-91f5-d63c24c8e9d0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{383b69fa-5486-49da-91f5-d63c24c8e9d0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{383b69fa-5486-49da-91f5-d63c24c8e9d0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{44C39C96-0167-478F-B68D-783294A2545D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{44C39C96-0167-478F-B68D-783294A2545D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{44C39C96-0167-478F-B68D-783294A2545D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5D05A4EB-54EA-4B7F-A28D-CE51F6BCBAF2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{71B804C5-5577-471D-8FE5-C4A45B654EB8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{71B804C5-5577-471D-8FE5-C4A45B654EB8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{71B804C5-5577-471D-8FE5-C4A45B654EB8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76AE5F57-B7C9-421f-B55E-FB25144317B6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{76AE5F57-B7C9-421f-B55E-FB25144317B6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76AE5F57-B7C9-421f-B55E-FB25144317B6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E3CE842-609C-4B58-953A-787F7B79F09A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E3CE842-609C-4B58-953A-787F7B79F09A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7f9bbc82-ba5f-4448-8622-ef76b8d007e6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7f9bbc82-ba5f-4448-8622-ef76b8d007e6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{825FC848-87F7-4F26-9EF6-43964094FF98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{825FC848-87F7-4F26-9EF6-43964094FF98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{825FC848-87F7-4F26-9EF6-43964094FF98}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{893CFE8F-CD6B-412E-A2F0-10840D69E858}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{893CFE8F-CD6B-412E-A2F0-10840D69E858}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{893CFE8F-CD6B-412E-A2F0-10840D69E858}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D26D9AA-5DA8-4b95-949A-B74954A229A6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D26D9AA-5DA8-4b95-949A-B74954A229A6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D26D9AA-5DA8-4b95-949A-B74954A229A6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9A630456-078D-43d3-9F1D-DF7A5BC0FA44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9A630456-078D-43d3-9F1D-DF7A5BC0FA44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9A630456-078D-43d3-9F1D-DF7A5BC0FA44}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A5FFF81C-DB47-4658-A890-474CE0A3E729}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A5FFF81C-DB47-4658-A890-474CE0A3E729}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A5FFF81C-DB47-4658-A890-474CE0A3E729}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b622553e-eadb-445e-9493-c3df5af99268}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b622553e-eadb-445e-9493-c3df5af99268}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b622553e-eadb-445e-9493-c3df5af99268}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b622553e-eadb-445e-9493-c3df5af99268}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C3812B04-E2F1-4E53-95F8-B2363C198946}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C3812B04-E2F1-4E53-95F8-B2363C198946}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C3812B04-E2F1-4E53-95F8-B2363C198946}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3812B04-E2F1-4E53-95F8-B2363C198946}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D3667F1E-CCB8-4A69-99DF-59A2B2A6753F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D3667F1E-CCB8-4A69-99DF-59A2B2A6753F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{D3667F1E-CCB8-4A69-99DF-59A2B2A6753F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D88EC52B-8D57-49e1-9EB3-4D267D68A2AE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D88EC52B-8D57-49e1-9EB3-4D267D68A2AE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{D88EC52B-8D57-49e1-9EB3-4D267D68A2AE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7F34D0A-582E-4a48-98BA-6E58AAA3AD4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F056D291-A2AB-45f7-8EE4-40454493B351}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F056D291-A2AB-45f7-8EE4-40454493B351}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F056D291-A2AB-45f7-8EE4-40454493B351}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA018B44-5E9F-4875-B127-5085A1B02ABD}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FA018B44-5E9F-4875-B127-5085A1B02ABD}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FA018B44-5E9F-4875-B127-5085A1B02ABD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA018B44-5E9F-4875-B127-5085A1B02ABD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" ---------- | SvcHost [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "RPCSS"=RpcEptMapper RpcSs "defragsvc"=defragsvc "LocalSystemNetworkRestricted"=UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc IPBusEnum hidserv dot3svc irmon sysmain PcaSvc homegrouplistener WPDBusEnum wlansvc TabletInputService CscService UmRdpService WiaRpc "LocalService"=nsi WdiServiceHost w32time EventSystem RemoteRegistry WinHttpAutoProxySvc sppuinotify THREADORDER netprofm lltdsvc fdphost SstpSvc WebClient FontCache "netsvcs"=AeLookupSvc CertPropSvc SCPolicySvc lanmanserver gpsvc IKEEXT AudioSrv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp TermService wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr iphlpsvc seclogon AppInfo msiscsi MMCSS winmgmt SessionEnv browser EapHost schedule hkmsvc wercplsupport ProfSvc Themes BDESVC AppMgmt "WerSvcGroup"=wersvc "LocalServiceNoNetwork"=DPS PLA BFE mpssvc WwanSvc "termsvcs"=TermService "swprv"=swprv "LocalServiceNetworkRestricted"=DHCP eventlog AudioSrv BthHFSrv LmHosts wscsvc homegroupprovider WPCSvc "LocalServicePeerNet"=PNRPSvc p2pimsvc p2psvc PnrpAutoReg "NetworkServiceAndNoImpersonation"=KtmRm "regsvc"=RemoteRegistry "LocalServiceAndNoImpersonation"=SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc "DcomLaunch"=Power PlugPlay DcomLaunch "NetworkServiceNetworkRestricted"=PolicyAgent "NetworkService"=CryptSvc DHCP TermService DNSCache lanmanworkstation NapAgent nlasvc WinRM WECSVC Tapisrv "sdrsvc"=sdrsvc "WbioSvcGroup"=WbioSrvc "imgsvc"=StiSvc "wcssvc"=WcsPlugInService "AxInstSVGroup"=AxInstSV "secsvcs"=WinDefend "bthsvcs"=bthserv "PeerDist"=PeerDistSvc "zipsvcs"=ziphost "utcsvc"=DiagTrack [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "netsvcs"=AeLookupSvc CertPropSvc SCPolicySvc lanmanserver gpsvc AudioSrv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp TermService wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr iphlpsvc msiscsi schedule SessionEnv winmgmt AppMgmt HpSvc "LocalService"=RemoteRegistry WinHttpAutoProxySvc sppuinotify netprofm WebClient "LocalSystemNetworkRestricted"=Netman AudioEndpointBuilder dot3svc WPDBusEnum wlansvc WiaRpc "LocalServiceNoNetwork"=PLA "rpcss"=RpcSs "LocalServiceNetworkRestricted"=AudioSrv BthHFSrv LmHosts wscsvc WPCSvc "LocalServiceAndNoImpersonation"=SSDPSRV upnphost SCardSvr QWAVE wcncsvc "DcomLaunch"=Power PlugPlay DcomLaunch "NetworkService"=CryptSvc DHCP TermService DNSCache NapAgent nlasvc WinRM WECSVC Tapisrv "imgsvc"=StiSvc "wcssvc"=WcsPlugInService "MuroghfibchCloud"=MuroghfibchCloud "zipsvcs"=ziphost ---------- | SvcHost - Netsvcs (Whitelisted) Term - : HpSvc - : ---------- | Software [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Acro Software Inc] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\AdblockPlus] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Adobe] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\AppDataLow] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Apple Inc.] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Arobas Music] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\ASProtect] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\ATI] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Auslogics] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\AVAST Software] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\AVS4YOU] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\BandiMPEG1] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\BANDISOFT] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Bitdefender] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\BugSplat] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Cakewalk Music Software] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Canon] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Clients] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\csastats] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\DAMN] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\DirectShow] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Disc Soft] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\dlr] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\EasyBoot Systems] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Elaborate Bytes] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\FreeTime] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\GNU] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Google] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Greatis] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Icaros] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\IM Providers] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Intel] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\JavaSoft] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Kingsoft] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Lavalys] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Leadertech] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\LG Electronics] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\LockHunter] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\LogiShrd] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Logitech] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\LowRegistry] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Macromedia] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\madshi] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\MAGIX] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\MediaInfo] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\MOVAVI] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Mozilla] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\MozillaPlugins] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\MPC-HC] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Native Instruments] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Netscape] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Neuber GbR] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\ODBC] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Piriform] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Policies] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\PopWnd] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\ProductSetup] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Psicraft] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\QiLu Inc.] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\QtProject] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Seventh String Software] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Skype] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Softros] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Sony Creative Software] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Sound Quest] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\sysinternals] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\TeamViewer] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Trolltech] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\vanBasco] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\VS Revo Group] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Wget] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\WinRAR] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\WinRAR SFX] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Wondershare] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Wow6432Node] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\ZHP] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Adblock Plus for IE] [HKLM\Software\Adobe] [HKLM\Software\AdsFix] [HKLM\Software\AMD] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\BandiMPEG1] [HKLM\Software\Cakewalk Music Software] [HKLM\Software\Class] [HKLM\Software\Clients] [HKLM\Software\CurrentConfig] [HKLM\Software\cybelsoft] [HKLM\Software\Disc Soft] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\Icaros] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Native Instruments] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Sonic] [HKLM\Software\Sony Creative Software] [HKLM\Software\swearware] [HKLM\Software\Sysinternals] [HKLM\Software\Volatile] [HKLM\Software\WinRAR] [HKLM\Software\Wondershare] [HKLM\Software\Wow6432Node] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\ACE Compression Software] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\AVS4YOU] [HKLM\Software\WOW6432Node\BandiMPEG1] [HKLM\Software\WOW6432Node\BANDISOFT] [HKLM\Software\WOW6432Node\Cakewalk Music Software] [HKLM\Software\WOW6432Node\CDDB] [HKLM\Software\WOW6432Node\DAMN] [HKLM\Software\WOW6432Node\EasyBoot Systems] [HKLM\Software\WOW6432Node\EDIROL] [HKLM\Software\WOW6432Node\Elaborate Bytes] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GPL Ghostscript] [HKLM\Software\WOW6432Node\Greatis] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Kingsoft] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\LDSGameCenter] [HKLM\Software\WOW6432Node\ldssrv] [HKLM\Software\WOW6432Node\LG Electronics] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Line 6] [HKLM\Software\WOW6432Node\logishrd] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAGIX] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugin] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\Native Instruments] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OldTimer Tools] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\Pocket Soft] [HKLM\Software\WOW6432Node\PocketSoft] [HKLM\Software\WOW6432Node\QiLu Inc.] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Secunia] [HKLM\Software\WOW6432Node\Sensible Vision] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Sony Creative Software] [HKLM\Software\WOW6432Node\Sony Media Software] [HKLM\Software\WOW6432Node\Swearware] [HKLM\Software\WOW6432Node\SymNRT] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\TuxGuitar] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | FeatureControl [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "AcroRd32.exe"="10001" [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_MODE] "iexplore.exe"="8" [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8000" "sllauncher.exe"="8000" "CCleaner64.exe"="11001" "Filmora.exe"="9999" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] "iexplore.exe"="1" "*"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGuiIT.exe"="0" "SAPGUI.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" "sllauncher.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES] "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" "sllauncher.exe"="6" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" "sllauncher.exe"="6" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MEMPROTECT_MODE] "*"="3" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "winmail.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "ehExtHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "wmplayer.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" "ehexthost32.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "PresentationHost.exe"="1" "mininews.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "PresentationHost.exe"="1" "mininews.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8000" "mininews.exe"="9999" "mbam.exe"="11000" "bdcam.exe"="11000" "sllauncher.exe"="8000" "Skype.exe"="11001" "SkypeBrowserHost.exe"="10001" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] "iexplore.exe"="1" "*"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGuiIT.exe"="0" "SAPGUI.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "ehexthost32.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" "sllauncher.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES] "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" "sllauncher.exe"="1" "winword.exe"="1" "winwordd.exe"="1" "excel.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" "sllauncher.exe"="6" "Skype.exe"="6" "SkypeBrowserHost.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" "sllauncher.exe"="6" "Skype.exe"="6" "SkypeBrowserHost.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MEMPROTECT_MODE] "*"="3" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="0" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "ehexthost32.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "wmplayer.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "winmail.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "bdcam.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WARN_ON_SEC_CERT_REV_FAILED] "mbam.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OUTLOOK.EXE"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "ehexthost32.exe"="1" "OUTLOOK.EXE"="1" "clview.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [18/01/2017 11:03:24] - |D| - [164216934] - C:\Program Files (x86)\Java [MD5.00000000000000000000000000000000] - [22/01/2017 16:11:02] - |D| - [209502998] - C:\Windows\erdnt [MD5.9E05A9C264C8A908A8E79450FCBFF047] - [22/01/2017 16:11:38] - |A| - [80412] - C:\Windows\grep.exe [MD5.0277C027A26428DB64EF4F64F52BB4FD] - [22/01/2017 16:11:38] - |A| - [208896] - C:\Windows\MBR.exe [MD5.753BC16326FEE4A421ACB636CCD602F4] - [22/01/2017 16:11:38] - |A| - [60416] - C:\Windows\NIRCMD.exe [MD5.3FD9965F45FB29434C74ADE23EA8D15C] - [15/01/2017 11:13:17] - |A| - [124376] - C:\Windows\ntbtlog.txt [MD5.F042EE4C8D66248D9B86DCF52ABAE416] - [22/01/2017 16:11:38] - |A| - [256000] - C:\Windows\PEV.exe [MD5.63F3FC1ADE8A0E205514025B0836D375] - [18/01/2017 10:36:43] - |A| - [874] - C:\Windows\PFRO.log [MD5.2B657A67AEBB84AEA5632C53E61E23BF] - [22/01/2017 16:11:38] - |A| - [98816] - C:\Windows\sed.exe [MD5.F1F6654D16C2AF15ADEA3B828ABBD343] - [11/01/2017 17:50:30] - |A| - [2464] - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2017 17:50:30] - |A| - [0] - C:\Windows\setuperr.log [MD5.A46842C9B0C567A5A9584E83A163560C] - [22/01/2017 16:11:38] - |A| - [518144] - C:\Windows\SWREG.exe [MD5.0297C72529807322B152F517FDB0A9FC] - [22/01/2017 16:11:38] - |A| - [406528] - C:\Windows\SWSC.exe [MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - [22/01/2017 16:11:38] - |A| - [68096] - C:\Windows\zip.exe [MD5.72C91237F7C7A0527FA5F0752CF81A66] - [19/01/2017 11:28:55] - |RA| - [1937408] - C:\Windows\Installer\101a22.msp [MD5.AAB2B54546910A376A51AA4C57695D38] - [10/01/2017 18:28:06] - |A| - [876032] - C:\Windows\Installer\1baf096.msi [MD5.E3869EFD0836C950E46B02D3CBC67184] - [09/01/2017 04:41:00] - |RA| - [25853952] - C:\Windows\Installer\1baf148.msp [MD5.B74ED1BA6C10A4928917517B663DF051] - [13/01/2017 23:47:06] - |A| - [43405312] - C:\Windows\Installer\2af27.msi [MD5.603A2E7E09BFA71EECB3E18E68EA23C3] - [18/01/2017 11:03:21] - |A| - [28839936] - C:\Windows\Installer\d2110.msi [MD5.FCF1AAB35A8CDC5CF2E80AF14A2AC76E] - [18/01/2017 11:03:18] - |A| - [761856] - C:\Windows\Installer\d2119.msi [MD5.23ADFD86824DE9B035C870D35C6C9A3B] - [18/01/2017 11:03:23] - |A| - [20480] - C:\Windows\Installer\SourceHash{26A24AE4-039D-4CA4-87B4-2F32180121F0} [MD5.99B230D14F52124F7667816E6733D44F] - [18/01/2017 11:04:01] - |A| - [20480] - C:\Windows\Installer\SourceHash{4A03706F-666A-4037-7777-5F2748764D10} [MD5.923E752EE5AAA62771E417C10FF1AAFC] - [10/01/2017 18:28:09] - |A| - [20480] - C:\Windows\Installer\SourceHash{AC76BA86-0804-1033-1959-001824211354} [MD5.00000000000000000000000000000000] - [10/01/2017 18:28:09] - |D| - [10134] - C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824211354} [MD5.00000000000000000000000000000000] - [13/01/2017 23:47:16] - |D| - [143612] - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6} [MD5.06175F9EC59D198B6EE35C78339588C3] - [11/01/2017 10:46:55] - |A| - [690688] - C:\Windows\system32\adtschema.dll [MD5.1038294D707409DC510AED77BA65DE8B] - [11/01/2017 10:46:55] - |A| - [64000] - C:\Windows\system32\auditpol.exe [MD5.CA260EFA523C65B90AD646826B8601B7] - [11/01/2017 10:46:55] - |A| - [123904] - C:\Windows\system32\bcrypt.dll [MD5.67FB2FF173E0C6890D667322B9A243F5] - [11/01/2017 10:46:55] - |A| - [463872] - C:\Windows\system32\certcli.dll [MD5.A27BD16585219577C70FD8CDE22A5742] - [11/01/2017 10:46:55] - |A| - [22016] - C:\Windows\system32\credssp.dll [MD5.30D8D88B22F969C923BD563D1F9D5C05] - [11/01/2017 10:46:55] - |A| - [43520] - C:\Windows\system32\cryptbase.dll [MD5.9376F91615F880DAF6C08CB4D27AC5E8] - [11/01/2017 17:50:14] - |A| - [294456] - C:\Windows\system32\FNTCACHE.DAT [MD5.D1D2AFEA0DD07916515B82D78D65306C] - [11/01/2017 10:46:55] - |A| - [730624] - C:\Windows\system32\kerberos.dll [MD5.4ADD5DBC4156B51DC0A72DD9CEF9EB45] - [11/01/2017 10:46:55] - |A| - [1460736] - C:\Windows\system32\lsasrv.dll [MD5.1F9335A2C68B65E7D95985FA50968EA0] - [11/01/2017 10:46:55] - |A| - [30720] - C:\Windows\system32\lsass.exe [MD5.7C028FA9C9FDDE04E4924F6D30CEC6E8] - [11/01/2017 10:46:55] - |A| - [146432] - C:\Windows\system32\msaudite.dll [MD5.01E934271840EFA62D90C79A8B9D4054] - [11/01/2017 10:46:55] - |A| - [60416] - C:\Windows\system32\msobjs.dll [MD5.6F075F832A8DAED15A1D780339040BD0] - [11/01/2017 10:46:55] - |A| - [316928] - C:\Windows\system32\msv1_0.dll [MD5.D24E542075CEDE62E665D2BD0B05BF75] - [11/01/2017 10:46:55] - |A| - [312320] - C:\Windows\system32\ncrypt.dll [MD5.727BFA9DA828063D6117DB003AC02FE6] - [11/01/2017 10:46:55] - |A| - [190464] - C:\Windows\system32\rpchttp.dll [MD5.8A76D3248C253BA8E47E0E9F00ACBDE6] - [11/01/2017 10:46:55] - |A| - [1212928] - C:\Windows\system32\rpcrt4.dll [MD5.FA778FD134FCF78C6B8553034A30EB09] - [11/01/2017 10:46:55] - |A| - [345600] - C:\Windows\system32\schannel.dll [MD5.4C4134E04984DA651B9DFFF2F553668B] - [11/01/2017 10:46:55] - |A| - [28160] - C:\Windows\system32\secur32.dll [MD5.A302E5E06464CF850CB7A0E034E411FA] - [11/01/2017 10:46:55] - |A| - [135680] - C:\Windows\system32\sspicli.dll [MD5.4D8A6E702F5715003D8C8BCF0C4E255D] - [11/01/2017 10:46:55] - |A| - [28672] - C:\Windows\system32\sspisrv.dll [MD5.356008B6E9E550880CC671FE968D4A87] - [11/01/2017 10:46:55] - |A| - [86528] - C:\Windows\system32\TSpkg.dll [MD5.876CAB310F5DDC3C4031B09C6505B815] - [11/01/2017 10:46:55] - |A| - [210432] - C:\Windows\system32\wdigest.dll [MD5.6F5F0C6160EF237F0243C1E416EEBA98] - [11/01/2017 10:46:55] - |A| - [95464] - C:\Windows\system32\Drivers\ksecdd.sys [MD5.05529E53B286FD60E7EF04EF138CABFD] - [11/01/2017 10:46:55] - |A| - [154856] - C:\Windows\system32\Drivers\ksecpkg.sys [MD5.632E8A00090E4F85F304E152C92C7F2C] - [11/01/2017 10:46:55] - |A| - [159744] - C:\Windows\system32\Drivers\mrxsmb.sys [MD5.0D9C05484F2F4BD9D33A615D5DBE67EA] - [11/01/2017 10:46:55] - |A| - [291328] - C:\Windows\system32\Drivers\mrxsmb10.sys [MD5.6123E6FECC1C164022868FB1982271BE] - [11/01/2017 10:46:55] - |A| - [129536] - C:\Windows\system32\Drivers\mrxsmb20.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/01/2017 16:02:05] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf [MD5.A907DF685CADF1AB9D49573F417E7AB8] - [11/01/2017 10:46:55] - |A| - [690688] - C:\Windows\syswow64\adtschema.dll [MD5.0FA09838E6827727A4B6B8B8AA412D07] - [11/01/2017 10:46:55] - |A| - [50176] - C:\Windows\syswow64\auditpol.exe [MD5.B272B56CB1C49B8F1213FEE3109817A5] - [11/01/2017 10:46:55] - |A| - [82944] - C:\Windows\syswow64\bcrypt.dll [MD5.6B2128FF407CFE6A6CD0FD75FA582762] - [11/01/2017 10:46:55] - |A| - [342528] - C:\Windows\syswow64\certcli.dll [MD5.D9EAF7B56E4C2D5E11B8CEBDA6880192] - [11/01/2017 10:46:55] - |A| - [17408] - C:\Windows\syswow64\credssp.dll [MD5.D1454D4A036F52E101F3E6536A7EE1AE] - [11/01/2017 10:46:55] - |A| - [36352] - C:\Windows\syswow64\cryptbase.dll [MD5.119A0ABD71231A0631D0398CDE59B398] - [11/01/2017 10:46:55] - |A| - [553472] - C:\Windows\syswow64\kerberos.dll [MD5.6B4B084760AE7BD1C4723FE4AD46BCD4] - [11/01/2017 10:46:55] - |A| - [146432] - C:\Windows\syswow64\msaudite.dll [MD5.AD8A1DE73DF23E495F93C908622CAFE9] - [11/01/2017 10:46:55] - |A| - [60416] - C:\Windows\syswow64\msobjs.dll [MD5.CE9D85D7DAD9F1F866E58AEF5ACE40FF] - [11/01/2017 10:46:55] - |A| - [261120] - C:\Windows\syswow64\msv1_0.dll [MD5.14884F65DB8EA930AE53F1853BE02C67] - [11/01/2017 10:46:55] - |A| - [223232] - C:\Windows\syswow64\ncrypt.dll [MD5.BA839D2035576E2D20ABB9D053B8BDF2] - [11/01/2017 10:46:55] - |A| - [141312] - C:\Windows\syswow64\rpchttp.dll [MD5.64EE5C9920B495CB64495AD71D3D107E] - [11/01/2017 10:46:55] - |A| - [666112] - C:\Windows\syswow64\rpcrt4.dll [MD5.194764870AAB21ECA33EABC1960AE925] - [11/01/2017 10:46:55] - |A| - [254464] - C:\Windows\syswow64\schannel.dll [MD5.AF3D83788189A26497EE1F0EB5250AA6] - [11/01/2017 10:46:55] - |A| - [22016] - C:\Windows\syswow64\secur32.dll [MD5.14EFDAE9DF1EE21633C499A32E083E00] - [11/01/2017 10:46:55] - |A| - [96768] - C:\Windows\syswow64\sspicli.dll [MD5.9AAAAB3F548633FBA501DDA9FDE22900] - [11/01/2017 10:46:55] - |A| - [65536] - C:\Windows\syswow64\TSpkg.dll [MD5.C7DE0A1BDFA4F2A391F54AE896B42184] - [11/01/2017 10:46:55] - |A| - [172032] - C:\Windows\syswow64\wdigest.dll [MD5.C348CD5D964585C7B639BC1DFD150471] - [18/01/2017 11:03:40] - |A| - [97856] - C:\Windows\syswow64\WindowsAccessBridge-32.dll ---------- | Drives D: E: [16/03/2016 12:24:05] - |A| - (.-.) - [674] - (0.0.0.0) - E:\élèves - Raccourci (2).lnk [18/11/2015 12:59:06] - |A| - (.-.) - [674] - (0.0.0.0) - E:\élèves - Raccourci.lnk F: I: ---------- | C: [22/01/2017 16:22:14] - |SHD| - [2367561] - C:\$RECYCLE.BIN [13/11/2016 23:57:37] - |D| - [1237] - C:\@RestoreQuarantine [MD5.6EEF94302DFEEA1FBFAA4D33DD860259] - [13/01/2017 11:38:13] - |A| - (.-.) - [9525371] - (0.0.0.0) - C:\AdAnti.txt [12/09/2016 11:44:10] - |D| - [162654711] - C:\AdsFix [MD5.D7F7793F86565BA3EA093D6744319B48] - [12/09/2016 11:46:02] - |A| - (.-.) - [14960] - (0.0.0.0) - C:\AdsFix_12_09_2016_13_53_55.txt [10/09/2016 23:42:54] - |D| - [337427147] - C:\AdwCleaner [11/10/2016 21:18:30] - |D| - [958096973] - C:\AMD [MD5.E80D4AEC1D72A6507CEE36C2D02AE253] - [16/03/2016 14:14:07] - |AH| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [MD5.AEEA2B4D9CA67AFFA11C502FB8BF04DA] - [30/03/2016 09:49:58] - |A| - (.-.) - [13361] - (0.0.0.0) - C:\app_updater.log [MD5.D9EBEC6668A6092FCBD1713C347AA5E0] - [14/07/2009 03:04:04] - |A| - (.-.) - [24] - (0.0.0.0) - C:\autoexec.bat [MD5.FDE89D3334DDD5DC902CC9A38C219006] - [25/06/2016 12:32:25] - |A| - (.-.) - [1263710] - (0.0.0.0) - C:\BESR2010PatchLog.txt [12/03/2016 14:48:38] - |D| - [14652572] - C:\Boot [MD5.ACB83AE20552C4F78CABCA8E72763AC8] - [12/03/2016 14:54:37] - |RASH| - (.-.) - [399860] - (0.0.0.0) - C:\bootmgr [MD5.A75631384B237281BF6D5B4A79268638] - [08/09/2016 17:05:08] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [29/08/2015 19:58:20] - |D| - [189161448] - C:\Cakewalk Projects [MD5.86FD8C9F7D8A8916CAE32CB8594EB0E9] - [22/01/2017 16:26:53] - |A| - (.-.) - [25504] - (0.0.0.0) - C:\ComboFix.txt [02/08/2016 23:15:33] - |D| - [0] - C:\Config.Msi [MD5.ED4FC5980BD8B1AD869FF725C7776338] - [14/07/2009 03:04:04] - |A| - (.-.) - [10] - (0.0.0.0) - C:\config.sys [MD5.6BCFCD6FD5C2EECE98D8E4A1D05FA43A] - [10/09/2016 21:18:07] - |A| - (.-.) - [1456] - (0.0.0.0) - C:\DelFix.txt [14/07/2009 06:08:56] - |SHD| - [0] - C:\Documents and Settings [10/01/2015 23:11:44] - |D| - [11167699] - C:\Drivers [31/07/2016 10:04:27] - |D| - [0] - C:\FFOutput [17/01/2017 21:33:07] - |D| - [105910948] - C:\FRST [MD5.DC578A9C6BF0B37023E4DA688AA10BE3] - [20/03/2016 10:24:01] - |ASH| - (.-.) - [203308] - (0.0.0.0) - C:\grldr [MD5.DC578A9C6BF0B37023E4DA688AA10BE3] - [20/03/2016 10:24:01] - |A| - (.-.) - [203308] - (0.0.0.0) - C:\grldr.bak [09/09/2016 09:42:06] - |D| - [154928] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/12/2014 18:16:00] - |ASH| - (.-.) - [0] - (0.0.0.0) - C:\IO.SYS [10/10/2016 08:53:11] - |D| - [0] - C:\KRECYCLE [05/01/2017 12:10:06] - |D| - [202983] - C:\KVRT_Data [21/06/2016 11:18:04] - |D| - [951149815] - C:\LGMobileUpgrade [24/09/2016 09:42:57] - |D| - [31699329] - C:\LGP500 [24/09/2016 09:35:26] - |D| - [31699329] - C:\LGP700 [MD5.454CA95DD33CC8033C3D92379714D04A] - [14/01/2017 18:53:54] - |A| - (.-.) - [136] - (0.0.0.0) - C:\List.txt [MD5.11BAFDF6874B827A601C12F02DF756B9] - [14/01/2017 18:53:54] - |A| - (.-.) - [34] - (0.0.0.0) - C:\List1.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/12/2014 18:16:00] - |ASH| - (.-.) - [0] - (0.0.0.0) - C:\MSDOS.SYS [09/03/2016 16:07:26] - |D| - [0] - C:\MSOCache [MD5.2B14CABBC3823F9AEEB156D75819B9D3] - [08/09/2016 16:52:27] - |A| - (.-.) - [189] - (0.0.0.0) - C:\mylog.log [14/07/2009 04:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 04:20:08] - |D| - [3669353290] - C:\Program Files [14/07/2009 04:20:08] - |D| - [4508767179] - C:\Program Files (x86) [14/07/2009 04:20:08] - |D| - [21161431026] - C:\ProgramData [22/01/2017 16:11:27] - |D| - [58192] - C:\Qoobox [17/09/2016 10:41:43] - |D| - [670302316] - C:\QuickDiag [MD5.211086F916C65C8CC1DCFE48BBCC0403] - [22/01/2017 20:31:57] - |A| - (.-.) - [251391] - (0.0.0.0) - C:\QuickDiag.txt [MD5.8DC20F1B0B3C060F52300A08ACAA7F0D] - [01/01/2017 19:30:05] - |RA| - (.-.) - [443271] - (0.0.0.0) - C:\QuickDiag_01_01_2017_19_30_05.txt [MD5.16D8B9237D7FE3EC2BD0698FCA905D47] - [04/12/2016 01:12:04] - |A| - (.-.) - [453796] - (0.0.0.0) - C:\QuickDiag_04_12_2016_01_12_04.txt [MD5.023EE5914C963EBB4E98B5A29B4DB888] - [07/11/2016 12:24:17] - |A| - (.-.) - [434454] - (0.0.0.0) - C:\QuickDiag_07_11_2016_14_18_29.txt [MD5.6A833E04CDB792DE72E9ED84F79F33A7] - [17/09/2016 10:47:35] - |A| - (.-.) - [211224] - (0.0.0.0) - C:\QuickDiag_17_09_2016_11_47_35.txt [MD5.234402252D02AF0B823E778B42F8FD50] - [27/09/2016 22:55:04] - |A| - (.-.) - [212681] - (0.0.0.0) - C:\QuickDiag_27_09_2016_23_55_04.txt [MD5.F9216387152F1A7DCD17D952B6721BFC] - [29/09/2016 23:30:31] - |A| - (.-.) - [214565] - (0.0.0.0) - C:\QuickDiag_30_09_2016_00_30_31.txt [23/12/2014 17:08:14] - |D| - [322696965] - C:\Recovery [MD5.435D88620C40FBF5F2DCF7BC7A1B60BD] - [25/09/2016 18:14:50] - |A| - (.-.) - [1122] - (0.0.0.0) - C:\Reset.cmd [20/10/2015 23:49:41] - |D| - [22593] - C:\Rollback [MD5.53F128F6DBCB923E4E6CF9582ADEE6E1] - [26/11/2016 10:27:53] - |A| - (.-.) - [697] - (0.0.0.0) - C:\Seaf guitar.bruno 261116.txt [01/07/2016 11:08:48] - |D| - [4081] - C:\Spacekace [10/01/2015 23:40:52] - |D| - [20552885] - C:\SWTOOLS [23/12/2014 16:59:34] - |SHD| - [4560301816] - C:\System Volume Information [MD5.AFAD3329F592F56932D4EFFC780B5231] - [23/11/2016 18:45:35] - |A| - (.-.) - [6388] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.11.2016_18.45.35_log.txt [MD5.53BA61AE7634A76AB62B696B3E4F9234] - [23/11/2016 18:47:07] - |A| - (.-.) - [578362] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.11.2016_18.47.07_log.txt [MD5.BEF24C4790DB1292ED2459001C63FF67] - [23/11/2016 19:01:06] - |A| - (.-.) - [6388] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.11.2016_19.01.06_log.txt [MD5.3003801BA34D8A38565E3A13D743F10E] - [23/11/2016 19:02:31] - |A| - (.-.) - [1201902] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.11.2016_19.02.31_log.txt [MD5.C19CE364F2F71005E2190C25D50ED599] - [23/11/2016 20:09:47] - |A| - (.-.) - [186358] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.11.2016_20.09.47_log.txt [MD5.D9E268B0628986D4E3AC67E686657074] - [23/11/2016 20:10:33] - |A| - (.-.) - [735178] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_23.11.2016_20.10.33_log.txt [23/11/2016 19:06:19] - |D| - [28624] - C:\TDSSKiller_Quarantine [12/03/2016 11:41:12] - |D| - [0] - C:\Temp [14/07/2009 04:20:08] - |D| - [22658684610] - C:\Users [23/12/2014 18:22:33] - |D| - [30126] - C:\VProRecovery [MD5.AFC65EFD782EB62AF8AE1B5E3B7FE172] - [07/08/2016 20:25:53] - |ASH| - (.-.) - [4096] - (0.0.0.0) - C:\VSNAP.IDX [19/02/2016 22:10:59] - |D| - [14576220] - C:\VueScan [MD5.BC949EA893A9384070C31F083CCEFD26] - [20/03/2016 10:24:01] - |ASH| - (.-.) - [3] - (0.0.0.0) - C:\win7ldr [14/07/2009 04:20:08] - |D| - [25963554049] - C:\Windows [29/12/2016 10:20:25] - |D| - [11602] - C:\_OTL ---------- | C:\Windows [14/07/2009 06:32:38] - |SD| - [802] - C:\Windows\addins [14/07/2009 04:20:08] - |SD| - [24446497] - C:\Windows\AppCompat [14/07/2009 04:20:08] - |SD| - [11031330] - C:\Windows\AppPatch [14/07/2009 04:20:08] - |SD| - [1566301041] - C:\Windows\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [09/09/2016 12:32:38] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.12EBDA58437CD1EA7066FCB6455241D2] - [18/09/2016 12:56:31] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [09/09/2016 14:22:44] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 16:35:06] - |SD| - [553227] - C:\Windows\BitLockerDiscoveryVolumeContents [14/07/2009 04:20:09] - |D| - [29232648] - C:\Windows\Boot [MD5.86436755CA111F0BD0B4963EBB6544CE] - [14/07/2009 06:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 04:20:09] - |SD| - [3233280] - C:\Windows\Branding [09/09/2016 12:49:25] - |SD| - [349791207] - C:\Windows\CheckSur [14/07/2009 16:35:06] - |SD| - [0] - C:\Windows\CSC [14/07/2009 04:20:09] - |SD| - [2113488] - C:\Windows\Cursors [14/07/2009 05:45:54] - |SD| - [1339834] - C:\Windows\debug [MD5.D1E75542EC8D1B4851765A57AC63618E] - [28/11/2016 11:07:50] - |A| - (.-.) - [1908] - (0.0.0.0) - C:\Windows\diagerr.xml [14/07/2009 06:32:38] - |D| - [3047942] - C:\Windows\diagnostics [MD5.8765F6E7F5AA8F17DA198E0F7E7B34B2] - [28/11/2016 11:07:50] - |A| - (.-.) - [2562] - (0.0.0.0) - C:\Windows\diagwrn.xml [14/07/2009 06:37:46] - |SD| - [0] - C:\Windows\DigitalLocker [14/07/2009 06:32:38] - |SD| - [65] - C:\Windows\Downloaded Program Files [14/07/2009 16:35:06] - |SD| - [118080497] - C:\Windows\ehome [14/07/2009 06:37:46] - |SD| - [0] - C:\Windows\en-US [22/01/2017 16:11:02] - |D| - [209502998] - C:\Windows\erdnt [MD5.38AE1B3C38FAEF56FE4907922F0385BA] - [12/10/2016 08:05:35] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3229696] - (6.1.7601.23537) - C:\Windows\explorer.exe [14/07/2009 04:20:09] - |SD| - [370066555] - C:\Windows\Fonts [14/07/2009 16:24:08] - |SD| - [142848] - C:\Windows\fr-FR [MD5.0429A7CE04595F2708EF4E3BA155C7E5] - [25/09/2016 21:38:30] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7601.23403) - C:\Windows\fveupdate.exe [14/07/2009 04:20:09] - |SD| - [21741460] - C:\Windows\Globalization [MD5.9E05A9C264C8A908A8E79450FCBFF047] - [22/01/2017 16:11:38] - |A| - (.-.) - [80412] - (0.0.0.0) - C:\Windows\grep.exe [14/07/2009 04:20:09] - |SD| - [39229432] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 01:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 01:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [14/07/2009 04:20:09] - |SD| - [143547244] - C:\Windows\IME [14/07/2009 04:20:10] - |SD| - [131456846] - C:\Windows\inf [08/09/2016 16:37:43] - |SHD| - [2076139556] - C:\Windows\Installer [14/07/2009 04:20:10] - |SD| - [48371] - C:\Windows\L2Schemas [14/07/2009 04:20:10] - |SD| - [0] - C:\Windows\LiveKernelReports [14/07/2009 04:20:10] - |SD| - [263756604] - C:\Windows\Logs [MD5.0277C027A26428DB64EF4F64F52BB4FD] - [22/01/2017 16:11:38] - |A| - (.-.) - [208896] - (0.0.0.0) - C:\Windows\MBR.exe [14/07/2009 04:20:10] - |SD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 01:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 04:20:10] - |SD| - [870126358] - C:\Windows\Microsoft.NET [09/09/2016 11:54:44] - |SD| - [56582] - C:\Windows\Migration [10/09/2016 18:41:00] - |SD| - [0] - C:\Windows\Minidump [14/07/2009 04:20:10] - |SD| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.753BC16326FEE4A421ACB636CCD602F4] - [22/01/2017 16:11:38] - |A| - (.Copyright © 2003 - 2009 Nir Sofer - NirCmd.) - [60416] - (2.3.5.189) - C:\Windows\NIRCMD.exe [MD5.817DF70AA8720EDCA592224593510C1D] - [25/09/2016 21:38:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193024] - (6.1.7601.23403) - C:\Windows\notepad.exe [MD5.3FD9965F45FB29434C74ADE23EA8D15C] - [15/01/2017 11:13:17] - |A| - (.-.) - [124376] - (0.0.0.0) - C:\Windows\ntbtlog.txt [14/07/2009 06:32:38] - |SD| - [65] - C:\Windows\Offline Web Pages [08/09/2016 17:05:21] - |SD| - [1163224] - C:\Windows\Panther [MD5.41EC2F399C8F8EC7502D063B4A0F6555] - [03/03/2010 17:48:14] - |A| - (.-.) - [215144] - (10.50.0.0) - C:\Windows\patchw32.dll [08/09/2016 19:42:18] - |SD| - [0] - C:\Windows\PCHEALTH [14/07/2009 06:32:38] - |SD| - [62301005] - C:\Windows\Performance [MD5.F042EE4C8D66248D9B86DCF52ABAE416] - [22/01/2017 16:11:38] - |A| - (.-.) - [256000] - (0.0.0.0) - C:\Windows\PEV.exe [MD5.63F3FC1ADE8A0E205514025B0836D375] - [18/01/2017 10:36:43] - |A| - (.-.) - [874] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 04:20:10] - |SD| - [1124149] - C:\Windows\PLA [14/07/2009 04:20:10] - |SD| - [5823128] - C:\Windows\PolicyDefinitions [08/09/2016 16:06:25] - |SD| - [17616707] - C:\Windows\Prefetch [12/09/2016 10:19:09] - |SD| - [0] - C:\Windows\pss [MD5.41EC2F399C8F8EC7502D063B4A0F6555] - [03/03/2010 17:48:14] - |A| - (.-.) - [215144] - (10.50.0.0) - C:\Windows\pw32a.dll [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 00:27:10] - |N| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 04:20:10] - |SD| - [1119380] - C:\Windows\registration [14/07/2009 16:35:06] - |SD| - [0] - C:\Windows\RemotePackages [14/07/2009 04:20:10] - |D| - [10192104] - C:\Windows\rescache [14/07/2009 04:20:10] - |SD| - [1674534] - C:\Windows\Resources [14/07/2009 04:20:10] - |SD| - [0] - C:\Windows\SchCache [14/07/2009 04:20:10] - |SD| - [58021] - C:\Windows\schemas [14/07/2009 04:20:10] - |SD| - [1070380] - C:\Windows\security [MD5.2B657A67AEBB84AEA5632C53E61E23BF] - [22/01/2017 16:11:38] - |A| - (.-.) - [98816] - (0.0.0.0) - C:\Windows\sed.exe [14/07/2009 05:45:47] - |SD| - [46577904] - C:\Windows\ServiceProfiles [14/07/2009 04:20:10] - |D| - [114552211] - C:\Windows\servicing [14/07/2009 05:45:50] - |SD| - [42] - C:\Windows\Setup [MD5.F1F6654D16C2AF15ADEA3B828ABBD343] - [11/01/2017 17:50:30] - |A| - (.-.) - [2464] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2017 17:50:30] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [14/07/2009 16:35:06] - |SD| - [8033] - C:\Windows\ShellNew [25/09/2016 18:34:25] - |SD| - [1469312226] - C:\Windows\softwaredistribution [14/07/2009 04:20:10] - |SD| - [70579144] - C:\Windows\Speech [MD5.606365BD4079C7E03063FA1EA37E40CF] - [25/09/2016 21:38:10] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67584] - (6.1.7601.23403) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 06:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [10/10/2016 21:53:24] - |SD| - [0] - C:\Windows\Sun [MD5.A46842C9B0C567A5A9584E83A163560C] - [22/01/2017 16:11:38] - |A| - (.Copyright © Frank Staal 1999-2008 - Freeware implementation of REG.EXE.) - [518144] - (3.0.0.0) - C:\Windows\SWREG.exe [MD5.0297C72529807322B152F517FDB0A9FC] - [22/01/2017 16:11:38] - |A| - (.Copyright © Frank Staal 1999-2006 - Freeware implementation of SC.EXE.) - [406528] - (2.0.0.5) - C:\Windows\SWSC.exe [MD5.B1A9CF0B6F80611D31987C247EC630B4] - [31/08/2000 01:00:00] - |A| - (.Copyright © Frank Staal 1999-2006 - Freeware implementation of XCACLS.) - [212480] - (1.0.1.1) - C:\Windows\SWXCACLS.exe [14/07/2009 04:20:10] - |SD| - [0] - C:\Windows\system [MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - [14/07/2009 03:34:57] - |A| - (.-.) - [215] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 04:20:10] - |SD| - [3740756640] - C:\Windows\System32 [14/07/2009 04:20:14] - |SD| - [1312672509] - C:\Windows\SysWOW64 [14/07/2009 04:20:14] - |SD| - [15] - C:\Windows\TAPI [14/07/2009 04:20:14] - |SD| - [33552] - C:\Windows\Tasks [10/09/2016 19:39:51] - |SD| - [337289] - C:\Windows\Temp [14/07/2009 04:20:14] - |SD| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 22:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 06:32:38] - |SD| - [6144] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [09/09/2016 14:22:44] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 23:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 01:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [MD5.BE9ABBA239905C914B050195978E4D02] - [14/07/2009 16:35:44] - |A| - (.-.) - [51867] - (0.0.0.0) - C:\Windows\Ultimate.xml [14/07/2009 04:20:14] - |SD| - [12420] - C:\Windows\Vss [14/07/2009 04:20:14] - |SD| - [40681427] - C:\Windows\Web [MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - [14/07/2009 03:34:57] - |A| - (.-.) - [478] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 05:54:24] - |AH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.EEE37FFEB81EB338C041B519D1632E02] - [08/09/2016 16:09:16] - |A| - (.-.) - [1459984] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 01:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [29/10/2016 09:06:17] - |ASHOT| - (.-.) - [2] - (0.0.0.0) - C:\Windows\winstart.bat [14/07/2009 04:20:14] - |D| - [12808050931] - C:\Windows\winsxs [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 21:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 00:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe [MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - [22/01/2017 16:11:38] - |A| - (.-.) - [68096] - (0.0.0.0) - C:\Windows\zip.exe ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [08/09/2016 17:28:16] - C:\Windows\Installer\16a62d.msi : (Service Center Setup - Native Instruments) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/09/2016 17:28:22] - C:\Windows\Installer\16a65c.msi : (Controller Editor Setup - Native Instruments) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/09/2016 17:28:31] - C:\Windows\Installer\16a664.msi : (Native Instruments Rig Kontrol 3 Driver Setup - Native Instruments) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/09/2016 17:29:09] - C:\Windows\Installer\16a66c.msi : (Native Instruments Guitar Rig Session IO Driver Setup - Native Instruments) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/09/2016 17:29:49] - C:\Windows\Installer\16a674.msi : (Native Instruments Guitar Rig Mobile IO Driver Setup - Native Instruments) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/09/2016 17:30:28] - C:\Windows\Installer\16adac.msi : (Guitar Rig 5 Setup - Native Instruments) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/01/2017 18:28:06] - C:\Windows\Installer\1baf096.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2015 15:03:34] - C:\Windows\Installer\1d7317d.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/01/2017 23:47:06] - C:\Windows\Installer\2af27.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2014 16:27:19] - C:\Windows\Installer\2ff63b.msi : (MSVCRT Redists - Sony Creative Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/10/2016 09:08:59] - C:\Windows\Installer\2ff646.msi : (Vegas Pro 13.0 (64-bit) - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/10/2016 13:37:48] - C:\Windows\Installer\32cbc.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/12/2010 21:15:53] - C:\Windows\Installer\333b24.msi : (MSVCRT Redists - Sony Creative Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2015 12:51:48] - C:\Windows\Installer\38913.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/09/2016 16:55:57] - C:\Windows\Installer\39b1d.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/04/2013 22:14:43] - C:\Windows\Installer\3d4002.msi : (MSVCRT Redists - Sony Creative Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/09/2016 13:55:08] - C:\Windows\Installer\42bb4.msi : (Process Blocker 1.0.13.1 - Softros Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:34:20] - C:\Windows\Installer\516a47.msi : (LWS Help_main - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 08:41:18] - C:\Windows\Installer\516a4f.msi : (LWS Webcam Software - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 08:41:16] - C:\Windows\Installer\516a57.msi : (CameraHelperMsi - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:46:08] - C:\Windows\Installer\516a5f.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/07/2012 23:15:18] - C:\Windows\Installer\516a67.msi : (LWS Facebook - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/09/2012 23:19:08] - C:\Windows\Installer\516a6f.msi : (LWS Gallery - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:36:58] - C:\Windows\Installer\516a77.msi : (LWS Launcher - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 08:41:22] - C:\Windows\Installer\516a7f.msi : (LWS Pictures And Video - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2011 03:51:16] - C:\Windows\Installer\516a87.msi : (LWS Twitter - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/06/2011 04:26:48] - C:\Windows\Installer\516a8f.msi : (LWS WLM Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2011 23:14:28] - C:\Windows\Installer\516a97.msi : (LWS YouTube Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 09:41:29] - C:\Windows\Installer\520f9.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/01/2015 22:56:33] - C:\Windows\Installer\6ffa7e.msi : (MSVCRT Redists - Sony Creative Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/09/2016 10:07:29] - C:\Windows\Installer\6ffa94.msi : (Noise Reduction Plug-In 2.0 - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2015 17:20:46] - C:\Windows\Installer\ae429.msi : (Adblock Plus for IE - Eyeo GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/02/2016 15:29:16] - C:\Windows\Installer\af7bbf.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2016 22:48:10] - C:\Windows\Installer\afd5e.msi : (MSVCRT Redists - MAGIX Computer Products Intl. Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/08/2016 10:11:02] - C:\Windows\Installer\b89a1.msi : (.. . - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/08/2016 10:11:30] - C:\Windows\Installer\b89aa.msi : (Intel(R) Driver Update Utility - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/09/2016 15:59:24] - C:\Windows\Installer\c126d.msi : (AMD Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/05/2015 00:27:18] - C:\Windows\Installer\ccf268.msi : (LG United Mobile Drivers - LG Electronics) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/01/2017 11:03:21] - C:\Windows\Installer\d2110.msi : (Java SE Runtime Environment 8 Update 121 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/01/2017 11:03:18] - C:\Windows\Installer\d2119.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/12/2016 13:22:22] - [53248] - C:\Windows\Installer\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/11/2016 14:04:29] - [8306] - C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}\ARPPRODUCTICON.exe () - () [05/11/2016 14:04:29] - [8306] - C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/11/2016 14:04:29] - [8306] - C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/11/2016 14:04:29] - [8306] - C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/11/2016 14:04:29] - [8306] - C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe () - () [26/09/2016 08:45:50] - [32768] - C:\Windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe () - () [10/01/2017 18:28:09] - [10134] - C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824211354}\ARPPRODUCTICON.exe () - () [11/10/2016 21:20:10] - [8306] - C:\Windows\Installer\{B8B3C25D-13D3-B5C2-9AD4-32157EFCEA5F}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe () - () [11/10/2016 21:20:10] - [8306] - C:\Windows\Installer\{B8B3C25D-13D3-B5C2-9AD4-32157EFCEA5F}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe () - () [11/10/2016 21:20:10] - [8306] - C:\Windows\Installer\{B8B3C25D-13D3-B5C2-9AD4-32157EFCEA5F}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe () - () [11/10/2016 21:20:10] - [8306] - C:\Windows\Installer\{B8B3C25D-13D3-B5C2-9AD4-32157EFCEA5F}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe () - () [26/09/2016 08:47:07] - [32768] - C:\Windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe () - () [13/01/2017 23:47:16] - [143612] - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe () - () ---------- | %System%\*.in* [14/07/2009 05:57:09] - [73] - C:\Windows\System32\desktop.ini [25/09/2016 22:55:04] - [16303] - C:\Windows\System32\ieuinit.inf [21/09/2012 19:48:30] - [28418] - C:\Windows\System32\lvcoin64.ini [14/07/2009 06:13:15] - [1682080] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 22:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [25/09/2016 22:55:04] - [16303] - C:\Windows\Syswow64\ieuinit.inf [24/09/2016 09:33:43] - [2760] - C:\Windows\Syswow64\lgAxconfig.ini [14/07/2009 05:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [08/09/2016 16:39:28] - [1706688] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | [Bruno] [08/09/2016 17:19:20] - |D| - [38615] - C:\Users\Bruno\AppData\Roaming\Adobe [13/09/2016 19:11:07] - |D| - [482670] - C:\Users\Bruno\AppData\Roaming\AMD [13/12/2016 10:48:26] - |D| - [21100] - C:\Users\Bruno\AppData\Roaming\Apple Computer [17/10/2016 10:31:06] - |D| - [26531265] - C:\Users\Bruno\AppData\Roaming\AVAST Software [16/09/2016 14:41:06] - |D| - [428] - C:\Users\Bruno\AppData\Roaming\BANDISOFT [08/09/2016 17:25:06] - |D| - [41542874] - C:\Users\Bruno\AppData\Roaming\Cakewalk [04/10/2016 10:47:37] - |D| - [203] - C:\Users\Bruno\AppData\Roaming\dvdcss [08/09/2016 19:26:11] - |D| - [70765] - C:\Users\Bruno\AppData\Roaming\Guitar Pro 6 [08/09/2016 16:23:04] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Identities [03/12/2016 20:44:38] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Intel Corporation [08/09/2016 18:28:59] - |D| - [233] - C:\Users\Bruno\AppData\Roaming\Leadertech [31/12/2016 13:26:33] - |D| - [3016] - C:\Users\Bruno\AppData\Roaming\LG Electronics [08/09/2016 17:04:54] - |D| - [1937218] - C:\Users\Bruno\AppData\Roaming\Line 6 [26/10/2016 08:40:50] - |D| - [49071] - C:\Users\Bruno\AppData\Roaming\LockHunter [28/09/2016 21:34:42] - |D| - [4279] - C:\Users\Bruno\AppData\Roaming\Macromedia [11/10/2016 22:42:41] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\MAGIX [08/09/2016 16:22:21] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Media Center Programs [17/10/2016 10:29:59] - |D| - [8893843] - C:\Users\Bruno\AppData\Roaming\Microsoft [17/10/2016 10:33:54] - |D| - [115349514] - C:\Users\Bruno\AppData\Roaming\Mozilla [10/09/2016 10:40:37] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Profiles [13/09/2016 19:10:59] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Publish Providers [18/01/2017 20:18:42] - |D| - [51094] - C:\Users\Bruno\AppData\Roaming\QuickScan [05/10/2016 22:44:42] - |D| - [46640257] - C:\Users\Bruno\AppData\Roaming\Skype [08/09/2016 17:52:28] - |D| - [4198864] - C:\Users\Bruno\AppData\Roaming\Sony [07/01/2017 22:33:20] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Sony Creative Software Inc [10/10/2016 21:51:37] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Sun [20/10/2016 11:21:57] - |D| - [131882] - C:\Users\Bruno\AppData\Roaming\TeamViewer [11/10/2016 22:52:30] - |D| - [40] - C:\Users\Bruno\AppData\Roaming\VEGAS [11/10/2016 22:52:29] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\VEGAS Pro [02/10/2016 19:36:59] - |D| - [88770] - C:\Users\Bruno\AppData\Roaming\vlc [08/09/2016 20:41:23] - |D| - [1121] - C:\Users\Bruno\AppData\Roaming\VS Revo Group [17/12/2016 01:14:44] - |D| - [12] - C:\Users\Bruno\AppData\Roaming\WinRAR [10/09/2016 17:31:27] - |D| - [2540549] - C:\Users\Bruno\AppData\Roaming\ZHP [08/09/2016 17:02:53] - |D| - [26081987] - C:\Users\Bruno\AppData\Local\Adobe [12/12/2016 19:20:22] - |D| - [0] - C:\Users\Bruno\AppData\Local\Apple [08/09/2016 16:22:21] - |SHD| - [6598529427] - C:\Users\Bruno\AppData\Local\Application Data [10/09/2016 10:44:43] - |D| - [2218998] - C:\Users\Bruno\AppData\Local\Apps [10/09/2016 13:06:01] - |A| - [84742] - C:\Users\Bruno\AppData\Local\ars.cache [08/09/2016 21:11:31] - |D| - [0] - C:\Users\Bruno\AppData\Local\CEF [10/09/2016 13:06:04] - |A| - [178359] - C:\Users\Bruno\AppData\Local\census.cache [12/09/2016 09:35:17] - |D| - [0] - C:\Users\Bruno\AppData\Local\CutePDF Writer [03/10/2016 10:00:36] - |A| - [10240] - C:\Users\Bruno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [10/09/2016 17:47:39] - |D| - [0] - C:\Users\Bruno\AppData\Local\Deployment [13/09/2016 13:00:33] - |D| - [192347] - C:\Users\Bruno\AppData\Local\Diagnostics [16/09/2016 15:10:16] - |D| - [1330508] - C:\Users\Bruno\AppData\Local\fontconfig [11/01/2017 12:58:57] - |A| - [64552] - C:\Users\Bruno\AppData\Local\GDIPFONTCACHEV1.DAT [08/09/2016 16:55:57] - |D| - [47755838] - C:\Users\Bruno\AppData\Local\Google [08/09/2016 16:22:21] - |SHD| - [130] - C:\Users\Bruno\AppData\Local\Historique [10/09/2016 12:52:36] - |A| - [36] - C:\Users\Bruno\AppData\Local\housecall.guid.cache [18/01/2017 10:46:08] - |AH| - [3487001] - C:\Users\Bruno\AppData\Local\IconCache.db [19/10/2016 10:23:05] - |D| - [174080] - C:\Users\Bruno\AppData\Local\IIIQF [09/09/2016 09:39:22] - |D| - [767] - C:\Users\Bruno\AppData\Local\Intel [31/12/2016 13:23:04] - |D| - [6363001] - C:\Users\Bruno\AppData\Local\LG Electronics [08/09/2016 18:33:36] - |D| - [2914129] - C:\Users\Bruno\AppData\Local\Logitech® Webcam Software [28/09/2016 21:34:42] - |D| - [0] - C:\Users\Bruno\AppData\Local\Macromedia [08/09/2016 16:22:21] - |D| - [179557972] - C:\Users\Bruno\AppData\Local\Microsoft [15/10/2016 21:32:57] - |D| - [173243] - C:\Users\Bruno\AppData\Local\Microsoft Games [08/09/2016 19:40:27] - |D| - [0] - C:\Users\Bruno\AppData\Local\Microsoft Help [11/10/2016 23:37:56] - |D| - [68008] - C:\Users\Bruno\AppData\Local\Movavi [07/10/2016 08:58:05] - |D| - [375702758] - C:\Users\Bruno\AppData\Local\Mozilla [08/09/2016 17:32:12] - |D| - [1138807] - C:\Users\Bruno\AppData\Local\Native Instruments [13/11/2016 23:44:16] - |D| - [42217] - C:\Users\Bruno\AppData\Local\Power Tab [08/09/2016 16:39:38] - |D| - [0] - C:\Users\Bruno\AppData\Local\Programs [08/09/2016 17:58:56] - |D| - [9505320] - C:\Users\Bruno\AppData\Local\Sony [10/09/2016 19:39:51] - |D| - [5570] - C:\Users\Bruno\AppData\Local\Temp [08/09/2016 16:22:21] - |SHD| - [959450] - C:\Users\Bruno\AppData\Local\Temporary Internet Files [11/10/2016 22:49:56] - |D| - [0] - C:\Users\Bruno\AppData\Local\VEGAS [11/10/2016 22:52:29] - |D| - [2663783] - C:\Users\Bruno\AppData\Local\VEGAS Pro [11/10/2016 23:37:56] - |D| - [0] - C:\Users\Bruno\AppData\Local\VideoEditor [12/09/2016 12:56:19] - |D| - [0] - C:\Users\Bruno\AppData\Local\VirtualStore [25/09/2016 19:35:29] - |D| - [24040] - C:\Users\Bruno\AppData\Local\WindowsUpdate [12/10/2016 00:04:06] - |D| - [82] - C:\Users\Bruno\AppData\Local\Wondershare [17/10/2016 10:29:59] - |ASH| - [174] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [08/09/2016 16:22:21] - |SHD| - [882606] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [17/10/2016 10:29:59] - |D| - [882606] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [08/09/2016 16:22:21] - |D| - [13152] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [08/09/2016 16:23:22] - |D| - [174] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/10/2016 10:29:59] - |ASH| - [174] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/01/2017 23:06:38] - |D| - [4101] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [08/09/2016 16:22:21] - |D| - [580] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [27/09/2016 08:30:54] - |D| - [1122] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Blocker [08/09/2016 16:23:22] - |D| - [859310] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [28/10/2016 22:05:02] - |D| - [0] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player [17/12/2016 01:13:40] - |D| - [3993] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [07/01/2017 09:54:37] - |A| - [859136] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anti_AdAnti.exe [08/09/2016 16:23:22] - |ASH| - [174] - C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [22/01/2017 16:26:54] - |D| - [0] - C:\Users\Public\AppData\Local\temp ---------- | C:\ProgramData [08/09/2016 21:05:38] - |D| - [292175828] - C:\ProgramData\Adobe [12/12/2016 19:20:12] - |D| - [21402624] - C:\ProgramData\Apple [14/07/2009 06:08:56] - |SHD| - [19388576030] - C:\ProgramData\Application Data [12/09/2016 09:10:49] - |D| - [0] - C:\ProgramData\Auslogics [10/09/2016 10:41:06] - |D| - [239991087] - C:\ProgramData\AVAST Software [10/09/2016 10:41:06] - |D| - [20480] - C:\ProgramData\Avg [16/09/2016 14:58:38] - |D| - [0] - C:\ProgramData\AVS4YOU [08/09/2016 16:22:04] - |SHD| - [25289] - C:\ProgramData\Bureau [08/09/2016 17:20:45] - |D| - [332355582] - C:\ProgramData\Cakewalk [08/09/2016 17:16:04] - |D| - [1536] - C:\ProgramData\DAEMON Tools Lite [14/07/2009 06:08:56] - |SHD| - [25289] - C:\ProgramData\Desktop [14/07/2009 06:08:56] - |SHD| - [2752021] - C:\ProgramData\Documents [11/10/2016 21:12:37] - |D| - [1912649] - C:\ProgramData\DriversCloud.com [08/09/2016 16:22:04] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [17/10/2016 09:15:39] - |D| - [27884594] - C:\ProgramData\GridinSoft [12/09/2016 16:42:56] - |D| - [0] - C:\ProgramData\Guitar Pro 6 [08/09/2016 17:23:55] - |D| - [0] - C:\ProgramData\Identities [09/09/2016 09:38:39] - |D| - [4877392] - C:\ProgramData\Intel [12/09/2016 12:55:45] - |D| - [15683126] - C:\ProgramData\kingsoft [24/09/2016 09:33:37] - |D| - [5154718] - C:\ProgramData\LGMOBILEAX [26/10/2016 08:48:10] - |D| - [13768] - C:\ProgramData\LHService [08/09/2016 17:07:42] - |D| - [136953386] - C:\ProgramData\Line 6 [26/10/2016 08:47:13] - |D| - [44] - C:\ProgramData\LockHunter [08/09/2016 18:29:11] - |D| - [369] - C:\ProgramData\LogiShrd [11/10/2016 22:52:10] - |D| - [0] - C:\ProgramData\MAGIX [10/09/2016 13:30:12] - |D| - [11099784] - C:\ProgramData\Malwarebytes [08/09/2016 16:22:04] - |SHD| - [583434] - C:\ProgramData\Menu Démarrer [14/07/2009 04:20:08] - |SD| - [534005582] - C:\ProgramData\Microsoft [08/09/2016 19:40:26] - |D| - [57980] - C:\ProgramData\Microsoft Help [11/10/2016 23:37:14] - |A| - [16] - C:\ProgramData\mntemp [08/09/2016 16:22:04] - |SHD| - [0] - C:\ProgramData\Modèles [08/09/2016 17:28:17] - |D| - [5031] - C:\ProgramData\Native Instruments [10/10/2016 21:51:10] - |D| - [72300811] - C:\ProgramData\Oracle [05/11/2016 14:03:16] - |D| - [21944137] - C:\ProgramData\Package Cache [27/09/2016 23:09:13] - |D| - [2378092] - C:\ProgramData\Psicraft [05/10/2016 22:44:31] - |D| - [43405312] - C:\ProgramData\Skype [08/09/2016 18:07:46] - |D| - [5261125] - C:\ProgramData\Sony [14/07/2009 06:08:56] - |SHD| - [583434] - C:\ProgramData\Start Menu [08/09/2016 18:43:21] - |AD| - [0] - C:\ProgramData\TEMP [14/07/2009 06:08:56] - |SHD| - [0] - C:\ProgramData\Templates [11/10/2016 22:49:56] - |D| - [476] - C:\ProgramData\VEGAS [11/10/2016 22:52:38] - |D| - [0] - C:\ProgramData\VEGAS Pro ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 06:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 05:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [08/09/2016 16:22:04] - |SHD| - [290222] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 04:20:08] - |RD| - [290222] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 04:20:08] - |D| - [43093] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [08/09/2016 21:06:09] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [30/10/2016 21:18:12] - |D| - [8646] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk 10 [14/07/2009 06:32:38] - |D| - [18416] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/09/2016 12:59:19] - |A| - [1052] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [18/09/2016 12:57:33] - |D| - [2106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [16/09/2016 14:40:56] - |D| - [3132] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam [08/09/2016 17:22:47] - |D| - [7572] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk [10/09/2016 20:04:53] - |D| - [891] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [14/07/2009 05:54:23] - |ASH| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [11/10/2016 21:12:38] - |D| - [2662] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [08/09/2016 17:18:21] - |D| - [5057] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [14/07/2009 06:32:38] - |D| - [5744] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [08/09/2016 19:26:02] - |D| - [4552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6 [03/12/2016 20:44:24] - |D| - [2367] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [09/09/2016 09:39:11] - |D| - [1197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility [18/01/2017 11:03:39] - |D| - [6562] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [02/10/2016 19:42:28] - |D| - [20081] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [11/10/2016 15:16:52] - |D| - [4330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [31/12/2016 13:23:06] - |D| - [2394] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite [24/09/2016 09:33:43] - |D| - [1797] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool [08/09/2016 17:04:48] - |D| - [10453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6 [26/10/2016 08:40:47] - |D| - [2430] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter [08/09/2016 18:27:57] - |D| - [1651] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [14/07/2009 04:20:08] - |D| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [10/09/2016 13:30:13] - |D| - [3718] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [08/09/2016 16:09:31] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [08/09/2016 19:43:03] - |D| - [13285] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [25/09/2016 22:35:22] - |D| - [2198] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [07/10/2016 08:57:56] - |A| - [1148] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [08/09/2016 17:28:17] - |D| - [51224] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments [27/09/2016 23:09:14] - |D| - [9968] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psicraft [27/09/2016 09:35:36] - |D| - [3172] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [08/09/2016 18:03:19] - |D| - [3185] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [12/09/2016 09:16:49] - |A| - [1160] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk [14/07/2009 05:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [05/10/2016 22:44:36] - |D| - [2146] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [08/09/2016 18:07:58] - |D| - [2482] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [14/07/2009 04:20:08] - |D| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [08/09/2016 19:56:20] - |D| - [1981] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcribe! [10/10/2016 22:15:58] - |D| - [3386] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuxGuitar [30/10/2016 21:40:07] - |D| - [5102] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO [28/10/2016 22:03:54] - |D| - [3212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player [02/10/2016 19:36:50] - |D| - [6828] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [08/09/2016 16:09:28] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [14/07/2009 05:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [14/07/2009 05:57:06] - |A| - [1515] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [17/12/2016 01:13:40] - |D| - [3921] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [14/07/2009 05:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [12/09/2016 09:34:27] - |D| - [0] - C:\Program Files (x86)\Acro Software [08/09/2016 21:05:59] - |D| - [221230223] - C:\Program Files (x86)\Adobe [16/09/2016 14:40:52] - |D| - [41220733] - C:\Program Files (x86)\Bandicam [16/09/2016 14:40:48] - |D| - [9120189] - C:\Program Files (x86)\BandiMPEG1 [08/09/2016 17:20:45] - |D| - [818489016] - C:\Program Files (x86)\Cakewalk [14/07/2009 04:20:08] - |D| - [494590723] - C:\Program Files (x86)\Common Files [08/09/2016 17:49:39] - |D| - [209313] - C:\Program Files (x86)\DAMN NFO Viewer [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [08/09/2016 17:18:21] - |D| - [2264265] - C:\Program Files (x86)\Elaborate Bytes [16/09/2016 15:07:18] - |D| - [158905565] - C:\Program Files (x86)\FormatFactory [08/09/2016 16:55:57] - |D| - [0] - C:\Program Files (x86)\Google [12/09/2016 09:34:51] - |D| - [14001334] - C:\Program Files (x86)\GPLGS [08/09/2016 19:25:05] - |D| - [707070962] - C:\Program Files (x86)\Guitar Pro 6 [08/09/2016 16:52:48] - |HD| - [20698465] - C:\Program Files (x86)\InstallShield Installation Information [09/09/2016 09:42:08] - |D| - [3707620] - C:\Program Files (x86)\Intel [09/09/2016 09:38:37] - |D| - [5901222] - C:\Program Files (x86)\Intel Driver Update Utility [14/07/2009 04:20:08] - |D| - [9717732] - C:\Program Files (x86)\Internet Explorer [18/01/2017 11:03:24] - |D| - [164216934] - C:\Program Files (x86)\Java [02/10/2016 19:42:17] - |D| - [162722984] - C:\Program Files (x86)\K-Lite Codec Pack [11/12/2016 10:39:18] - |D| - [0] - C:\Program Files (x86)\KaraFun Player 2 [08/09/2016 20:46:07] - |D| - [140234] - C:\Program Files (x86)\kingsoft [11/10/2016 15:16:51] - |D| - [6813692] - C:\Program Files (x86)\Lavalys [24/09/2016 09:32:02] - |D| - [376617402] - C:\Program Files (x86)\LG Electronics [08/09/2016 17:04:48] - |D| - [43745195] - C:\Program Files (x86)\Line6 [08/09/2016 18:27:57] - |D| - [38884251] - C:\Program Files (x86)\Logitech [10/09/2016 13:30:12] - |D| - [59400841] - C:\Program Files (x86)\Malwarebytes Anti-Malware [08/09/2016 19:40:26] - |D| - [326326440] - C:\Program Files (x86)\Microsoft Office [25/09/2016 22:34:41] - |D| - [42886030] - C:\Program Files (x86)\Microsoft Silverlight [08/09/2016 19:42:21] - |D| - [14904] - C:\Program Files (x86)\Microsoft Visual Studio [08/09/2016 16:37:57] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [14/12/2016 12:20:17] - |D| - [96883606] - C:\Program Files (x86)\Mozilla Firefox [07/10/2016 08:57:55] - |D| - [262929] - C:\Program Files (x86)\Mozilla Maintenance Service [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild [08/09/2016 16:47:40] - |D| - [4001555] - C:\Program Files (x86)\MSI [26/09/2016 08:45:42] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [27/09/2016 23:09:13] - |D| - [16968960] - C:\Program Files (x86)\Psicraft [08/09/2016 16:52:49] - |D| - [3907059] - C:\Program Files (x86)\Realtek [14/07/2009 06:32:38] - |D| - [39191809] - C:\Program Files (x86)\Reference Assemblies [20/09/2016 15:10:27] - |D| - [505707] - C:\Program Files (x86)\SEAF [25/09/2016 19:34:08] - |D| - [0] - C:\Program Files (x86)\Secunia [12/09/2016 09:16:48] - |D| - [3976349] - C:\Program Files (x86)\Security Task Manager [05/10/2016 22:44:35] - |D| - [84973805] - C:\Program Files (x86)\Skype [08/09/2016 18:07:46] - |D| - [87867721] - C:\Program Files (x86)\Sony [08/09/2016 19:56:20] - |D| - [5385667] - C:\Program Files (x86)\Transcribe! [10/10/2016 22:15:46] - |D| - [257484793] - C:\Program Files (x86)\tuxguitar-1.3.2 [30/10/2016 21:40:07] - |D| - [6845503] - C:\Program Files (x86)\UltraISO [14/07/2009 05:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [28/10/2016 22:03:54] - |D| - [2143202] - C:\Program Files (x86)\vanBasco's Karaoke Player [02/10/2016 19:36:33] - |D| - [126263314] - C:\Program Files (x86)\VideoLAN [14/07/2009 06:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [14/07/2009 04:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 06:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 04:20:08] - |D| - [12197044] - C:\Program Files (x86)\Windows NT [14/07/2009 06:32:38] - |D| - [4417288] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [25/09/2016 18:12:20] - |D| - [389354] - C:\Program Files (x86)\Windows Resource Kits [14/07/2009 06:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar [27/09/2016 23:06:51] - |D| - [88544] - C:\Program Files (x86)\WinRAR ---------- | C:\Program Files [10/09/2016 20:53:30] - |D| - [7333437] - C:\Program Files\Adblock Plus for IE [09/09/2016 11:59:39] - |D| - [40349431] - C:\Program Files\AMD [18/09/2016 12:55:31] - |D| - [987966148] - C:\Program Files\AVAST Software [08/09/2016 17:23:25] - |D| - [496192748] - C:\Program Files\Cakewalk [10/09/2016 20:04:50] - |D| - [20008904] - C:\Program Files\CCleaner [14/07/2009 04:20:08] - |D| - [188802335] - C:\Program Files\Common Files [14/07/2009 05:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [11/10/2016 21:12:37] - |D| - [15221907] - C:\Program Files\DriversCloud.com [14/07/2009 06:32:38] - |D| - [90255892] - C:\Program Files\DVD Maker [08/09/2016 16:22:04] - |SHD| - [188802335] - C:\Program Files\Fichiers communs [08/09/2016 16:54:57] - |D| - [28888196] - C:\Program Files\Intel [14/07/2009 04:20:08] - |D| - [29755511] - C:\Program Files\Internet Explorer [26/10/2016 08:40:47] - |D| - [7587023] - C:\Program Files\LockHunter [30/10/2016 21:18:09] - |D| - [60371393] - C:\Program Files\LSoft Technologies [14/07/2009 06:32:38] - |D| - [149237810] - C:\Program Files\Microsoft Games [08/09/2016 19:40:51] - |D| - [593814] - C:\Program Files\Microsoft Office [25/09/2016 22:34:41] - |D| - [55717262] - C:\Program Files\Microsoft Silverlight [14/07/2009 06:32:38] - |D| - [25757] - C:\Program Files\MSBuild [08/09/2016 17:28:17] - |D| - [400435040] - C:\Program Files\Native Instruments [27/09/2016 09:35:35] - |D| - [10928904] - C:\Program Files\Recuva [14/07/2009 06:32:38] - |D| - [36850857] - C:\Program Files\Reference Assemblies [11/09/2016 13:57:32] - |D| - [5948017] - C:\Program Files\Softros Systems [12/10/2016 09:09:25] - |D| - [775462708] - C:\Program Files\Sony [14/07/2009 06:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [08/09/2016 18:03:18] - |D| - [22298941] - C:\Program Files\VS Revo Group [14/07/2009 06:32:38] - |D| - [4039168] - C:\Program Files\Windows Defender [14/07/2009 04:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 06:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 04:20:08] - |D| - [12627124] - C:\Program Files\Windows NT [14/07/2009 06:32:38] - |D| - [5515544] - C:\Program Files\Windows Photo Viewer [14/07/2009 06:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 06:32:38] - |D| - [7241184] - C:\Program Files\Windows Sidebar [17/12/2016 01:13:39] - |D| - [6296129] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [08/09/2016 21:05:59] - |D| - [9323227] - C:\Program Files (x86)\Common Files\Adobe [12/12/2016 19:20:12] - |D| - [66304366] - C:\Program Files (x86)\Common Files\Apple [18/09/2016 12:57:23] - |D| - [893220] - C:\Program Files (x86)\Common Files\AV [16/09/2016 14:59:09] - |D| - [0] - C:\Program Files (x86)\Common Files\AVSMedia [26/09/2016 19:26:54] - |D| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER [08/09/2016 17:30:32] - |D| - [94363312] - C:\Program Files (x86)\Common Files\Digidesign [30/10/2016 21:40:07] - |D| - [491008] - C:\Program Files (x86)\Common Files\EZB Systems [03/12/2016 20:49:26] - |D| - [164143] - C:\Program Files (x86)\Common Files\Intel Corporation [18/01/2017 11:04:02] - |D| - [1941064] - C:\Program Files (x86)\Common Files\Java [08/09/2016 20:05:35] - |D| - [429316] - C:\Program Files (x86)\Common Files\Kingsoft [08/09/2016 18:27:57] - |D| - [76726093] - C:\Program Files (x86)\Common Files\LogiShrd [14/07/2009 04:20:08] - |D| - [155813376] - C:\Program Files (x86)\Common Files\microsoft shared [08/09/2016 20:05:22] - |HD| - [51924] - C:\Program Files (x86)\Common Files\nsklog [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [17/10/2016 18:42:35] - |D| - [2581120] - C:\Program Files (x86)\Common Files\Skype [14/07/2009 04:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [14/07/2009 04:20:08] - |D| - [44302077] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [09/09/2016 11:59:39] - |D| - [903864] - C:\Program Files\Common files\ATI Technologies [18/09/2016 12:57:23] - |D| - [893220] - C:\Program Files\Common files\AV [08/09/2016 18:28:09] - |D| - [22877561] - C:\Program Files\Common files\logishrd [14/07/2009 04:20:08] - |D| - [53544497] - C:\Program Files\Common files\Microsoft Shared [08/09/2016 17:28:24] - |D| - [97782040] - C:\Program Files\Common files\Native Instruments [14/07/2009 04:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 04:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 04:20:08] - |D| - [12189683] - C:\Program Files\Common files\System ---------- | Tasks [MD5.74CFBBC3E26D4C1950C1D4D15348204F] - [08/09/2016 17:03:40] - |A| - [1064] - C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 06:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.23ABEE8D09A90C81606B16BBC7771861] - [14/07/2009 06:08:49] - |A| - [32482] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.329301A689E5B7BCA4676B807E2B961D] - [08/09/2016 21:06:40] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.1FAF0E915E4AF13F65140D69E65BDB39] - [08/09/2016 17:03:40] - |A| - [4060] - C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier : C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe [MD5.DDDA009809BFC0E04538245F7BDCEA6D] - [11/10/2016 21:20:20] - |A| - [4238] - C:\Windows\System32\Tasks\AMD Updater : "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" [MD5.00000000000000000000000000000000] - [18/09/2016 12:57:23] - |SD| - [3860] - C:\Windows\System32\Tasks\AVAST Software [MD5.85379287887FAE3F469CCCEEB829F5CA] - [18/09/2016 12:57:19] - |A| - [4180] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.D157579A3165B24A7FDE88B04184E4A5] - [10/09/2016 20:04:55] - |A| - [2790] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.00000000000000000000000000000000] - [09/09/2016 09:37:43] - |SD| - [4118] - C:\Windows\System32\Tasks\Intel [MD5.FB931794D3796C84B700678C8AEC8DF9] - [02/10/2016 19:42:37] - |A| - [3564] - C:\Windows\System32\Tasks\klcp_update : "%ProgramFiles(x86)%\K-Lite Codec Pack\Tools\CodecTweakTool.exe" [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:13] - |SD| - [269364] - C:\Windows\System32\Tasks\Microsoft [MD5.A82E41257768EFE617154D0654403F58] - [18/09/2016 12:59:19] - |A| - [3918] - C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1474199958 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.00000000000000000000000000000000] - [14/07/2009 06:09:57] - |SD| - [4478] - C:\Windows\System32\Tasks\WPD [MD5.A70BF6CEF547C9D3838B7D70A459B367] - [24/09/2016 09:41:58] - |A| - [3148] - C:\Windows\System32\Tasks\{47A681F9-0F95-4379-B449-3C7C944770E2} : C:\Windows\system32\pcalua.exe [MD5.D2AD1B2164C0C20F739A5B2AD8A6D12D] - [10/09/2016 17:39:52] - |A| - [3150] - C:\Windows\System32\Tasks\{C9FC4D71-5136-42C8-8904-5F5D47CA4FD1} : C:\Windows\system32\pcalua.exe [MD5.7CA7B6A96D637C6D1D1B66A792AA9174] - [28/10/2016 22:03:45] - |A| - [3126] - C:\Windows\System32\Tasks\{FA825270-72D3-4871-9AC8-5BC05675D4E6} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 04:20:14] - |SD| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{7F13B6A6-8D63-44B1-BC49-E1F5266D2947}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{DDA5EF89-90E7-4388-8F9C-649D0AF0698A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{1D9911BA-896D-427A-BD5F-BE822E0A229D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{4559D936-F29F-47F0-ADCD-3A96320F4F3A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| "{3C750A59-FBEB-4D98-9F80-C05E37154586}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{E4A1AD81-2471-4785-815D-2F6CAF32A93E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| "{6B0C95D3-41A3-4FF7-A847-85F4F61434F7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|App=C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe|Name=Picosmos Tools Downloader| "{4B10729B-423A-4556-B8C9-CC42D16E4674}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe|Name=Process Blocker|Edge=TRUE| "{F1C32E19-58FE-4396-8E1C-E9C455A54BDE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "{BA705070-0ABC-40D3-A66C-BE0CA09C09B0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{E815452B-D065-450D-A94A-CBD3BC076B99}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{D6790E70-895D-435E-A029-5C5A5259C572}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Profile=Private|Profile=Public|App=C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe|Name=Picosmos Tools Downloader| "{462F38B2-9315-43F6-AE35-AA03EAD35753}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe|Name=WebKit|Edge=TRUE| "{8DF8C961-F41C-4994-9AA6-4607C5B8A97A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anti_AdAnti.exe|Name=Anti_AdAnti.exe| "{CF1B8D56-5D18-4077-83BC-78DF90C84EA8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anti_AdAnti.exe|Name=Anti_AdAnti.exe| "{FD6B293C-7C44-4EA2-991E-4C15178DA773}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anti_AdAnti.exe|Name=Anti_AdAnti.exe| "{373187DE-6A35-4DC8-B7DB-029B92487025}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Anti_AdAnti.exe|Name=Anti_AdAnti.exe| "TCP Query User{1C630847-13CE-433C-84EB-80CDAC004A36}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe|Name=SmartShareRA|Desc=SmartShareRA|Defer=User| "UDP Query User{3317E764-7306-49BF-8527-B445BE5D1BB3}C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\lg electronics\lg pc suite\smartsharera.exe|Name=SmartShareRA|Desc=SmartShareRA|Defer=User| "{9BCDCA46-BBAE-468D-96B6-E36D266676FE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| "{9E35E3FF-B53E-49BC-867E-11726C71BA95}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{EC576F54-4AF9-43AC-A3E3-73C2FA3FDA91}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FormatFactory.exe|Name=Format Factory| "{62BDAE19-B850-4AD0-A10F-0DF5E5E05BF7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe|Name=EBook Codec Downloader| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (amdkmdap) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3F966BD9-FA04-4EC5-991C-D326973B5128}] : (AndroidUsbDeviceClass) [] -> @oem30.inf,%ClassName%;Android Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (amdkmdap) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D27C1F2E-CF2D-4FDC-AD2A-0DDDBEAB92F0}] : (GenericMount) [] -> @oem20.inf,%ClassName%;Generic Mount Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [09/12/2008 15:03:57] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - 2016101109) - C:\Windows\System32\Drivers\qrlygr.SYS [30/10/2016 21:40:07] - (3.1.3.579) - (EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver) - C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [20/12/2014 23:31:04] - (6.1.1.3) - (Elaborate Bytes AG - ElbyCD Windows x64 I/O driver) - C:\Windows\System32\Drivers\ElbyCDIO.sys [08/09/2016 20:52:57] - (2.2.0.1) - (GEAR Software Inc. - CD DVD Filter) - C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [24/07/2013 16:02:46] - (5.4.7.0) - (Elaborate Bytes AG - Virtual CloneDrive SCSI miniport) - C:\Windows\system32\DRIVERS\VClone.sys [21/08/2015 18:25:50] - (4.2.7.6) - (Line 6 - GuitarPort WDM Audio Device Driver) - C:\Windows\System32\Drivers\L6UX264.sys [09/11/2016 14:38:35] - (5.1.2.250) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL ---------- | LoadOrderGroup Name: 6C0149F4 - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: System Reserved - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioSrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Antivirus" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="CscService" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="Event Log" - Service.Name="eventlog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="UIGroup" - Service.Name="UxSms" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="Wlansvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adp94xx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adpahci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adpu320" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="agp440" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="aliide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="amdide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="arc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="aswKbd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="aswMonFlt" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswRdr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswRvrt" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="aswSnx" LoadOrderGroup.Name="FSFilter Security Enhancer" - SystemDriver.Name="aswSP" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="aswStm" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswVmm" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="base" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="b57nd60a" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="extended base" - SystemDriver.Name="BrFiltLo" LoadOrderGroup.Name="extended base" - SystemDriver.Name="BrFiltUp" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="BridgeMP" LoadOrderGroup.Name="Base" - SystemDriver.Name="catchme" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cmdide" LoadOrderGroup.Name="Base" - SystemDriver.Name="CNG" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Compbatt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Pnp Filter" - SystemDriver.Name="crcdisk" LoadOrderGroup.Name="network" - SystemDriver.Name="CSC" LoadOrderGroup.Name="Network" - SystemDriver.Name="DfsC" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="base" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="elxstor" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="Filter" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gagp30kx" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="GEARAspiWDM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hcw85cir" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iirsp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="iusb3hcs" LoadOrderGroup.Name="Base" - SystemDriver.Name="iusb3hub" LoadOrderGroup.Name="Base" - SystemDriver.Name="iusb3xhc" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="kbdclass" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="kbdhid" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_FC" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SCSI" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="MegaSR" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="Pointer Class" - SystemDriver.Name="mouclass" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="mouhid" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="mpio" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="msahci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="msdsm" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NDProxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nfrd960" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="nv_agp" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="Base" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ql2300" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ql40xx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="qrlygr" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="RDPCDD" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="RDPENCDD" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="RDPREFMP" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="RTL8167" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Smb" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="base" - SystemDriver.Name="TsUsbFlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uagp35" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uliagpkx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VClone" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="Video" - SystemDriver.Name="vga" LoadOrderGroup.Name="Video Save" - SystemDriver.Name="VgaSave" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="viaide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="WfpLwf" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="XtuAcpiDriver" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (avast! Revert) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (avast! VM Monitor) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> system32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> \SystemRoot\system32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ElbyCDIO (ElbyCDIO Driver) -> System32\Drivers\ElbyCDIO.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - ISODrive (ISO DVD/CD-ROM Device Driver) -> \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - qrlygr () -> (?) - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ws2ifsl (Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (Contrôleur d’hôte compatible OHCI 1394) -> \SystemRoot\system32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiPmi (Jauge d’alimentation ACPI) -> \SystemRoot\system32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - adp94xx () -> \SystemRoot\system32\DRIVERS\adp94xx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - adpahci () -> \SystemRoot\system32\DRIVERS\adpahci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - adpu320 () -> \SystemRoot\system32\DRIVERS\adpu320.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - agp440 (Filtre de bus AGP Intel) -> \SystemRoot\system32\drivers\agp440.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - aliide () -> \SystemRoot\system32\drivers\aliide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdide () -> \SystemRoot\system32\drivers\amdide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (AMD K8 Processor Driver) -> \SystemRoot\system32\DRIVERS\amdk8.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - amdkmdag () -> system32\DRIVERS\atikmdag.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - amdkmdap () -> system32\DRIVERS\atikmpag.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AmdPPM (AMD Processor Driver) -> \SystemRoot\system32\DRIVERS\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdsata () -> \SystemRoot\system32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdsbs () -> \SystemRoot\system32\DRIVERS\amdsbs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AndNetDiag (LGE AndroidNet USB Serial Port) -> system32\DRIVERS\lgandnetdiag64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ANDNetModem (LGE AndroidNet USB Modem) -> system32\DRIVERS\lgandnetmodem64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\appidsvc.dll,-102) -> \SystemRoot\system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - arc () -> \SystemRoot\system32\DRIVERS\arc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - arcsas () -> \SystemRoot\system32\DRIVERS\arcsas.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\rascfg.dll,-32000) -> system32\DRIVERS\asyncmac.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - AtiHDAudioService (AMD Function Driver for HD Audio Service) -> system32\drivers\AtihdW76.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - b06bdrv (Broadcom NetXtreme II VBD) -> \SystemRoot\system32\DRIVERS\bxvbda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - b57nd60a (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0) -> system32\DRIVERS\b57nd60a.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) -> \SystemRoot\system32\DRIVERS\BrFiltLo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) -> \SystemRoot\system32\DRIVERS\BrFiltUp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BridgeMP (@%SystemRoot%\system32\bridgeres.dll,-1) -> system32\DRIVERS\bridge.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Brserid (Brother MFC Serial Port Interface Driver (WDM)) -> \SystemRoot\System32\Drivers\Brserid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrSerWdm (Brother WDM Serial driver) -> \SystemRoot\System32\Drivers\BrSerWdm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrUsbMdm (Brother MFC USB Fax Only Modem) -> \SystemRoot\System32\Drivers\BrUsbMdm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BrUsbSer (Brother MFC USB Serial WDM Driver) -> \SystemRoot\System32\Drivers\BrUsbSer.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BTHMODEM (Bluetooth Serial Communications Driver) -> \SystemRoot\system32\DRIVERS\bthmodem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (Consumer IR Devices) -> \SystemRoot\system32\DRIVERS\circlass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - CmBatt (Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\system32\DRIVERS\CmBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cmdide () -> \SystemRoot\system32\drivers\cmdide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Compbatt () -> \SystemRoot\system32\DRIVERS\compbatt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CompositeBus (Pilote de l’énumérateur de bus composite) -> \SystemRoot\system32\drivers\CompositeBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - drmkaud (Pilotes audio approuvés par Microsoft) -> \SystemRoot\system32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ebdrv (Broadcom NetXtreme II 10 GigE VBD) -> \SystemRoot\system32\DRIVERS\evbda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - elxstor () -> \SystemRoot\system32\DRIVERS\elxstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ErrDev (Pilote de périphérique d’erreur matérielle Microsoft) -> \SystemRoot\system32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - fdc (Floppy Disk Controller Driver) -> \SystemRoot\system32\DRIVERS\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (Floppy Disk Driver) -> \SystemRoot\system32\DRIVERS\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> \SystemRoot\system32\DRIVERS\gagp30kx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GEARAspiWDM (GearAspiWDM) -> system32\DRIVERS\GEARAspiWDM.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hcw85cir (Hauppauge Consumer Infrared Receiver) -> \SystemRoot\system32\drivers\hcw85cir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HdAudAddService (Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio) -> system32\drivers\HdAudio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HDAudBus (Pilote de bus UAA Microsoft pour High Definition Audio) -> \SystemRoot\system32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HidBatt (HID UPS Battery Driver) -> \SystemRoot\system32\DRIVERS\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (Miniport HID Microsoft Bluetooth) -> \SystemRoot\system32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (Microsoft Infrared HID Driver) -> \SystemRoot\system32\DRIVERS\hidir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidUsb (Pilote de classe HID Microsoft) -> \SystemRoot\system32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hitmanpro37 (HitmanPro 3.7 Support Driver) -> \??\C:\Windows\system32\drivers\hitmanpro37.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HpSAMD () -> \SystemRoot\system32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - i8042prt (Pilote pour clavier i8042 et souris sur port PS/2) -> \SystemRoot\system32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iaStorV (Contrôleur RAID Intel Windows 7) -> \SystemRoot\system32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ICCWDT (Intel(R) Watchdog Timer Driver (Intel(R) WDT)) -> system32\DRIVERS\ICCWDT.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iirsp () -> \SystemRoot\system32\DRIVERS\iirsp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - intelide () -> \SystemRoot\system32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - intelppm (Pilote de processeur Intel) -> system32\DRIVERS\intelppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\system32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - isapnp () -> \SystemRoot\system32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (Pilote iScsiPort) -> \SystemRoot\system32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iusb3hub (Pilote de concentrateur Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hub.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iusb3xhc (Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0) -> system32\DRIVERS\iusb3xhc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (Pilote de la classe Clavier) -> \SystemRoot\system32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - kbdhid (Pilote HID de clavier) -> \SystemRoot\system32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - L6UX2 (Service - Line 6 UX2) -> System32\Drivers\L6UX264.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - LSI_FC () -> \SystemRoot\system32\DRIVERS\lsi_fc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LSI_SAS () -> \SystemRoot\system32\DRIVERS\lsi_sas.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LSI_SAS2 () -> \SystemRoot\system32\DRIVERS\lsi_sas2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LSI_SCSI () -> \SystemRoot\system32\DRIVERS\lsi_scsi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LVRS64 (Logitech RightSound Filter Driver) -> system32\DRIVERS\lvrs64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - LVUVC64 (Logitech HD Webcam C270(UVC)) -> system32\DRIVERS\lvuvc64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - megasas () -> \SystemRoot\system32\DRIVERS\megasas.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MegaSR () -> \SystemRoot\system32\DRIVERS\MegaSR.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MEIx64 (Intel(R) Management Engine Interface) -> system32\DRIVERS\HECIx64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (Service Pilote de fonction de classe Moniteur Microsoft) -> \SystemRoot\system32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (Pilote de la classe Souris) -> \SystemRoot\system32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mouhid (Mouse HID Driver) -> \SystemRoot\system32\DRIVERS\mouhid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mpio (Pilote de bus à chemins d’accès multiples Microsoft) -> \SystemRoot\system32\drivers\mpio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\FirewallAPI.dll,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - msdsm (Module spécifique de périphériques à chemins d’accès multiples Microsoft) -> \SystemRoot\system32\drivers\msdsm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (Proxy de service de répartition Microsoft) -> system32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (Proxy d'horloge de répartition Microsoft) -> system32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (Proxy de gestion de qualité de répartition Microsoft) -> system32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (Convertisseur en T/site-à-site de répartition Microsoft) -> system32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MTConfig (Microsoft Input Configuration Driver) -> \SystemRoot\system32\DRIVERS\MTConfig.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NativeWifiP (NativeWiFi Filter) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisCap (NDIS Capture LightWeight Filter) -> system32\DRIVERS\ndiscap.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> system32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\DRIVERS\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> system32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NDProxy (NDIS Proxy) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nfrd960 () -> \SystemRoot\system32\DRIVERS\nfrd960.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nvraid () -> \SystemRoot\system32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - nvstor () -> \SystemRoot\system32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - nv_agp (Filtre de bus NVIDIA nForce AGP) -> \SystemRoot\system32\drivers\nv_agp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ohci1394 (Contrôleur d’hôte compatible OHCI 1394 (hérité)) -> \SystemRoot\system32\drivers\ohci1394.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Parport (Pilote de port parallèle) -> \SystemRoot\system32\drivers\parport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pciide () -> \SystemRoot\system32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pcmcia () -> \SystemRoot\system32\DRIVERS\pcmcia.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\rascfg.dll,-32006) -> system32\DRIVERS\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (Processor Driver) -> \SystemRoot\system32\DRIVERS\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ql2300 () -> \SystemRoot\system32\DRIVERS\ql2300.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ql40xx () -> \SystemRoot\system32\DRIVERS\ql40xx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (WAN Miniport (IKEv2)) -> system32\DRIVERS\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\rascfg.dll,-32005) -> system32\DRIVERS\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> system32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> system32\DRIVERS\rassstp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rdpbus (Remote Desktop Device Redirector Bus Driver) -> system32\DRIVERS\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (Terminal Server Device Redirector Driver) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RDPWD (RDP Winstation Driver) -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RTL8167 (Realtek 8167 NT Driver) -> system32\DRIVERS\Rt64win7.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - s3cap () -> \SystemRoot\system32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> \SystemRoot\system32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - semav6msr64 (semav6msr64) -> \??\C:\Windows\system32\drivers\semav6msr64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (Pilote de filtre Serenum) -> \SystemRoot\system32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (Pilote de port série) -> \SystemRoot\system32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (Serial Mouse Driver) -> \SystemRoot\system32\DRIVERS\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sffdisk (Pilote de classe de stockage SFF) -> \SystemRoot\system32\drivers\sffdisk.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sffp_mmc (Pilote de protocole de stockage SFF pour MMC) -> \SystemRoot\system32\drivers\sffp_mmc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sffp_sd (Pilote de protocole de stockage SFF pour SDBus) -> \SystemRoot\system32\drivers\sffp_sd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (High-Capacity Floppy Disk Drive) -> \SystemRoot\system32\DRIVERS\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SiSRaid2 () -> \SystemRoot\system32\DRIVERS\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SiSRaid4 () -> \SystemRoot\system32\DRIVERS\sisraid4.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Smb (@%SystemRoot%\system32\tcpipcfg.dll,-50005) -> system32\DRIVERS\smb.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - stexstor () -> \SystemRoot\system32\DRIVERS\stexstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - storvsc () -> \SystemRoot\system32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - swenum (Pilote de bus logiciel) -> \SystemRoot\system32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - TCPIP6 (Microsoft IPv6 Protocol Driver) -> system32\DRIVERS\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TDPIPE (TDPIPE) -> system32\drivers\tdpipe.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TDTCP (TDTCP) -> system32\drivers\tdtcp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tssecsrv (@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101) -> System32\DRIVERS\tssecsrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbFlt () -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tunnel (Pilote de carte miniport Microsoft Tunnel) -> system32\DRIVERS\tunnel.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - uagp35 (Microsoft AGPv3.5 Filter) -> \SystemRoot\system32\DRIVERS\uagp35.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - uliagpkx (Filtre de bus AGP Uli) -> \SystemRoot\system32\drivers\uliagpkx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (Pilote d’énumérateur UMBus) -> \SystemRoot\system32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (Microsoft UMPass Driver) -> \SystemRoot\system32\DRIVERS\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbaudio (Pilote USB audio (WDM)) -> system32\drivers\usbaudio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbccgp (Pilote parent générique USB Microsoft) -> system32\DRIVERS\usbccgp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbcir (Récepteur infrarouge eHome (USBCIR)) -> \SystemRoot\system32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbehci (Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0) -> \SystemRoot\system32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbhub (Pilote de concentrateur standard USB Microsoft) -> \SystemRoot\system32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (Pilote miniport de contrôleur hôte ouvert USB Microsoft) -> \SystemRoot\system32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (Microsoft USB PRINTER Class) -> \SystemRoot\system32\DRIVERS\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbscan (Pilote de scanneur USB) -> system32\DRIVERS\usbscan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - USBSTOR (Pilote de stockage de masse USB) -> system32\DRIVERS\USBSTOR.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbuhci (Pilote miniport de contrôleur hôte universel USB Microsoft) -> \SystemRoot\system32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbvideo (Périphérique vidéo USB (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - VClone () -> system32\DRIVERS\VClone.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - vga () -> system32\DRIVERS\vgapnp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\system32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - viaide () -> \SystemRoot\system32\drivers\viaide.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\system32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vsmraid () -> \SystemRoot\system32\DRIVERS\vsmraid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WacomPen (Wacom Serial Pen HID Driver) -> \SystemRoot\system32\DRIVERS\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WANARP (@%systemroot%\system32\rascfg.dll,-32011) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Wd () -> \SystemRoot\system32\DRIVERS\wd.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (WIMMount) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinUsb (LGE Mobile Android USB Driver) -> system32\DRIVERS\WinUsb.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (Microsoft Windows Management Interface for ACPI) -> \SystemRoot\system32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WUDFRd () -> system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - XtuAcpiDriver (Intel(R) Extreme Tuning Utility Device Service) -> system32\DRIVERS\XtuAcpiDriver.sys - AcceptPause: False - AcceptStop: True S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - crcdisk (Crcdisk Filter Driver) -> \SystemRoot\system32\DRIVERS\crcdisk.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 21:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 22:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 22:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.56F1EA3065D386173EA976E7C8403E07] - [25/09/2016 21:37:56] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [14.73 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.A2737AA6B6EC398987CFBE7D79BE36A3] - [24/04/2015 09:34:16] - (.© Advanced Micro Devices. - AMD ACP Binaries.) - [287.7 Ko] - (2.15.10.3) - C:\Windows\System32\Drivers\amdacpksd.sys [MD5.9B66BA4D578B18A3A02607A49A46ED15] - [25/09/2016 21:37:56] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [14.73 Ko] - (6.1.7601.23403) - C:\Windows\System32\Drivers\amdide.sys [MD5.AA8663311D3E7B711710AFAEE1825A2F] - [25/09/2016 21:37:56] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.23 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 21:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.0B5BFDCF705BF9F462B151FC5BE428B8] - [25/09/2016 21:37:56] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.23 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 22:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 22:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.9B480B472D6826E7257C90E2D0EE2954] - [18/09/2016 12:57:07] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswHwid.sys [MD5.06362BBA1347CBA0996F4B39BB1D8353] - [18/09/2016 12:59:04] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswKbd.sys [MD5.1BB00571CC2C78463ABD7E9C32970758] - [18/09/2016 12:57:08] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [106.27 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswMonFlt.sys [MD5.7010B57D708DA5C9686A5923EE621776] - [18/09/2016 12:57:07] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswRdr2.sys [MD5.937885085BFE5BD08EC1BC0245DD203B] - [18/09/2016 12:57:08] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswRvrt.sys [MD5.0B6352251C5D84130DF4252D33D266C2] - [18/09/2016 12:57:06] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [946.47 Ko] - (12.3.3154.8) - C:\Windows\System32\Drivers\aswsnx.sys [MD5.28213B34725B18387CC1B8C3D73858A1] - [18/09/2016 12:57:08] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [501.59 Ko] - (12.3.3154.8) - C:\Windows\System32\Drivers\aswsp.sys [MD5.9C58B6E9663D0A76D00D83E43C765BDF] - [18/09/2016 12:57:08] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [159.59 Ko] - (12.3.3154.0) - C:\Windows\System32\Drivers\aswStm.sys [MD5.D60D9201739400F0FBDB9E36A3212D91] - [18/09/2016 12:57:08] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [286.48 Ko] - (12.3.3154.16) - C:\Windows\System32\Drivers\aswvmm.sys [MD5.DA52C2608739A40493D5811B3E9A0BC1] - [21/01/2016 23:55:18] - (.© Advanced Micro Devices. - AMD High Definition Audio Function Driver.) - [102.52 Ko] - (7.12.0.7723) - C:\Windows\System32\Drivers\AtihdW76.sys [MD5.A87FC6E3670DB55788184FE3A3808712] - [24/04/2015 09:35:20] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [18515 Ko] - (8.1.1.1443) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.971F3B12C24BB83B48F8CCA2ED019906] - [24/04/2015 09:35:20] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [575.5 Ko] - (8.14.1.6413) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 21:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 02:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 02:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 02:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 02:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 02:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 02:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 21:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.4B47BBF1744551C2BE1469DAA66C1038] - [25/09/2016 21:37:56] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [16.73 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.BDD265EEB37DF5953A547FE412E2472F] - [20/12/2014 23:31:04] - (.Copyright (C) 2000 - 2014 Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - [39.4 Ko] - (6.1.1.3) - C:\Windows\System32\Drivers\ElbyCDIO.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 21:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 21:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.E403AACF8C7BB11375122D2464560311] - [08/09/2016 20:52:57] - (.Copyright (C) GEAR Software Inc. 1997-2009 - CD DVD Filter.) - [33.35 Ko] - (2.2.0.1) - C:\Windows\System32\Drivers\GEARAspiWDM.sys [MD5.9BA50351AF95C9DF28C8BCD382427D11] - [21/09/2009 19:26:10] - (.Copyright © 2008 Symantec Corporation. - Symantec Corporation Generic Mount.) - [65.05 Ko] - (1.0.0.36224) - C:\Windows\System32\Drivers\GenericMount.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [13/07/2009 23:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.2BB3EAE2EA641515D4B205CAB29E1624] - [11/01/2013 18:02:34] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [63.11 Ko] - (9.0.0.1287) - C:\Windows\System32\Drivers\HECIx64.sys [MD5.C1D26CB10D1FB92823F7E4C9B1CCF344] - [11/09/2016 10:17:22] - (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) - [53.45 Ko] - (1.3.8.12) - C:\Windows\System32\Drivers\hitmanpro37.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [09/09/2016 14:23:00] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.58A8CCA18210A9096B626B08EACC0B28] - [25/09/2016 21:37:56] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.73 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.1B904E09172A2D63CB728F56B9DC72AA] - [02/11/2016 07:15:38] - (.Copyright 2009-2016 (c) Intel Corporation. - Intel(R) Watchdog Timer Driver (Intel(R) WDT).) - [37.77 Ko] - (11.0.0.1010) - C:\Windows\System32\Drivers\ICCWDT.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 22:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.8CAF9BE17438F875A82FCE36DE4DC634] - [09/09/2016 09:42:22] - (.(C) 2010-2015 Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) - [22.27 Ko] - (3.0.5.69) - C:\Windows\System32\Drivers\iusb3hcs.sys [MD5.61DB13A14A7F384D21DEADAEE3763BBC] - [03/12/2016 20:41:55] - (.(C) 2010-2016 Intel Corporation - Intel(R) USB 3.0 Hub Driver.) - [400.51 Ko] - (5.0.0.32) - C:\Windows\System32\Drivers\iusb3hub.sys [MD5.F3A9A90A8B6C5B9DF60D0EA957976E66] - [03/12/2016 20:41:55] - (.(C) 2010-2016 Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) - [804.51 Ko] - (5.0.0.32) - C:\Windows\System32\Drivers\iusb3xhc.sys [MD5.1BD423EDB7F2139B79E8BEA8205EC64C] - [21/08/2015 18:25:50] - (.Copyright (c) Line 6 1999-2007 - GuitarPort WDM Audio Device Driver.) - [759.5 Ko] - (4.2.7.6) - C:\Windows\System32\Drivers\L6UX264.sys [MD5.7D409E9EDEB18FBDC250986FD6A08878] - [24/09/2016 09:32:03] - (.LG Electronics Inc. Seoul, Korea. - LGE AndroidNet Driver.) - [30 Ko] - (4.1.0.0) - C:\Windows\System32\Drivers\lgandnetdiag64.sys [MD5.6047D76F4BF701C4D2244F45005B7D87] - [24/09/2016 09:32:03] - (.LG Electronics Inc. Seoul, Korea. - LGE AndroidNet Driver.) - [36.5 Ko] - (4.1.0.0) - C:\Windows\System32\Drivers\lgandnetmodem64.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 22:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 22:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 22:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 22:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.A401CFF74982D8DF851F20307C806073] - [21/09/2012 20:04:22] - (.(c) 1996-2012 Logitech. - Logitech Kernel Audio Improvement Filter Driver.) - [343.28 Ko] - (13.51.823.0) - C:\Windows\System32\Drivers\lvrs64.sys [MD5.13384CB5F5813E65F31078D6ABFAAF38] - [21/09/2012 20:04:22] - (.(c) 1996-2012 Logitech. - Logitech USB Video Class Driver.) - [4652.03 Ko] - (13.51.823.0) - C:\Windows\System32\Drivers\lvuvc64.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [10/09/2016 13:30:12] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [10/09/2016 13:30:12] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [10/09/2016 13:30:52] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 21:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 22:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.452ACB7A9914398D9E18CCCFFCF92208] - [10/09/2016 13:30:12] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.38 Ko] - (1.0.6.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 22:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.C58189F39002E5E483C0B8BF728E8343] - [25/09/2016 21:37:56] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.73 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.77497B64AEAC221A081D2EE7C80B1CF4] - [25/09/2016 21:37:56] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.23 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 21:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 22:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.DCF7221D6588EDA8CD77CB27AE9B1844] - [08/09/2016 16:52:54] - (.Copyright (C) 2015 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [954.71 Ko] - (7.92.115.2015) - C:\Windows\System32\Drivers\Rt64win7.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 03:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.07F83829E7429E60298440CD1E601A6A] - [09/09/2016 09:38:39] - (.-.) - [21.47 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\semav6msr64.sys [MD5.F9DF63C7E70CBAC77EB07E454B35AB2A] - [25/09/2016 21:37:56] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7601.23403) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 21:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 22:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 22:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.2CB7AEA800B614184238232FBA4430E1] - [24/07/2013 16:02:46] - (.Copyright © 2002 - 2013 Elaborate Bytes AG - Virtual CloneDrive SCSI miniport.) - [36 Ko] - (5.4.7.0) - C:\Windows\System32\Drivers\VClone.sys [MD5.2B6E179E984F5A11521F8FE1EA6BAE83] - [25/09/2016 21:37:56] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [16.73 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 21:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.16B6B5B4CAFEA003B4ADA9FF16A6299A] - [22/11/2016 01:52:00] - (.Copyright(C) 2016 Intel Corporation. - Intel(R) Acpi Control Driver.) - [53.07 Ko] - (4.0.0.10) - C:\Windows\System32\Drivers\XtuAcpiDriver.sys ---------- | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AMD Catalyst Install Manager] : (AMD Install Manager.-.Advanced Micro Devices, Inc.) -> "C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe" /UNINSTALL /IGNORE_UPGRADE /ON_REBOOT_MESSAGE:NO [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Cakewalk Studio Instruments_is1] : (Studio Instruments 1.0.-.Cakewalk Music Software) -> "C:\Program Files\Cakewalk\Studio Instruments\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\LockHunter_is1] : (LockHunter 3.1, 32/64 bit.-.Crystal Rich Ltd) -> "C:\Program Files\LockHunter\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Recuva] : (Recuva.-.Piriform) -> "C:\Program Files\Recuva\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.40 bêta 2 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}] : (Native Instruments Guitar Rig 5.-.Native Instruments) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0886900B-B2F3-452C-B580-60F1253F7F80}] : (Native Instruments Controller Editor.-.Native Instruments) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}] : (Native Instruments Service Center.-.Native Instruments) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1C9A24E0-CA21-414D-8D21-22BF8981FC9F}] : (Adblock Plus pour IE (32-bits et 64-bits).-.Eyeo GmbH) -> MsiExec.exe /X{1C9A24E0-CA21-414D-8D21-22BF8981FC9F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20F9CFAA-04FD-423D-869A-279985494E09}] : (Process Blocker 1.0.13.1.-.Softros Systems, Inc.) -> MsiExec.exe /I{20F9CFAA-04FD-423D-869A-279985494E09} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2930FB47-6452-4476-BF16-D77F748646DB}] : (Native Instruments Guitar Rig Mobile I/O.-.Native Instruments) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{52116C70-79F9-11E6-9541-BB95F5A309BD}] : (MSVCRT Redists.-.MAGIX Computer Products Intl. Co.) -> MsiExec.exe /I{52116C70-79F9-11E6-9541-BB95F5A309BD} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{55398EAC-F58E-4F19-B553-BDF8B9EFD839} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6A633DB7-06E4-4EF1-8FD1-7F8812C590AD}_is1] : (Active@ KillDisk 10.-.LSoft Technologies Inc) -> "C:\Program Files\LSoft Technologies\Active@ KillDisk 10\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7930FB47-6452-4476-BF16-D77F748646DB}] : (Native Instruments Guitar Rig Session I/O.-.Native Instruments) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{80595353-6197-2EB6-F14C-C1F4AC093311}] : (AMD Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{80595353-6197-2EB6-F14C-C1F4AC093311} REBOOT=ReallySuppress [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1] : (Revo Uninstaller 2.0.2.-.VS Revo Group, Ltd.) -> "C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}] : (MSVCRT Redists.-.Sony Creative Software Inc.) -> MsiExec.exe /I{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AEEC522D-38DD-46FD-9367-3E32F51B3A42}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{AEEC522D-38DD-46FD-9367-3E32F51B3A42} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B962AD08-335F-46f7-A182-257D37672E5C}] : (Native Instruments Rig Kontrol 3.-.Native Instruments) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9608300-11F5-11E0-A64B-0013D3D69929}] : (MSVCRT Redists.-.Sony Creative Software Inc.) -> MsiExec.exe /I{C9608300-11F5-11E0-A64B-0013D3D69929} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}] : (Vegas Pro 13.0 (64-bit).-.Sony) -> MsiExec.exe /X{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}] : (MSVCRT Redists.-.Sony Creative Software Inc.) -> MsiExec.exe /I{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}] : (.. ..-.Intel) -> MsiExec.exe /I{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF8F5F84-9660-40DB-BDAD-CCD03F6BD1F6}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{FF8F5F84-9660-40DB-BDAD-CCD03F6BD1F6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 24 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 24 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI] : (Adobe Flash Player 23 PPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_185_pepper.exe -maintain pepperplugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AudioCreator_is1] : (Audio Creator LE 1.5.-.Cakewalk Music Software) -> "C:\Program Files (x86)\Cakewalk\Audio Creator LE\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Bandicam] : (Bandicam.-.Bandisoft.com) -> "C:\Program Files (x86)\Bandicam\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BandiMPEG1] : (Bandisoft MPEG-1 Decoder.-.Bandisoft.com) -> "C:\Program Files (x86)\BandiMPEG1\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Cakewalk Sound Center_is1] : (Cakewalk Sound Center 1.0.0.-.Cakewalk Music Software) -> "C:\Program Files (x86)\Cakewalk\Cakewalk Sound Center\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EVEREST Home Edition_is1] : (EVEREST Home Edition v2.20.-.Lavalys Inc) -> "C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FormatFactory] : (FormatFactory 4.0.0.0.-.Free Time) -> C:\Program Files (x86)\FormatFactory\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] : (K-Lite Codec Pack 12.3.5 Full.-.KLCP) -> "C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LG PC Suite] : (LG PC Suite.-.LG Electronics) -> C:\Program Files (x86)\LG Electronics\LG PC Suite\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Line 6 Uninstaller] : (Line 6 Uninstaller.-.Line 6) -> C:\Program Files (x86)\Line6\Tools\Line 6 Uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 50.1.0 (x86 fr)] : (Mozilla Firefox 50.1.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Music Creator_is1] : (Music Creator 5.-.Cakewalk Music Software) -> "C:\Program Files (x86)\Cakewalk\Music Creator 5\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Controller Editor] : (Native Instruments Controller Editor.-.Native Instruments) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig 5] : (Native Instruments Guitar Rig 5.-.Native Instruments) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig Mobile I/O] : (Native Instruments Guitar Rig Mobile I/O.-.Native Instruments) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig Session I/O] : (Native Instruments Guitar Rig Session I/O.-.Native Instruments) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Rig Kontrol 3] : (Native Instruments Rig Kontrol 3.-.Native Instruments) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Service Center] : (Native Instruments Service Center.-.Native Instruments) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.51.2220.62] : (SafeZone Stable 1.51.2220.62.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SEAF] : (SEAF By C_XX.-.C_XX) -> "C:\Program Files (x86)\SEAF\Un-SEAF.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Security Task Manager] : (Security Task Manager 2.1g.-.Neuber Software) -> C:\Program Files (x86)\Security Task Manager\Uninstal.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Transcribe!_is1] : (Transcribe! 7.30.-.Seventh String Software) -> "C:\Program Files (x86)\Transcribe!\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TuxGuitar 1.3.2] : (TuxGuitar.-.TuxGuitar) -> C:\Program Files (x86)\tuxguitar-1.3.2\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UltraISO_is1] : (UltraISO Premium V9.65.-.) -> "C:\Program Files (x86)\UltraISO\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VirtualCloneDrive] : (VirtualCloneDrive.-.Elaborate Bytes) -> "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VMidi] : (vanBasco's Karaoke Player.-.) -> C:\Program Files (x86)\vanBasco's Karaoke Player\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VueScan] : (VueScan.-.) -> C:\VueScan\vuescan.exe /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{06DA421D-EE23-487D-878F-F0AF97EF69AD}] : (.. ..-.Intel) -> MsiExec.exe /X{06DA421D-EE23-487D-878F-F0AF97EF69AD} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08610298-29AE-445B-B37D-EFBE05802967}] : (LWS Pictures And Video.-.Logitech) -> MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E26E09B-6687-4A99-BD08-A9E705373029}_is1] : (Vyzex Pocket POD 1.17.-.Psicraft Designs, Inc.) -> "C:\Program Files (x86)\Psicraft\Line 6\Vyzex Pocket POD\Win32\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1] : (Guitar Pro 6.-.Arobas Music) -> "C:\Program Files (x86)\Guitar Pro 6\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15634701-BACE-4449-8B25-1567DA8C9FD3}] : (CameraHelperMsi.-.Logitech) -> MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1651216E-E7AD-4250-92A1-FB8ED61391C9}] : (LWS Help_main.-.Logitech) -> MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{174A3B31-4C43-43DD-866F-73C9DB887B48}] : (LWS Twitter.-.Logitech) -> MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}] : (LWS YouTube Plugin.-.Logitech) -> MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall_arp [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180121F0}] : (Java 8 Update 121.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180121F0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{314E06D1-9781-11E4-8A3C-001E4FC0A7E5}] : (MSVCRT Redists.-.Sony Creative Software Inc.) -> MsiExec.exe /I{314E06D1-9781-11E4-8A3C-001E4FC0A7E5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}] : (Noise Reduction Plug-In 2.0.-.Sony) -> MsiExec.exe /X{36DF4580-D1B3-11E3-A23E-F04DA23A5C58} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}] : (erLT.-.Logitech, Inc.) -> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3F490D0E-3131-438C-BCF9-7549CB88DF41}] : (LG Mobile Driver.-.LG Electronics) -> "C:\Program Files (x86)\InstallShield Installation Information\{3F490D0E-3131-438C-BCF9-7549CB88DF41}\setup.exe" -runfromtemp -l0x040c LG -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{46F044A5-CE8B-4196-984E-5BD6525E361D}] : (Apple Application Support.-.Apple Inc.) -> MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}] : (LG United Mobile Drivers.-.LG Electronics) -> MsiExec.exe /X{4DE95ED9-0A29-4C4F-8463-35857CF9BA36} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}] : (LWS Gallery.-.Logitech) -> MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1] : (VGA Boost.-.MSI) -> "C:\Program Files (x86)\MSI\MSITrigger\VGA Boost\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}] : (LWS Launcher.-.Logitech) -> MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8937D274-C281-42E4-8CDB-A0B2DF979189}] : (LWS Webcam Software.-.Logitech) -> MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9DAEA76B-E50F-4272-A595-0124E826553D}] : (LWS WLM Plugin.-.Logitech) -> MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824211354}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824211354} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c7f54569-0018-439c-809a-48046a4d4ebc}] : (Logiciel pour périphérique à chipset Intel®.-.Intel(R) Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D40EB009-0499-459c-A8AF-C9C110766215}] : (Logitech Webcam Software.-.Logitech Inc.) -> "C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=FRA /guid="{D40EB009-0499-459c-A8AF-C9C110766215}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skype™ 7.31.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}] : (Intel® Driver Update Utility.-.Intel) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}] : (LWS Facebook.-.Logitech) -> MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB} ---------- | Ports ---------- | Microsoft Specifications CheckID: Access_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Access_PIA CheckID: Ace_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Ace_PIA CheckID: Graph_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Graph_PIA CheckID: SmartTag_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> SmartTag_PIA CheckID: Excel_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Excel_PIA CheckID: VSTAIDEFiles0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "2.0" -> VSTAIDEFiles CheckID: XDocs_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> XDocs_PIA CheckID: XDocsProgrammabilityFiles0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "2.0" -> XDocsProgrammabilityFiles CheckID: Outlook_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Outlook_PIA CheckID: PowerPoint_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> PowerPoint_PIA CheckID: Publisher_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Publisher_PIA CheckID: dummy_MSCOMCTL_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> dummy_MSCOMCTL_PIA CheckID: dummy_Office_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> dummy_Office_PIA CheckID: Forms_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Forms_PIA CheckID: VSCommonPIAHidden0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> VSCommonPIAHidden CheckID: Word_PIA0{90120000-0011-0000-0000-0000000FF1CE} - MsiNetAssemblySupport < "1.1.4322" -> Word_PIA CheckID: VSTAIDEFilesIntl_10360{90120000-0044-040C-0000-0000000FF1CE} - MsiNetAssemblySupport < "2.0" -> VSTAIDEFilesIntl_1036 CheckID: XDOCSProgrammabilityFilesIntl_10360{90120000-0044-040C-0000-0000000FF1CE} - MsiNetAssemblySupport < "2.0" -> XDOCSProgrammabilityFilesIntl_1036 CheckID: ThumbnailPreviewHandler1{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - ADD_THUMBNAILPREVIEW="YES" -> ThumbnailPreviewHandler CheckID: Accessibility_Plugins0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_ACCESSIBILITY="YES" -> Accessibility_Plugins CheckID: AdobeCommonLinguistics_Big0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_LINGUISTICS="YES" -> AdobeCommonLinguistics_Big CheckID: Atmosphere_3D0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_3D="YES" -> Atmosphere_3D CheckID: MultimediaPlugin0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_MULTIMEDIA="YES" -> MultimediaPlugin CheckID: ReaderAIRIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_AIR_INTEGRATION="YES" -> ReaderAIRIntegration CheckID: ReaderBrowserIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_BROWSER_INTEGRATION="YES" -> ReaderBrowserIntegration CheckID: ReaderPDFIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_PDF_INTEGRATION="YES" -> ReaderPDFIntegration CheckID: SearchAndIndex0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_SEARCH5="YES" -> SearchAndIndex CheckID: MSXMLSXS0{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} - VersionNT < 501 -> MSXMLSXS CheckID: MSXMLSXS0{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} - VersionNT < 501 -> MSXMLSXS ---------- | CLSID ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.D9FDE19432E8B011DB8574C6CF5443AA] - |SD| - [12/10/2016 08:06:08] - (.-.) - [122.35 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |SD| - [22/01/2017 16:32:41] - [314.25 Ko] - C:\Windows\Temp\avast_ash2 [MD5.00000000000000000000000000000000] - |SD| - [22/01/2017 16:36:41] - [0 Ko] - C:\Windows\Temp\hsperfdata_BRUNO-PC$ [MD5.283A97D780AACF26254C4C7C138314A0] - |SD| - [22/01/2017 20:36:36] - (.-.) - [17.61 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15550.LOG [MD5.E0CC4234A1D31B21D35CE7ABBE44D1E2] - |SD| - [22/01/2017 20:36:38] - (.-.) - [17.26 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15551.LOG [MD5.19758301F252B79840E7EBD87FB4556A] - |SD| - [22/01/2017 20:36:38] - (.-.) - [7222.53 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15552.LOG [MD5.0A9956B8C1564DFACDB21B7D858BCD4D] - |SD| - [22/01/2017 20:37:08] - (.-.) - [139.97 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15553.LOG [MD5.61DC5A803114B4E42201A5B6862B3B3A] - |SD| - [22/01/2017 20:37:10] - (.-.) - [119.43 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15554.LOG [MD5.539500018C45043CA5D6518239D061FA] - |SD| - [22/01/2017 20:37:10] - (.-.) - [145.97 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15555.LOG [MD5.8B99C91DF836F4417CDDA724F4E051F9] - |SD| - [22/01/2017 20:37:10] - (.-.) - [144.02 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15556.LOG [MD5.DEB0E97E6F4EC519AD6AE6DE26C5F7AD] - |SD| - [22/01/2017 20:37:10] - (.-.) - [98.13 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15557.LOG [MD5.D794683B1AE7A3917AFB942C936B5E28] - |SD| - [22/01/2017 20:37:10] - (.-.) - [183.71 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15558.LOG [MD5.8BBEC5ABD57123BBB3D6E77A5A65E2DB] - |SD| - [22/01/2017 20:37:11] - (.-.) - [320.29 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15559.LOG [MD5.A87414F1064D586FC765211E697FF730] - |SD| - [22/01/2017 20:37:11] - (.-.) - [56.6 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1555a.LOG [MD5.10EC2E48CC5ACF393602A8EE52EC851B] - |SD| - [22/01/2017 20:37:11] - (.-.) - [146.84 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1555b.LOG [MD5.93C39A0986A71C7F926BC9D274E4C2D9] - |SD| - [22/01/2017 20:37:11] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1555c.LOG [MD5.1A6309061F17EE2CFEF04B023904E3F6] - |SD| - [22/01/2017 20:37:11] - (.-.) - [373.83 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1555d.LOG [MD5.F06DB8A776C9BCB8E312CFCC681B4618] - |SD| - [22/01/2017 20:37:12] - (.-.) - [48.82 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1555e.LOG [MD5.F5E9CC0EA19D534B23C3FBC5B81A19AF] - |SD| - [22/01/2017 20:37:12] - (.-.) - [47.71 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1555f.LOG [MD5.63EFC3DD23BF1C9508F496A7B9909F10] - |SD| - [22/01/2017 20:37:12] - (.-.) - [49.49 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15560.LOG [MD5.5D1A3C700FB74309BBD2071648DAA2CC] - |SD| - [22/01/2017 20:37:12] - (.-.) - [46.7 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15561.LOG [MD5.38638454B9B1C7019D4A52852D73C606] - |SD| - [22/01/2017 20:37:12] - (.-.) - [49.43 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15562.LOG [MD5.FF9E585C6F80B130C3CEEF9A00CD6806] - |SD| - [22/01/2017 20:37:12] - (.-.) - [46.7 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15563.LOG [MD5.9A5E76C98626687CB1C6BE723A5D86B8] - |SD| - [22/01/2017 20:37:12] - (.-.) - [18.38 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15564.LOG [MD5.AE2BB369626F3286E7609F3BE88CE6DB] - |SD| - [22/01/2017 20:37:12] - (.-.) - [18.79 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15565.LOG [MD5.6FD7A2906947FCD5B59B48434D8EEF1B] - |SD| - [22/01/2017 20:37:12] - (.-.) - [18.37 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15566.LOG [MD5.F10D66A02CBCFA6B975944543D26E98B] - |SD| - [22/01/2017 20:37:13] - (.-.) - [18.49 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15567.LOG [MD5.50A62E657FA1E2460BAA8C68441F373A] - |SD| - [22/01/2017 20:37:13] - (.-.) - [18.43 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15568.LOG [MD5.4AEA1069789D730178DE2DA72487F1F3] - |SD| - [22/01/2017 20:37:13] - (.-.) - [25.05 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15569.LOG [MD5.B74A96176A8489A35CB317BC3F52A90C] - |SD| - [22/01/2017 20:37:13] - (.-.) - [18.13 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1556a.LOG [MD5.450B050A1E5D94E0A7B2D007AD2397E2] - |SD| - [22/01/2017 20:37:13] - (.-.) - [18.11 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1556b.LOG [MD5.A0395F1B233A501A5E21E696A2D1251C] - |SD| - [22/01/2017 20:37:13] - (.-.) - [18.43 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1556c.LOG [MD5.B8D0B3423A585316B260694020FD62E7] - |SD| - [22/01/2017 20:37:13] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1556d.LOG [MD5.8C529FDAC9717DCCEA20B9BACC708970] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18.13 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1556e.LOG [MD5.A9D2500E890E1411DFB9D4F873DFE1E7] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18.42 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1556f.LOG [MD5.9B16A97B42A65BAA04D81EB9685CB04A] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15570.LOG [MD5.BA4F0D05FADEA0AAF9E8778AB18297D8] - |SD| - [22/01/2017 20:37:14] - (.-.) - [11.11 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15571.LOG [MD5.E9A73483CB10FD2A4C5B5EABF32C0C30] - |SD| - [22/01/2017 20:37:14] - (.-.) - [4.13 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15572.LOG [MD5.B3E9C6E53284EABD373F4BF2A8294467] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18.11 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15573.LOG [MD5.01904EB77DB50F6D67D76C23D41FBBD7] - |SD| - [22/01/2017 20:37:14] - (.-.) - [24.65 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15574.LOG [MD5.A75EF94AC04BFE8E4F5569F1D1FADA29] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18.13 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15575.LOG [MD5.80A73579D6504EF9BBEDE39EFA346DD7] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15576.LOG [MD5.21A8977A911BDFDA21F418C2A5D89DFA] - |SD| - [22/01/2017 20:37:14] - (.-.) - [26.74 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15577.LOG [MD5.170F69DE43AB61C1F65E550B7E542E93] - |SD| - [22/01/2017 20:37:14] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15578.LOG [MD5.CA0DCD1F61E85FDD9409D9FC6E6D1D53] - |SD| - [22/01/2017 20:37:14] - (.-.) - [1244.85 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15579.LOG [MD5.6ABAC9CDFEAFC0FBF975D00F2EED3B42] - |SD| - [22/01/2017 20:37:16] - (.-.) - [17.9 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1557a.LOG [MD5.1780629DD64391CA8FFB0EDFA9E7DE11] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.91 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1557b.LOG [MD5.90EC23F60D828C8123EE2D881DD4B577] - |SD| - [22/01/2017 20:37:16] - (.-.) - [11.28 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1557c.LOG [MD5.E649A7902E61BC3463AB88DEDB0E4DD1] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.93 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1557d.LOG [MD5.AA8A75E38051EC989BE195D06160B571] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.93 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1557e.LOG [MD5.3844186C0431F95E23A14369238682ED] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.91 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1557f.LOG [MD5.C3535FDD187DE1310ED91D334ECD9317] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15580.LOG [MD5.C6FF519B056809AD06D394C18946D129] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.57 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15581.LOG [MD5.D6FC62F2674A0DB51A69F70DE3C82604] - |SD| - [22/01/2017 20:37:16] - (.-.) - [18.02 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15582.LOG [MD5.86E5E07CA7F89697D2FC47AC5685CF0E] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.92 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15583.LOG [MD5.A423D2E78328C649BA8CF2469A563145] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.92 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15584.LOG [MD5.415593066DED40E4F31A0FA8992B4707] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.9 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15585.LOG [MD5.821D22E67DE30DA47FAD4377D51D5D7D] - |SD| - [22/01/2017 20:37:17] - (.-.) - [48.97 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15586.LOG [MD5.E9ED754FD2079E796ED9B7D600CC7024] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.14 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15587.LOG [MD5.A469DCD1E69D8D1214BBA6A51DCA5AE3] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.13 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15588.LOG [MD5.E1C76AE3C07FF86CB4AA1CBE824736AE] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15589.LOG [MD5.4C2E455F47A3892AA1EEDAAA424866F9] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.75 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1558a.LOG [MD5.A57EF484842F4CEA4F0E175504EFB45D] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1558b.LOG [MD5.2C37A388619C2C39BAF59876A3E6AB46] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1558c.LOG [MD5.CA1014277BB421617A6C1DED63A69ED1] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.26 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1558d.LOG [MD5.16072A6B8B98EA5173AFDDB1CFD7B943] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.3 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1558e.LOG [MD5.184EBB61975CD84603DD62D7B764AC31] - |SD| - [22/01/2017 20:37:17] - (.-.) - [18.22 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI1558f.LOG [MD5.4D8609F83A2CA3DCBBD3E6EC296CAB77] - |SD| - [22/01/2017 20:37:17] - (.-.) - [17.9 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15590.LOG [MD5.44E7177F4480C4B3A291C7A883633004] - |SD| - [22/01/2017 20:37:17] - (.-.) - [17.9 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15591.LOG [MD5.774A1288F09D2946BA2742B3CBFFB510] - |SD| - [22/01/2017 20:37:18] - (.-.) - [384.05 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15592.LOG [MD5.3AC74B08FB273E3086ED0E2AA0464356] - |SD| - [22/01/2017 20:37:18] - (.-.) - [17.9 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15593.LOG [MD5.A340D3E8094C8FC09E6AC523778383B2] - |SD| - [22/01/2017 20:37:18] - (.-.) - [18.12 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15594.LOG [MD5.A9D23E9B63AEB091CB7CDE9278C15E5C] - |SD| - [22/01/2017 20:37:18] - (.-.) - [18.27 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15595.LOG [MD5.AC468BF868CBCDFA40E04287F86AEB8A] - |SD| - [22/01/2017 20:37:18] - (.-.) - [18.22 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15596.LOG [MD5.391C1C9E30A29D3F28A06086E1970539] - |SD| - [22/01/2017 20:37:18] - (.-.) - [18.06 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15597.LOG [MD5.A798C3FF988F27B8E2A3179670309C24] - |SD| - [22/01/2017 20:37:18] - (.-.) - [18.27 Ko] - (0.0.0.0) - C:\Windows\Temp\MSI15598.LOG [MD5.00000000000000000000000000000000] - |SD| - [18/09/2016 12:59:13] - [15.13 Ko] - C:\Windows\Temp\SafeZone Installer [MD5.00000000000000000000000000000000] - |SD| - [18/09/2016 12:57:33] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.D41D8CD98F00B204E9800998ECF8427E] - |SD| - [12/10/2016 09:09:47] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\--debugoff [MD5.87A610E39A736784297383DABDC549A7] - |SD| - [12/10/2016 09:09:47] - (.-.) - [5.93 Ko] - (0.0.0.0) - C:\Windows\System32\--traceoff [MD5.70E8D79F1B42D659916F466A9A5A1B99] - |SD| - [11/09/2016 10:20:35] - (.-.) - [1.8 Ko] - (0.0.0.0) - C:\Windows\System32\.crusader [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:06] - [0 Ko] - C:\Windows\System32\040C [MD5.455F09A8451FD7AB163055870209C69A] - |SD| - [14/07/2009 05:45:49] - (.-.) - [20.22 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.455F09A8451FD7AB163055870209C69A] - |SD| - [14/07/2009 05:45:49] - (.-.) - [20.22 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [4987.5 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.6196FFB4F747DD674B7E9373560D72AC] - |SD| - [24/04/2015 09:34:18] - (.-.) - [153.56 Ko] - (0.0.0.0) - C:\Windows\System32\amde31a.dat [MD5.0D65B90F952D83CF2A58678FD11F2C1B] - |SD| - [24/04/2015 09:34:36] - (.-.) - [747.9 Ko] - (0.0.0.0) - C:\Windows\System32\amdicdxx.dat [MD5.95264BF10A4290204A58593A1B1E29E8] - |SD| - [24/04/2015 09:34:38] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [5700.5 Ko] - (9.1.10.45) - C:\Windows\System32\amdmantle64.dll [MD5.D81287BC433875167D7EE2297AA7809A] - |SD| - [24/04/2015 09:34:40] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [48.5 Ko] - (1.6.0.0) - C:\Windows\System32\amdmmcl6.dll [MD5.DB8A49FC84C12C12C150F7CC2B2D763D] - |SD| - [24/04/2015 09:35:02] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46776.5 Ko] - (10.0.1642.5) - C:\Windows\System32\amdocl64.dll [MD5.ECC9D68F5BEF5CD67BE2D2F758661980] - |SD| - [24/04/2015 09:35:02] - (.-.) - [1159.51 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_as64.exe [MD5.DD3E0FE46F9AB3F9A339F4DD3B2B2E4C] - |SD| - [24/04/2015 09:35:04] - (.-.) - [1037.01 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_ld64.exe [MD5.10C865A9BB9E78D507BBF69C16651843] - |SD| - [24/04/2015 09:35:22] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll [MD5.00000000000000000000000000000000] - |SD| - [25/09/2016 23:16:23] - [9610.86 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [201.5 Ko] - C:\Windows\System32\ar-SA [MD5.E43AEE6A66067C6535C1F994BCFB93A1] - |SD| - [18/09/2016 12:56:37] - (.Copyright (c) 2014 AVAST Software - avast! start-up scanner.) - [382.32 Ko] - (12.3.3154.0) - C:\Windows\System32\aswBoot.exe [MD5.CEFC4FBEE536DAC4BCE35D20FC61DBE5] - |SD| - [24/04/2015 09:35:06] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1186.5 Ko] - (7.14.40.1301) - C:\Windows\System32\atiadlxx.dll [MD5.50486342C29604B9C799DD990BCD2550] - |SD| - [24/04/2015 09:35:06] - (.-.) - [617.1 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb [MD5.2E4452037F7E7498B7674B3447AD1676] - |SD| - [24/04/2015 09:35:06] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [358.5 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe [MD5.749584902AE80A53EFDA4F8FA03E1713] - |SD| - [24/04/2015 09:35:06] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe [MD5.A32D1680F655FD2733AE1EC8E5EF6606] - |SD| - [24/04/2015 09:35:06] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [54.5 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalcl64.dll [MD5.C88E2BA3D3F4A44609CE25121ABBA388] - |SD| - [24/04/2015 09:35:12] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15348 Ko] - (6.14.10.1848) - C:\Windows\System32\aticaldd64.dll [MD5.C833DEF4897B44D490BA5A027F30733D] - |SD| - [24/04/2015 09:35:12] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalrt64.dll [MD5.958AFA3EAA291ABDB443A08BC3D384B8] - |SD| - [24/04/2015 09:35:12] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1317.31 Ko] - (8.17.10.1333) - C:\Windows\System32\aticfx64.dll [MD5.F691F706ED410CBC9FBC2CDA6284FA5B] - |SD| - [24/04/2015 09:35:12] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.5.5437.38185) - C:\Windows\System32\atidemgy.dll [MD5.1D44C6F09A6FF8D4744EFB3A5C39F2DC] - |SD| - [24/04/2015 09:35:16] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [10817.17 Ko] - (8.17.10.581) - C:\Windows\System32\atidxx64.dll [MD5.CAC9C36B2E28F3AE76FF62EA7523D71F] - |SD| - [24/04/2015 09:35:16] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [756.5 Ko] - (6.14.11.1180) - C:\Windows\System32\atieclxx.exe [MD5.2998362D1E550F0C990D77E34415BEB6] - |SD| - [24/04/2015 09:35:16] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [239 Ko] - (6.14.11.1180) - C:\Windows\System32\atiesrxx.exe [MD5.ED5B3E59C6CC592BC9F5B3B52E8DEDB9] - |SD| - [24/04/2015 09:35:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [73.5 Ko] - (8.14.1.6413) - C:\Windows\System32\atig6pxx.dll [MD5.A59EF4DFB31AD3D42F66364F7F184A7E] - |SD| - [24/04/2015 09:35:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [143.5 Ko] - (8.14.1.6413) - C:\Windows\System32\atig6txx.dll [MD5.A4811F4E2BC46289B2581689374B1939] - |SD| - [24/04/2015 09:35:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6413) - C:\Windows\System32\atiglpxx.dll [MD5.AF5FF6625BAD9BF2A509162D895F2B42] - |SD| - [24/04/2015 09:35:18] - (.-.) - [717.64 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat [MD5.10C865A9BB9E78D507BBF69C16651843] - |SD| - [24/04/2015 09:35:22] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll [MD5.C36B922EF8D5BAF59DBB8656A41ACDE1] - |SD| - [24/04/2015 09:35:22] - (.Copyright ฉ 2009 AMD - Multi-language DPPE DLL.) - [30.5 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll [MD5.155706AB5BC7661D15191613E88AE1F5] - |SD| - [24/04/2015 09:35:28] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [27690 Ko] - (6.14.10.13283) - C:\Windows\System32\atio6axx.dll [MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |SD| - [24/04/2015 09:35:28] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe [MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |SD| - [24/04/2015 09:35:28] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe [MD5.64A0869F18560CD529120ADE00155C3E] - |SD| - [24/04/2015 09:35:32] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat [MD5.DB70BAB45B0AA23712891A0926EFEB62] - |SD| - [24/04/2015 09:35:34] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [186.5 Ko] - (6.14.11.25) - C:\Windows\System32\atitmm64.dll [MD5.9CE6CBD32C2BCF7EB2FAEFEB727C4A77] - |SD| - [24/04/2015 09:35:34] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [115.33 Ko] - (8.14.1.6413) - C:\Windows\System32\atiu9p64.dll [MD5.89C7CB3C248ADD52EB466F714BE19E32] - |SD| - [24/04/2015 09:35:34] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8173.25 Ko] - (9.14.10.1080) - C:\Windows\System32\atiumd64.dll [MD5.CC9EAB0AECCDFCA628E33871431BE56F] - |SD| - [24/04/2015 09:35:36] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap [MD5.80CDED258AC8D00784C4A3126C413CBA] - |SD| - [24/04/2015 09:35:38] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8183.32 Ko] - (8.14.10.481) - C:\Windows\System32\atiumd6a.dll [MD5.78BEE4D4CA815DD35F52035ABEEAAA96] - |SD| - [24/04/2015 09:35:42] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [140.95 Ko] - (8.14.1.6413) - C:\Windows\System32\atiuxp64.dll [MD5.3D68E6D58A880D343107881B4BB0A28D] - |SD| - [24/04/2015 09:35:42] - (.-.) - [81.36 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat [MD5.E8E91A347D953165B97B8BAFFE6ED522] - |SD| - [24/04/2015 09:35:42] - (.-.) - [155.22 Ko] - (0.0.0.0) - C:\Windows\System32\ativce03.dat [MD5.FFEA887E113E7137413FF95C30FD7DF0] - |SD| - [24/04/2015 09:35:42] - (.-.) - [228.8 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat [MD5.7231C51E934338AEAA6173D104D88C83] - |SD| - [24/04/2015 09:35:42] - (.-.) - [227.17 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat [MD5.56B06F4F9A215ABDE62848891093B566] - |SD| - [24/04/2015 09:35:42] - (.-.) - [232.56 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cz_nd.dat [MD5.29C67A7CC34AC1D8826C7BF4B010000C] - |SD| - [24/04/2015 09:35:42] - (.-.) - [315.68 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi.dat [MD5.816649F006EB9BA3FBC9D5EA08740DB0] - |SD| - [24/04/2015 09:35:42] - (.-.) - [314.17 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |SD| - [24/04/2015 09:35:42] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |SD| - [24/04/2015 09:35:42] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat [MD5.5ADEA79E8F723C361EC5139E9F57E2B6] - |SD| - [05/08/2013 07:15:06] - (.-.) - [25.04 Ko] - (0.0.0.0) - C:\Windows\System32\bdmjpeg64.dll [MD5.03BC1E31E802542632E029A402FB01BF] - |SD| - [05/08/2013 07:15:12] - (.-.) - [69.05 Ko] - (0.0.0.0) - C:\Windows\System32\bdmpega64.acm [MD5.509BFBB117E326BD4486B9D355A46C1F] - |SD| - [05/08/2013 07:15:08] - (.-.) - [68.55 Ko] - (0.0.0.0) - C:\Windows\System32\bdmpegv64.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [2589.81 Ko] - C:\Windows\System32\Boot [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |SD| - [14/07/2009 02:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |SD| - [14/07/2009 01:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |SD| - [14/07/2009 00:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [77493.69 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |SD| - [25/09/2016 17:40:49] - [31060.11 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [27187.16 Ko] - C:\Windows\System32\catroot2.bak [MD5.5DB6707D01687DCD520DFEDFE86E70E7] - |SD| - [24/04/2015 09:35:42] - (.-.) - [229.5 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [7407.12 Ko] - C:\Windows\System32\CodeIntegrity [MD5.3C9F2C7AFE5BDEA66EFC9D79A4E568A2] - |SD| - [24/04/2015 09:35:42] - (.AMD. - CoInstaller DLL.) - [824 Ko] - (1.0.5.9) - C:\Windows\System32\coinst_14.50.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [317088.56 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [432 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [427.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [457.5 Ko] - C:\Windows\System32\de-DE [MD5.B533E4DC7179848FEAC84E17A3BFCE13] - |SD| - [21/01/2016 23:55:48] - (.Advanced Micro Devices. - Delay Audio Processing Object.) - [110.73 Ko] - (1.0.0.1) - C:\Windows\System32\DelayAPO.dll [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |SD| - [14/07/2009 05:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.DA2E38CF8FF24983115F3ADF4FFD166B] - |SD| - [21/09/2012 20:08:36] - (.-.) - [330.21 Ko] - (13.51.823.0) - C:\Windows\System32\DevManagerCore.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [5335 Ko] - C:\Windows\System32\Dism [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:10] - [76560.42 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [1177079.39 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [08/09/2016 20:52:57] - [272.49 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [457 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [2875.67 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [448 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [160.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |SD| - [09/09/2016 19:55:33] - [154.5 Ko] - C:\Windows\System32\EventProviders [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [430 Ko] - C:\Windows\System32\fi-FI [MD5.9376F91615F880DAF6C08CB4D27AC5E8] - |SD| - [11/01/2017 17:50:14] - (.-.) - [287.55 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:06] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [42750.96 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |SD| - [10/06/2009 21:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.AC0612BEB517CACF463E1F5EE76E52FD] - |SD| - [08/09/2016 20:52:57] - (.Copyright © 2000-2008 GEAR Software Inc. - GEARAspi (x64).) - [123.35 Ko] - (2.1.1.1) - C:\Windows\System32\GEARAspi64.dll [MD5.00000000000000000000000000000000] - |SD| - [10/09/2016 11:51:03] - [0 Ko] - C:\Windows\System32\geqi [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [0.01 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [191.5 Ko] - C:\Windows\System32\he-IL [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [168 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [434.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [36886.63 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [452 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [365 Ko] - C:\Windows\System32\ja-JP [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [360 Ko] - C:\Windows\System32\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |SD| - [14/07/2009 03:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.8BA565B8BC799932898A6D2355326C0D] - |SD| - [21/08/2015 18:25:52] - (.Copyright © 2005-2011 Line 6. - Line 6 Audio-MIDI Control Panel.) - [1200 Ko] - (3.61.0.0) - C:\Windows\System32\L6DriverControlPanel.cpl [MD5.BD4C7FE7EC4DE2F5B288B456302F4C48] - |SD| - [21/08/2015 18:25:50] - (.Copyright (c) Line 6 2002-2007 - Universal ASIO DLL.) - [212.5 Ko] - (4.2.7.6) - C:\Windows\System32\l6ux2_x64.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [1.54 Ko] - C:\Windows\System32\LogFiles [MD5.7DD35A545C6DD6521E7840FD2EAF9662] - |SD| - [21/09/2012 20:08:36] - (.-.) - [10663.85 Ko] - (13.51.823.0) - C:\Windows\System32\LogiDPP.dll [MD5.482DEE3A48422A1D545A0907EC32CDF1] - |SD| - [21/09/2012 20:08:36] - (.-.) - [100.85 Ko] - (13.51.823.0) - C:\Windows\System32\LogiDPPApp.exe [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.62641B50B9D2FDE44E583AFA8380E02A] - |SD| - [21/09/2012 20:04:24] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.51.823.0) - C:\Windows\System32\lvco1351823.dll [MD5.AFA895E3C42500FE3EC5F76C828F90A5] - |SD| - [21/09/2012 20:04:24] - (.(c) 1996-2012 Logitech. - Video Codec.) - [171.28 Ko] - (13.51.823.0) - C:\Windows\System32\lvcod64.dll [MD5.BCD7159B6F32F03F394DFBC9F925398F] - |SD| - [21/09/2012 19:48:30] - (.-.) - [27.75 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoin64.ini [MD5.AC9814D6180C45C6210CC1219218FA4C] - |SD| - [08/09/2016 18:28:38] - (.-.) - [8.94 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoinst.log [MD5.3E990BA3FE6324795D162CC9B70EDDE1] - |SD| - [21/09/2012 20:04:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.51.823.0) - C:\Windows\System32\LVUI64.dll [MD5.C2BDABA279274BDDCFCD1EE5B444E0A5] - |SD| - [21/09/2012 20:04:24] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.51.823.0) - C:\Windows\System32\LVUIRC64.dll [MD5.00000000000000000000000000000000] - |SD| - [08/09/2016 17:03:37] - [89043.97 Ko] - C:\Windows\System32\Macromed [MD5.7A495CA1402C2F9F5D035092AD808669] - |SD| - [13/07/2009 21:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.793C146D32B997E48BE01E2B50C6A302] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [124.5 Ko] - (9.1.10.45) - C:\Windows\System32\mantle64.dll [MD5.781D30EEA78B05127418E0577FF28E2B] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [89.5 Ko] - (9.1.10.45) - C:\Windows\System32\mantleaxl64.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 05:45:42] - [2.36 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [3602.43 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [37796.33 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |SD| - [14/07/2009 05:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |SD| - [09/09/2016 11:55:45] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [4212.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [24.48 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [422.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [512 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |SD| - [13/07/2009 23:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [68 Ko] - C:\Windows\System32\NetworkList [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [443.5 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |SD| - [14/07/2009 03:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.2901049544FDF863362FABA2363EB647] - |SD| - [13/07/2009 21:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [13096 Ko] - C:\Windows\System32\oobe [MD5.5CE136D52C8839EE3AD0848C0F4F6A86] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [96.5 Ko] - (10.0.1642.5) - C:\Windows\System32\OpenVideo64.dll [MD5.8CB8D3376D9324CCCD4FE2B77455EDAF] - |SD| - [24/04/2015 09:35:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [84.5 Ko] - (10.0.1642.5) - C:\Windows\System32\OVDecode64.dll [MD5.562B5DF43241F180EECDD845C16747E3] - |SD| - [29/10/2016 09:41:59] - (.-.) - [1.84 Ko] - (0.0.0.0) - C:\Windows\System32\Partizan.RRI [MD5.44B2C2BF84AAC04EF2624244C89D5B27] - |SD| - [14/07/2009 03:36:59] - (.-.) - [120.67 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.F1559FF1C0FE9F5597ACDD06E2E4DC43] - |SD| - [14/07/2009 16:24:17] - (.-.) - [148.09 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |SD| - [10/06/2009 21:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |SD| - [14/07/2009 03:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |SD| - [14/07/2009 16:24:17] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.C0839997D31DCE889463960FDCA04198] - |SD| - [14/07/2009 03:36:59] - (.-.) - [642.83 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.329A1363AAF3FD8AAB5D0931947268E2] - |SD| - [14/07/2009 16:24:17] - (.-.) - [733.89 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.70C3745647124B18271C5576DDD28D83] - |SD| - [14/07/2009 06:13:15] - (.-.) - [1642.66 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [439 Ko] - C:\Windows\System32\pl-PL [MD5.8056C340371925685C645348540957DC] - |SD| - [25/09/2016 21:38:48] - (.Copyright (C) 2001 - Application PrintBrm.) - [70 Ko] - (1.0.0.0) - C:\Windows\System32\PrintBrmUi.exe [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:06] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.007893E8374C766471239EB291BA8C17] - |SD| - [14/10/2016 12:34:40] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [436 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [438.5 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.0DECFDB4674DEB14EBD8D97FB8D29243] - |SD| - [25/09/2016 21:38:48] - (.Copyright (C) 2009 - RemoteFX Helper.) - [95.5 Ko] - (1.1.0.0) - C:\Windows\System32\RDVGHelper.exe [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [0.78 Ko] - C:\Windows\System32\Recovery [MD5.D61937B3B6F0EB457F1C052CE49962AB] - |SD| - [21/09/2012 19:48:56] - (.-.) - [39.8 Ko] - (0.0.0.0) - C:\Windows\System32\Repository.reg [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [0.07 Ko] - C:\Windows\System32\restore [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:11] - [169 Ko] - C:\Windows\System32\ro-RO [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |SD| - [09/09/2016 14:22:42] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [169.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [166 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:06] - [42.67 Ko] - C:\Windows\System32\slmgr [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [20673.02 Ko] - C:\Windows\System32\SMI [MD5.C74D61FCA22F36791105D7878AF73572] - |SD| - [10/06/2009 22:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [17378 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [30649.09 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [1881.94 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |SD| - [09/09/2016 19:56:08] - [1775.5 Ko] - C:\Windows\System32\SPReview [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |SD| - [10/09/2016 11:24:57] - [0 Ko] - C:\Windows\System32\sstmp [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [426.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [137.88 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |SD| - [09/09/2016 14:23:54] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [311.01 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |SD| - [10/06/2009 22:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [157 Ko] - C:\Windows\System32\th-TH [MD5.945459F39269976E9EDC1827446A5795] - |SD| - [10/09/2016 11:24:58] - (.-.) - [2.99 Ko] - (0.0.0.0) - C:\Windows\System32\tmplog.log [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [424 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.B0D8E26D3CC725F0CC6D33FDBEA061F7] - |SD| - [14/07/2009 05:45:37] - (.-.) - [21 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.E2090ABBDE0128166584C1534810D334] - |SD| - [14/07/2009 05:45:37] - (.-.) - [9 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.00000000000000000000000000000000] - |SD| - [25/09/2016 23:30:45] - [1754.83 Ko] - C:\Windows\System32\Wat [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [54482.37 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:06] - [47.61 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [48493.17 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |SD| - [13/07/2009 22:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [16 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [3362.97 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [47680 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [107.53 Ko] - C:\Windows\System32\winrm [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [336.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [258.5 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [337 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.9433CAE164EEA0C5E61E393743143F98] - |SD| - [24/04/2015 09:34:38] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [4483 Ko] - (9.1.10.45) - C:\Windows\SysWOW64\amdmantle32.dll [MD5.88E1CD3DF39C2016E9E633A877EE375E] - |SD| - [24/04/2015 09:34:40] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [38 Ko] - (1.6.0.0) - C:\Windows\SysWOW64\amdmmcl.dll [MD5.080F4485579D1033B57DF472C9972987] - |SD| - [24/04/2015 09:34:50] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [40026.5 Ko] - (10.0.1642.5) - C:\Windows\SysWOW64\amdocl.dll [MD5.56B986D13C74903FE27B71BA85C76037] - |SD| - [24/04/2015 09:35:02] - (.-.) - [972.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_as32.exe [MD5.28F4F5BAC73505F71B8AEC95B7FBE1DD] - |SD| - [24/04/2015 09:35:02] - (.-.) - [780.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_ld32.exe [MD5.C54BF9E7E420660735A4629E04C01F9B] - |SD| - [24/04/2015 09:35:20] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.D4661EA66C2E377C084B7891E0B36917] - |SD| - [24/04/2015 09:35:06] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [882 Ko] - (7.14.40.1301) - C:\Windows\SysWOW64\atiadlxy.dll [MD5.50486342C29604B9C799DD990BCD2550] - |SD| - [24/04/2015 09:35:06] - (.-.) - [617.1 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb [MD5.9E548C97424246AFE70F83AA4681B1EA] - |SD| - [24/04/2015 09:35:06] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalcl.dll [MD5.474B96BC4277D85ADDD5A7AF46711374] - |SD| - [24/04/2015 09:35:08] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13967 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticaldd.dll [MD5.EA4C3AAC3CF40BD892F0AAEF264ADCDB] - |SD| - [24/04/2015 09:35:12] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [51 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalrt.dll [MD5.8FAE6FCA9C20303C0A5FE651BEFBA440] - |SD| - [24/04/2015 09:35:12] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1101.07 Ko] - (8.17.10.1333) - C:\Windows\SysWOW64\aticfx32.dll [MD5.ACB5B9DC8DC2DE14C69E0372A1BC7CFE] - |SD| - [24/04/2015 09:35:14] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [9181.13 Ko] - (8.17.10.581) - C:\Windows\SysWOW64\atidxx32.dll [MD5.6952C69231147CEBD42AB0D0E10319ED] - |SD| - [24/04/2015 09:35:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [130.5 Ko] - (8.14.1.6413) - C:\Windows\SysWOW64\atigktxx.dll [MD5.A4811F4E2BC46289B2581689374B1939] - |SD| - [24/04/2015 09:35:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6413) - C:\Windows\SysWOW64\atiglpxx.dll [MD5.C54BF9E7E420660735A4629E04C01F9B] - |SD| - [24/04/2015 09:35:20] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll [MD5.2676449720575D6B9782195F41A81D3D] - |SD| - [24/04/2015 09:35:32] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [23068 Ko] - (6.14.10.13283) - C:\Windows\SysWOW64\atioglxx.dll [MD5.64A0869F18560CD529120ADE00155C3E] - |SD| - [24/04/2015 09:35:32] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat [MD5.4C37911FC7EBE0746FE906BE48E5728A] - |SD| - [24/04/2015 09:35:34] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [97.69 Ko] - (8.14.1.6413) - C:\Windows\SysWOW64\atiu9pag.dll [MD5.9E5556E97C9AB6C07CF622F3B1F951F3] - |SD| - [24/04/2015 09:35:38] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [6911.89 Ko] - (9.14.10.1080) - C:\Windows\SysWOW64\atiumdag.dll [MD5.81A59C516DC168C773BE832B48DF9C2D] - |SD| - [24/04/2015 09:35:40] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap [MD5.2F138AFD3963CF5352D2BED316CF4035] - |SD| - [24/04/2015 09:35:40] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7381.66 Ko] - (8.14.10.481) - C:\Windows\SysWOW64\atiumdva.dll [MD5.829123A754D5B49E12A6FF7F27023AA3] - |SD| - [24/04/2015 09:35:42] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [123.88 Ko] - (8.14.1.6413) - C:\Windows\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |SD| - [24/04/2015 09:35:42] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |SD| - [24/04/2015 09:35:42] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat [MD5.81051BCC2CF1BEDF378224B0A93E2877] - |SD| - [29/10/2016 09:06:17] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\AUTOEXEC.NT [MD5.2FBD5126C7EECBAD70090A37693EA51D] - |SD| - [05/08/2013 07:15:06] - (.-.) - [22.54 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmjpeg.dll [MD5.4D2DAF31A931480527531392E86ED0AE] - |SD| - [05/08/2013 07:15:10] - (.-.) - [64.55 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmpega.acm [MD5.7A6ECDB70C6A9012506F800CAF795DC3] - |SD| - [05/08/2013 07:15:08] - (.-.) - [64.55 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmpegv.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.57741342CB514072D26EF56B9EF95C86] - |SD| - [11/04/2013 12:55:56] - (.Copyright 1999 - 2007 - CDDBControl Core Module.) - [777.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CDDBControl.dll [MD5.99A44759C589DF319376B29724DFBAEB] - |SD| - [13/02/2013 15:05:16] - (.Copyright © 2003-2007 - CddbLangDE.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangDE.dll [MD5.889293D30D3F7A459EA4C00FAF006B1B] - |SD| - [13/02/2013 15:05:16] - (.Copyright © 2003-2007 - CddbLangES.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangES.dll [MD5.C69B5427BCCA7BD1ABEE933B9CD41989] - |SD| - [13/02/2013 15:05:16] - (.Copyright © 2003-2007 - CddbLangFR.) - [101.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangFR.dll [MD5.1E4ADA579CF04AAE901F14970604078E] - |SD| - [13/02/2013 15:05:16] - (.Copyright © 2003-2007 - CddbLangJA.) - [81.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangJA.dll [MD5.CDF4D8D1717F22F9BD5DFA9E44842757] - |SD| - [13/02/2013 15:05:16] - (.Copyright © 2003-2007 - CddbLangRU.) - [165.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CddbLangRU.dll [MD5.F525176D64D23A4C4B27DD6BCCD96F4E] - |SD| - [11/04/2013 12:55:56] - (.Copyright 2001 - 2007 - CDDBUIControl Module.) - [789.49 Ko] - (2.5.0.104) - C:\Windows\SysWOW64\CDDBUI.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.2FCEAD2D1E295834D9B0FAF8D0AB5439] - |SD| - [24/09/2016 09:33:43] - (.Copyright (C) 2003 - CommonDL DLL.) - [52 Ko] - (1.0.0.30) - C:\Windows\SysWOW64\CommonDL.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [915.06 Ko] - C:\Windows\SysWOW64\config [MD5.81051BCC2CF1BEDF378224B0A93E2877] - |SD| - [29/10/2016 09:06:17] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CONFIG.NT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE [MD5.DA2E38CF8FF24983115F3ADF4FFD166B] - |SD| - [21/09/2012 20:08:36] - (.-.) - [330.21 Ko] - (13.51.823.0) - C:\Windows\SysWOW64\DevManagerCore.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [4168 Ko] - C:\Windows\SysWOW64\Dism [MD5.74807D7753C91679EE85F4EBD44BD1A6] - |SD| - [27/04/2007 09:43:58] - (.-.) - [117.38 Ko] - (3.7.0.12) - C:\Windows\SysWOW64\DLLDEV32i.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [3484.21 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [1.09 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [451.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.5ABCD9F2323D7E4AC51728CC32F17CC6] - |SD| - [13/01/2016 23:37:50] - (.Copyright © 2000 - 2016 Elaborate Bytes AG - ElbyCDIO DLL.) - [93.6 Ko] - (6.1.9.1) - C:\Windows\SysWOW64\ElbyCDIO.dll [MD5.F189CC7F7C13A42480D9B58504156C28] - |SD| - [19/07/2015 17:55:17] - (.Copyright © 2002 - 2015 Elaborate Bytes AG - VirtualCloneDrive.) - [130.9 Ko] - (5.5.2.0) - C:\Windows\SysWOW64\ElbyVCD.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [2845.67 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [443 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [425 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [1680 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [38599.16 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.005EE82BABF1D2D32188A75BEDF500A4] - |SD| - [08/09/2016 20:52:57] - (.Copyright © 2000-2008 GEAR Software Inc. - GEARAspi (x86).) - [104.85 Ko] - (2.1.1.1) - C:\Windows\SysWOW64\GEARAspi.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [429 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [34104.13 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [356.5 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |SD| - [14/07/2009 03:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.955CC052AEA7E754D1C0D448438F2D14] - |SD| - [21/08/2015 18:25:50] - (.Copyright (c) Line 6 2002-2007 - Universal ASIO DLL.) - [176 Ko] - (4.2.7.6) - C:\Windows\SysWOW64\l6ux2.dll [MD5.249EFCF093BB003DE47FC81F4E495BBF] - |SD| - [24/09/2016 09:33:43] - (.-.) - [2.7 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\lgAxconfig.ini [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.7DD35A545C6DD6521E7840FD2EAF9662] - |SD| - [21/09/2012 20:08:36] - (.-.) - [10663.85 Ko] - (13.51.823.0) - C:\Windows\SysWOW64\LogiDPP.dll [MD5.482DEE3A48422A1D545A0907EC32CDF1] - |SD| - [21/09/2012 20:08:36] - (.-.) - [100.85 Ko] - (13.51.823.0) - C:\Windows\SysWOW64\LogiDPPApp.exe [MD5.1087F49ACECD5800C70255DDC155027C] - |SD| - [09/09/2016 08:32:30] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\LORInstallLog.txt [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.B8213F40CE0E635C9FF9910BD75AD026] - |SD| - [21/09/2012 20:09:00] - (.(c) 1996-2012 Logitech. - Video Codec.) - [297.85 Ko] - (13.51.823.0) - C:\Windows\SysWOW64\lvcodec2.dll [MD5.BA3658CEC8F480BC0F73586BD1FA733F] - |SD| - [21/09/2012 20:09:06] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [529.85 Ko] - (13.51.823.0) - C:\Windows\SysWOW64\LVUI2.dll [MD5.E00C75CD57C2D4D2C577CEF6518C78B2] - |SD| - [21/09/2012 20:09:06] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [525.85 Ko] - (13.51.823.0) - C:\Windows\SysWOW64\LVUI2RC.dll [MD5.00000000000000000000000000000000] - |SD| - [08/09/2016 17:03:36] - [66285.9 Ko] - C:\Windows\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.29002BB347CE928137981075E64F1819] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [111 Ko] - (9.1.10.45) - C:\Windows\SysWOW64\mantle32.dll [MD5.36D8306CBDA754F433934C13EFD360C6] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [83.5 Ko] - (9.1.10.45) - C:\Windows\SysWOW64\mantleaxl32.dll [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |SD| - [14/07/2009 05:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.00000000000000000000000000000000] - |SD| - [24/10/2016 09:35:11] - [0 Ko] - C:\Windows\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [3321.93 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [32700.34 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |SD| - [14/07/2009 03:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.D8796E7128875AC14C55E7983B02B66C] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [81.5 Ko] - (10.0.1642.5) - C:\Windows\SysWOW64\OpenVideo.dll [MD5.68ED7249AE33371E3D830B8BEDCDB677] - |SD| - [24/04/2015 09:35:44] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [71.5 Ko] - (10.0.1642.5) - C:\Windows\SysWOW64\OVDecode.dll [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |SD| - [10/06/2009 22:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.198D48226D5359BB3FBA30219B858A83] - |SD| - [08/09/2016 16:39:28] - (.-.) - [1666.69 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.99D104981F9D3DBEE1BD84121E7A9FF5] - |SD| - [08/09/2016 17:22:15] - (.Copyright Propellerhead Software AB 1999-2006, All rights reserved - ReWire.) - [360 Ko] - (1.7.0.4096) - C:\Windows\SysWOW64\ReWire.dll [MD5.2612524C9EBEFFE1DBEEECAFF2393269] - |SD| - [08/09/2016 17:22:15] - (.Copyright Propellerhead Software AB 2000-2004, All rights reserved - REX Shared library.) - [228 Ko] - (1.5.4.0) - C:\Windows\SysWOW64\REX Shared Library.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [429.5 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [169.5 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [166 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [42.67 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [2803 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [1155.84 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.0D6AD31BCB33C30B1C692862BEDC8423] - |SD| - [02/12/2016 10:47:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\swhealthex.log [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.CC7C694B2BD1510C5AAE7374A5B52B92] - |SD| - [03/02/1999 06:45:42] - (.-.) - [26.46 Ko] - (2.0.0.5215) - C:\Windows\SysWOW64\VBAFR32.OLB [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |SD| - [14/07/2009 03:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.00000000000000000000000000000000] - |SD| - [25/09/2016 23:30:45] - [237.33 Ko] - C:\Windows\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [9396.85 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [47.61 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [101.23 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:32:38] - [3180.29 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [107.53 Ko] - C:\Windows\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 16:24:07] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 04:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | Installer [HKCR\Installer\Products\0038069C5F110E116AB400313D6D9992] : MSVCRT Redists [HKCR\Installer\Products\07C611259F976E115914BB595F3A90DB] : MSVCRT Redists [HKCR\Installer\Products\0854FD633B1D3E112AE30FD42AA3C585] : Noise Reduction Plug-In 2.0 -> C:\Windows\Installer\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}\sfnrpack.ico [HKCR\Installer\Products\0D2A25BD1AAC1DE41B22927EDEED81F7] : . . . [HKCR\Installer\Products\0E42A9C112ACD414D81222FB9818CFF9] : Adblock Plus pour IE (32-bits et 64-bits) -> C:\Windows\Installer\{1C9A24E0-CA21-414D-8D21-22BF8981FC9F}\program_icon [HKCR\Installer\Products\10743651ECAB9444B8525176ADC8F93D] : CameraHelperMsi [HKCR\Installer\Products\13B3A47134C4DD3468F6379CBD88B784] : LWS Twitter [HKCR\Installer\Products\1D60E41318794E11A8C300E1F40C7A5E] : MSVCRT Redists [HKCR\Installer\Products\3535950879166BE21FC41C4FCA903311] : AMD Install Manager -> C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}\ARPPRODUCTICON.exe [HKCR\Installer\Products\472D7398182C4E24C8BD0A2BFD791998] : LWS Webcam Software [HKCR\Installer\Products\48F5F8FF0669BD04DBDACC0DF3B61D6F] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\4920FD12D9B61474BAF62BBABF2D83E7] : LWS YouTube Plugin [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110120F] : Java 8 Update 121 -> C:\Program Files (x86)\Java\jre1.8.0_121\\bin\javaws.exe [HKCR\Installer\Products\591761FF4EE90C64C87DBF3A54E788BA] : LWS Facebook [HKCR\Installer\Products\5A440F64B8EC691489E4B56D25E563D1] : Apple Application Support -> C:\Windows\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico [HKCR\Installer\Products\68AB67CA408033019195008142123145] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824211354}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\6FC75D10CB5B30D4FA5F9706FCDB509A] : Native Instruments Guitar Rig 5 [HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skype™ 7.31 -> C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe [HKCR\Installer\Products\74BF039225466744FB617DF7476864BD] : Native Instruments Guitar Rig Mobile I/O [HKCR\Installer\Products\74BF039725466744FB617DF7476864BD] : Native Instruments Guitar Rig Session I/O [HKCR\Installer\Products\80DA269BF5337f641A2852D77376E2C5] : Native Instruments Rig Kontrol 3 [HKCR\Installer\Products\89201680EA92B5443BD7FEEB50089276] : LWS Pictures And Video [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\9DE59ED492A0F4C448365358C79FAB63] : LG United Mobile Drivers -> C:\Windows\Installer\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AB5658B05DAB23741B22F57DE8CF059A] : Native Instruments Service Center [HKCR\Installer\Products\B00968803F2BC2545B08061F52F3F708] : Native Instruments Controller Editor [HKCR\Installer\Products\B67AEAD9F05E27245A5910428E6255D3] : LWS WLM Plugin [HKCR\Installer\Products\C3AF8C38AE4F4C6438293DEC5373836D] : LWS Launcher [HKCR\Installer\Products\C3CE67F61B43E63479BF845CD8B7DEDC] : LWS Gallery [HKCR\Installer\Products\CAE89355E85F91F45B35DB8F9BFE8D93] : Intel(R) Chipset Device Software [HKCR\Installer\Products\D124AD6032EED78478F80FFA79FE96DA] : . . . -> C:\Windows\Installer\{06DA421D-EE23-487D-878F-F0AF97EF69AD}\ProductIcon [HKCR\Installer\Products\D225CEEADD83DF643976E3235FB1A324] : DriversCloud.com (64 bits) -> C:\Windows\Installer\{AEEC522D-38DD-46FD-9367-3E32F51B3A42}\maconfico [HKCR\Installer\Products\D430EE3D29B555A4AA20E2D6A0A669EE] : Windows Resource Kit Tools - SubInAcl.exe [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\E6121561DA7E0524291ABFE86D31199C] : LWS Help_main [HKCR\Installer\Products\EDDB825AF9C92E11F9C00FD42AA3C585] : MSVCRT Redists [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F86A02ECCBFB3E11AA370FD42AA3C585] : Vegas Pro 13.0 (64-bit) -> C:\Windows\Installer\{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}\vegas.ico [HKCR\Installer\Products\FC72DB4DCBFB3E11B9F80FD42AA3C585] : MSVCRT Redists ---------- | ADS ---------- | Drives Disk: 0 Size=305G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 202G Yes No 2,458,015 412,966,827 1 1 07-NTFS 102G No No 415,426,560 209,710,785 ---------- | MBR Windows Version: Windows 7 Ultimate Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: MSI BIOS Manufacturer: American Megatrends Inc. System Manufacturer: MSI System Product Name: MS-7850 Logical Drives Mask: 0x000005fc Analysis of file "C:\QuickDiag\MBR.bin": Windows XP MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {47c5d997-d28e-44ec-a280-153a1d85622e} ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {14f27b5a-e97b-4430-b2bf-efa7bc2ed6cf} ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005, Accès refusé. . Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {8a2628bd-0c45-4823-af41-930ad9bcf613} ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_e36ad4593102f066.manifest. ------------ L'initialisation du fichier de vidage sur incident a échoué. ------------ Le service 'WMPNetworkSvc' n’a pas démarré correctement car la fonction CoCreateInstance(CLSID_UPnPDeviceFinder) a détecté l’erreur '0x80004005'. Vérifiez que le service UpnPHost s’exécute et que le composant UPnPHost de Windows est correctement installé. ------------ L'initialisation du fichier de vidage sur incident a échoué. ------------ ----------( EOF)---------- - 6044 | 20:38:43