--------------- QuickDiag | g3n-h@ckm@n | V4_31.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 04/09/2018 21:31:30 Updated 31/08/2018 | 22:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [colis (Administrator)] - [JC-10-01-2018] (S-1-5-21-1812020250-49885185-2009104261-1001) System: Microsoft Windows 10 Famille - - (10.0.17134) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1803) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: GL703VD - ASUSTeK COMPUTER INC. - IdNumber: HAN0CX13568341B - UUID: 304E4148-5843-3331-3536-383334314241 Processor : X64 - 2808 Mhz - Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz GL703VD.304 - - American Megatrends Inc. - S/N: HAN0CX13568341B - GL703VD.304 - _ASUS_ - 1072009 CoreTemp : 78 Celsius ----------| Extended ---------- | SoundDevice Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&32DCCF76&0&0201 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0295&SUBSYS_10431BC0&REV_1000\4&32DCCF76&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 ---------- | Video Intel(R) HD Graphics 630 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igdumdim64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd10iumd64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_591B&SUBSYS_1BC01043&REV_04\3&11583659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 NVIDIA GeForce GTX 1050 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1C8D&SUBSYS_1BC01043&REV_A1\4&1C23A489&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 630 - DriverVersion: 22.20.16.4708 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28160 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25408 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39424 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 36264 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 86016 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:9 % CPU #2 value:3 % CPU #3 value:15 % CPU #4 value:0 % CPU #5 value:9 % CPU #6 value:9 % CPU #7 value:9 % CPU #8 value:3 % Total Overall CPU Usage value:7 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Intel[R] Dual Band Wireless-AC 8265 : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:7 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_200F1043&REV_15\4&288024F7&0&00E0 Intel(R) Dual Band Wireless-AC 8265 - Ethernet 802.3 - Intel Corporation - Status: - PnPID : PCI\VEN_8086&DEV_24FD&SUBSYS_00108086&REV_78\4&2EAD3D69&0&00E6 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&161B2479&0&0 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&161B2479&0&2 Microsoft Wi-Fi Direct Virtual Adapter #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&48D7285&0&11 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&48D7285&0&12 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH RAS Async Adapter - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 8270 | Free (MB) : 3796 Pagefile = Total (MB) : 13251 | Free (MB) : 7222 Virtual = Total (MB) : 4194 | Free (MB) : 3892 Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: 0 - Manufacturer: SK Hynix - PartNumber: HMA81GS6AFR8N-UH - S/N: 29FB1E93 ---------- | SID Users Administrateur : [S-1-5-21-1812020250-49885185-2009104261-500] colis : [S-1-5-21-1812020250-49885185-2009104261-1001] DefaultAccount : [S-1-5-21-1812020250-49885185-2009104261-503] Invité : [S-1-5-21-1812020250-49885185-2009104261-501] WDAGUtilityAccount : [S-1-5-21-1812020250-49885185-2009104261-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 118.19 Go | Free : 10.68 Go -> NTFS (SSD) [RAID] D:\ -> [Fixed] | [DATA] | Total : 931.51 Go | Free : 142.97 Go -> NTFS [RAID] I:\ -> [Removable] | [JCOLISSON] | Total : 3.92 Go | Free : 0.03 Go -> FAT32 [USB] Disk Usage Information [3 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - SCSI - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_HFS128G3&PROD_9TND-N210A\4&1AED6427&0&000000 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_FLASH_DISK&REV_8.07\D9FA2027&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - SCSI - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_HGST&PROD_HTS721010A9E630\4&1AED6427&0&000200 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) GC : 68.0.3440.106 (Copyright 2017 Google Inc.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer ActiveX : 30.0.0.154 ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 408 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.17134.1) = C:\Windows\System32\smss.exe [12/04/2018 01:34:22] CPU Usage:0 % 624 | [Owner : Système | Parent : 604() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % 736 | [Owner : Système | Parent : 604() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.17134.1) = C:\Windows\System32\wininit.exe [12/04/2018 01:34:22] CPU Usage:0 % 804 | [Owner : Système | Parent : 736(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.17134.191) = C:\Windows\System32\services.exe [24/08/2018 12:01:52] CPU Usage:0 % 824 | [Owner : Système | Parent : 736(wininit.exe) | 12.94 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.17134.1) = C:\Windows\System32\lsass.exe [12/04/2018 01:34:23] CPU Usage:0 % 936 | [Owner : Système | Parent : 804(services.exe) | 0.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 964 | [Owner : Système | Parent : 804(services.exe) | 26.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 992 | [Owner : UMFD-0 | Parent : 736(wininit.exe) | 0.84 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.228) = C:\Windows\System32\fontdrvhost.exe [24/08/2018 12:01:53] CPU Usage:0 % 380 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 13.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 552 | [Owner : Système | Parent : 804(services.exe) | 5.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1132 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1140 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1168 | [Owner : Système | Parent : 804(services.exe) | 5.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1176 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1308 | [Owner : Système | Parent : 804(services.exe) | 2.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1392 | [Owner : Système | Parent : 804(services.exe) | 6.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1480 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 13.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1688 | [Owner : Système | Parent : 804(services.exe) | 6.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1696 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1764 | [Owner : Système | Parent : 804(services.exe) | 7.24 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [17/10/2017 07:56:16] CPU Usage:0 % 1776 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1860 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 1.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1944 | [Owner : Système | Parent : 804(services.exe) | 6.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1952 | [Owner : Système | Parent : 804(services.exe) | 5.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1960 | [Owner : Système | Parent : 804(services.exe) | 1.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1968 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1428 | [Owner : Système | Parent : 804(services.exe) | 3.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1352 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 8.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2152 | [Owner : Système | Parent : 804(services.exe) | 5.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2200 | [Owner : Système | Parent : 804(services.exe) | 9.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2244 | [Owner : Système | Parent : 804(services.exe) | 3.08 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4708) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxCUIService.exe [29/08/2017 09:56:02] CPU Usage:0 % 2320 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2392 | [Owner : Système | Parent : 804(services.exe) | 3.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2400 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2664 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 7.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2708 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2792 | [Owner : Système | Parent : 804(services.exe) | 15.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2816 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 5.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2824 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2832 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3008 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2100 | [Owner : Système | Parent : 804(services.exe) | 10.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3080 | [Owner : Système | Parent : 804(services.exe) | 7.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3088 | [Owner : Système | Parent : 804(services.exe) | 2.37 Mo] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.101.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [28/07/2017 12:26:02] CPU Usage:0 % 3124 | [Owner : Système | Parent : 2100(svchost.exe) | 6.52 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (10.0.17134.1) = C:\Windows\System32\wlanext.exe [12/04/2018 01:34:43] CPU Usage:0 % 3140 | [Owner : Système | Parent : 3124(wlanext.exe) | 1.09 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 3284 | [Owner : Système | Parent : 804(services.exe) | 5.04 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.17134.1) = C:\Windows\System32\spoolsv.exe [12/04/2018 01:34:41] CPU Usage:0 % 3336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 16.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3388 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 2.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3544 | [Owner : Système | Parent : 804(services.exe) | 1.66 Mo] - (.ASUSTek Computer Inc. - ASUS HID Access Service.) - (1.0.101.3) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [28/07/2017 12:25:56] CPU Usage:0 % 3552 | [Owner : Système | Parent : 804(services.exe) | 2.56 Mo] - (.ALLPLAN GmbH - AllplanUpdateLauncher.) - (1.803.5387.960) = C:\Program Files\Allplan\AllplanUpdateLauncher 2018\AllplanUpdateLauncher.exe [24/01/2018 22:31:39] CPU Usage:0 % 3560 | [Owner : Système | Parent : 804(services.exe) | 14.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3568 | [Owner : Système | Parent : 804(services.exe) | 1.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3576 | [Owner : Système | Parent : 804(services.exe) | 2.55 Mo] - (.Allplan GmbH - AllplanUpdateLauncher.) - (1.612.4762.555) = C:\Program Files\Nemetschek\AllplanUpdateLauncher 2016\AllplanUpdateLauncher.exe [30/01/2018 20:42:04] CPU Usage:0 % 3584 | [Owner : Système | Parent : 804(services.exe) | 11.26 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.6.2250.7081) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [17/10/2017 07:57:02] CPU Usage:0 % 3600 | [Owner : Système | Parent : 804(services.exe) | 7.2 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (19.60.0.0) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe [21/03/2017 12:40:32] CPU Usage:0 % 3608 | [Owner : Système | Parent : 804(services.exe) | 1.37 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.27.2646) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [21/03/2018 02:21:48] CPU Usage:0 % 3616 | [Owner : Système | Parent : 804(services.exe) | 3.2 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (19.60.0.0) = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [21/03/2017 12:40:22] CPU Usage:0 % 3624 | [Owner : Système | Parent : 804(services.exe) | 23.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3632 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3640 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 1.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3648 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 19.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3656 | [Owner : Système | Parent : 804(services.exe) | 4.88 Mo] - (.ASUSTeK COMPUTER INC. - ROGGamingCenterService.) - (2.1.4.1) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [17/08/2017 17:35:16] CPU Usage:0 % 3664 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 5.74 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2237.9333) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [17/10/2017 07:57:02] CPU Usage:0 % 3672 | [Owner : Système | Parent : 804(services.exe) | 9.1 Mo] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Service.) - (19.60.0.0) = C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [21/03/2017 12:40:46] CPU Usage:0 % 3684 | [Owner : Système | Parent : 804(services.exe) | 13.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3692 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 9.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3700 | [Owner : Système | Parent : 804(services.exe) | 1.86 Mo] - (.Intel Corporation - IntelCpHDCPSvc Executable.) - (1.0.0.1) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\IntelCpHDCPSvc.exe [29/08/2017 09:56:04] CPU Usage:0 % 3708 | [Owner : Système | Parent : 804(services.exe) | 2.18 Mo] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Service.) - (19.60.0.3) = C:\Windows\System32\ibtsiva.exe [13/04/2017 18:50:36] CPU Usage:0 % 3716 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1807.18075) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe [31/07/2018 19:08:30] CPU Usage:0 % 3752 | [Owner : Système | Parent : 804(services.exe) | 24.58 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.10325.20118) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [23/05/2018 21:44:17] CPU Usage:0 % 3876 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.13.17134.191) = C:\Windows\System32\SecurityHealthService.exe [24/08/2018 12:01:56] CPU Usage:0 % 3964 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 0.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 2844 | [Owner : Système | Parent : 804(services.exe) | 4.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 4336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 4420 | [Owner : Système | Parent : 804(services.exe) | 7.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 4512 | [Owner : Système | Parent : 804(services.exe) | 16.64 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (6.50.2640.503) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [12/09/2017 07:50:00] CPU Usage:0 % 4568 | [Owner : Système | Parent : 804(services.exe) | 3.1 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.0.14.317) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\IntelCpHeciSvc.exe [29/08/2017 09:56:04] CPU Usage:0 % 4620 | [Owner : Système | Parent : 804(services.exe) | 6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 5876 | [Owner : Système | Parent : 964(svchost.exe) | 2.34 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.17134.1) = C:\Windows\System32\wbem\unsecapp.exe [12/04/2018 01:34:40] CPU Usage:0 % 6076 | [Owner : Système | Parent : 964(svchost.exe) | 8 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\System32\wbem\WmiPrvSE.exe [12/04/2018 01:34:40] CPU Usage:0 % 6208 | [Owner : Système | Parent : 804(services.exe) | 6.18 Mo] - (.Intel(R) Corporation - XtuService.) - (6.2.0.27) = C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [11/05/2017 16:14:38] CPU Usage:0 % 7000 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.1807.18075) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [31/07/2018 19:08:30] CPU Usage:0 % 6424 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 2.52 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8931) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [16/05/2018 00:42:40] CPU Usage:0 % 7576 | [Owner : Système | Parent : 804(services.exe) | 1.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 7656 | [Owner : Système | Parent : 804(services.exe) | 3.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8172 | [Owner : Système | Parent : 804(services.exe) | 4.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8328 | [Owner : Système | Parent : 804(services.exe) | 6.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8824 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 15.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8936 | [Owner : Système | Parent : 804(services.exe) | 11.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 9032 | [Owner : Système | Parent : 7288() | 1 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe [17/05/2018 17:37:47] CPU Usage:0 % 9628 | [Owner : Système | Parent : 7288() | 0.86 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe [17/05/2018 17:37:47] CPU Usage:0 % 10372 | [Owner : Système | Parent : 804(services.exe) | 22.98 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.17134.228) = C:\Windows\System32\SearchIndexer.exe [24/08/2018 12:01:56] CPU Usage:0 % 10936 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 13.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11244 | [Owner : Système | Parent : 804(services.exe) | 25.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 14316 | [Owner : Système | Parent : 804(services.exe) | 5.84 Mo] - (.Disc Soft Ltd - Disc Soft Bus Service Lite.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [09/01/2018 12:44:38] CPU Usage:0 % 4276 | [Owner : Système | Parent : 804(services.exe) | 8.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11888 | [Owner : SERVICE RÉSEAU | Parent : 804(services.exe) | 11.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 15364 | [Owner : Système | Parent : 804(services.exe) | 1.12 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1028) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [06/06/2017 01:22:50] CPU Usage:0 % 11344 | [Owner : Système | Parent : 804(services.exe) | 3.42 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.7.0.1028) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [06/06/2017 01:26:12] CPU Usage:0 % 11880 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.17134.1) = C:\Windows\System32\SgrmBroker.exe [12/04/2018 01:34:04] CPU Usage:0 % 6512 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 9916 | [Owner : Système | Parent : 804(services.exe) | 12.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 15280 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3820 | [Owner : Système | Parent : 804(services.exe) | 4.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 9968 | [Owner : Système | Parent : 804(services.exe) | 2.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 1188 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 3.69 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.17134.1) = C:\Windows\System32\WUDFHost.exe [12/04/2018 01:34:28] CPU Usage:0 % 11984 | [Owner : Système | Parent : 804(services.exe) | 215.24 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.667) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [27/08/2018 21:11:17] CPU Usage:0 % 19584 | [Owner : Système | Parent : 804(services.exe) | 10.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 17852 | [Owner : Système | Parent : 804(services.exe) | 9.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 16516 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 6.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 11072 | [Owner : Système | Parent : 804(services.exe) | 3.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 12020 | [Owner : Système | Parent : 804(services.exe) | 8.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8028 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 4.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 15944 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 20992 | [Owner : SERVICE LOCAL | Parent : 1428(svchost.exe) | 3.23 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17134.1) = C:\Windows\System32\dasHost.exe [12/04/2018 01:34:12] CPU Usage:0 % 5268 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 8.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 17524 | [Owner : Système | Parent : 804(services.exe) | 6.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 19192 | [Owner : Système | Parent : 20636() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.17134.1) = C:\Windows\System32\csrss.exe [12/04/2018 01:34:22] CPU Usage:0 % 7776 | [Owner : Système | Parent : 20636() | 7.83 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.17134.165) = C:\Windows\System32\winlogon.exe [12/07/2018 20:58:56] CPU Usage:0 % 7468 | [Owner : UMFD-6 | Parent : 7776(winlogon.exe) | 5.46 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.17134.228) = C:\Windows\System32\fontdrvhost.exe [24/08/2018 12:01:53] CPU Usage:0 % 20696 | [Owner : DWM-6 | Parent : 7776(winlogon.exe) | 66.35 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.17134.1) = C:\Windows\System32\dwm.exe [12/04/2018 01:34:19] CPU Usage:0 % 12908 | [Owner : Système | Parent : 1764(NVDisplay.Container.exe) | 23.14 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [17/10/2017 07:56:16] CPU Usage:0 % 432 | [Owner : Système | Parent : 3088(AsLdrSrv.exe) | 8.15 Mo] - (.ASUSTek Computer Inc. - HControl.) - (1.0.101.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [28/07/2017 12:26:18] CPU Usage:0 % 8016 | [Owner : colis | Parent : 11984(MBAMService.exe) | 31.38 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1594) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [27/08/2018 21:11:15] CPU Usage:0 % 11596 | [Owner : colis | Parent : 3584(nvcontainer.exe) | 22.22 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.6.2250.7081) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [17/10/2017 07:57:02] CPU Usage:0 % 9320 | [Owner : colis | Parent : 1944(svchost.exe) | 24.56 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17134.1) = C:\Windows\System32\sihost.exe [12/04/2018 01:34:12] CPU Usage:0 % 2704 | [Owner : colis | Parent : 804(services.exe) | 24.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 3200 | [Owner : colis | Parent : 804(services.exe) | 35.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 12512 | [Owner : colis | Parent : 2200(svchost.exe) | 1.69 Mo] - (.ASUSTek Computer Inc. - ROG Gaming Key.) - (2.1.0.8) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [17/08/2017 17:35:16] CPU Usage:0 % 16104 | [Owner : colis | Parent : 2200(svchost.exe) | 12.88 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.17134.1) = C:\Windows\System32\taskhostw.exe [12/04/2018 01:34:37] CPU Usage:0 % 2588 | [Owner : colis | Parent : 13968() | 11.03 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4708) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxEM.exe [29/08/2017 09:56:03] CPU Usage:0 % 5792 | [Owner : colis | Parent : 3804() | 120.16 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17134.165) = C:\Windows\explorer.exe [12/07/2018 20:59:09] CPU Usage:0 % 1100 | [Owner : colis | Parent : 21148() | 6.56 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.29.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [28/07/2017 12:26:10] CPU Usage:0 % 14648 | [Owner : colis | Parent : 19384() | 7.64 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.39.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [28/03/2017 17:28:32] CPU Usage:0 % 10612 | [Owner : colis | Parent : 964(svchost.exe) | 13.4 Mo] - (.-.) - (12.1815.210.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe [18/07/2018 13:11:07] CPU Usage:0 % 1320 | [Owner : colis | Parent : 964(svchost.exe) | 13.74 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17134.1) = C:\Windows\System32\SettingSyncHost.exe [12/04/2018 01:34:34] CPU Usage:0 % 10324 | [Owner : colis | Parent : 804(services.exe) | 21.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 15264 | [Owner : colis | Parent : 7656(svchost.exe) | 13.22 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17134.1) = C:\Windows\System32\ctfmon.exe [12/04/2018 01:34:37] CPU Usage:0 % 11604 | [Owner : colis | Parent : 5792(explorer.exe) | 7.98 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.13.17134.1) = C:\Program Files\Windows Defender\MSASCuiL.exe [12/04/2018 01:33:58] CPU Usage:0 % 13864 | [Owner : colis | Parent : 2200(svchost.exe) | 5.36 Mo] - (.ASUSTeK COMPUTER INC. - Sonic Suite 3.) - (3.6.12.44173) = C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [03/08/2017 16:45:26] CPU Usage:0 % 14896 | [Owner : colis | Parent : 5792(explorer.exe) | 52.43 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (4.69.34.61) = C:\Program Files (x86)\Steam\Steam.exe [23/07/2016 01:36:30] CPU Usage:0 % 7496 | [Owner : colis | Parent : 5792(explorer.exe) | 29.01 Mo] - (.Disc Soft Ltd - DAEMON Tools Lite.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DTAgent.exe [09/01/2018 12:45:32] CPU Usage:0 % 19508 | [Owner : colis | Parent : 964(svchost.exe) | 23.46 Mo] - (.NVIDIA Corporation - NVIDIA Capture Server.) - (3.8.0.89) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe [17/10/2017 07:57:08] CPU Usage:0 % 6108 | [Owner : colis | Parent : 2200(svchost.exe) | 1.24 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.278) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [17/10/2017 08:00:57] CPU Usage:0 % 2768 | [Owner : colis | Parent : 2200(svchost.exe) | 1.84 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.655.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [17/10/2017 08:00:57] CPU Usage:0 % 18076 | [Owner : colis | Parent : 13864(SS3Svc32.exe) | 1.16 Mo] - (.ASUSTeK COMPUTER INC. - Sonic Suite 3.) - (3.6.12.44173) = C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [03/08/2017 16:49:08] CPU Usage:0 % 8684 | [Owner : colis | Parent : 3584(nvcontainer.exe) | 9.72 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.8.0.89) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [17/10/2017 07:57:07] CPU Usage:0 % 9056 | [Owner : colis | Parent : 19508(nvspcaps64.exe) | 34.21 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (59.3071.1634.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [17/10/2017 07:57:06] CPU Usage:0 % 2680 | [Owner : colis | Parent : 14896(Steam.exe) | 35.39 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.69.34.61) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 11:56:49] CPU Usage:0 % 14296 | [Owner : Système | Parent : 804(services.exe) | 10.86 Mo] - (.Valve Corporation - Steam Client Service.) - (4.69.34.61) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [10/01/2018 23:11:53] CPU Usage:0 % 2880 | [Owner : colis | Parent : 2680(steamwebhelper.exe) | 10.05 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.69.34.61) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 11:56:49] CPU Usage:0 % 20368 | [Owner : colis | Parent : 2680(steamwebhelper.exe) | 29.34 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.69.34.61) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 11:56:49] CPU Usage:0 % 19948 | [Owner : colis | Parent : 8124() | 36.04 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.5.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [17/10/2017 07:57:04] CPU Usage:0 % 1720 | [Owner : colis | Parent : 19948(NVIDIA Web Helper.exe) | 4.6 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe [12/04/2018 01:34:20] CPU Usage:0 % 9604 | [Owner : colis | Parent : 9056(NVIDIA Share.exe) | 33.46 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (59.3071.1634.2) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [17/10/2017 07:57:06] CPU Usage:0 % 6272 | [Owner : colis | Parent : 10792() | 48.35 Mo] - (.GOG.com - GOG Galaxy.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [20/05/2018 15:55:28] CPU Usage:0 % 21396 | [Owner : colis | Parent : 6272(GalaxyClient.exe) | 36.98 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe [20/05/2018 15:55:28] CPU Usage:0 % 15600 | [Owner : colis | Parent : 6272(GalaxyClient.exe) | 48.35 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe [20/05/2018 15:55:28] CPU Usage:0 % 8732 | [Owner : colis | Parent : 6272(GalaxyClient.exe) | 29.31 Mo] - (.GOG.com - GOG Galaxy Notifications Renderer.) - (1.2.45.61) = C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe [20/05/2018 15:55:28] CPU Usage:0 % 18636 | [Owner : colis | Parent : 2680(steamwebhelper.exe) | 36.83 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.69.34.61) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 11:56:49] CPU Usage:0 % 11572 | [Owner : colis | Parent : 2680(steamwebhelper.exe) | 26.67 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.69.34.61) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [03/09/2018 11:56:49] CPU Usage:0 % 15592 | [Owner : colis | Parent : 2200(svchost.exe) | 2.56 Mo] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [21/07/2017 16:56:26] CPU Usage:0 % 17808 | [Owner : colis | Parent : 964(svchost.exe) | 9.63 Mo] - (.Intel Corporation - igfxext Module.) - (6.15.10.4708) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igfxext.exe [29/08/2017 09:56:03] CPU Usage:0 % 1552 | [Owner : colis | Parent : 5792(explorer.exe) | 14.74 Mo] - (.WIBU-SYSTEMS AG - CodeMeter Control Center.) - (6.50.2640.503) = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe [12/09/2017 07:50:00] CPU Usage:0 % 3736 | [Owner : colis | Parent : 6840() | 21.39 Mo] - (.-.) - (1.0.0.0) = C:\Program Files (x86)\Asus Espada Gaming Mouse\GT200AP4.exe [11/01/2018 00:02:31] CPU Usage:0 % 10608 | [Owner : colis | Parent : 7248() | 6.4 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.161.12) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [19/12/2017 20:06:16] CPU Usage:0 % 5048 | [Owner : colis | Parent : 5792(explorer.exe) | 156.6 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 8432 | [Owner : colis | Parent : 5048(chrome.exe) | 7.5 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 3472 | [Owner : colis | Parent : 5048(chrome.exe) | 7.92 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 14372 | [Owner : colis | Parent : 5048(chrome.exe) | 443.06 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:5 % 17096 | [Owner : colis | Parent : 5760() | 13.16 Mo] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (10.7.0.336) = C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe [09/01/2018 12:45:22] CPU Usage:0 % 6260 | [Owner : colis | Parent : 964(svchost.exe) | 18.73 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.17134.1) = C:\Windows\System32\ApplicationFrameHost.exe [12/04/2018 01:34:18] CPU Usage:0 % 14416 | [Owner : colis | Parent : 964(svchost.exe) | 89.07 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17134.1) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [12/04/2018 01:33:58] CPU Usage:0 % 3180 | [Owner : colis | Parent : 5048(chrome.exe) | 250.35 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 18272 | [Owner : colis | Parent : 5048(chrome.exe) | 28.22 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 2940 | [Owner : colis | Parent : 964(svchost.exe) | 10.84 Mo] - (.-.) - (2018.18071.15310.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [30/08/2018 09:56:56] CPU Usage:0 % 12416 | [Owner : colis | Parent : 5048(chrome.exe) | 94.09 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:6 % 1556 | [Owner : colis | Parent : 5792(explorer.exe) | 14.28 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.17134.1) = C:\Windows\System32\notepad.exe [12/04/2018 01:34:32] CPU Usage:0 % 1576 | [Owner : colis | Parent : 5048(chrome.exe) | 68.64 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 15416 | [Owner : colis | Parent : 5048(chrome.exe) | 71.01 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 8748 | [Owner : colis | Parent : 5048(chrome.exe) | 32.63 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 19896 | [Owner : colis | Parent : 5048(chrome.exe) | 77.84 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 3504 | [Owner : colis | Parent : 5048(chrome.exe) | 32.32 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 6152 | [Owner : colis | Parent : 5048(chrome.exe) | 73.52 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 18712 | [Owner : colis | Parent : 5048(chrome.exe) | 216.7 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 11896 | [Owner : colis | Parent : 5048(chrome.exe) | 71.11 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 13336 | [Owner : SERVICE LOCAL | Parent : 804(services.exe) | 5.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8228 | [Owner : colis | Parent : 5048(chrome.exe) | 32.65 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 16488 | [Owner : colis | Parent : 5048(chrome.exe) | 55.18 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 14096 | [Owner : colis | Parent : 5048(chrome.exe) | 20.94 Mo] - (.Google Inc. - Google Chrome.) - (68.0.3440.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10/01/2018 22:41:41] CPU Usage:0 % 18252 | [Owner : colis | Parent : 964(svchost.exe) | 21.04 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.17134.137) = C:\Windows\System32\smartscreen.exe [12/07/2018 20:59:08] CPU Usage:0 % 11576 | [Owner : SERVICE LOCAL | Parent : 2664(svchost.exe) | 18.05 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.17134.137) = C:\Windows\System32\audiodg.exe [12/07/2018 20:59:01] CPU Usage:0 % 17444 | [Owner : Système | Parent : 804(services.exe) | 5.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 8144 | [Owner : SERVICE RÉSEAU | Parent : 964(svchost.exe) | 10.01 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.17134.1) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [12/04/2018 01:34:55] CPU Usage:0 % 18752 | [Owner : Système | Parent : 804(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe [12/04/2018 01:34:22] CPU Usage:0 % 10460 | [Owner : colis | Parent : 5792(explorer.exe) | 49.68 Mo] - (.SosVirus - QuickDiag.) - (31.8.18.1) = D:\Download\QuickDiag (1).exe [03/09/2018 12:33:48] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\InputHost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (22.20.16.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igd10iumd64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (22.20.16.4708) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igc64.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (..-..) - (0.0.0.0) -- C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 391.01.) - (23.21.13.9101) -- C:\WINDOWS\system32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA French language resource library.) - (6.14.13.9101) -- C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.21.0.0) -- C:\WINDOWS\System32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis Steam - ("C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis GalaxyClient - (C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\...\Run]) - User: JC-10-01-2018\colis CodeMeter Control Center - (C:\PROGRA~2\CODEME~1\Runtime\bin\CODEME~2.EXE [Common Startup]) - User: Public SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public ShadowPlay - ("C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public Sonic Studio 3 - ("C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\colis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun "GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "DAEMON Tools Lite Automount"=0x020000000000000000000000 "OneDrive"=0x020000000000000000000000 "Steam"=0x020000000000000000000000 "GalaxyClient"= [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=%appdata%\1 "MRUList"=a [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Canon MP495 series,winspool,Ne04: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "ShadowPlay"="C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart "Sonic Studio 3"="C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" /start SonicStudioSystray /silent [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "ShadowPlay"=0x020000000000000000000000 "Sonic Studio 3"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "AsInstCD"=0x020000000000000000000000 "ASUS MG611U"=0x020000000000000000000000 "SunJavaUpdateSched"=0x020000000000000000000000 "vspdfprsrv.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D3D1ED98C0F7D8 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUS MG611U"="C:\Program Files (x86)\Asus Espada Gaming Mouse\GT200St.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : VideoDevice2=@device:pnp:\\?\usb#vid_090c&pid_f37d&mi_00#6&14a44c2f&0&0000#{65e8773d-8f56-11d0-a3b9-00a0c9223196}\global AudioDevice2=@device:cm:{33D9A762-90C8-11D0-BD43-00A0C911CE86}\wave:{9E589298-EA66-49E3-9076-C5024340B327} ---------- | Tasks List Adobe Acrobat Update Task ASUS Live Update1 ASUS Live Update2 ASUS Splendid ACMON ATK Package 36D18D69AFC3 ATK Package A22126881260 AutoUpdate Allplan 2016 AutoUpdate Allplan 2018 GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA Intel PTT EK Recertification NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task v2 OneDrive Standalone Update Task-S-1-5-21-1812020250-49885185-2009104261-1001 Optimize Push Notification Data File-S-1-5-21-1812020250-49885185-2009104261-1001 ROG Gaming Center RtHDVBg_ListenToDevice RTKCPL Skype SS3svc32Run SS3svc64Run Update Checker User_Feed_Synchronization-{B9D83AF0-CEDC-427C-A03A-4B0134D827F4} ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [14/01/2018 21:03:43] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=824 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "ResourceTimeoutCount"=648000 "PendingFileRenameOperations"=\??\C:\WINDOWS\System32\DriverStore\Temp\DEL3C3D.tmp \??\C:\WINDOWS\System32\DriverStore\Temp\DEL3C4E.tmp \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\MXDWDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\MXDWDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PJLMON.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\PJLMON.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PS5UI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\PS5UI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PSCRIPT5.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\UNIDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRV.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\UNIDRVUI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRVUI.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\UNIRES.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIRES.DLL \??\C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\New\mxdwdrv.dll \??\C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\mxdwdrv.dll \??\C:\Users\colis\AppData\Local\Temp\nsjCF94.tmp\nsProcess.dll \??\C:\Users\colis\AppData\Local\Temp\nsjCF94.tmp\ \??\C:\WINDOWS\System32\DriverStore\Temp\DEL6374.tmp \??\C:\WINDOWS\System32\DriverStore\Temp\DEL6385.tmp \??\C:\WINDOWS\System32\DriverStore\Temp\DEL649F.tmp \??\C:\WINDOWS\System32\DriverStore\Temp\DEL64B0.tmp \??\C:\Program Files (x86)\Common Files\Steam\SteamService.exe.old \??\C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp !\??\C:\WINDOWS\AppCompat\Programs\Amcache.hve [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=4c000fe8-017f-4602-a77b-f9e5715 "GlassSessionId"=6 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper [16/05/2018 10:10:25] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WindowArrangementActive"=1 "WheelScrollLines"=5 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=0 "TranscodedImageCache"=0x7AC301009C6602000004000000030000CD3BA213119AD30144003A005C0046006F006E006400200064002700E9006300720061006E005C00630061006E0061006C002D006D0061006E00670061002D0032003200370032002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "TranscodedImageCache_000"=0x7AC301009C6602000004000000030000CD3BA213119AD30144003A005C0046006F006E006400200064002700E9006300720061006E005C00630061006E0061006C002D006D0061006E00670061002D0032003200370032002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C004100590023004C004700440030003400450038002300340026003100300065003800630033006200610026003000260055004900440032003600350039003800380023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003F2800000000000000000000000000000100000013000000000000006A000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DE20400007B5D1B1DC90F2E45902C12BACD4FBC209B0800000114020000000000C00000000000004698130000CEC429A936FD7042B4F534ECAC5BD63C4611000062B06A59D2B415429F74E9109B0A8153D5010000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=3 "GlobalAssocChangedCounter"=192 "AppReadinessLogonComplete"=1 "FirstRunTelemetryComplete"=1 "EdgeDesktopShortcutCreated"=1 "PostAppInstallTasksCompleted"=1 "Browse For Folder Width"=361 "Browse For Folder Height"=361 "link"=0x1E000000 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=1 "SeparateProcess"=0 "AutoCheckSelect"=1 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x7E058D5B00000000 "ReindexedProfile"=1 "SnapAssist"=0 "TaskbarSmallIcons"=0 "DisablePreviewDesktop"=0 "TaskbarBadges"=1 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x0100000000000000FFFFFFFF "0"=0x640078000000 "1"=0x62006F006100720064000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{26afdb68-5aba-49cb-9207-f4b7fcdbc980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{26afdb68-5aba-49cb-9207-f4b7fcdbc980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=11 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "PUUActive"=0x0EFB17D00400000011005801180C0E0028360E0028360E00D20000000200080059F231B2A4F39200810F1F00900F0700D264060073DD02009E07000085C21D00BC2A00002F04000027E4AB6A8444D401747024000000000001000000410B1E00EE420000000000000000000000000000 "BuildNumber"=17134 "FirstLogon"=0 "DP"=0xD200E80092000000110000000EFB17D0000000000000000027E4AB6A8444D40127E4AB6A8444D401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100170900400320821003228210582501C02205020C6205030C573501800C9050500CF05251B35800C00000C8500008C870369700800580914005A0954722250180454165206543E5244096008034040B023404AB12A9F400803100206233007262A22101801403112B1413112B818800801280302352A23223AD4901802201AD482229AD5A "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=2544135851072 "ShutdownFlags"=135 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-1812020250-49885185-2009104261-1001 "LastUsedUsername"=colis [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 18:19:11] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [12/04/2018 18:19:11] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"=0x534143500100000000000000070000002800000078A30600ECAE060001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004C25A28A000000003100000031000000 "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"=0x5341435001000000000000000700000028000000789303004D67040001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EE24A28A000000003100000031000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A00210000E63F486B2AA0D2010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C89C0300B381040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"=0x534143500100000000000000070000002800000078F3290096F9290001000000000000000000000AF1220000BFA2139DEDD1D301000000800000000002000000280000000000000000000000000000000000000000000000000000000CBBE680000000008500000085000000 "C:\Users\colis\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D2010000008100000000 "C:\Users\colis\AppData\Local\Temp\GUM6301.tmp\GoogleUpdateSetup.exe"=0x5341435001000000000000000700000028000000583D1100C0A5110001000000000000000000000A00210000E63F486B2AA0D20100000080000000000200000028000000000000000000004000000000000000000000000000000000987B0000000000000100000001000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.0.5.0_x86__qmba6cd70vzyy\ROG Aura Core\Aura.exe"=0x534143500100000000000000070000002800000078E18C0123628D0101000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000C26F0300000000000200000002000000 "C:\Users\colis\Downloads\DTLiteInstaller.exe"=0x5341435001000000000000000700000028000000A0140C00E3800C0001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000009FD90500000000000100000001000000 "C:\Users\colis\Downloads\wrar550fr.exe"=0x5341435001000000000000000700000028000000C8DC1F00C1EC1F0001000000000000000000000A00210000E63F486B2AA0D201000000800000000002000000280000000000000000000040000000000000000000000000000000003A610000000000000100000001000000 "C:\Users\colis\Downloads\SteamSetup.exe"=0x534143500100000000000000070000002800000088131600052B160001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000882D0000000000000100000001000000 "C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000C8411700F3B9170001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000057699B00000000004000000040000000 "C:\Program Files (x86)\McAfee\msc\mchlp32.exe"=0x534143500100000000000000070000002800000070F20B007ED70C0001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000000000000000000000000000000000000002F000000000000000100000001000000 "C:\Program Files\mcafee\msc\mcuihost.exe"=0x534143500100000000000000070000002800000040931100100C120001000000000000000000000A00210000E78E163C2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000DD3F0C00000000000100000001000000 "C:\Users\colis\AppData\Local\Temp\Rar$EXa2116.41321\Asus Espada Gaming Mouse.exe"=0x53414350010000000000000007000000280000003687AE000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000CAE80000000000000100000001000000 "C:\Users\colis\Desktop\They.Are.Billions.v0.5.3.5\They Are Billions\TheyAreBillions.exe"=0x5341435001000000000000000700000028000000002826000000000001000000000000000000000AF5220000E78E163C2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000033787200000000000400000004000000 "C:\Program Files\DAEMON Tools Lite\DTAgent.exe"=0x5341435001000000000000000700000028000000C04E5000AE2B510001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000073131500000000000D0000000D000000 "SIGN.MEDIA=5AC3F68A Setup.exe"=0x534143500100000000000000070000002800000000BC5F003410600001000000000000000000020671220000E63F486B2AA0D2010000000000000000 "C:\Program Files (x86)\Need for Speed Most Wanted 2012\NFS13.exe"=0x534143500100000000000000070000002800000000F0DD001A0CD10001000000000000000000020671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000099180000000000000300000003000000 "C:\Users\colis\Desktop\NFS13.exe"=0x534143500100000000000000070000002800000000F0DD001A0CD10001000000000000000000020671220000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000024070000000000000100000001000000 "C:\Users\colis\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe"=0x534143500100000000000000070000002800000022A3190046D9000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000020000000000000000000000000000201B4700000000000A0000000A000000 "C:\Users\colis\Downloads\JavaSetup8u151.exe"=0x534143500100000000000000070000002800000040461C00D6281D0001000000000000000000000A71220000E63F486B2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000095610400000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x534143500100000000000000070000002800000040950C0053520D0001000000010000000000000A00210000E78E163C2AA0D2010000000000000000 "C:\Users\colis\Downloads\League of Legends installer EUW.exe"=0x5341435001000000000000000700000028000000C8AB5A04655D5B0401000000000000000000000A00210000E63F486B2AA0D2010000000000000000 "C:\Users\colis\Desktop\JEU\Forager\Forager.exe"=0x534143500100000000000000070000002800000000884A0040654B0001000000000000000000000A71220000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000A1B81400000000000100000001000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\ACU.exe"=0x5341435001000000000000000700000028000000D89CD701657ED80101000000000000000000000A73220000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000E2400000000000000400000004000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDF.exe"=0x5341435001000000000000000700000028000000D85A01003564010001000000000000000000010671000000E63F486B2AA0D20100000000000000000100000004000000010000000500000010000000000000000000000000000000000000000200000028000000000000000000000000002000000000000000200000000000CF1C0000000000000200000002000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDFInstall.exe"=0x5341435001000000000000000700000028000000D8EE010047AE020001000000000000000000030671000000E63F486B2AA0D20100000000000000000500000010000000000000000000000000000000000800000200000028000000000000000008004000020000000000000000000000000000E4230000000000000100000001000000 "D:\Jeu\Assassins.Creed.Unity.v1.5.0.Inclu.ALL.DLC\Assassin's Creed - Unity\GDF_rem.exe"=0x5341435001000000000000000700000028000000D858010023D1010001000000000000000000010671000000E63F486B2AA0D201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000020000000000000002000000000006B100000000000000100000001000000010000000400000001000000 "D:\Jeu\Tooth.and.Tail.v1.1.1.4\setup_tooth_and_tail_1.1.1.4_(17934).exe"=0x5341435001000000000000000700000028000000A8E7F02796B6F12701000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000075AF0100000000000100000001000000 "D:\Jeu\Tooth and Tail\ToothAndTail.exe"=0x534143500100000000000000070000002800000000F222000000000001000000000000000000000AF1220000E63F486B2AA0D20100000000000000000200000028000000000000001000002000000000000000000000000000000000F52D3800000000000100000001000000 "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe"=0x5341435001000000000000000700000028000000F87DAA00CE6AAB0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000983D1000000000000100000001000000 "D:\Allplan\setup.exe"=0x534143500100000000000000070000002800000098471200FE2D130001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000007A78B200000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0A203006855040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "D:\Download\Allplan 2018-0-2.exe"=0x5341435001000000000000000700000028000000306C118F6E9F118F01000000000000000000000A00210000E78E163C2AA0D2010000000000000000020000002800000000000000000000400000000000000000000000000000000077D01C00000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C00B9290D0001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000093868801000000000100000001000000 "D:\Allplan\Prg\nemstart.2018.exe"=0x5341435001000000000000000700000028000000981D080087F4080001000000000000000000000A00210000E78E163C2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000059EF0500000000000100000001000000 "D:\Allplan\Prg\Allplan_2018.exe"=0x5341435001000000000000000700000028000000986D5500D819560001000000000000000000030600010000E78E163C2AA0D20100000000000000000200000028000000000000000000000000000200000000000000000000000000483E8C00000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B0093820C0001000000000000000000000A00210000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000EFB06605000000000200000002000000 "D:\Allplan\Prg\nemstart.2016.exe"=0x534143500100000000000000070000002800000098FD0400D247050001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000E4E3F00000000000500000005000000 "D:\Allplan\Prg\Allplan_2016.exe"=0x5341435001000000000000000700000028000000989B3F00BF32400001000000000000000000030600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000200000000000000000000000000847C5C00000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B006DFE0B0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F3F9682C000000000800000008000000 "D:\Jeu\Slay.the.Spire.Patch.9\SlayTheSpire.exe"=0x534143500100000000000000070000002800000000B00500BFC7050001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000009C75BF00000000002800000028000000 "D:\Jeu\RimWorld.v0.18.1722\RimWorldWin.exe"=0x5341435001000000000000000700000028000000007615010000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000030A19B00000000000500000005000000 "D:\Jeu\Rogue Legacy by Nicomouk9\setup_rogue_legacy_2.2.0.10.exe"=0x5341435001000000000000000700000028000000900B2F0C01102F0C01000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000000000000000000000000000000000000000908C0000000000000100000001000000 "D:\Jeu\Rogue Legacy by Nicomouk9\patch_rogue_legacy_2.2.1.11.exe"=0x5341435001000000000000000700000028000000A0D20E007D630F0001000000000000000000010600010000E63F486B2AA0D2010000008000000000020000002800000000000000000000000000000000000000000000000000000030270000000000000100000001000000 "D:\Jeu\Rogue Legacy\RogueLegacy.exe"=0x534143500100000000000000070000002800000000C6110000000000010000000000000000000206F1020000DB80FDAC2839D301000000000000000002000000280000000000000030000060000000000000000000000000000000005C96BA00000000000900000009000000 "SIGN.MEDIA=FD1BDF6C setup.exe"=0x5341435001000000000000000700000028000000BE7841000000000001000000000000000000010600010000E63F486B2AA0D20100000000000000000200000028000000000000000000004000000000000000000000000000000000B7070200000000000100000001000000 "D:\Jeu\Snake Pass\SnakePass.exe"=0x5341435001000000000000000700000028000000000607003AFA010001000000000000000000000A73200000E78E163C2AA0D201000000000000000005000000100000000000000000000000000000002000000002000000280000000000000020000060000000000000000000000000000000001E920A00000000000200000002000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C008AE20C0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005320A301000000000300000003000000 "D:\Jeu\Turmoil by Nicomouk9\TurmoilSteam.exe"=0x5341435001000000000000000700000028000000000E3700B1CA320001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001E073600000000000200000002000000 "D:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000C0872E00DED82E0001000000000000000000000A71220000E63F486B2AA0D201000000000000000002000000280000000000000080000000000000000000000000000000000000002CBD0200000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AC03001457040001000000000000000000000A71200000E63F486B2AA0D2010000000100000000 "D:\Download\winx-youtube-downloader.exe"=0x534143500100000000000000070000002800000008153301A780330101000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B8950000000000000100000001000000 "D:\Deezloader-win32-x64\Deezloader.exe"=0x53414350010000000000000007000000280000000058D8040000000001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000500000000000000000000040000000000000000000000000000000003F41000000000000010000000100000000000000000000000000000000000000000000000000000095CF0000000000000500000000000000 "D:\Jeu\Dragon Cliff\game.exe"=0x534143500100000000000000070000002800000000EE14010000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000065801500000000000300000003000000 "D:\Jeu\Aegis Defenders\AegisDefenders.exe"=0x5341435001000000000000000700000028000000007615010000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A88F3900000000000300000003000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090E90B0022F90B0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003D90F80F000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.74.380.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x534143500100000000000000070000002800000090550C003B370D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000B06A1C00B9DD1C0001000000000000000000000A00210000DB80FDAC2839D3010000009100000000 "J:\office 2007\SETUP.EXE"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000004D00300000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8830.7600.0_x64__8wekyb3d8bbwe\Office16\OfficeHubWin32.exe"=0x5341435001000000000000000700000028000000A8381E0089FB1E0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DF8C0000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE"=0x5341435001000000000000000700000028000000301907002F59070001000000000000000000000671020000DB80FDAC2839D3010000000100000000 "C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"=0x5341435001000000000000000700000028000000284D0500AAA8050001000000000000000000000671020000BFA2139DEDD1D3010000000100000000 "D:\Jeu\Into the Breach\Breach.exe"=0x5341435001000000000000000700000028000000002A3F000000000001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000100000200000000000000000000000000000000050677100000000000700000007000000 "C:\Program Files (x86)\Java\jre1.8.0_151\bin\javaw.exe"=0x534143500100000000000000070000002800000040EC0200B2B0030001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000467F0900000000000200000002000000 "D:\Prog\Deezer Downloader v3.2.3.exe"=0x5341435001000000000000000700000028000000421639009693000001000000000000000000000A71200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000265F0700000000000100000001000000 "D:\Prog\Deezloader-win-64.exe"=0x5341435001000000000000000700000028000000B3275C020000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000044CC0100000000000100000001000000 "D:\Prog\Deezloader X64\DeezLoader.exe"=0x534143500100000000000000070000002800000000A2D3040000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000005000000000000000000000000000000000000000000000000000000001FF2100000000000E00000003000000000000000000004000000000000000000000000000000000A0C80000000000000200000000000000 "C:\Users\colis\AppData\Local\Temp\{94207815-20cd-4ee5-B240-596274AED21E}\{7B28E39C-883C-4f49-ABFB-5D16796F2DD9}\ISAdmin.exe"=0x5341435001000000000000000700000028000000C01B0D00EC3A0D0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B3680200000000000100000001000000 "D:\Prog\PDF creator\vspdfprsrv.exe"=0x5341435001000000000000000700000028000000001A6E000000000001000000000000000000020671020000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000001820000000000000100000001000000 "D:\Download\PDFCreator-3_1_2-Setup.exe"=0x53414350010000000000000007000000280000003087F201D064F30101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FFF40000000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0AE0300F24D040001000000000000000000000A71200000DB80FDAC2839D3010000000100000000 "C:\Users\colis\Desktop\FTL.Advanced.Edition.v1.6.7\setup_ftl_-_advanced_edition_1.6.7_(18661).exe"=0x53414350010000000000000007000000280000009887660BA8C0660B01000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000087080100000000000100000001000000 "D:\Jeu\FTL - Advanced Edition\FTLGame.exe"=0x534143500100000000000000070000002800000000B6560035F7560001000000000000000000030600010000BFA2139DEDD1D3010000000000000000020000002800000000000000100000200000000000000000000000000000000033DC7400000000001500000015000000 "D:\Jeu\FTL\FTL_v1.5.4_Install.exe"=0x5341435001000000000000000700000028000000694F420B0000000001000000000000000000020600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000022170000000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00E25E0C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BFF09A29000000000600000006000000 "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE"=0x534143500100000000000000070000002800000010E70000EEE0010001000000000000000000000671020000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BD820000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"=0x534143500100000000000000070000002800000028FF1001D228110101000000000000000000000671020000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C00A5580D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\colis\AppData\Local\Temp\7zSC8A8F1F4\GenericSetup.exe"=0x5341435001000000000000000700000028000000F80A020026AB020001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FBA30100000000000100000001000000 "SIGN.MEDIA=33B8494 OriginSetup.exe"=0x5341435001000000000000000700000028000000007067000000000001000000000000000000000A61200000DB80FDAC2839D3010000000000000000020000002800000000000000000800400000000000000000000000000000000096640A00000000000100000001000000 "C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe"=0x534143500100000000000000070000002800000000065C0ABD6A5C0A01000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000CF160B00000000000400000004000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000C0271A0087351A0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076E8670B000000000100000001000000 "D:\Download\jre-8u161-windows-x64.exe"=0x534143500100000000000000070000002800000040624004C712410401000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000F9440300000000000100000001000000 "SIGN.MEDIA=3BDF70EB setup.exe"=0x53414350010000000000000007000000280000008F2652000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000000E380200000000000100000001000000 "D:\Games\Surviving Mars\MarsSteam.exe"=0x5341435001000000000000000700000028000000B8939800B05B990001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000020000060000000000000000000000000000000007132AD00000000000B0000000B000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.044.0301.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0BC0300204F040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\colis\Desktop\SMLoadr-win-x64_v1.8.0.exe"=0x53414350010000000000000007000000280000008DB815020000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000741A5E00000000000100000001000000 "D:\Jeu\Minit\minit.exe"=0x534143500100000000000000070000002800000000E46D0658F76F0601000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000008001000000000000000000000000000000000000DBE26A00000000000500000005000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B0018650C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000091B59454000000000300000003000000 "C:\Users\colis\Desktop\smloader\SMLoadr-win-x64_v1.8.0.exe"=0x53414350010000000000000007000000280000008DB815020000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B0770000000000000100000001000000 "C:\Users\colis\Desktop\smloader\Nouveau dossier\SMLoader_GUI.exe"=0x5341435001000000000000000700000028000000002031000000000001000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000087280000000000000100000001000000 "C:\Users\colis\Desktop\smloader\Nouveau dossier\SMLoadr-win-x64_v1.9.0.exe"=0x53414350010000000000000007000000280000004CB629020000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000005691500000000000200000002000000 "D:\Jeu\Dead.Cells.v04.04.2018\deadcells.exe"=0x5341435001000000000000000700000028000000A8B68B00EB438C0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000007DDB700000000000800000008000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyMigrator.exe"=0x5341435001000000000000000700000028000000905D0C00BF2D0D0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004BBA0D01000000000300000003000000 "D:\Download\FreeConvertFLACToMP3Setup.exe"=0x5341435001000000000000000700000028000000A4DF59010000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000036FA2600000000000100000001000000 "C:\Program Files (x86)\4dots Software\Free Convert FLAC To MP3\FreeConvertFLACToMP3.exe"=0x5341435001000000000000000700000028000000009008000000000001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003B011000000000000400000004000000 "D:\Download\Setup_FreeAudioConverter.exe"=0x5341435001000000000000000700000028000000F02829002462290001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000042650000000000000100000001000000 "C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\FreeMp3M4aWmaConverter.exe"=0x534143500100000000000000070000002800000000C007000000000001000000000000000000010671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000100000000000000000000000000000902E1E00000000000300000003000000 "D:\Download\ovideocapture.exe"=0x5341435001000000000000000700000028000000F63D0A000000000001000000000000000000000A41220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000281B0700000000000100000001000000 "D:\Jeu\NeonDS.exe"=0x534143500100000000000000070000002800000000E026000000000001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BD890100000000000100000001000000 "D:\Jeu\DS\DeSmuME_0.9.10_x86.exe"=0x5341435001000000000000000700000028000000001610000000000001000000000000000000020671020000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001C2C4300000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300017A040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "SIGN.MEDIA=5FEDE0C6 setup.exe"=0x5341435001000000000000000700000028000000922652000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000034E10100000000000100000001000000 "D:\Games\Frostpunk\Frostpunk.exe"=0x53414350010000000000000007000000280000000090B2010000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000000000000000000000000000F7909700000000000A0000000A000000 "C:\Users\colis\Desktop\smloader\SMLoadr-win-x64_v1.9.2.exe"=0x5341435001000000000000000700000028000000290D1E020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000AAC75800000000000700000007000000 "C:\Users\colis\Desktop\smloader\GUI\SMLoader.exe"=0x5341435001000000000000000700000028000000002031000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A7490100000000000400000004000000 "C:\Program Files\Common Files\EAInstaller\Need for Speed Payback\Cleanup.exe"=0x5341435001000000000000000700000028000000E0270E007ED50E0001000000000000000000020600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D51B0000000000000100000001000000 "C:\Program Files (x86)\Need for Speed Most Wanted 2012\unins000.exe"=0x534143500100000000000000070000002800000021020B000000000001000000000000000000020600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000020000000000000000000000000000A7130000000000000100000001000000 "C:\Riot Games\League of Legends\LeagueClient.exe"=0x534143500100000000000000070000002800000080E43400951A350001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F336E00000000000200000002000000 "D:\Download\Endless.Legend.v1.5.7.S3.Incl.DLC\Endless.Legend.v1.5.7.S3.Incl.DLC\EndlessLegend.exe"=0x534143500100000000000000070000002800000000823B010000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E69A5001000000000400000004000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090F10B00D0000C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000003ABDBF3B000000000600000006000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.18.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x534143500100000000000000070000002800000000FA24000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DB000000000000000700000007000000 "D:\Jeu\Endless.Legend.v1.5.7.S3.Incl.DLC\Endless.Legend.v1.5.7.S3.Incl.DLC\EndlessLegend.exe"=0x534143500100000000000000070000002800000000823B010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FF91BC01000000000700000007000000 "D:\Prog\CASIO FA-124.exe"=0x534143500100000000000000070000002800000072A71F010000000001000000000000000000010600210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009F380100000000000100000001000000 "D:\Prog\Casio FA-124\FA124.exe"=0x5341435001000000000000000700000028000000006013000000000001000000000000000000000671200000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000200000000000000000000000000C4066D00000000000100000001000000 "D:\Jeu\Machiavillain.v1.01.GOG\machiavillain_v1.01_x64_setup.exe"=0x534143500100000000000000070000002800000038BD0B1A61090C1A01000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B7801E00000000000100000001000000 "D:\Jeu\MachiaVillain\MachiaVillain.exe"=0x534143500100000000000000070000002800000000E609000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000010000020000000000000000000000000000000009A609500000000000300000003000000 "D:\Jeu\STAY.v1.0.2.4\stay.exe"=0x534143500100000000000000070000002800000000C209000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000208D7D01000000000100000001000000 "D:\Jeu\Wizard of Legend\WizardOfLegend.exe"=0x534143500100000000000000070000002800000000585C010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000010000020000000000000000000000000000000008EA03300000000000200000002000000 "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE"=0x534143500100000000000000070000002800000030B50600FF1E070003000000000000000000000671020000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000045A0400000000000200000002000000 "D:\Download\office-2016_16-0-7167-2060_fr_431791_64.exe"=0x5341435001000000000000000700000028000000385354005BA9540001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001B9B1300000000000400000004000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000A8DA2E016B402F0101000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076141300000000000100000001000000 "D:\Jeu\Graveyard.Keeper.Alpha.v0.669\Graveyard Keeper Alpha\Graveyard Keeper.exe"=0x534143500100000000000000070000002800000000B015010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000559A6E00000000000500000005000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300C327040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "D:\Download\readerdc_fr_xa_crd_install.exe"=0x5341435001000000000000000700000028000000F86D12000459130001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000066740300000000000100000001000000 "D:\Jeu\Asylamba.Influence\Influence\influence.exe"=0x53414350010000000000000007000000280000006475A2030000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A1004E00000000000200000002000000 "C:\Users\colis\Desktop\FTBLauncher_64bit.exe"=0x5341435001000000000000000700000028000000B31899000000000001000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B27D9001000000000700000007000000 "D:\Jeu\Cultist.Simulator\Cultist Simulator\cultistsimulator.exe"=0x534143500100000000000000070000002800000000C209000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009B6F2900000000000100000001000000 "D:\Jeu\Duskers\Duskers.exe"=0x5341435001000000000000000700000028000000003E00010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B66E1E00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E00300534A040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000B09C1A03C5FA1A0301000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "D:\Download\Solibri-Model-Checker_v9_8_windows_64bit_9_8_30-20180504.exe"=0x5341435001000000000000000700000028000000501BB30F0000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000000D451600000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B003B9E0C0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009F123342000000000100000001000000 "SIGN.MEDIA=3629CB96 Install.exe"=0x5341435001000000000000000700000028000000AB68FD000000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000003B200300000000000100000001000000 "D:\Jeu\Egypt - Old Kingdom\win64\Egypt Old Kingdom.exe"=0x5341435001000000000000000700000028000000009A54010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000005FB30B01000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.091.0506.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A8E003002796040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000B8461E00E9041F0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B83DEB0F000000000400000004000000 "SIGN.MEDIA=55AAAEAE SetFH3.exe"=0x534143500100000000000000070000002800000095101C000000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000000000000000000000000000000000000000DF4C1C00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.111.0603.0004\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F603000E59040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Steam\bin\steamservice.exe"=0x53414350010000000000000007000000280000002089190036B9190001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000005FF20000000000000100000001000000 "D:\Jeu\Salt.and.Sanctuary.v1.0.0.7\salt.exe"=0x534143500100000000000000070000002800000000AC18000000000001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000025C6C422000000000100000001000000 "C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000B0C41D000B921E0001000000000000000000000A00210000BFA2139DEDD1D3010000009100000000 "SIGN.MEDIA=45A8435F Win64\setup.exe"=0x5341435001000000000000000700000028000000754D73000000000001000000000000000000010600010000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000004C600100000000000100000001000000 "D:\Games\Slime Rancher The Little Big Storage\SlimeRancher.exe"=0x5341435001000000000000000700000028000000005A66010000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000020000060000000000000000000000000000000005C813000000000000100000001000000 "D:\Jeu\Death.Skid.Marks.v1.16\IGG-Death.Skid.Marks.v1.16\DeathSkidMarks.exe"=0x53414350010000000000000007000000280000001050E200F8D7DC0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000011DE1600000000000200000002000000 "SIGN.MEDIA=A61FAC56 setup.exe"=0x5341435001000000000000000700000028000000E02652000000000001000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000947F1300000000000100000001000000 "D:\Games\Crash Bandicoot N Sane Trilogy\CrashBandicootNSaneTrilogy.exe"=0x53414350010000000000000007000000280000005890C801EE33C90101000000000000000000000A73200000BFA2139DEDD1D30100000000000000000200000028000000000000002000006000000000000000000000000000000000CF691F00000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0F60300D140040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.22.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000004C27000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DA630000000000000600000006000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090ED0B00CBC50C0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C4D95B14000000000200000002000000 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000182012004E9B120001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000090D10B0093AD0C0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000067E93F51000000000100000001000000 "D:\Jeu\Infectonator.3.Apocalypse.v1.3.2.2\Infectonator3.exe"=0x5341435001000000000000000700000028000000006C5C010000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000071875200000000000200000002000000 "D:\Jeu\Infectonator.Survivors.v1.1.2\Survivors.exe"=0x5341435001000000000000000700000028000000003A0200D308010001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000001A759200000000000100000001000000 "D:\Download\xp68-win-mp495-5_56-ea24.exe"=0x5341435001000000000000000700000028000000986C5C01F2315D0101000000000000000000010600010000BFA2139DEDD1D30100000000000000000200000028000000000000008000004000000000000000000000000000000000F0620000000000000100000001000000 "D:\Download\qm__-win-2_8_5-ea31_2.exe"=0x5341435001000000000000000700000028000000802E9100B53B910001000000000000000000010600010000BFA2139DEDD1D3010000000000000000020000002800000000000000800000400000000000000000000000000000000091430000000000000100000001000000 "C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE"=0x5341435001000000000000000700000028000000800A14003987140001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002AFCA729000000000100000001000000 "C:\Program Files (x86)\Canon\Quick Menu\CNSEMAIN.EXE"=0x534143500100000000000000070000002800000098F405002EFB050001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EE020000000000000100000001000000 "D:\Jeu\Star Traders Frontiers\StarTradersFrontiers.exe"=0x534143500100000000000000070000002800000000966D000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A9030000000000000100000001000000 "D:\Jeu\Star Traders Frontiers\LAUNCHER_x64.exe"=0x5341435001000000000000000700000028000000002A04007CA4040001000000000000000000000A73220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000052BD7700000000000200000002000000 "D:\Download\DeezLoader-3.1.1-win-64&32-installer.exe"=0x5341435001000000000000000700000028000000E52066040000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EF280100000000000200000002000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader\DeezLoader.exe"=0x5341435001000000000000000700000028000000009409040000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000009C7A0700000000000100000001000000 "D:\Download\MP3 Loader Remix 4.1.2-Win64.exe"=0x534143500100000000000000070000002800000011F73E020000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000072500000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\Deezloader Remix\Deezloader Remix.exe"=0x5341435001000000000000000700000028000000006E08040000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000624A0B00000000000200000002000000 "D:\Download\DeezLoader Remaster Setup 5.0.2-ALPHA.exe"=0x5341435001000000000000000700000028000000B8DAE1040000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002A5C0000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader Remaster\DeezLoader Remaster.exe"=0x5341435001000000000000000700000028000000002A0B040000000001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000054470100000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\Deezloader Remix\Uninstall Deezloader Remix.exe"=0x5341435001000000000000000700000028000000C5E303000000000003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000130F0000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader Remaster\Uninstall DeezLoader Remaster.exe"=0x5341435001000000000000000700000028000000D25E07000000000003000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000028300000000000000100000001000000 "C:\Users\colis\AppData\Local\Programs\DeezLoader\Uninstall DeezLoader.exe"=0x5341435001000000000000000700000028000000525E07000000000003000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000037450000000000000100000001000000 "D:\Prog\Deezloader X64\Uninstall DeezLoader.exe"=0x5341435001000000000000000700000028000000795A07000000000003000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000575F0000000000000100000001000000 "C:\Users\colis\Documents\telegram\Deezloader Remix 4.1.2 - Setup.exe"=0x534143500100000000000000070000002800000011F73E020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FE4B0000000000000100000001000000 "C:\Program Files\Java\jre1.8.0_161\bin\javaw.exe"=0x534143500100000000000000070000002800000040280300E5A7030001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000459C3A00000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000581318009955180001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A80204003EA4040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.23.0_x86__qmba6cd70vzyy\AuraListen.exe"=0x5341435001000000000000000700000028000000005427000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F61C5524000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000E0198700D28B870001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000035540100000000000700000007000000 "C:\Users\colis\Desktop\Nouveau dossier (3)\jarfix.exe"=0x534143500100000000000000070000002800000041FF00000000000001000000000000000000010600010000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400002010000000000000000000000000053360000000000000100000001000000 "C:\Users\colis\Desktop\Nouveau dossier (3)\SkaiaCraft Launcher v2.0.exe"=0x534143500100000000000000070000002800000026D937003ED3010001000000000000000000000A71200000BFA2139DEDD1D30100000000000000000200000028000000000000008000000000000000000000000000000000000000C63F1100000000000100000001000000 "D:\Jeu\Minecraft\SkaiaCraft Launcher v2.0.exe"=0x534143500100000000000000070000002800000026D937003ED3010001000000000000000000000A71200000BFA2139DEDD1D301000000000000000002000000280000000000000080000000000000000000000000000000000000000E685001000000000400000004000000 "D:\Download\Deezloader Remix\Deezloader Remix 4.1.3 Setup-x64.exe"=0x5341435001000000000000000700000028000000F31031020000000001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002A830000000000000100000001000000 "D:\Download\Deezloader Remix\Deezloader Remix 4.1.3 Setup-x32.exe"=0x534143500100000000000000070000002800000005EEE0010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000D3450000000000000100000001000000 "D:\Prog\Deezloader Remix\Deezloader Remix.exe"=0x53414350010000000000000007000000280000000082F4020000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B5CD1600000000000300000003000000 "D:\Download\Git-2.18.0-64-bit.exe"=0x5341435001000000000000000700000028000000108C73022039740201000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000356A0D00000000000100000001000000 "C:\Program Files\Git\git-bash.exe"=0x53414350010000000000000007000000280000001843020056A9020001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F8370000000000000100000001000000 "D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe"=0x5341435001000000000000000700000028000000705159000000000001000000000000000000000A71220000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000032A8600000000001100000011000000 "D:\Download\UsbFix_11.002.exe"=0x5341435001000000000000000700000028000000A0C03D0056703E0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000078800700000000000100000001000000 "C:\Program Files (x86)\UsbFix\UsbFix.exe"=0x534143500100000000000000070000002800000090821E0017181F0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000077569B04000000000300000003000000 "D:\Download\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6511.exe"=0x53414350010000000000000007000000280000007831EB0435BEEB0401000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000006D810500000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x534143500100000000000000070000002800000050C77B0097507C0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000081020000000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe"=0x534143500100000000000000070000002800000020510E002FD70E0001000000000000000000000A71220000BFA2139DEDD1D3010000000000000000020000002800000000000000000000400000000000000000000000000000000026040000000000000100000001000000 "D:\Download\QuickDiag.exe"=0x5341435001000000000000000700000028000000981D4A0083494A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000086900700000000000200000002000000 "C:\Program Files (x86)\Steam\Steam.exe"=0x534143500100000000000000070000002800000020ED30004030310001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000000000000000000000000000000000000002F000000000000000100000001000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x53414350010000000000000007000000280000009088AA019403AB0101000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Users\colis\AppData\Local\Microsoft\OneDrive\18.151.0729.0006\FileSyncConfig.exe"=0x534143500100000000000000070000002800000020F80300EE6C040001000000000000000000000A00210000BFA2139DEDD1D3010000000100000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000F0A32200C503230001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000001000000000000000000000000000000000EDF10100000000000100000001000000 "D:\Download\SumatraPDF-3.1.2-install.exe"=0x5341435001000000000000000700000028000000902A4A000C1C4B0001000000000000000000000A00210000BFA2139DEDD1D301000000000000000002000000280000000000000000000040000000000000000000000000000000005C1D0000000000000100000001000000 "C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe"=0x5341435001000000000000000700000028000000909619004C731A0001000000000000000000000A00210000BFA2139DEDD1D3010000000000000000020000002800000000000000000000000000000000000000000000000000000037561F00000000000100000001000000 "D:\Download\QuickDiag (1).exe"=0x534143500100000000000000070000002800000098214A00D8C84A0001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000004000000000000000000000000000000000D5180700000000000200000002000000 "D:\Jeu\RimWorld.Beta.19\RimWorldWin64.exe"=0x534143500100000000000000070000002800000000905C010000000001000000000000000000000A00210000BFA2139DEDD1D30100000000000000000200000028000000000000000000000000000000000000000000000000000000208E6E00000000000300000003000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131709317925146040 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "TrustedImageIdentifier"={GL703VD0-0000-0000-0000-000000000000} "ProductType"=2 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\ "ProductStatus"=0 "InstallTime"=0x81ECCA640B47D301 "OOBEInstallTime"=0xA3787861EDECD301 "DisableAntiVirus"=0 "LastEnabledTime"=0xAFB0C6FC5C8AD301 "ManagedDefenderProductType"=0 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] : AF_UNIX [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001] : AF_UNIX ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.213.142] avec 32 octets de donn?es?: R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. R?ponse de 10.6.72.1?: Impossible de joindre le port de destination. Statistiques Ping pour 216.58.213.142: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), ---------- | @ [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=about:blank "Default_Page_URL"=http://asus17win10.msn.com/?pc=ASTE "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=fp1f8mf "OperationalData"=12 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF530100004600000003060000E9020000 "Start Page_TIMESTAMP"=0xE2A955FA1E8BD301 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000000F00000039BB737F79F35E040F7106E633061C020000000E0000005A64584D744F4D4B6F4A41253364 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x6172CF28628AD301 "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xA65B21B818B7D301 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x200D51AD94ECD301 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnonZoneCrossing"=0 "LockDatabase"=131709318414158698 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Start Page"=about:blank "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SMC] "Progid"=Solibri Model Checker v9.8 ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [12/04/2018 01:34:24] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0x998513E0BEA5D301 "Version"=5 "UpgradeTime"=0x998513E0BEA5D301 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_A9] - (C:\WINDOWS\system32\spool\drivers\x64\3) - cnmseA9.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_XPS_A9] - (C:\WINDOWS\system32\spool\drivers\x64\3) - cnmxseA9.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files\Java\jre1.8.0_161\bin) - jp2launcher.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Program Files\Java\jre1.8.0_161\bin) - javaws.exe : C:\Program Files (x86)\Java\jre1.8.0_151\bin\wsdetect.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] - (C:\Program Files\Microsoft Office\root\Office16\) - onenote.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files\Microsoft Office\root\Office16\) - NAMECONTROLSERVER.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B723F941-52A2-4392-B500-60F3889659B4}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files\Java\jre1.8.0_161\bin) - ssvagent.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD993BDC-06E0-4131-B889-DD3B9AEBE253}] - (C:\Program Files\Microsoft Office\root\Office16\) - IEContentService.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1664328F-BCF3-41f2-BEFA-5F15CA0E76D0}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - () - : C:\Program Files (x86)\Java\jre1.8.0_151\bin\wsdetect.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] - (C:\Program Files\Microsoft Office\root\Office16\) - onenote.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC06A6F-4C88-4707-8DEC-61017CB50E1E}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files\Microsoft Office\root\Office16\) - NAMECONTROLSERVER.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7278BD0-7970-47D6-8954-99B2343EED88}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF) - RdrCEF.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.33.17) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.33.17) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD993BDC-06E0-4131-B889-DD3B9AEBE253}] - (C:\Program Files\Microsoft Office\root\Office16\) - IEContentService.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : ---------- | Ext\Stats [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}] : : %SystemRoot%\System32\msxml3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] : : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] : : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [23/05/2018 21:56:35] ---------- | Chrome C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\bigefpfhnfcobdlfbedofhhaibnlghod = : Secure Cloud Storage - MEGA - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\clhhggbfdinjmjhajaheehoeibfljjno = : Telegram Web App.\nMore info & source code here: https://github.com/zhukov/webogram - short_name: Telegram - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\fanagokoaogopceablgmpndejhedkjjb = : __MSG_desc__ - __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\femoooemgmjaebeodbbikbkmhlafenpl = : The games feature each level that is a scenario of stickmen going about their daily activities. Your job is to kill all of them. - http://causalitygame.com/chrome/ - short_name: Causality Games - [http://causalitygame.com/chrome/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\fjbdgmikfnklbopkafjgbcejoiipemkl = : Google & co - http://en.start.gamigo.com/cultures-online/?affiliateID=778 - Google & co - [http://play.cultures-online.gamigo.com/co/bin/index.php?affiliateID=778] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\gdkfaieogniecdceabnnkfloeomailhg = : Le jeu de serpent renouvelé : palpitant comme jamais ! - http://www.snaky360.fr/ - Snaky 360 - [http://www.snaky360.fr/http://static.snaky360.fr/] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\hfpeacgpdnhofhebmincihdelcemhagd = : Google & co - http://creaturesandcastles.hiive.com/? - Google & co - [http://creaturesandcastles.hiive.com/?] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\hgoflmajhinnohnhkfeggflmmppiilck = : - Black blue shards - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\imkkdabijgkodinlhgncdfmghdcdacmg = : Google & co - short_name: D2NE - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\jlehaidnnmjjkhgbbiombcdifogolhap = : __MSG_bd_gamedesc_696_frameDescription_medium__ - https://www.skyrama.com/?aid=3306&utm_source=online&utm_medium=cws&utm_campaign=default - __MSG_bd_gameTitles_696__ - [https://www.skyrama.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\knkapnclbofjjgicpkfoagdjohlfjhpd = : A simple but addictive game. Start with four basic items and use them to find dinosaurs unicorns and spaceships! - http://littlealchemy.com/ - Little Alchemy - [*://littlealchemy.com/] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\lcdhpokmalcfjnfkjlfncgekebcojinn = : Face off against increasingly deadly waves of enemies in this aerial strategy game. - http://www.steambirds.com/ - Steambirds: Survival - [http://www.steambirds.com/] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\mhpdbcnfpodnaefldpdohoibdajcfabp = : Launch Arrows Hurl Fireballs And Swing A Mighty Axe! Explore the fantasy themed desktop and mobile MMO Pocket Legends for FREE! - http://account.spacetimestudios.com/pocketlegends - Pocket Legends - [http://account.spacetimestudios.com/pocketlegends] - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\colis\AppData\Local\Google\Chrome\User Data\Default\extensions\poknhlcknimnnbfcombaooklofipaibk = : An experiment to render Free Rider tracks in HTML5. - http://canvasrider.com/tracks/featured - Canvas Rider - [http://canvasrider.com/] - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.161.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=10.1.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0771dd91-7dc7-4264-8517-a9621d7c59f4}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f7710695-4faa-4549-8e29-6ea5ef54c4f7}] "DhcpNameServer"=10.1.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0771dd91-7dc7-4264-8517-a9621d7c59f4}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f7710695-4faa-4549-8e29-6ea5ef54c4f7}] "DhcpNameServer"=10.1.1.254 ---------- | ActiveX [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C6658531-8DB9-3115-B6D1-F89B57830CFC}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{B82EE9BD-ADE2-3058-8091-78419781EC8E}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Classes\Applications\POWERPNT.EXE] : "C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE" "%1" [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe" "%1" /SHELLASSOC [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PDFEditor.exe] : D:\Prog\PDF creator\PDFEditor.exe "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\SumatraPDF.exe] : "C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDFEditor.exe] : D:\Prog\PDF creator\PDFEditor.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SumatraPDF.exe] : "C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe" "%1" %* [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: NvCpl - AppID: {048F26EF-2F89-46C9-99E7-481E40F3F2EC} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: SFSSAPODll - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: MainController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: IntelCpHeciSvc - AppID: {11AC3232-E7D7-49CD-ABFE-501700100B3A} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: RuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: DolbyDAX2APOvlldp - AppID: {18A5395C-F7C7-45D1-8D6D-F6BF56FE9427} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: Nv3DVStreamingIePlugin - AppID: {1AADA852-632F-4711-B201-37D27E27D3CD} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: DebugTargetAdapters Class - AppID: {1b7778f3-fe54-443c-8729-1e78b0715299} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: Disc soft DT Lite bus service - AppID: {1CA3841D-15B5-4C70-9751-7A87730A1BE9} Name: Office Licensing COM Server 16 - AppID: {1E886174-DC88-4B83-8BC5-66409EC75F16} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: DTSLimiterDLL - AppID: {24E79C19-1F52-43CC-8684-BFA13340E72C} Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A} Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: DTSVoiceClarityDLL - AppID: {272EFD2A-90BE-4E48-8557-3D9CEA0530A0} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: TosEAEAPODLL - AppID: {2A3C3DC0-7618-49FF-93E3-6481ACDDF2F2} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF} Name: WaaSMedicSvc - AppID: {2ED83BAA-B2FD-43B1-99BF-E6149C622692} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: ImmersiveShellBrokers - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC} Name: CoreDpusSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: MiracastTestRemoteCommandSender - AppID: {39214908-5362-44b4-97f4-1aa724d3e0da} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC} Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: NvXDSyncPlugin - AppID: {4680B596-CF8C-44E1-A676-4AAA819E041F} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: DDPA32 - AppID: {4CBB9627-E758-489D-AE4E-A2BAFE0788F2} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: NallBuildingStructure - AppID: {4F7305E4-55C5-4E86-8255-7978B434FD27} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: LMS - AppID: {545C8D56-7A88-492D-B38D-559657A3DD4C} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: DTSNeoPCDLL - AppID: {68976842-77A6-447F-83E8-97DF7A83A970} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: RegSrvc - AppID: {6EF8E539-12E9-4595-A7C6-3DDA8A4069B2} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Nv3DVisionIePlugin - AppID: {727C4938-C5C5-4743-B543-7E6F100CE67B} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: NAHIMICAPOSettingsIPC - AppID: {76d57399-2584-44b9-a6a8-9dd7022fb85e} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: EEA64A - AppID: {7D5D40EC-DCAF-4858-B7DC-9BA70C8B7C39} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887} Name: DTSBassEnhancementDLL - AppID: {7E70FA0D-5DFA-4BA6-98C6-F10BBAAF7410} Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: MKVDemuxer - AppID: {806ADDDB-FBD2-4413-8FFC-8B4B7E547C6C} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: av - AppID: {8357E684-DDCC-414B-B59F-0B499FA99852} Name: IntelCpHDCPSvc - AppID: {84081F6F-8B2D-4FFE-AF7F-E72D488FABEB} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: TosASFAPODLL - AppID: {8C2856EC-F5FE-4FEA-BA6E-22AC88ED79F2} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: DTSSymmetryDLL - AppID: {91953DA9-4AB8-473A-BF6D-462FA2E58025} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: Wwan Service Toast Notification - AppID: {941C53C2-D2D7-4C74-84EA-28F8F6438D4B} Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410} Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74} Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B} Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: Bluetooth User Service - AppID: {9980CAAB-B154-408C-B5FD-29A701E40825} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: NVXDPlcy - AppID: {9C5791C4-BCD3-48B8-A10D-CA0279320836} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: TosSAEMAXAPODLL - AppID: {9EE3B75C-74C4-4CCB-9BB2-BF5CA444C1A6} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d} Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: Nv3DAppShExt - AppID: {A4CF1DBB-664A-4600-9CE3-96FBAA344504} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: DTSBoostDLL - AppID: {A5900CCC-3E28-4F96-8410-C43BF113C279} Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9} Name: TepeqAPODll - AppID: {AAA42638-53A8-4D94-95FC-52ED115A58B4} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: QuietHours App ID - AppID: {AB7BDC53-0BB5-44F5-9E25-C444313D4686} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: McAMTaskAgent - AppID: {ABCD3CC8-8490-4E62-9550-48F21329C885} Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: Microsoft Volumetric Audio Compositor - AppID: {AD829705-CCA8-44D4-88E0-331E48336059} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: EEG64A - AppID: {ADC304B3-E91E-42dd-A72B-FE15B5E2C3BF} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: WpcMonSvc - AppID: {B34F88D1-F26B-42D5-8DD5-A442303A05D7} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: DTSGainCompensatorDLL - AppID: {B3D43A87-E6C7-4EC8-8546-CEB9EE9BD936} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: NVXDApiX - AppID: {B92B577B-628A-442B-A017-E86FB518C6FD} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: foxhhelp9 - AppID: {B9505A02-6AAC-11D1-8632-00A0C903A97F} Name: Bluetooth AVCTP Service - AppID: {B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: DTSS2HeadphoneDLL - AppID: {BA291C7C-39AC-4331-9592-B694DA24BC89} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: LxpSvc - AppID: {BCE82FB7-43F4-4827-A503-69E561667293} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593} Name: ZeroConfigService - AppID: {C1FB18A8-DEEE-45BF-B67D-C580A2028B13} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: NvXDCore - AppID: {C5EDFC9D-B018-41A4-9877-39AB18469C3A} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: NAllComServer - AppID: {CBA093C3-998C-11D2-A4E4-0000D1106F9C} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: GraphicsPerfSvc - AppID: {cd93979b-c14e-4c29-87a4-75e4f9fa5e0a} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: ShadowPlay Server - AppID: {CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: DTSS2SpeakerDLL - AppID: {CF3C79C7-8096-4BF2-9684-9F6B832FAC23} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: TADEFxApo - AppID: {DB3D3052-9F00-4300-9285-91E27275BD34} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: EvtEng - AppID: {E7DCA9D7-1577-45DA-BF99-8BD6184ACF99} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: MixedRealityCapture - AppID: {EE3C7093-A852-49BA-8AC8-7DFBEC469F72} Name: NVXDBat - AppID: {EF73A51A-EE4A-4E16-9D3A-649245C8F44F} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: ActivatableApplicationRegistrar - AppID: {f59bbec1-0907-4464-b04d-1da329585370} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: DaemonShellExtImage - AppID: {F9B84490-4C45-4737-82E5-0EA0B1CF5307} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: EEL64A - AppID: {FCA1E26B-AE4B-45a0-B7C8-34A007E79C3A} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: ICEsoundAPODll - AppID: {FD4B6EB8-6A1F-4C1E-AAF4-01AD4A7F7C8D} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-3859068477-1314311106-1651661491-1685393560" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450" Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-80-2586557155-168560303-1373426920-983201488-1499765686" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "wusvcs"=WaaSMedicSvc "BthAppGroup"=BluetoothUserService "BcastDVRUserService"=BcastDVRUserService "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "DevicesFlow"=DevicesFlowUserSvc DevicePickerUserSvc "smbsvcs"=lanmanserver browser [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\8floor] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Adobe] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\AMPLITUDE Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\AppDataLow] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Appnormals] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUS] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUS GT200 Gaming Mouse] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ASUSTeKcomputer.Inc] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\BitTorrent] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Canon] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\CASIO] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Chromium] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Clarus Victoria] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Clever Endeavour Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Contingent99] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\DigitByteStudio] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Disc Soft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ej-technologies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Epic Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Free Lives] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\GOG.com] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Google] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\GUTS Department] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Haemimont Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\IGA] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Imagination Technologies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Intel] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\JavaSoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Lazy Bear Games] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Logitech] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Ludeon Studios] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Malwarebytes] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Meta Interaction] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Misfits Attic] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Monomi Park] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Nahimic] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Nemetschek] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\NeonDS.com] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Netscape] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Node.js] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\nwjs] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\ODBC] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\pdfforge] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Policies] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\QtProject] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Realtek] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\SyncEngines] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\sysinternals] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Toge Productions] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Unity] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Valve] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Weather Factory] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WIBU-SYSTEMS] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Wild Factor] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WinRAR] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\WinRAR SFX] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Wow6432Node] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\4dots Software] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\ASUS] [HKLM\Software\ASUSTeKcomputer.Inc] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\Disc Soft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EA Games] [HKLM\Software\ej-technologies] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GitForWindows] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nemetschek] [HKLM\Software\Node.js] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Solibri] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\SyncIntegrationClients] [HKLM\Software\sysinternals] [HKLM\Software\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Avanquest] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Codemasters] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nemetschek] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Riot Games, Inc] [HKLM\Software\WOW6432Node\SplitmediaLabs] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\SumatraPDF] [HKLM\Software\WOW6432Node\UsbFix] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\WIBU-SYSTEMS] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | FeatureControl [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "aprp.exe"="9999" "AcroRd32.exe"="10001" "OneDrive.exe"="11000" [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOMAIN_REDIRECT_MITIGATION] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "UNPUXHost.exe"="11000" "Allplan_2018.exe"="9999" "WebHelpViewer.exe"="9999" "Allplan_2016.exe"="9999" "msoasb.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "powerpnt.exe"="0" "winword.exe"="0" "excel.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2] "msoasb.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "OSE.EXE"="1" "VSTOInstaller.exe"="1" "OSPPREARM.EXE"="1" "LICLUA.EXE"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "mbamtray.exe"="11000" "mbam.exe"="11000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "VSTOInstaller.exe"="1" ---------- | The Created last ones ? Modified [MD5.00000000000000000000000000000000] - [03/09/2018 12:31:27] - |D| - [11435016] - C:\Program Files (x86)\SumatraPDF [MD5.A806410985B89FE602EAF1B16A360D4A] - [03/09/2018 19:45:45] - |A| - [117472] - C:\WINDOWS\system32\Drivers\farflt.sys [MD5.26D513697CCB3BCBC8764B1AE8654088] - [03/09/2018 19:45:48] - |A| - [52328] - C:\WINDOWS\system32\Drivers\mbam.sys [MD5.FF135F5CFAE6595680004DD9F055F56B] - [03/09/2018 19:45:45] - |A| - [193256] - C:\WINDOWS\system32\Drivers\MbamChameleon.sys [MD5.A692F41F46F789228CECB2AA128AEC85] - [03/09/2018 19:45:45] - |A| - [259360] - C:\WINDOWS\system32\Drivers\mbamswissarmy.sys [MD5.AE2541B931BDA263FE65E5BCD1A1C04F] - [04/09/2018 13:59:17] - |A| - [109872] - C:\WINDOWS\system32\Drivers\mwac.sys ---------- | Drives D: I: ---------- | C: [18/03/2017 23:03:28] - |SHD| - [5595921339] - C:\$Recycle.Bin [27/08/2018 20:50:50] - |D| - [2] - C:\autorun.inf [MD5.E715EBDAD90FDD5448677E924C3A6FDD] - [17/10/2017 08:58:51] - |AH| - (.-.) - [14261] - (0.0.0.0) - C:\devlist.txt [14/02/2018 01:27:57] - |SHD| - [0] - C:\Documents and Settings [31/05/2017 12:08:39] - |D| - [4329549551] - C:\eSupport [MD5.01224851F19C9423A1D7E06F44DBFB6A] - [17/10/2017 08:58:51] - |AH| - (.-.) - [9] - (0.0.0.0) - C:\Finish.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/05/2018 10:07:21] - |ASH| - (.-.) - [3387301888] - (0.0.0.0) - C:\hiberfil.sys [17/10/2017 07:52:47] - |HD| - [423221] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/10/2017 07:46:59] - |ASH| - (.-.) - [5100273664] - (0.0.0.0) - C:\pagefile.sys [12/04/2018 01:38:20] - |D| - [0] - C:\PerfLogs [12/04/2018 01:38:20] - |RD| - [9219092165] - C:\Program Files [12/04/2018 01:38:20] - |RD| - [3048986021] - C:\Program Files (x86) [12/04/2018 01:38:20] - |HD| - [6304611206] - C:\ProgramData [30/08/2018 21:38:45] - |D| - [169148619] - C:\QuickDiag [MD5.5786998BF44F3DB289F9DAD01EBF6F96] - [04/09/2018 21:29:52] - |A| - (.-.) - [370162] - (0.0.0.0) - C:\QuickDiag.txt [MD5.D319E39B7B1F9B70E0700200491DEF26] - [30/08/2018 21:46:54] - |RA| - (.-.) - [501653] - (0.0.0.0) - C:\QuickDiag_30_08_2018_21_46_54.txt [17/10/2017 16:45:37] - |HD| - [5215655281] - C:\Recovery [12/01/2018 22:03:55] - |D| - [11016916473] - C:\Riot Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/10/2017 07:46:59] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [17/10/2017 07:46:57] - |SHD| - [0] - C:\System Volume Information [11/04/2018 23:04:33] - |RD| - [54912846754] - C:\Users [11/04/2018 23:04:33] - |AD| - [25299627368] - C:\Windows ---------- | C:\WINDOWS [12/04/2018 01:38:20] - |D| - [802] - C:\WINDOWS\addins [12/04/2018 01:38:20] - |D| - [20228707] - C:\WINDOWS\appcompat [12/04/2018 01:38:20] - |D| - [8341054] - C:\WINDOWS\apppatch [12/04/2018 01:38:20] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.F3B25701FE362EC84616A93A45CE9998] - [17/10/2017 16:45:10] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\AsCDProc.log [MD5.E429B09E589DF973E89EE3DDC544262E] - [29/08/2017 10:02:30] - |A| - (.-.) - [24] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt [MD5.4DF8E3492AA7D08F93997F4CB546DEC5] - [31/05/2017 12:08:39] - |A| - (.-.) - [28] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt [MD5.FFFC81F77E2E26AA5F281FB2E52B7A44] - [20/02/2017 05:08:32] - |A| - (.-.) - [80] - (0.0.0.0) - C:\WINDOWS\ASOFSVer.txt [MD5.3BB2F5C9A68B59B1B6F2EEB1E03103D1] - [17/10/2017 16:45:42] - |A| - (.-.) - [96] - (0.0.0.0) - C:\WINDOWS\AsPEToolVer.txt [MD5.858ED80087AB0CA7FDC94017BC333F37] - [17/10/2017 16:45:20] - |A| - (.-.) - [65] - (0.0.0.0) - C:\WINDOWS\AsProcKitVer.txt [12/04/2018 01:38:20] - |RSD| - [1256251188] - C:\WINDOWS\assembly [MD5.C7A13F5302AD240C0E3D0DEF4EB383EB] - [17/10/2017 16:45:42] - |A| - (.-.) - [55] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt [31/05/2017 12:08:39] - |AD| - [336574511] - C:\WINDOWS\ASUS [12/04/2018 01:38:20] - |D| - [720353] - C:\WINDOWS\bcastdvr [MD5.178BA90AA13F6F834E5C060DC923FB55] - [12/04/2018 01:34:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [67072] - (10.0.17134.1) - C:\WINDOWS\bfsvc.exe [12/04/2018 01:38:20] - |D| - [38319346] - C:\WINDOWS\Boot [MD5.7711992F97814316A04F8F01944A2F47] - [16/05/2018 00:46:04] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [12/04/2018 01:38:21] - |D| - [2448984] - C:\WINDOWS\Branding [12/04/2018 01:30:02] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.FE4D4D40C19F2F07700F20F2C4C4566E] - [16/05/2018 10:07:40] - |A| - (.-.) - [18433] - (0.0.0.0) - C:\WINDOWS\comsetup.log [MD5.A155FFABF2F04265A97274CCAB44D773] - [12/04/2018 18:23:39] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.F471CF70EE6D49C5650A4D5295531435] - [20/03/2017 05:43:33] - |A| - (.-.) - [34390] - (0.0.0.0) - C:\WINDOWS\CoreSingleLanguage.xml [24/01/2018 21:02:54] - |D| - [2866688] - C:\WINDOWS\Crystal [MD5.098A3BBE38D28D0378074EAD5729E2EF] - [31/05/2017 12:33:39] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [12/04/2018 01:38:21] - |D| - [11482410] - C:\WINDOWS\Cursors [MD5.0E9C5C5D2B44DF5B3577BBA113F42737] - [14/05/2018 17:27:41] - |A| - (.-.) - [2714] - (0.0.0.0) - C:\WINDOWS\DDACLSys.log [12/04/2018 01:38:21] - |D| - [872455] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [16/05/2018 10:09:40] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [12/04/2018 01:38:21] - |D| - [4530019] - C:\WINDOWS\diagnostics [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [16/05/2018 10:09:40] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [12/04/2018 18:18:37] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.149EF409980E7CF710DE7B4AE1CA917A] - [19/01/2018 11:04:04] - |A| - (.-.) - [64831] - (0.0.0.0) - C:\WINDOWS\DirectX.log [12/04/2018 01:38:21] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.92219C3ADC5DDFBF60B85A73E5A23BE6] - [17/10/2017 08:02:35] - |A| - (.-.) - [57156] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [MD5.587B47BAB4B90B57A8693DBECBD1C8F9] - [29/08/2017 09:55:42] - |A| - (.-.) - [7810] - (0.0.0.0) - C:\WINDOWS\DriverCD_Template.txt [MD5.534154ABF2C3F1CDEDC4C444148C947A] - [12/04/2018 01:40:39] - |A| - (.-.) - [4179] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [12/04/2018 01:38:21] - |HD| - [44616] - C:\WINDOWS\ELAMBKUP [12/04/2018 18:18:37] - |D| - [0] - C:\WINDOWS\en-US [MD5.E4A81EDDFF8B844D85C8B45354E4144E] - [12/07/2018 20:59:09] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3932672] - (10.0.17134.165) - C:\WINDOWS\explorer.exe [12/04/2018 01:38:21] - |RSD| - [414579632] - C:\WINDOWS\Fonts [12/04/2018 18:18:37] - |D| - [109568] - C:\WINDOWS\fr-FR [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [12/04/2018 01:38:21] - |D| - [69353621] - C:\WINDOWS\Globalization [12/04/2018 01:38:21] - |D| - [71526356] - C:\WINDOWS\Help [MD5.FFD31D96B8D4BAB8B0F83E42B7430A54] - [12/07/2018 20:58:59] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1054720] - (10.0.17134.137) - C:\WINDOWS\HelpPane.exe [MD5.A50C9DF7603E2F1AEA6B54053794A326] - [12/04/2018 01:34:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.17134.1) - C:\WINDOWS\hh.exe [16/05/2018 00:41:12] - |D| - [2630960] - C:\WINDOWS\IAStorAfsService [12/04/2018 01:38:21] - |D| - [29869] - C:\WINDOWS\IdentityCRL [12/04/2018 01:38:21] - |D| - [28827030] - C:\WINDOWS\IME [12/04/2018 01:38:21] - |RD| - [8489793] - C:\WINDOWS\ImmersiveControlPanel [12/04/2018 01:36:48] - |D| - [83308065] - C:\WINDOWS\INF [12/04/2018 01:38:21] - |D| - [1450002749] - C:\WINDOWS\InfusedApps [12/04/2018 01:38:21] - |D| - [38137502] - C:\WINDOWS\InputMethod [MD5.5DDE0C07FC98DC505FCC484D78D2C28F] - [17/10/2017 07:49:14] - |A| - (.-.) - [1572648] - (0.0.0.0) - C:\WINDOWS\Inst.log [12/04/2018 01:38:21] - |SHDC| - [1169041237] - C:\WINDOWS\Installer [MD5.8A4031ADC6DBDB241F1CE0483127E33F] - [17/10/2017 08:36:36] - |A| - (.-.) - [696] - (0.0.0.0) - C:\WINDOWS\Inst_AsModelCopy.log [MD5.F291D415A9A4A06C8F5AFA4375498744] - [17/10/2017 07:50:45] - |A| - (.-.) - [18840] - (0.0.0.0) - C:\WINDOWS\Inst_CMD.log [MD5.53FAB06BC2923D11041AC1851CC29275] - [17/10/2017 07:52:01] - |A| - (.-.) - [3248234] - (0.0.0.0) - C:\WINDOWS\Inst_Device.log [12/04/2018 01:38:21] - |D| - [94163] - C:\WINDOWS\L2Schemas [12/04/2018 01:38:21] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [12/04/2018 01:38:21] - |D| - [1603061520] - C:\WINDOWS\LiveKernelReports [31/05/2017 12:08:39] - |D| - [112520624] - C:\WINDOWS\Log [11/04/2018 23:04:39] - |D| - [16289380] - C:\WINDOWS\Logs [12/04/2018 01:38:21] - |RSD| - [20517644] - C:\WINDOWS\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [12/04/2018 01:34:36] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [12/04/2018 01:38:20] - |RD| - [832183448] - C:\WINDOWS\Microsoft.NET [12/04/2018 01:38:21] - |D| - [3135] - C:\WINDOWS\Migration [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.BB9A06B8F2DD9D24C77F389D7B2B58D2] - [12/04/2018 01:34:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [245760] - (10.0.17134.1) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [17/10/2017 07:56:16] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [17/10/2017 07:57:02] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvTelemetryContainerRecovery.bat [12/04/2018 18:22:25] - |D| - [638980] - C:\WINDOWS\OCR [12/04/2018 01:38:21] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [14/05/2018 15:43:48] - |DC| - [531796910] - C:\WINDOWS\Panther [12/04/2018 01:38:21] - |D| - [588356] - C:\WINDOWS\Performance [MD5.8869179A5FDCE875D5B12595462F89EB] - [17/10/2017 07:46:57] - |A| - (.-.) - [83930] - (0.0.0.0) - C:\WINDOWS\PFRO.log [12/04/2018 01:38:21] - |D| - [1136442] - C:\WINDOWS\PLA [12/04/2018 01:38:21] - |D| - [2821730] - C:\WINDOWS\PolicyDefinitions [15/05/2018 23:48:28] - |D| - [5614214] - C:\WINDOWS\Prefetch [12/04/2018 01:38:21] - |RD| - [1965018] - C:\WINDOWS\PrintDialog [12/04/2018 01:38:21] - |D| - [5261619] - C:\WINDOWS\Provisioning [MD5.AC91328EE5CFFBD695CE912F75F876F6] - [12/04/2018 01:34:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [336384] - (10.0.17134.1) - C:\WINDOWS\regedit.exe [12/04/2018 01:38:21] - |D| - [1117876] - C:\WINDOWS\Registration [12/04/2018 01:38:21] - |D| - [8736936] - C:\WINDOWS\rescache [12/04/2018 01:38:21] - |D| - [3992241] - C:\WINDOWS\Resources [MD5.0DD3698CBEE8CB6ACEC3379A813F62C1] - [17/10/2017 08:01:50] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - RtCRU.) - [4332032] - (1.13.0.0) - C:\WINDOWS\RtCRU64.exe [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [17/10/2017 08:00:55] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\WINDOWS\RtlExUpd.dll [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\SchCache [12/04/2018 01:38:21] - |D| - [122082] - C:\WINDOWS\schemas [12/04/2018 01:38:21] - |D| - [7086592] - C:\WINDOWS\security [16/05/2018 00:45:33] - |D| - [64548882] - C:\WINDOWS\ServiceProfiles [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\ServiceState [11/04/2018 23:04:33] - |D| - [93925046] - C:\WINDOWS\servicing [12/04/2018 01:41:20] - |D| - [42] - C:\WINDOWS\Setup [MD5.D69A5BF4D58E4B151A31E86EFF493037] - [04/08/2018 17:01:42] - |A| - (.-.) - [4248] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2018 12:26:26] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [12/04/2018 01:38:21] - |D| - [6442496] - C:\WINDOWS\ShellComponents [12/04/2018 01:38:21] - |D| - [53630976] - C:\WINDOWS\ShellExperiences [12/04/2018 18:19:39] - |D| - [6828144] - C:\WINDOWS\SKB [17/10/2017 07:50:06] - |D| - [736337628] - C:\WINDOWS\SoftwareDistribution [12/04/2018 01:38:21] - |D| - [174665190] - C:\WINDOWS\Speech [12/04/2018 01:38:21] - |D| - [104511624] - C:\WINDOWS\Speech_OneCore [MD5.8D59B31FF375059E3C32B17BF31A76D5] - [12/04/2018 01:34:41] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.17134.1) - C:\WINDOWS\splwow64.exe [12/04/2018 01:38:21] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [18/03/2017 23:03:33] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [11/04/2018 23:04:33] - |D| - [6983224442] - C:\WINDOWS\System32 [12/04/2018 01:38:21] - |D| - [225278122] - C:\WINDOWS\SystemApps [12/04/2018 01:38:21] - |D| - [25650125] - C:\WINDOWS\SystemResources [11/04/2018 23:04:41] - |D| - [1537435293] - C:\WINDOWS\SysWOW64 [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\TAPI [18/03/2017 23:03:29] - |D| - [6] - C:\WINDOWS\Tasks [12/04/2018 01:38:21] - |D| - [5033079] - C:\WINDOWS\Temp [12/04/2018 01:38:21] - |D| - [13610496] - C:\WINDOWS\TextInput [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\tracing [12/04/2018 01:38:21] - |D| - [14898490] - C:\WINDOWS\twain_32 [MD5.076387B253E6A381090F59EDBFC5EEF6] - [12/04/2018 01:34:53] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [10/01/2018 22:26:28] - |SD| - [0] - C:\WINDOWS\UpdateAssistantV2 [12/04/2018 01:38:21] - |D| - [12420] - C:\WINDOWS\Vss [11/04/2018 23:04:37] - |D| - [25814] - C:\WINDOWS\WaaS [12/04/2018 01:38:21] - |D| - [15729830] - C:\WINDOWS\Web [MD5.1C7127EA2BC3B2D8713FB0DE8BDCF962] - [18/03/2017 23:03:33] - |A| - (.-.) - [463] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [12/04/2018 01:34:36] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [17/10/2017 07:50:06] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.EE1F0DE1ED3E8A5BF080B3497049969E] - [12/04/2018 01:34:52] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.17134.1) - C:\WINDOWS\winhlp32.exe [11/04/2018 23:04:33] - |D| - [7044894675] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [12/04/2018 01:33:56] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.5266C61652051E9EF3A4D199001F6B17] - [12/04/2018 01:34:19] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.17134.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [09/05/2017 12:07:18] - C:\WINDOWS\Installer\1468d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/04/2017 12:53:28] - C:\WINDOWS\Installer\14692.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/03/2017 16:53:48] - C:\WINDOWS\Installer\14697.msi : (Intel® WiFi - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 10:08:49] - C:\WINDOWS\Installer\17b24.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/01/2018 13:40:51] - C:\WINDOWS\Installer\1c15c2fb.msi : (Install/UnInstall PhysX Driver + Engines: 2.7.1/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:48:44] - C:\WINDOWS\Installer\23468.msi : (NahimicSettingsConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:48:34] - C:\WINDOWS\Installer\2346d.msi : (AudioCaptureNotificationConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:48:30] - C:\WINDOWS\Installer\23472.msi : (DeviceRoutingConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 17:05:00] - C:\WINDOWS\Installer\23477.msi : (SonicStudio3Setup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 17:04:30] - C:\WINDOWS\Installer\2347c.msi : (ProfileSwitcherCleanup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:45:56] - C:\WINDOWS\Installer\24e68.msi : (ApoDispatchConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:49:22] - C:\WINDOWS\Installer\24e6d.msi : (ProductDaemonSetup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:58:58] - C:\WINDOWS\Installer\24e72.msi : (SonicRadar3Setup - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2017 16:59:02] - C:\WINDOWS\Installer\24e77.msi : (SonicMapperConfigurator - ASUSTeKcomputer.Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/01/2018 21:04:50] - C:\WINDOWS\Installer\288f7375.msi : (Epic Games Launcher - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 11:56:58] - C:\WINDOWS\Installer\28a283d6.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2017 16:00:28] - C:\WINDOWS\Installer\2931c84a.msi : (CodeMeter Runtime Installer - WIBU-SYSTEMS AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/07/2017 08:46:42] - C:\WINDOWS\Installer\2931c84f.msi : (Intel(R) C++ Redistributables on Intel(R) 64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 10:41:29] - C:\WINDOWS\Installer\295cd832.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2018 13:29:32] - C:\WINDOWS\Installer\35b2720a.msi : (Java SE Runtime Environment 8 Update 161 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2018 13:32:55] - C:\WINDOWS\Installer\35b27308.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2017 12:08:00] - C:\WINDOWS\Installer\38374b21.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2017 12:08:44] - C:\WINDOWS\Installer\38374b27.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2017 04:56:16] - C:\WINDOWS\Installer\3a3ae.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/08/2017 10:52:30] - C:\WINDOWS\Installer\3a3b3.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2016 15:08:30] - C:\WINDOWS\Installer\4b8e456.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2016 15:09:04] - C:\WINDOWS\Installer\4b8e45b.msi : (Install the system files needed for Allplan - Nemetschek Allplan GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/11/2016 06:04:32] - C:\WINDOWS\Installer\6115d.msi : (Device Setup - ASUSTek COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/04/2017 17:30:40] - C:\WINDOWS\Installer\6313.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2018 21:30:45] - C:\WINDOWS\Installer\66dff41.msi : (CASIO FA-124 - CASIO COMPUTER CO., LTD.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/05/2017 05:45:40] - C:\WINDOWS\Installer\694d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/04/2017 07:33:34] - C:\WINDOWS\Installer\697c.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:34:10] - C:\WINDOWS\Installer\6981.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:33:12] - C:\WINDOWS\Installer\6986.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:33:22] - C:\WINDOWS\Installer\698b.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/06/2017 01:33:56] - C:\WINDOWS\Installer\6990.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/04/2017 17:06:34] - C:\WINDOWS\Installer\6995.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/06/2017 11:30:52] - C:\WINDOWS\Installer\699a.msi : (Intel(R) Serial IO - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/04/2017 04:01:30] - C:\WINDOWS\Installer\6b12.msi : (Intel(R) Wireless Bluetooth(R) Patch/Audio Package Installation - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2017 05:31:42] - C:\WINDOWS\Installer\6b17.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/08/2016 08:31:14] - C:\WINDOWS\Installer\6b41.msi : ( - ASUSTeK COMPUTER INC.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2017 13:55:28] - C:\WINDOWS\Installer\6b46.msi : (XSplit Gamecaster - SplitmediaLabs) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/06/2017 21:02:44] - C:\WINDOWS\Installer\6b9e.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/05/2018 17:37:47] - C:\WINDOWS\Installer\6c762c0.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/08/2018 21:53:10] - C:\WINDOWS\Installer\aaadc88.msi : (Node.js - Node.js Foundation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2018 21:49:43] - C:\WINDOWS\Installer\cbf0b4.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/10/2017 08:11:15] - [287934] - C:\WINDOWS\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe () - () [17/10/2017 08:06:13] - [158112] - C:\WINDOWS\Installer\{60130678-813A-4D4B-97E7-284F27516561}\AdminTool.exe (Copyright (c) Intel Corporation 2007-2011) - (Intel(R) PROSet/Wireless Framework Launcher) [17/10/2017 08:06:13] - [9110] - C:\WINDOWS\Installer\{60130678-813A-4D4B-97E7-284F27516561}\ARPPRODUCTICON.exe () - () [17/10/2017 08:06:13] - [3387296] - C:\WINDOWS\Installer\{60130678-813A-4D4B-97E7-284F27516561}\cpappletexe.exe (Copyright (c) Intel Corporation 1999-2013) - (Intel PROSet/Wireless Control Panel Applet Executable) [17/10/2017 08:02:35] - [123976] - C:\WINDOWS\Installer\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}\_853F67D554F05449430E7E.exe () - () [17/10/2017 08:05:39] - [9110] - C:\WINDOWS\Installer\{7C6A2125-4D2D-4244-916F-0EA498B7C952}\ARPPRODUCTICON.exe () - () [31/05/2017 03:52:47] - [459934] - C:\WINDOWS\Installer\{8D6B05E0-F457-408C-9D13-549334D8FAE1}\_6FEFF9B68218417F98F549.exe () - () [17/10/2017 08:13:21] - [157719] - C:\WINDOWS\Installer\{A39B5969-9683-49F9-AA69-F40EF0D91441}\XSplit.Gamecaster.exe () - () [17/10/2017 08:08:39] - [114734] - C:\WINDOWS\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe () - () [10/07/2018 21:49:57] - [10134] - C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824272646}\ARPPRODUCTICON.exe () - () [17/10/2017 08:22:20] - [328840] - C:\WINDOWS\Installer\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}\_853F67D554F05449430E7E.exe () - () [22/01/2018 00:02:45] - [1082880] - C:\WINDOWS\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\Icon_cmu32.A961A077_4BD0_4C98_86BC_EE4A98CE550D.exe (Copyright (C) 2007-2017 by WIBU-SYSTEMS AG) - (CodeMeter Universal Support Tool) [22/01/2018 00:02:45] - [1082880] - C:\WINDOWS\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\Icon_cmu32_cmd.A961A077_4BD0_4C98_86BC_EE4A98CE550D.exe (Copyright (C) 2007-2017 by WIBU-SYSTEMS AG) - (CodeMeter Universal Support Tool) [22/01/2018 00:02:45] - [5026296] - C:\WINDOWS\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\Icon_SC_CMCC.A961A077_4BD0_4C98_86BC_EE4A98CE550D.exe (Copyright (C) 2002-2017 by WIBU-SYSTEMS AG) - (CodeMeter Runtime Server) [22/01/2018 00:02:45] - [5026296] - C:\WINDOWS\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\Icon_SC_CMCC1.A961A077_4BD0_4C98_86BC_EE4A98CE550D.exe (Copyright (C) 2002-2017 by WIBU-SYSTEMS AG) - (CodeMeter Runtime Server) [22/01/2018 00:02:45] - [1082880] - C:\WINDOWS\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\I_cmu32_cmd_64.A961A077_4BD0_4C98_86BC_EE4A98CE550D.exe (Copyright (C) 2007-2017 by WIBU-SYSTEMS AG) - (CodeMeter Universal Support Tool) [15/05/2018 21:31:47] - [339968] - C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [15/05/2018 21:31:47] - [339968] - C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\NewShortcut1_F861FBDEE6864CD7A1C52A602D025F84.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [15/05/2018 21:31:47] - [339968] - C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\NewShortcut2_F861FBDEE6864CD7A1C52A602D025F84.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) ---------- | %System%\*.in* [12/04/2018 01:33:56] - [3329] - C:\WINDOWS\System32\ieuinit.inf [16/05/2018 10:13:43] - [1766590] - C:\WINDOWS\System32\PerfStringBackup.INI [12/04/2018 01:34:33] - [60124] - C:\WINDOWS\System32\tcpmon.ini [12/04/2018 01:34:20] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [12/04/2018 01:34:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [12/04/2018 01:34:49] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.E38998C7117A97B6D4B76714C0049B6A] - |A| - [24/08/2018 11:52:22] - (.-.) - [1.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM.log [MD5.0D2F6930E8218A3D79113B03E2C5D001] - |A| - [24/08/2018 11:52:43] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM_NotLocked.log [MD5.864C22FB9A1C0670EDF01C6ED3E4FBE4] - |A| - [24/08/2018 11:52:36] - (.-.) - [251.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ArmUI.ini [MD5.A042BA29D5C2AFBC267E979728B6215D] - |A| - [02/08/2018 11:36:53] - (.-.) - [32.87 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [02/08/2018 11:36:53] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [23/08/2018 21:13:13] - [1889.5 Ko] - C:\WINDOWS\Temp\CR_3FE76.tmp [MD5.5E20C24F616316F12FAB4ABCC6B13654] - |A| - [02/08/2018 15:54:40] - (.-.) - [200.4 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180802-1554.log [MD5.EB10C4AE096187D292041B1CFE6127B2] - |A| - [24/08/2018 11:50:30] - (.-.) - [22.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1150.log [MD5.D4A627412E85DF2ACB7DD5186A5C96EC] - |A| - [24/08/2018 11:50:32] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1150a.log [MD5.345A92625F2DEC4795F24F8B0B5D178D] - |A| - [24/08/2018 11:51:57] - (.-.) - [104.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1151.log [MD5.F7CEFC044D1F75E245B89A94A1D161FE] - |A| - [24/08/2018 11:58:47] - (.-.) - [177.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1158.log [MD5.AF756F2FB08C32EE56076AAB5B061B6D] - |A| - [24/08/2018 11:58:59] - (.-.) - [10.86 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1158a.log [MD5.FF66CD232888B8BAE8A8A7C7C86F1469] - |A| - [24/08/2018 11:59:22] - (.-.) - [30.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1159.log [MD5.093F140B51BEF9062ACB1586066BC2A9] - |A| - [24/08/2018 12:09:29] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1209.log [MD5.D2888C4984D669A1885F6993EBCA2BCB] - |A| - [24/08/2018 17:53:30] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1753.log [MD5.55479433DE93F1456FF4F3F6480FD479] - |A| - [24/08/2018 18:22:01] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1822.log [MD5.1C0D71095926347CE3967026D5F29FB5] - |A| - [24/08/2018 18:26:57] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1826.log [MD5.159DD64ED250ECE0173041575B5D22BD] - |A| - [24/08/2018 19:13:47] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1913.log [MD5.4BFEDD2B9CA9E3EB5F9155608C7F11DF] - |A| - [24/08/2018 19:52:30] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-1952.log [MD5.72583D88D776C3DC8DE89668BE37AB3E] - |A| - [24/08/2018 20:11:54] - (.-.) - [523.55 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-2011.log [MD5.65686B558C2C95346441F9AA9C6546EE] - |A| - [24/08/2018 23:43:21] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180824-2343.log [MD5.6A8D6D49B45B008E5FAA62C7376062C4] - |A| - [25/08/2018 14:09:06] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1409.log [MD5.B5C5C1029343DF6765DACB6BFC5ECEFE] - |A| - [25/08/2018 14:09:06] - (.-.) - [22.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1409a.log [MD5.D97A44BF48846102DAFCC754A58F0767] - |A| - [25/08/2018 14:09:46] - (.-.) - [61.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1409b.log [MD5.9718FE8E4389B25E885699701EAEDC75] - |A| - [25/08/2018 14:33:43] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1433.log [MD5.D786B0F26A78B7829DEE9DAD80AE9470] - |A| - [25/08/2018 14:44:50] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1444.log [MD5.DC74540B9C302228BD948C5D556E6A14] - |A| - [25/08/2018 16:35:01] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1635.log [MD5.5C72711BC9B13675C2E746209785C167] - |A| - [25/08/2018 18:28:43] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1828.log [MD5.12EC5113847DF155D0421BE8F746AF86] - |A| - [25/08/2018 19:35:29] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1935.log [MD5.6106CA6BDC80639980F6C1DCC78FC395] - |A| - [25/08/2018 19:40:40] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-1940.log [MD5.382AE895FEBF53755692F9F65C622F9A] - |A| - [25/08/2018 20:22:00] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180825-2022.log [MD5.806E4879F3ECD35AF45E15D7C8298BFF] - |A| - [26/08/2018 12:24:00] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1224.log [MD5.63BA68C81CEBA7B43B1935870FD211E8] - |A| - [26/08/2018 12:24:00] - (.-.) - [2.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1224a.log [MD5.1C50ABFE3EDD839E48B26B2FF10E2A44] - |A| - [26/08/2018 12:45:28] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1245.log [MD5.C355E4FE026DF46DB40A2D9B85867B40] - |A| - [26/08/2018 14:04:47] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1404.log [MD5.D66750A712C5ED5AC0378A97E143E984] - |A| - [26/08/2018 14:09:06] - (.-.) - [2.14 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-1409.log [MD5.8850504C9C25E9A71F6832FBD63C6DF5] - |A| - [26/08/2018 23:06:13] - (.-.) - [22.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180826-2306.log [MD5.CCA40ADF1453FC26EF2B810044FA2F2E] - |A| - [27/08/2018 03:10:09] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-0310.log [MD5.693CF012ADFE44DA09F7D173B76000BB] - |A| - [27/08/2018 08:34:55] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-0834.log [MD5.8B70D045C11170634095BC0E2EB6E64B] - |A| - [27/08/2018 09:12:23] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-0912.log [MD5.2F0EC012FDB9BDE894697C9E717EF9FF] - |A| - [27/08/2018 12:07:09] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1207.log [MD5.28EB2C227AF1BE322510548CD2213B50] - |A| - [27/08/2018 12:20:58] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1220.log [MD5.79A53C930F6EAB99F572A280FA1A2368] - |A| - [27/08/2018 12:23:59] - (.-.) - [2.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1223.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 12:31:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1231.log [MD5.616989A9CBD1DD15E2D301090F46DF12] - |A| - [27/08/2018 16:31:32] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1631.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 18:51:12] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-1851.log [MD5.60A4B868AAFDCB3B8216BFE571724E3B] - |A| - [27/08/2018 21:38:10] - (.-.) - [12.21 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180827-2138.log [MD5.46D6402D3926CEC346AA92962AAEA666] - |A| - [28/08/2018 00:31:43] - (.-.) - [1.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-0031.log [MD5.74BAAB57577EE571440176F60205FD51] - |A| - [28/08/2018 11:19:30] - (.-.) - [6.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1119.log [MD5.F69329EC513C9135901ADA99BE5B039F] - |A| - [28/08/2018 11:22:23] - (.-.) - [2.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1122.log [MD5.E013C7A912408DEF1542673456B8AB7E] - |A| - [28/08/2018 11:22:23] - (.-.) - [22.98 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1122a.log [MD5.F4C71A5829D7AA5BC9AB67598D51AEBB] - |A| - [28/08/2018 12:14:47] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1214.log [MD5.20092E551CDEC3965CE34C29F1E66CF8] - |A| - [28/08/2018 15:01:23] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-1501.log [MD5.44026562CEDA7AE0142F47E9729B2C7F] - |A| - [28/08/2018 20:15:19] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-2015.log [MD5.AC66B77C7D06944AD856D4E2E232B4EA] - |A| - [28/08/2018 20:31:53] - (.-.) - [12.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-2031.log [MD5.EB9AFCA67A8BCAA6FC02A4AC930B0EFA] - |A| - [28/08/2018 22:12:44] - (.-.) - [1.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180828-2212.log [MD5.31855EBBFC7673618640C18772999B31] - |A| - [30/08/2018 09:53:11] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-0953.log [MD5.CD2946FCC18A1099C0F360123754549E] - |A| - [30/08/2018 09:56:07] - (.-.) - [8.22 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-0956.log [MD5.D98814BB4B887C17FAD5A12A317B3E41] - |A| - [30/08/2018 09:56:07] - (.-.) - [25.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-0956a.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/08/2018 12:59:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-1259.log [MD5.3CEF4DE60EEABA6E884683E9486D4AAC] - |A| - [30/08/2018 18:45:50] - (.-.) - [1.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-1845.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [30/08/2018 22:05:28] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180830-2205.log [MD5.24A7D613020F0EC29DE72B452BDA8CD7] - |A| - [31/08/2018 18:56:45] - (.-.) - [7.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180831-1856.log [MD5.D02130216526CFE2C46D55A7493EBB53] - |A| - [31/08/2018 18:59:39] - (.-.) - [23.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180831-1859.log [MD5.2B9E3F24BB5422D19F083B024605B26B] - |A| - [31/08/2018 18:59:39] - (.-.) - [3.22 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180831-1859a.log [MD5.491100CFE6C5CFE971C713AFF5008925] - |A| - [31/08/2018 19:08:34] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180831-1908.log [MD5.90F738D571302D7C567ADB6DC17CB8FF] - |A| - [03/09/2018 11:58:34] - (.-.) - [7.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1158.log [MD5.4C382746ECC1296B9E8EB5933E809E97] - |A| - [03/09/2018 12:27:57] - (.-.) - [23.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1227.log [MD5.2A3A8F17AEEECF4C509A30185B9CCD8C] - |A| - [03/09/2018 12:32:57] - (.-.) - [13.6 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1232.log [MD5.84EF2E19BA0BDADDA535032D5D9365B6] - |A| - [03/09/2018 12:33:32] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1233.log [MD5.49DE41F21A4E2B21D01FCEAEF070816E] - |A| - [03/09/2018 12:39:44] - (.-.) - [1.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1239.log [MD5.3806B1EA5AE06072631DCD598D1A4F07] - |A| - [03/09/2018 18:28:05] - (.-.) - [11.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1828.log [MD5.2C138C15A0B46349A0E6C614796EBE9A] - |A| - [03/09/2018 18:44:40] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180903-1844.log [MD5.046E9C8F9158F0CDA97BD75665004C91] - |A| - [04/09/2018 01:19:00] - (.-.) - [22.57 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-0119.log [MD5.0F1073CC40A88C42B18089006E983949] - |A| - [04/09/2018 13:52:35] - (.-.) - [7.64 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1352.log [MD5.F64EBF2FF1B9019627DC4A8A4B36BA96] - |A| - [04/09/2018 13:55:52] - (.-.) - [3.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1355.log [MD5.06ED5D313AA44F5E76D04F2EFAD559F7] - |A| - [04/09/2018 13:55:52] - (.-.) - [12.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1355a.log [MD5.9301A802C791E1B453C2CFE5FAF42C55] - |A| - [04/09/2018 13:59:14] - (.-.) - [13.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1359.log [MD5.3117B89A1FA6E1591AA36CE013E83222] - |A| - [04/09/2018 14:17:37] - (.-.) - [1.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1417.log [MD5.1058CA97B30515A9422B608C8F9FA377] - |A| - [04/09/2018 16:59:04] - (.-.) - [11.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1659.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [04/09/2018 17:00:18] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\JC-10-01-2018-20180904-1700.log [MD5.0C8CF307DB800C3ADD1F2CA389309AB8] - |A| - [24/08/2018 20:12:09] - (.-.) - [2.59 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20180824-201209-0.log [MD5.EEFD521BAB8D19095D0CF74D15FAE7F1] - |A| - [16/05/2018 10:09:51] - (.-.) - [351.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.38696BEB6E1F418C4A7E07941618AA7B] - |A| - [16/05/2018 12:16:51] - (.-.) - [697.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [04/09/2018 13:53:03] - [0 Ko] - C:\WINDOWS\Temp\OfficeC2R701AE277-4725-4F86-B137-3BBF4D8CBF67 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |N| - [24/08/2018 20:11:54] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20180824201154EA8).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 21:39:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp138D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 15:52:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp270B.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 15:52:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp270C.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 17:05:03] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp390C.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 17:39:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmp570D.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 20:29:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpCF24.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 20:29:56] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpCF25.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [27/08/2018 21:05:02] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tmpF1F2.tmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:38] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 01:34:20] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [12/04/2018 01:34:07] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [12/04/2018 01:34:25] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 01:34:14] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [12/04/2018 01:34:27] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [12/04/2018 01:34:32] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 01:34:33] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [12/04/2018 01:34:44] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [12/04/2018 01:34:04] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [12/04/2018 01:34:04] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 01:34:20] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [12/04/2018 01:34:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [12/04/2018 01:34:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.6BB3F65282D9162F188C66D22EAC9D9E] - |A| - [17/10/2017 08:00:56] - (.-.) - [115.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:39] - [2891.9 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [27.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2576.89 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [345.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.B4F803BBEAFAD4DE89C6D3718E93F4F0] - |A| - [12/04/2018 01:34:15] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [602 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\as-IN [MD5.26129D1FB6104D78DE299AC9EFBEC78C] - |A| - [17/10/2017 08:00:56] - (.-.) - [102.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [12/04/2018 01:34:04] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [345.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [12/04/2018 01:34:02] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4832.22 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.06DB0A736F8A78151518276F232669FC] - |A| - [12/04/2018 01:34:19] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [181 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |HD| - [20/01/2018 18:19:53] - [4487.05 Ko] - C:\WINDOWS\System32\CanonIJ Uninstaller Information [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [69666.34 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [43628.24 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [23 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.EA88F93CA71EDEB959BB483998E84730] - |A| - [14/02/2018 01:13:15] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CNC1747D.TBL [MD5.022E082550DB4ABA33AAF06DD1C9048D] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver 64-bit Edition.) - [1322.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC495C.dll [MD5.8E29A4B8746BB7146F420DDB3192F20C] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - WIA Scanner Driver Image Enhancement dll 64-bit Edition.) - [109.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC495I.dll [MD5.2DC005681DEA0EB6E710940035DE9DE7] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [340.5 Ko] - (1.0.0.0) - C:\WINDOWS\System32\CNC495L.dll [MD5.832AC9632BC028DE0FC6F405D991E406] - |A| - [03/06/2010 07:12:14] - (.Copyright CANON INC. 2010 All Rights Reserved - Canon WIA scanner co-installer 64bit Edition.) - [101 Ko] - (3.1.2.60) - C:\WINDOWS\System32\CNC495O.dll [MD5.493574E218AA18161D14EECFD572A0E8] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [17.5 Ko] - (1.4.1.1) - C:\WINDOWS\System32\CNHMCA6.dll [MD5.09F6C9BF8B22D230CA73CBF17C5F9700] - |A| - [11/03/2010 00:57:08] - (.Copyright CANON INC. 2006-2010 All Rights Reserved - Canon IJ Driver Installer.) - [242.5 Ko] - (1.8.0.70) - C:\WINDOWS\System32\CNMIUA9.DLL [MD5.488256C0AFA4D9C1CB3084C2956288DF] - |A| - [20/01/2018 18:18:17] - (.Copyright CANON INC. 2000-2010 All Rights Reserved - IJ Language Monitor.) - [353 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMLMA9.DLL [MD5.CADD2A28BAE455036E9B85E2920F472D] - |A| - [25/07/2018 13:37:15] - (.Copyright CANON INC. 2007-2011 All Rights Reserved - IJ Language Monitor.) - [376 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMXLMA9.DLL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [3076.42 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [368 Ko] - C:\WINDOWS\System32\com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.A797B0B9070744F439340B5DE54E83BB] - |A| - [17/10/2017 08:00:56] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [320340.74 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.21CFA73B9FE6A74D622D3EF4E7460549] - |A| - [29/08/2017 09:55:52] - (.-.) - [738.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [403.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.BDEBD2FC4927DA00EEA263AF9CF8F7ED] - |A| - [12/04/2018 01:34:15] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [414.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [399 Ko] - C:\WINDOWS\System32\da-DK [MD5.4EDE94905F4910EA8CF91D4101DA198A] - |A| - [12/04/2018 01:34:04] - (.-.) - [138 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [17/10/2017 08:01:12] - [14664.75 Ko] - C:\WINDOWS\System32\DAX2 [MD5.00000000000000000000000000000000] - |D| - [17/10/2017 08:01:12] - [7069.54 Ko] - C:\WINDOWS\System32\DAX3 [MD5.1066F597FB3B01BCFA79584D3314FD2A] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO Property Page.) - [1518.16 Ko] - (1.1.3.10) - C:\WINDOWS\System32\DAX3APOProp.dll [MD5.3FB5CE5E7990DEBBD2D5869A1D507F90] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX APO.) - [1295.34 Ko] - (1.1.3.10) - C:\WINDOWS\System32\DAX3APOv251.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [217.6 Ko] - C:\WINDOWS\System32\DDFs [MD5.245DDFDAB6B9CC680D459E548074122C] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.32 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.3A218313ECF3027B84E300F6420C8A24] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [303.14 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPA64F3.dll [MD5.E0E1648A5451BD2C23C8ED88DAFFC614] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.73 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.C04061A1B5E5C08923DBAB3292111738] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1913.67 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPD64AF3.dll [MD5.57AF362CD9AC1A09CDED9F8C2ED2D9DC] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.78 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.BBB2AD353DC5CC8DF1BC5013CFC71C11] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [353.56 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPO64AF3.dll [MD5.7BEB2D5A9CC83F7EAACED62734F5A13D] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.87 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.EB09D2160EA25ECAB83E27C4608C86ED] - |A| - [17/10/2017 08:00:56] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6117.8 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [453 Ko] - C:\WINDOWS\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 01:34:06] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [12/04/2018 01:34:04] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [12/04/2018 01:38:27] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [12/04/2018 01:34:17] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [923.5 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.12ACC91FA93C8BF82D4EF3FB779ECEF8] - |A| - [12/04/2018 01:34:24] - (.-.) - [80.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [9773.77 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.9C1F0EE9215B2CF8072FD7C03956AB86] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1132.02 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOProp.dll [MD5.50396D8271278EEEEE0A02CACCD42B20] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2387.39 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOv201.dll [MD5.256AB6D153CC9E006F28BBE7BAC9F295] - |A| - [17/10/2017 08:00:56] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5221.67 Ko] - (0.8.4.32) - C:\WINDOWS\System32\DolbyDAX2APOv211.dll [MD5.C290C360E32A38B01C4717AA3C80EB46] - |A| - [17/10/2017 08:00:56] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [1143.43 Ko] - (1.6.0.47) - C:\WINDOWS\System32\DolbyDAX2APOvlldp.dll [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [2404.09 Ko] - C:\WINDOWS\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:37:59] - [132828.79 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [2345295.73 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.1C1C5BA02FEC449DDB79170F336FC6F4] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.52 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.C312BAC9FA677A8659044FCFC9F9C4A7] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.56 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.8DCB34E8DC1FDF221FCC448B2DFD7296] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.92 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.EB6DA5FBB498F96021FE64829CF65CBD] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.27CEEA2F09A659C786D89275E93DB8CD] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.553B28568222DF25D1ED502F8EF55961] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.B4CCFC91F00037CD41603854A57F54CA] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.96 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.94E1F7565FD49FC915BAD5F1EFDD9798] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.ED1CCF259A2E783CF91A1B77FC15ECF6] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.7707F85938B67602EB1B7BB6EA5A4E3E] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.7246D90C88D4CE99796A946EF3AD78C3] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.38 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.7506FC08AE9330B0986B01B8005A3AC5] - |A| - [17/10/2017 08:00:56] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.7 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [12/04/2018 01:34:04] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [12/04/2018 01:34:04] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [12/04/2018 01:34:04] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.08C33E4AB904EC0960B0781ED26AE039] - |A| - [12/04/2018 01:33:52] - (.-.) - [2.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [451.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.E99BBDE3AA3B3180CF7DAD46B75F3F51] - |A| - [14/02/2018 01:26:32] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:38] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [861.35 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [2774.82 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [433.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [358.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [318.5 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [17125.14 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DBB768C8F7E49566670FF10A61726A3] - |A| - [12/07/2018 20:59:05] - (.-.) - [1278 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessor.dll [MD5.F5A3997555DA1A4F7036D4E8B2FCB386] - |A| - [12/07/2018 20:58:58] - (.-.) - [530.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessorCore.dll [MD5.BB0137476B1EC8B10CE944BF023C91F6] - |A| - [12/04/2018 01:34:04] - (.-.) - [1317.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceTrackerInternal.dll [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [12/04/2018 01:34:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [12/04/2018 01:33:53] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [404.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\fil-PH [MD5.A6905D1302CFB88E284914852CF37BD0] - |A| - [15/05/2018 23:48:06] - (.-.) - [413.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:38] - [3403 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [369 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [45629.5 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [12/04/2018 01:34:39] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [34 Ko] - C:\WINDOWS\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [17/10/2017 07:53:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 23:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [18/03/2017 23:03:29] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.109BE7608A886F64B1BE78E93A257684] - |A| - [17/10/2017 08:00:56] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.74 Ko] - (1.2.0.0) - C:\WINDOWS\System32\HarmanAudioInterface.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [327.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.D6906D226393F94E7D8B3B2AC1E41D94] - |A| - [12/04/2018 01:34:10] - (.-.) - [247.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\hi-IN [MD5.E39CB90645A15503E701E460D4612C0D] - |A| - [17/10/2017 08:00:57] - (.© 2017 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [369.52 Ko] - (0.8.4.82) - C:\WINDOWS\System32\HiFiDAX2API.dll [MD5.B68453B63EEAA6E55FBD5411B779E4F5] - |A| - [17/10/2017 08:00:57] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [396.92 Ko] - (1.6.0.47) - C:\WINDOWS\System32\HiFiDAX2APIPCLL.dll [MD5.0C41F1B45371B9CE83DFC0BA77A9CF74] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [351.9 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMClariFi.dll [MD5.E111D8A64187D7186E507FD4AD93F07A] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [186.46 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ.dll [MD5.CB9C417F9CD6B4A382509425D2B6C3E1] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [186.45 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ_Voice.dll [MD5.F739A3E7E9C8EAD418A80715C765EB41] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [199.06 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMHVS.dll [MD5.C4CDBA5B592882476FEDA2A2056E86CB] - |A| - [17/10/2017 08:00:57] - (.© Harman. - Audio by Harman APO.) - [175.38 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMLimiter.dll [MD5.D74F25DE979F40AD4E47ECF8B7BC34F1] - |A| - [17/10/2017 08:00:57] - (.?Harman. - Audio by Harman APO UI.) - [406.74 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMUI.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [335 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [411 Ko] - C:\WINDOWS\System32\hu-HU [MD5.E1712E7E7F912EC72EEDA318C3B25E25] - |A| - [12/04/2018 01:33:54] - (.-.) - [31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:20] - [160.64 Ko] - C:\WINDOWS\System32\hydrogen [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.9FD9E3896EF9ACE30AEB559CB158FB30] - |A| - [17/10/2017 08:00:57] - (.Copyright (c) 2017, ICEpower a/s - ICEpower ICEsound APO.) - [664.6 Ko] - (1.0.0.29) - C:\WINDOWS\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.CD591279F103D5E02F84ABD7ED450E57] - |RA| - [12/04/2018 01:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1848 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4185EE055F39FD2D726A91E6A8A1A093] - |RA| - [12/04/2018 01:34:12] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1311.5 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27 Ko] - C:\WINDOWS\System32\ig-NG [MD5.0490CF9C8A9DB32FE6EA245D29EC2E3E] - |A| - [29/08/2017 09:56:02] - (.-.) - [270.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.67B646C256190F118619C9D10AAE4B5C] - |A| - [12/04/2018 01:34:04] - (.-.) - [168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [25220 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.BB1480586B5C174900A1051CEB2B462F] - |A| - [12/04/2018 01:34:12] - (.-.) - [480.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [6671.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.A30A83D8B928F400083B8B71890FA000] - |A| - [29/08/2017 09:56:04] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [136.98 Ko] - (2.1.0.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [432.5 Ko] - C:\WINDOWS\System32\it-IT [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [297 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\ky-KG [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [12/04/2018 01:34:04] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [33 Ko] - C:\WINDOWS\System32\lb-LU [MD5.4F5120E44845A78D5920D2F0BDE0340F] - |A| - [12/04/2018 18:22:53] - (.-.) - [1953 Ko] - (2.6.4.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [559.86 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [26643.98 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [333 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [331.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [30061.23 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.9F46840758431946CA096F8096B016B4] - |A| - [13/06/2018 18:51:11] - (.-.) - [790 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [12/04/2018 01:34:04] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [16/05/2018 00:45:33] - [1110.9 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5564.46 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [47362.99 Ko] - C:\WINDOWS\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\ml-IN [MD5.D225B2044789A6059344503C1AE33347] - |A| - [12/04/2018 01:34:29] - (.-.) - [3.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [11/01/2018 01:16:53] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4260.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [34.35 Ko] - C:\WINDOWS\System32\my-mm [MD5.505D4334EE8AA8205C6BA4835263F43D] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5462.51 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICAPOlfx.dll [MD5.DDCEB99B7BE4FA07C5BC56151E371264] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [980.33 Ko] - (1.0.0.14866) - C:\WINDOWS\System32\NahimicAPONSControl.dll [MD5.FA5300E74175A469924DC5E901B3CB1F] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5799.72 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICV2apo.dll [MD5.B8112CA86B0E387C1A004914B4ACFFE0] - |A| - [17/10/2017 08:00:57] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [6311.68 Ko] - (10.0.10011.16384) - C:\WINDOWS\System32\NAHIMICV3apo.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [393.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [896 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\ne-NP [MD5.96E1A76E333C4642F2266B3F2E6B670F] - |A| - [14/02/2018 01:21:01] - (.-.) - [78.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [12/04/2018 01:34:39] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [422.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.2A398F2468B85F862EF66A7B2F138C44] - |A| - [17/10/2017 07:56:33] - (.-.) - [7894.24 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.BEC655D093FD1081E0592AAE8BF2B4B7] - |A| - [18/03/2018 18:59:15] - (.-.) - [47.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.D73A30E4A19CEF650E5D596EF05EC059] - |A| - [17/10/2017 07:57:08] - (.-.) - [118.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NvRtmpStreamer64.dll [MD5.1F8E72D18D9DF680D0E0E5AA10ECA760] - |A| - [12/04/2018 01:38:28] - (.-.) - [16.94 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44961.85 Ko] - C:\WINDOWS\System32\oobe [MD5.5C1765B680946C80B670E023AC55437C] - |A| - [17/01/2018 22:16:55] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [130.5 Ko] - (6.14.357.22) - C:\WINDOWS\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:54] - [3834.5 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [12/04/2018 01:34:04] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\pa-IN [MD5.B0126264FAD9BFE883A2783EC00A69CF] - |A| - [04/03/2018 17:51:20] - (.Copyright (c) by pdfforge - pdfcmon.) - [114.5 Ko] - (0.9.7.0) - C:\WINDOWS\System32\pdfcmon.dll [MD5.874B0871DA3EC061D1BF30423C1E165B] - |A| - [12/04/2018 01:34:43] - (.-.) - [48.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerceptionSimulationInput.exe [MD5.E7BCC1099403E8694065A8DAA7E0407E] - |A| - [12/04/2018 01:40:29] - (.-.) - [129.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.3629648B76A78433991A9C5C6DA38835] - |A| - [12/04/2018 18:18:42] - (.-.) - [146.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [12/04/2018 01:40:29] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [12/04/2018 18:18:42] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.A1AC22DE84AE149A67A0DCFC094C0DE6] - |A| - [12/04/2018 01:40:29] - (.-.) - [683.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.8B15B5C2B30509A4E56A5BE81764B784] - |A| - [12/04/2018 18:18:42] - (.-.) - [772.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.4A143BDFB82724D395FD31BD6E83135A] - |A| - [16/05/2018 10:13:43] - (.-.) - [1725.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [12/04/2018 01:34:02] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [420 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [682 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [12/04/2018 01:34:40] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [422 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [417.5 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\quz-PE [MD5.55B45FEE7A438A02F4F8B6CC27F328B4] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.0539085EF080CA20DD4F9AA7151B81CA] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.404CD5690F7C80253F71E42478B6902D] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.CC0C47305E06B0501275CFF0441F7049] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.DAB0E081FB7954C6C2CBAB66F90AD958] - |A| - [17/10/2017 08:00:57] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.5BBEA6A833CAE2CAB5E400D757998BBF] - |A| - [16/05/2018 00:44:17] - (.-.) - [1907.5 Ko] - (1.0.1802.7001) - C:\WINDOWS\System32\rdpnano.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [394719.03 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.93915F385A4EED6C0FBEE364EA90CE56] - |A| - [12/04/2018 01:34:43] - (.-.) - [9.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.39A2449AFF6ABAD80B97EA7C7CEB3F8E] - |A| - [12/04/2018 01:34:43] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\System32\restore [MD5.8CAF138F79802DFB5C706A635CD1886B] - |A| - [17/10/2017 07:54:27] - (.-.) - [18.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.D7655D9340FDA6B57357FB939EA58CF8] - |A| - [17/10/2017 08:00:57] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.32260EFF8A94E7E8FEC662F7D553130C] - |A| - [17/10/2017 08:00:57] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.D7CFCE6811519582690065C21088E9A5] - |A| - [17/10/2017 08:01:50] - (.Copyright (C) 2014 - RtCRX.) - [82.5 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll [MD5.4C0DFD347298C13E9C4EB91FE471AC9E] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.79 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.62D32BE0719AEE69D016FE48D127C1FA] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.8038A49784B0294B7E7844E66236D760] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.61C4D0E48ABF0BD4E80F24A3712B0CD1] - |A| - [17/10/2017 08:00:57] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.0F0CE558A9D992E8E0336E6ACB3FAF85] - |A| - [12/04/2018 01:34:04] - (.-.) - [51.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\rw-RW [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [12/04/2018 01:35:22] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [12/04/2018 01:34:39] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.EF474B7A3B4B8C40B86192FD65004E81] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.25 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.8B42C01130BBF605A06BC1E2466845B3] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.78 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.F5CA54A81ED662A059634DE647E8CF88] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.48 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.0757600B4BF3B1F0A06F2E5879571859] - |A| - [17/10/2017 08:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [961.83 Ko] - (3.5.14.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.8A8B4BA563A7F278752E12CA91834AAD] - |A| - [17/10/2017 08:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [3330.89 Ko] - (3.5.14.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [15/05/2018 23:48:06] - [24114.47 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.940F2A7A8B5F39B0F8F3D29208B5914F] - |A| - [17/10/2017 08:00:58] - (.TODO: (c) . - TODO: .) - [252.79 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.ED32C43AF9F2B05F0999C3F2867BFDE4] - |A| - [17/10/2017 08:00:58] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [3049.47 Ko] - (3.5.14.0) - C:\WINDOWS\System32\sltech64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [12/04/2018 01:34:04] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:33] - [13385.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [12/04/2018 01:33:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [12/04/2018 01:34:02] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.3C238A27DD48D63F21CBB8AE6E4210BD] - |A| - [12/04/2018 01:34:41] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [7585.4 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [12718.32 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [163499.27 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [12687.4 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.61 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [337 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.5EE466CEA36221A08D9989254B8C8509] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.21 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.7E8325A957FE497119D9C81190687FB8] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.43A5B7A78E00F134E931650D14D3B111] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.47 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [13/06/2018 18:51:11] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.4FD560E994EDF0353835F3F9F506A62C] - |A| - [12/07/2018 20:58:56] - (.-.) - [57.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.8057B51847C9BBE19A22B00DFA93E0F6] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.51 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.099B3C6101E6A306DE8C8B9B46E59399] - |A| - [17/10/2017 08:00:58] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.886407B08A658AABB3DD3E99CA5B4DAD] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.77 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.55E8B1ED3859D732330799800D0E1210] - |A| - [17/10/2017 08:00:58] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.8852D4A8097509C174C4F5B58D1F698F] - |A| - [17/10/2017 08:00:58] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [37592 Ko] - C:\WINDOWS\System32\sru [MD5.8A02EF186BDC952CA75EFA689EC4F275] - |A| - [12/04/2018 01:34:04] - (.-.) - [434 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [401.5 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\System32\sw-KE [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:37] - [1402.16 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [923.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.9CD66B93520B6DD13C71EAEF487D7899] - |A| - [12/04/2018 01:34:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [49 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [648.84 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:46:34] - [580.12 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.3FD03A130DAF033DFB0EB93228286810] - |A| - [24/08/2018 12:01:49] - (.-.) - [1.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcbres.wim [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [12/04/2018 01:34:33] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\te-IN [MD5.7453519C9ECF84B289EA22FAEA5913B7] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [832.16 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tosasfapo64.dll [MD5.2869853985A50E0A26EBE0CF388F7886] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.7 Ko] - (2.1.0.0) - C:\WINDOWS\System32\toseaeapo64.dll [MD5.F495509A51F727FF64BEA54ADF0FDD23] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.28 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tossaeapo64.dll [MD5.1D19B542DA59E33A893F7B97AB1B1C5B] - |A| - [17/10/2017 08:00:58] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [590.63 Ko] - (1.1.2.0) - C:\WINDOWS\System32\tossaemaxapo64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [392.5 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [12/04/2018 01:34:44] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [12/04/2018 01:34:44] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [334.5 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [2716.96 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\System32\ur-PK [MD5.5B0D59652F66ABB715DC53C312B26BD0] - |A| - [12/04/2018 01:34:14] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\System32\vi-VN [MD5.52D61488A2A692ED61CF69CAA7708001] - |A| - [04/03/2018 17:44:30] - (.Copyright (C) Visagesoft 1998,2009 - Visagesoft Printer Port Monitor.) - [26.45 Ko] - (0.3.0.0) - C:\WINDOWS\System32\vsmon1.dll [MD5.4EC0C222BEB7088B9264B5132F20CDBF] - |A| - [25/02/2017 01:23:14] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [524.28 Ko] - (1.0.42.0) - C:\WINDOWS\System32\vulkan-1-1-0-42-0.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [09/12/2017 00:24:44] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1-1-0-65-1.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [17/10/2017 07:53:36] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1.dll [MD5.CE8DFEB11053404DC17B2782176F816D] - |A| - [25/02/2017 01:23:10] - (.-.) - [248.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-42-0.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [09/12/2017 00:24:32] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-65-1.exe [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [17/10/2017 07:53:36] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [89136.46 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [154831.46 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [12/04/2018 01:34:19] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.957484C05356018083D72546EF8CDEDE] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [935.46 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.dll [MD5.AA897370830C506856ADCC5D98E0A2C4] - |A| - [12/09/2017 15:25:10] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [21.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lcn [MD5.97501C87CEE81AB9E937309053C1925A] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [49 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lde [MD5.90E15B5FBA33BAC3ACB5F7121BC2198B] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.les [MD5.FBF9C2D23A76B0EBDAFD8555EA2FF4C9] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [47.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lfr [MD5.8B3FD30AEBA7A19774B888EFCCD10446] - |A| - [12/09/2017 15:25:04] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [49 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lit [MD5.2C3717E5B8E6A6A246DCC016881C511B] - |A| - [12/09/2017 15:25:12] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [29.5 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.ljp [MD5.DA13CECBAF3CFDEEA0BFA31A2DC0A00D] - |A| - [12/09/2017 15:25:10] - (.-.) - [44 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\WibuCm64.lru [MD5.E9F64666E96C6BE8B48F08B4B98F7F72] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2004-2017 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [219.51 Ko] - (6.50.2640.503) - C:\WINDOWS\System32\wibucmJNI64.dll [MD5.E3E7143A462E809F29F15FC5C6AD1CD2] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2005-2017 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1344.98 Ko] - (10.0.2640.503) - C:\WINDOWS\System32\WibuXpm4J64.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [44134.66 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.E7DB98F5E56D795193A48C4D07EC92BD] - |A| - [24/03/2018 13:30:28] - (.Copyright © 2017 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1610.12) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.9FB33FC28587B322B6563F73A8F0CBBD] - |A| - [12/04/2018 01:34:10] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [9741.73 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [124472 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5569.42 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:39] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |HD| - [17/10/2017 08:06:37] - [0.05 Ko] - C:\WINDOWS\System32\WLANProfiles [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [12/04/2018 01:34:42] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.A853BF78DA5ED707FC4430FBEA74CC15] - |A| - [12/04/2018 01:34:02] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.CF35457AF69AB659F75FF9089D452188] - |A| - [17/01/2018 22:16:55] - (.Copyright © 2007 - OpenAL32.) - [410 Ko] - (2.1.8.1) - C:\WINDOWS\System32\wrap_oal.dll [MD5.DE198ABE13B6E663E60E006E17CF68B1] - |A| - [12/04/2018 01:34:06] - (.-.) - [79.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [12/04/2018 01:34:49] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [12/04/2018 01:34:48] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [12/04/2018 01:34:59] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [12/04/2018 01:34:49] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [11/04/2018 23:04:41] - [1900.9 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [22 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [326.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [324 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [23 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.EA88F93CA71EDEB959BB483998E84730] - |A| - [14/02/2018 01:13:15] - (.-.) - [12.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC1747D.TBL [MD5.0A294F1A46F4BCB5C4323FFEB276393D] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - LLD.) - [300 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC495L.dll [MD5.7B0B9146146B111E2F3EA58C0F3B5756] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2010 All Rights Reserved - Scanner Driver.) - [104 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC495U.dll [MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [14/02/2018 01:13:15] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\WINDOWS\SysWOW64\CNHMCA.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [320.5 Ko] - C:\WINDOWS\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5.64 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.831DE1258836FBCFB465E59EA10C26D6] - |A| - [24/01/2018 21:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - CPEAUT DLL.) - [403.5 Ko] - (7.0.0.17) - C:\WINDOWS\SysWOW64\cpeaut32.dll [MD5.A2E5A1A2DAF532C48498414F8FFD87BB] - |A| - [24/01/2018 21:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - Seagate Crystal Reports Print Engine.) - [663.5 Ko] - (7.0.0.191) - C:\WINDOWS\SysWOW64\cr2c70de.dll [MD5.771DE190EE645A909B7072B7FDC673A2] - |A| - [24/01/2018 21:02:54] - (.Copyright © 1996 Seagate Software, Inc. - Crystal Reports Text Object Support DLL.) - [179 Ko] - (5.0.0.1) - C:\WINDOWS\SysWOW64\crpaig32.dll [MD5.F3A584E79D2D61C591786C12FE664EA5] - |A| - [24/01/2018 21:02:54] - (.Copyright (c) 1991-1998 Seagate Software, Inc. - Seagate Crystal Reports Print Engine.) - [5225.5 Ko] - (7.0.0.193) - C:\WINDOWS\SysWOW64\crpe32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [382 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [379 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [430.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [12/04/2018 01:34:46] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [12/04/2018 01:38:21] - [205 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [7783.23 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.BB3F341FEE6E55DBDB35AD8E030FE05A] - |A| - [17/10/2017 07:59:39] - (.-.) - [236.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [12/04/2018 18:19:16] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [309.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.B4242227EAA6B910E3D0B985816DB2E7] - |A| - [12/04/2018 01:34:45] - (.-.) - [218 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [389.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.17F5D3282D520EB2EA7C488AA6C57438] - |RA| - [12/04/2018 01:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1594 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.A456E020684366A0DB0714ABFB1B5A2A] - |RA| - [12/04/2018 01:34:47] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1134 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [20757.55 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.0A0324A4282DF0F2C3129E5BD84077BC] - |A| - [24/01/2018 21:02:55] - (.- Implode Application.) - [18.5 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\implode.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.9DDE110E76DD3D7FAA7282361069528E] - |A| - [12/04/2018 01:34:47] - (.-.) - [355.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [215.5 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.8495A869A2EF58F9511AF2C4FE0814B3] - |A| - [29/08/2017 09:56:04] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [113.98 Ko] - (2.1.0.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\is-IS [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [410.5 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [12/04/2018 01:34:02] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [685.69 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.CE0CDC5459EAA1D574AF781DDB8F2685] - |A| - [17/01/2018 22:16:55] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [108 Ko] - (6.14.357.22) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.B12F1D285305F5E15DFA0E1C554FB97A] - |A| - [24/01/2018 21:02:55] - (.Copyright(c) 1991-1998 Seagate Software, Inc. - Active Data Reporting DLL for Seagate Crystal Reports..) - [167.5 Ko] - (6.0.0.46) - C:\WINDOWS\SysWOW64\P2smon.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [397.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [400.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [395.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30.5 Ko] - C:\WINDOWS\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.7E8325A957FE497119D9C81190687FB8] - |A| - [17/10/2017 08:00:58] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.2E00E08420875FAE0B173C6A34C2A575] - |A| - [13/06/2018 18:51:11] - (.-.) - [18.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.DC2DB04CA829CAD7910CE71263F68C90] - |A| - [12/04/2018 01:34:45] - (.-.) - [321.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [381.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [34 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [289.5 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [22.5 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32.5 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [372.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28.5 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [28 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [314 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29.5 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [32 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [31.5 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.59377F8A6F735CB0A30C53C4DC13BC22] - |A| - [25/02/2017 01:23:24] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [513.28 Ko] - (1.0.42.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-42-0.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [09/12/2017 00:25:12] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-65-1.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [17/10/2017 07:53:36] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.382786C3F38DF50A085C4A577663F553] - |A| - [25/02/2017 01:23:20] - (.-.) - [228.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-0.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [09/12/2017 00:25:00] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-65-1.exe [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [17/10/2017 07:53:36] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [15735.62 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.9ED1A6EA6C2F35F2302B81052F7C95D3] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [775.96 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.dll [MD5.A60EDBFD0EE56801814B829096D3EB11] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ±¾µØ»¯/ÖÐÎÄ£¨¼òÌ壩.) - [21 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lcn [MD5.2CAE7B6C33302323A07B2AA158924DA2] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Sprachmodul/Deutsch.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lde [MD5.54B90C2CF8C1BDDE5423E6CE2C59341B] - |A| - [12/09/2017 14:59:52] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library.) - [48 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.les [MD5.61A557E68DD0D87F78149E77C9C7EE45] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Langue/Français.) - [47 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lfr [MD5.0DEAE80D2135F79B503AFE8DCAF54564] - |A| - [12/09/2017 14:59:50] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, Localizzazione/Italiano.) - [48.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lit [MD5.887B91915F51EE6A940C37426B465921] - |A| - [12/09/2017 14:59:52] - (.Copyright (C) 2002-2017 by WIBU-SYSTEMS AG - CodeMeter Library, ƒ[ƒJƒ‰ƒCƒ[ƒCƒVƒ‡ƒ“/“ú–{Œê.) - [29 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.ljp [MD5.09191A4950157A1CFF9BB2A5C806B744] - |A| - [12/09/2017 14:59:50] - (.-.) - [43.5 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\WibuCm32.lru [MD5.9853B752EA37B7B70FF476B39901A871] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2004-2017 by WIBU-SYSTEMS AG - CodeMeter Java Calling Driver.) - [183.51 Ko] - (6.50.2640.503) - C:\WINDOWS\SysWOW64\wibucmJNI.dll [MD5.E5985524EAE97B96C023264E9054B248] - |A| - [12/09/2017 07:50:00] - (.Copyright (C) 2005-2017 by WIBU-SYSTEMS AG - WIBU AxProtector Java.) - [1072.48 Ko] - (10.0.2640.503) - C:\WINDOWS\SysWOW64\WibuXpm4J32.dll [MD5.E7DB98F5E56D795193A48C4D07EC92BD] - |A| - [24/03/2018 13:32:22] - (.Copyright © 2017 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1610.12) - C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll [MD5.F8A04B2ADF9693ADF0D70B966CA4498E] - |A| - [12/04/2018 01:34:45] - (.-.) - [109 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [8907.44 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [5569.41 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:18:40] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [27.5 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.9C24ED831DDFA8319382B2BFD9691AA9] - |A| - [17/01/2018 22:16:55] - (.Copyright © 2007 - OpenAL32.) - [404 Ko] - (2.1.8.1) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.62236256C14EBAB96F24E4F1D7049CA8] - |A| - [12/04/2018 01:34:45] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [16/05/2018 00:42:46] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [29 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [245.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [240.5 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:22:49] - [30 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\colis\AppData\Roaming [16/05/2018 10:06:11] "Local AppData"=C:\Users\colis\AppData\Local [16/05/2018 10:06:11] "CD Burning"=C:\Users\colis\AppData\Local\Microsoft\Windows\Burn\Burn [16/05/2018 10:13:15] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Libraries [10/01/2018 22:33:54] "My Video"=C:\Users\colis\Videos [10/01/2018 22:31:01] "My Pictures"=C:\Users\colis\Pictures [10/01/2018 22:31:01] "Desktop"=C:\Users\colis\Desktop [10/01/2018 22:31:01] "History"=C:\Users\colis\AppData\Local\Microsoft\Windows\History [10/01/2018 22:31:01] "NetHood"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Network Shortcuts [16/05/2018 10:06:11] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\colis\Contacts [10/01/2018 22:33:54] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\colis\AppData\Local\Microsoft\Windows\RoamingTiles [10/01/2018 22:33:54] "Cookies"=C:\Users\colis\AppData\Local\Microsoft\Windows\INetCookies [10/01/2018 22:31:01] "Favorites"=C:\Users\colis\Favorites [10/01/2018 22:31:01] "SendTo"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\SendTo [10/01/2018 22:31:01] "Start Menu"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu [10/01/2018 22:31:01] "My Music"=C:\Users\colis\Music [10/01/2018 22:31:01] "Programs"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/01/2018 22:31:01] "Recent"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Recent [10/01/2018 22:31:01] "PrintHood"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [16/05/2018 10:06:11] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\colis\Searches [10/01/2018 22:33:54] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\colis\Downloads [10/01/2018 22:31:01] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\colis\AppData\LocalLow [10/01/2018 22:31:01] "Startup"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/01/2018 22:33:54] "Administrative Tools"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/01/2018 22:33:54] "Personal"=C:\Users\colis\Documents [10/01/2018 22:31:01] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\colis\Links [10/01/2018 22:31:01] "Cache"=C:\Users\colis\AppData\Local\Microsoft\Windows\INetCache [16/05/2018 10:06:11] "Templates"=C:\Users\colis\AppData\Roaming\Microsoft\Windows\Templates [16/05/2018 10:06:11] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\colis\Saved Games [10/01/2018 22:31:01] "Fonts"=C:\WINDOWS\Fonts [12/04/2018 01:38:21] [HKU\S-1-5-21-1812020250-49885185-2009104261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "{C3F2459E-80D6-45DC-BFEF-1F769F2BE730}"=C:\Users\colis\OneDrive\Musique [29/06/2018 10:36:13] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 01:38:20] "Common AppData"=C:\ProgramData [12/04/2018 01:38:20] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 23:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 23:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 01:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 23:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 23:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 23:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 23:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/04/2018 01:38:20] "Common AppData"=C:\ProgramData [12/04/2018 01:38:20] "Common Desktop"=C:\Users\Public\Desktop [18/03/2017 23:03:29] "Common Documents"=C:\Users\Public\Documents [18/03/2017 23:03:29] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/04/2018 01:38:20] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:20] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/04/2018 01:38:20] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [18/03/2017 23:03:29] "CommonMusic"=C:\Users\Public\Music [18/03/2017 23:03:29] "CommonPictures"=C:\Users\Public\Pictures [18/03/2017 23:03:29] "CommonVideo"=C:\Users\Public\Videos [18/03/2017 23:03:29] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [colis] [26/08/2018 21:56:12] - |D| - [110] - C:\Users\colis\.config [26/08/2018 21:57:43] - |D| - [50704269] - C:\Users\colis\.electron [08/06/2018 13:24:41] - |D| - [4180] - C:\Users\colis\.solibri [14/02/2018 01:34:54] - |RD| - [298] - C:\Users\colis\3D Objects [14/01/2018 23:36:48] - |D| - [0] - C:\Users\colis\ansel [16/05/2018 10:06:11] - |HD| - [10035085536] - C:\Users\colis\AppData [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Application Data [10/01/2018 22:33:54] - |RD| - [412] - C:\Users\colis\Contacts [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Cookies [10/01/2018 22:31:01] - |RD| - [11582507508] - C:\Users\colis\Desktop [10/01/2018 22:31:01] - |RD| - [240248270] - C:\Users\colis\Documents [10/01/2018 22:31:01] - |RD| - [282] - C:\Users\colis\Downloads [10/01/2018 22:31:01] - |RD| - [914] - C:\Users\colis\Favorites [10/01/2018 22:33:53] - |SHD| - [25308] - C:\Users\colis\IntelGraphicsProfiles [10/01/2018 22:31:01] - |RD| - [1953] - C:\Users\colis\Links [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Local Settings [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Menu Démarrer [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Mes documents [14/02/2018 01:35:12] - |HD| - [2663617] - C:\Users\colis\MicrosoftEdgeBackups [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Modèles [10/01/2018 22:31:01] - |RD| - [26507767182] - C:\Users\colis\Music [16/05/2018 10:06:11] - |AH| - [7602176] - C:\Users\colis\NTUSER.DAT [16/05/2018 10:06:11] - |ASH| - [1507328] - C:\Users\colis\ntuser.dat.LOG1 [16/05/2018 10:06:11] - |ASH| - [1849344] - C:\Users\colis\ntuser.dat.LOG2 [16/05/2018 10:06:11] - |ASH| - [65536] - C:\Users\colis\NTUSER.DAT{04474bf2-5892-11e8-abfb-b06ebf4f9d0c}.TM.blf [16/05/2018 10:06:11] - |ASH| - [524288] - C:\Users\colis\NTUSER.DAT{04474bf2-5892-11e8-abfb-b06ebf4f9d0c}.TMContainer00000000000000000001.regtrans-ms [16/05/2018 10:06:11] - |ASH| - [524288] - C:\Users\colis\NTUSER.DAT{04474bf2-5892-11e8-abfb-b06ebf4f9d0c}.TMContainer00000000000000000002.regtrans-ms [16/05/2018 10:10:06] - |SH| - [20] - C:\Users\colis\ntuser.ini [10/01/2018 22:35:53] - |RAD| - [1067535] - C:\Users\colis\OneDrive [10/01/2018 22:31:01] - |RD| - [884] - C:\Users\colis\Pictures [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Recent [16/05/2018 10:06:11] - |D| - [0] - C:\Users\colis\Roaming [10/01/2018 22:31:01] - |RD| - [282] - C:\Users\colis\Saved Games [10/01/2018 22:33:54] - |RD| - [1872] - C:\Users\colis\Searches [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\SendTo [08/06/2018 13:25:16] - |D| - [4840] - C:\Users\colis\Solibri [10/01/2018 22:31:01] - |RD| - [694] - C:\Users\colis\Videos [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Voisinage d'impression [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\Voisinage réseau [16/05/2018 10:06:11] - |D| - [5340442247] - C:\Users\colis\AppData\Local [10/01/2018 22:31:01] - |D| - [122058891] - C:\Users\colis\AppData\LocalLow [16/05/2018 10:06:11] - |D| - [4572584398] - C:\Users\colis\AppData\Roaming [16/04/2018 18:35:02] - |D| - [1162] - C:\Users\colis\AppData\Local\A [31/05/2018 22:27:42] - |D| - [1497120] - C:\Users\colis\AppData\Local\Adobe [24/01/2018 22:31:39] - |D| - [1572] - C:\Users\colis\AppData\Local\Allplan [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Local\Application Data [10/01/2018 23:18:06] - |D| - [2097208] - C:\Users\colis\AppData\Local\CEF [10/01/2018 22:35:52] - |D| - [28537371] - C:\Users\colis\AppData\Local\Comms [10/01/2018 22:33:52] - |D| - [1598701] - C:\Users\colis\AppData\Local\ConnectedDevicesPlatform [15/01/2018 21:59:47] - |D| - [6568122] - C:\Users\colis\AppData\Local\CrashDumps [03/08/2018 17:16:57] - |D| - [0] - C:\Users\colis\AppData\Local\CrashRpt [23/05/2018 21:35:43] - |D| - [137032] - C:\Users\colis\AppData\Local\D3DSCache [15/01/2018 21:59:27] - |D| - [0] - C:\Users\colis\AppData\Local\DBG [03/09/2018 12:12:26] - |D| - [1245127] - C:\Users\colis\AppData\Local\Diagnostics [11/01/2018 22:33:12] - |D| - [2506] - C:\Users\colis\AppData\Local\Disc_Soft_Ltd [26/08/2018 21:58:29] - |D| - [50698934] - C:\Users\colis\AppData\Local\electron [26/08/2018 21:58:52] - |D| - [32433237] - C:\Users\colis\AppData\Local\electron-builder [13/04/2018 18:22:32] - |D| - [0] - C:\Users\colis\AppData\Local\ElevatedDiagnostics [21/01/2018 21:05:36] - |D| - [17491737] - C:\Users\colis\AppData\Local\EpicGamesLauncher [15/01/2018 21:32:55] - |D| - [189970] - C:\Users\colis\AppData\Local\Forager [31/01/2018 20:49:03] - |D| - [613329] - C:\Users\colis\AppData\Local\FortniteGame [08/03/2018 23:28:46] - |A| - [92008] - C:\Users\colis\AppData\Local\GDIPFONTCACHEV1.DAT [20/05/2018 15:56:45] - |D| - [2311] - C:\Users\colis\AppData\Local\GOG.com [10/01/2018 22:41:07] - |D| - [1083057514] - C:\Users\colis\AppData\Local\Google [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Local\Historique [17/05/2018 22:01:48] - |AH| - [121070] - C:\Users\colis\AppData\Local\IconCache.db [02/06/2018 15:40:45] - |D| - [20654277] - C:\Users\colis\AppData\Local\influence [27/08/2018 21:11:46] - |D| - [0] - C:\Users\colis\AppData\Local\mbam [16/05/2018 10:06:11] - |D| - [539962854] - C:\Users\colis\AppData\Local\Microsoft [27/02/2018 22:02:33] - |D| - [0] - C:\Users\colis\AppData\Local\Microsoft Help [10/01/2018 22:35:54] - |D| - [75524] - C:\Users\colis\AppData\Local\MicrosoftEdge [04/08/2018 17:53:24] - |D| - [9628] - C:\Users\colis\AppData\Local\Microsoft_Corporation [04/04/2018 16:57:09] - |D| - [304076] - C:\Users\colis\AppData\Local\minit [24/01/2018 22:31:39] - |D| - [1020583] - C:\Users\colis\AppData\Local\Nemetschek [14/01/2018 13:43:06] - |D| - [33343] - C:\Users\colis\AppData\Local\nuclearthrone [18/03/2018 18:42:55] - |D| - [163489308] - C:\Users\colis\AppData\Local\NVIDIA [10/01/2018 22:35:53] - |D| - [31015965] - C:\Users\colis\AppData\Local\NVIDIA Corporation [04/08/2018 17:54:09] - |D| - [174256] - C:\Users\colis\AppData\Local\PackageManagement [14/02/2018 01:23:41] - |D| - [2952684226] - C:\Users\colis\AppData\Local\Packages [19/01/2018 11:04:45] - |D| - [145471] - C:\Users\colis\AppData\Local\PAYDAY 2 [04/03/2018 17:51:21] - |D| - [3152] - C:\Users\colis\AppData\Local\PDFCreator [11/03/2018 21:06:15] - |D| - [0] - C:\Users\colis\AppData\Local\PlaceholderTileLogoFolder [11/01/2018 22:36:23] - |D| - [0] - C:\Users\colis\AppData\Local\Programs [10/01/2018 22:33:56] - |D| - [679199] - C:\Users\colis\AppData\Local\Publishers [13/04/2018 15:05:04] - |D| - [2299] - C:\Users\colis\AppData\Local\SMLoader [10/02/2018 10:48:35] - |D| - [11275] - C:\Users\colis\AppData\Local\SnakeSimulator [16/04/2018 12:07:40] - |D| - [1880] - C:\Users\colis\AppData\Local\speech [03/08/2018 17:17:09] - |D| - [1936923] - C:\Users\colis\AppData\Local\StarTradersFrontiers [10/01/2018 23:18:06] - |D| - [253349697] - C:\Users\colis\AppData\Local\Steam [16/05/2018 10:06:11] - |D| - [135952838] - C:\Users\colis\AppData\Local\Temp [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Local\Temporary Internet Files [10/01/2018 22:33:52] - |D| - [12058339] - C:\Users\colis\AppData\Local\TileDataLayer [12/02/2018 14:27:47] - |D| - [491022] - C:\Users\colis\AppData\Local\TurmoilSteam [21/01/2018 21:05:36] - |D| - [81] - C:\Users\colis\AppData\Local\UnrealEngine [21/01/2018 21:05:38] - |D| - [0] - C:\Users\colis\AppData\Local\UnrealEngineLauncher [10/01/2018 22:33:53] - |D| - [0] - C:\Users\colis\AppData\Local\VirtualStore [09/06/2018 12:39:23] - |D| - [1498] - C:\Users\colis\AppData\LocalLow\8floor [31/05/2018 22:31:40] - |D| - [3027167] - C:\Users\colis\AppData\LocalLow\Adobe [08/05/2018 12:50:46] - |D| - [0] - C:\Users\colis\AppData\LocalLow\AMPLITUDE Studios [20/05/2018 15:57:16] - |D| - [976308] - C:\Users\colis\AppData\LocalLow\Appnormals [16/06/2018 13:10:25] - |D| - [2583036] - C:\Users\colis\AppData\LocalLow\Clarus Victoria [31/01/2018 21:24:54] - |D| - [189104] - C:\Users\colis\AppData\LocalLow\Clever Endeavour Games [20/05/2018 22:58:27] - |D| - [28563] - C:\Users\colis\AppData\LocalLow\Contingent99 [15/02/2018 13:57:00] - |D| - [32187] - C:\Users\colis\AppData\LocalLow\GUTS Department [28/05/2018 15:14:41] - |D| - [24764610] - C:\Users\colis\AppData\LocalLow\Lazy Bear Games [06/02/2018 22:33:32] - |D| - [85925294] - C:\Users\colis\AppData\LocalLow\Ludeon Studios [15/02/2018 13:13:32] - |D| - [268213] - C:\Users\colis\AppData\LocalLow\Meta Interaction [10/01/2018 22:33:55] - |SD| - [417433] - C:\Users\colis\AppData\LocalLow\Microsoft [07/07/2018 16:11:27] - |D| - [1453435] - C:\Users\colis\AppData\LocalLow\Monomi Park [11/01/2018 22:57:44] - |D| - [246444] - C:\Users\colis\AppData\LocalLow\Sun [18/07/2018 20:48:10] - |D| - [183544] - C:\Users\colis\AppData\LocalLow\Toge Productions [03/06/2018 20:28:50] - |D| - [1948559] - C:\Users\colis\AppData\LocalLow\Weather Factory [18/05/2018 17:57:47] - |D| - [13496] - C:\Users\colis\AppData\LocalLow\Wild Factor [08/06/2018 13:25:15] - |D| - [80] - C:\Users\colis\AppData\Roaming\.hO8SJqaX [11/01/2018 22:50:50] - |D| - [3737081601] - C:\Users\colis\AppData\Roaming\.minecraft [28/05/2018 15:14:43] - |D| - [0] - C:\Users\colis\AppData\Roaming\.mono [08/06/2018 13:24:41] - |D| - [0] - C:\Users\colis\AppData\Roaming\.zwebernative [29/04/2018 19:20:12] - |D| - [338] - C:\Users\colis\AppData\Roaming\11bitstudios [10/01/2018 22:33:53] - |D| - [15654] - C:\Users\colis\AppData\Roaming\Adobe [05/07/2018 16:57:38] - |D| - [15084] - C:\Users\colis\AppData\Roaming\Arrowhead [02/06/2018 15:40:46] - |D| - [3139] - C:\Users\colis\AppData\Roaming\asylamba [25/07/2018 13:46:17] - |D| - [5754] - C:\Users\colis\AppData\Roaming\Canon [12/04/2018 21:14:54] - |D| - [74] - C:\Users\colis\AppData\Roaming\com.retrogamecrunch.Launcher [12/04/2018 21:15:28] - |D| - [4405] - C:\Users\colis\AppData\Roaming\com.retrogamecrunch.SuperClewLand [19/07/2018 16:09:25] - |D| - [1694] - C:\Users\colis\AppData\Roaming\com.togeproductions.survivors [10/01/2018 23:12:42] - |D| - [4371] - C:\Users\colis\AppData\Roaming\DAEMON Tools Lite [08/07/2018 11:32:49] - |D| - [4194620] - C:\Users\colis\AppData\Roaming\DeathSkidMarks [04/08/2018 18:52:13] - |D| - [1006] - C:\Users\colis\AppData\Roaming\DeezerDownloader [14/02/2018 16:36:36] - |D| - [88332023] - C:\Users\colis\AppData\Roaming\Deezloader [04/08/2018 18:27:55] - |D| - [94022530] - C:\Users\colis\AppData\Roaming\DeezLoader Remaster [04/08/2018 18:44:20] - |D| - [44159744] - C:\Users\colis\AppData\Roaming\Deezloader Remix [14/02/2018 16:26:27] - |D| - [14824840] - C:\Users\colis\AppData\Roaming\Digiarty [26/08/2018 22:01:49] - |D| - [0] - C:\Users\colis\AppData\Roaming\Electron [04/03/2018 17:43:53] - |D| - [0] - C:\Users\colis\AppData\Roaming\Expert PDF 9 [16/04/2018 18:35:08] - |D| - [5482] - C:\Users\colis\AppData\Roaming\Free Audio Converter 4dots [10/07/2018 15:28:25] - |D| - [266987] - C:\Users\colis\AppData\Roaming\Game [10/01/2018 22:46:12] - |D| - [0] - C:\Users\colis\AppData\Roaming\Google [11/01/2018 00:02:38] - |D| - [118785] - C:\Users\colis\AppData\Roaming\GT200Driver [10/01/2018 22:33:52] - |D| - [1164] - C:\Users\colis\AppData\Roaming\Intel [11/01/2018 23:00:14] - |D| - [0] - C:\Users\colis\AppData\Roaming\java [17/04/2018 00:01:33] - |D| - [485132] - C:\Users\colis\AppData\Roaming\KastorFreeAudioConverter [15/01/2018 21:56:51] - |D| - [69321] - C:\Users\colis\AppData\Roaming\LOVE [10/01/2018 22:35:49] - |D| - [717] - C:\Users\colis\AppData\Roaming\Macromedia [16/05/2018 10:06:11] - |SD| - [36296811] - C:\Users\colis\AppData\Roaming\Microsoft [22/01/2018 00:09:30] - |D| - [187] - C:\Users\colis\AppData\Roaming\Nemetschek [26/08/2018 21:54:36] - |D| - [0] - C:\Users\colis\AppData\Roaming\npm [26/08/2018 21:56:13] - |D| - [43959820] - C:\Users\colis\AppData\Roaming\npm-cache [04/08/2018 17:54:45] - |D| - [97] - C:\Users\colis\AppData\Roaming\NuGet [15/01/2018 23:01:34] - |D| - [0] - C:\Users\colis\AppData\Roaming\NVIDIA [04/03/2018 17:48:36] - |D| - [2383] - C:\Users\colis\AppData\Roaming\PDF Pro 10 9 [10/02/2018 09:46:39] - |D| - [699] - C:\Users\colis\AppData\Roaming\Rogue Legacy [23/05/2018 22:05:02] - |D| - [77] - C:\Users\colis\AppData\Roaming\Skype [03/08/2018 17:17:07] - |D| - [62] - C:\Users\colis\AppData\Roaming\SmartSteamEmu [10/01/2018 22:34:53] - |A| - [219] - C:\Users\colis\AppData\Roaming\sp_data.sys [03/09/2018 12:31:31] - |D| - [1570] - C:\Users\colis\AppData\Roaming\SumatraPDF [11/01/2018 22:57:40] - |D| - [0] - C:\Users\colis\AppData\Roaming\Sun [27/03/2018 13:33:37] - |D| - [496705118] - C:\Users\colis\AppData\Roaming\Surviving Mars [14/01/2018 23:37:13] - |D| - [802257] - C:\Users\colis\AppData\Roaming\The Witness [21/01/2018 01:49:05] - |D| - [54300] - C:\Users\colis\AppData\Roaming\ToothAndTail [18/03/2018 13:04:22] - |D| - [11145865] - C:\Users\colis\AppData\Roaming\uTorrent [10/01/2018 23:15:50] - |D| - [388] - C:\Users\colis\AppData\Roaming\WinRAR [10/01/2018 22:33:54] - |SH| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [16/05/2018 10:06:11] - |SHD| - [0] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/01/2018 22:31:01] - |RD| - [31613] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [18/03/2018 13:04:22] - |A| - [878] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [16/05/2018 10:06:11] - |RD| - [3888] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [16/05/2018 10:06:11] - |RD| - [2927] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/01/2018 22:33:54] - |RD| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/08/2018 18:37:17] - |D| - [2853] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [04/08/2018 18:44:21] - |A| - [981] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezloader Remix.lnk [16/05/2018 10:06:11] - |SH| - [264] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [11/01/2018 00:17:47] - |A| - [1049] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk [16/05/2018 10:06:11] - |D| - [170] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [16/05/2018 10:06:11] - |A| - [2409] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [05/02/2018 22:18:14] - |A| - [969] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SlayTheSpire.lnk [10/01/2018 22:33:54] - |RD| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [16/05/2018 10:06:11] - |RD| - [3496] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [16/05/2018 10:06:11] - |RD| - [7754] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [10/01/2018 23:09:42] - |D| - [4505] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [10/01/2018 22:33:54] - |SH| - [174] - C:\Users\colis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [17/10/2017 07:48:59] - |RHD| - [196] - C:\Users\Public\AccountPictures [31/01/2018 20:52:40] - |AHD| - [0] - C:\Users\Public\AppData [18/03/2017 23:03:29] - |RHD| - [22096] - C:\Users\Public\Desktop [12/04/2018 01:38:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [18/03/2017 23:03:29] - |RD| - [119080548] - C:\Users\Public\Documents [18/03/2017 23:03:29] - |RD| - [174] - C:\Users\Public\Downloads [12/04/2018 01:38:20] - |RHD| - [1135] - C:\Users\Public\Libraries [31/01/2018 20:52:39] - |A| - [235] - C:\Users\Public\Libraries.ini [18/03/2017 23:03:29] - |RD| - [380] - C:\Users\Public\Music [18/03/2017 23:03:29] - |RD| - [1263209] - C:\Users\Public\Pictures [17/10/2017 08:06:19] - |D| - [0] - C:\Users\Public\Roaming [08/06/2018 13:23:57] - |D| - [49106191] - C:\Users\Public\Solibri [18/03/2017 23:03:29] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [31/05/2018 22:28:33] - |D| - [285858340] - C:\ProgramData\Adobe [16/05/2018 10:09:54] - |SHD| - [0] - C:\ProgramData\Application Data [17/10/2017 08:22:20] - |D| - [782093] - C:\ProgramData\ASUS [04/03/2018 17:43:52] - |D| - [2405] - C:\ProgramData\Avanquest [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Bureau [20/01/2018 18:18:33] - |HD| - [22157668] - C:\ProgramData\CanonBJ [25/07/2018 13:39:17] - |D| - [83731] - C:\ProgramData\CanonIJWSpt [24/08/2018 20:11:54] - |AH| - [4] - C:\ProgramData\cm-lock [17/01/2018 22:16:59] - |D| - [4096] - C:\ProgramData\Codemasters [22/01/2018 00:02:43] - |D| - [11206553] - C:\ProgramData\CodeMeter [10/01/2018 23:10:17] - |D| - [3494] - C:\ProgramData\DAEMON Tools Lite [16/05/2018 10:09:54] - |SHD| - [0] - C:\ProgramData\Documents [17/10/2017 08:01:14] - |A| - [0] - C:\ProgramData\DP45977C.lfl [21/01/2018 21:05:27] - |D| - [53243300] - C:\ProgramData\Epic [04/03/2018 17:43:52] - |D| - [0] - C:\ProgramData\Expert PDF 9 [04/03/2018 17:43:52] - |D| - [0] - C:\ProgramData\Expert PDF Jobs [26/08/2018 21:42:59] - |D| - [178] - C:\ProgramData\Git [21/01/2018 01:38:59] - |D| - [306505424] - C:\ProgramData\GOG.com [17/10/2017 07:58:08] - |D| - [78327519] - C:\ProgramData\Intel [27/08/2018 21:11:15] - |D| - [139378640] - C:\ProgramData\Malwarebytes [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [12/04/2018 01:38:20] - |SD| - [3088233741] - C:\ProgramData\Microsoft [27/02/2018 22:02:32] - |D| - [65254] - C:\ProgramData\Microsoft Help [16/05/2018 10:13:31] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Modèles [24/01/2018 20:30:48] - |D| - [1087140251] - C:\ProgramData\Nemetschek [17/10/2017 07:56:16] - |D| - [5327908] - C:\ProgramData\NVIDIA [17/10/2017 07:56:06] - |D| - [966066488] - C:\ProgramData\NVIDIA Corporation [11/01/2018 22:57:28] - |D| - [84062991] - C:\ProgramData\Oracle [17/10/2017 07:52:03] - |D| - [178957724] - C:\ProgramData\Package Cache [13/06/2018 20:02:36] - |D| - [378880] - C:\ProgramData\Packages [12/04/2018 01:38:20] - |D| - [4218] - C:\ProgramData\regid.1991-06.com.microsoft [12/01/2018 22:04:05] - |D| - [39] - C:\ProgramData\Riot Games [17/10/2017 08:06:19] - |D| - [0] - C:\ProgramData\Roaming [12/04/2018 01:38:20] - |D| - [0] - C:\ProgramData\SoftwareDistribution [17/10/2017 08:13:20] - |D| - [0] - C:\ProgramData\SplitMediaLabs [17/10/2017 08:33:07] - |D| - [228514] - C:\ProgramData\SS3 [15/02/2018 13:57:03] - |D| - [5116] - C:\ProgramData\Steam [12/04/2018 01:38:20] - |D| - [12711] - C:\ProgramData\USOPrivate [15/05/2018 23:51:02] - |D| - [3125248] - C:\ProgramData\USOShared [12/04/2018 18:23:20] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [14/02/2018 01:27:57] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [12/04/2018 01:38:20] - |RD| - [180930] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [23/05/2018 22:04:38] - |A| - [2474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [12/04/2018 01:38:20] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [12/04/2018 01:38:20] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [31/05/2018 22:28:57] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [12/04/2018 01:38:20] - |RD| - [21770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [24/01/2018 22:32:38] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allplan [17/10/2017 08:10:04] - |D| - [6602] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [11/01/2018 00:02:32] - |D| - [3650] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Espada Gaming Mouse [20/01/2018 18:19:54] - |D| - [2966] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP495 series [25/07/2018 13:39:19] - |D| - [2120] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [15/05/2018 21:31:47] - |D| - [1681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CASIO [22/01/2018 00:02:43] - |D| - [10497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter [10/07/2018 15:21:31] - |D| - [1747] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy [10/01/2018 23:12:42] - |D| - [946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [12/04/2018 01:38:24] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/02/2018 16:26:30] - |D| - [1452] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [21/01/2018 21:05:31] - |A| - [789] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [23/05/2018 22:04:38] - |A| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [29/04/2018 18:56:16] - |D| - [1424] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [06/03/2018 22:18:55] - |D| - [1794] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL - Advanced Edition [GOG.com] [17/01/2018 19:53:00] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [26/08/2018 21:42:59] - |D| - [5344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git [20/05/2018 15:56:44] - |D| - [1136] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [10/01/2018 22:41:41] - |A| - [2301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [12/04/2018 01:35:21] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [28/02/2018 18:25:58] - |D| - [1553] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Into the Breach [GOG.com] [11/01/2018 22:57:38] - |D| - [6427] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [17/04/2018 00:01:33] - |D| - [2657] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor Free Mp3 M4a Wma Converter [12/01/2018 22:03:59] - |D| - [1846] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [18/05/2018 17:57:42] - |D| - [1552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MachiaVillain [GOG.com] [12/04/2018 01:38:20] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [27/08/2018 21:11:22] - |D| - [3900] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [30/01/2018 20:43:21] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek [26/08/2018 21:54:36] - |D| - [3090] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js [17/10/2017 07:57:07] - |D| - [1501] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [23/05/2018 22:04:38] - |A| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [17/04/2018 20:49:55] - |D| - [5369] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Video Capture [24/08/2018 11:59:17] - |D| - [5103] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office [23/05/2018 22:04:38] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [04/03/2018 17:44:29] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Pro 10 [04/03/2018 17:51:18] - |D| - [5672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [23/05/2018 22:04:38] - |A| - [2474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [23/05/2018 22:04:38] - |A| - [2397] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [17/10/2017 08:01:18] - |D| - [1959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek [10/02/2018 09:45:43] - |D| - [2075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rogue Legacy [GOG.com] [06/07/2018 11:34:17] - |D| - [1763] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slime Rancher The Little Big Storage [10/02/2018 10:45:04] - |D| - [1414] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snake Pass [08/06/2018 13:24:06] - |D| - [2031] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solibri [17/10/2017 08:26:38] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Radar 3.lnk [17/10/2017 08:33:14] - |A| - [2465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Studio 3.lnk [12/04/2018 01:38:20] - |RD| - [2460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [10/01/2018 23:11:52] - |D| - [1110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [03/09/2018 12:31:27] - |A| - [2000] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk [24/03/2018 14:26:40] - |D| - [1441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surviving Mars [12/04/2018 01:38:20] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [21/01/2018 01:38:59] - |D| - [1692] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tooth and Tail [GOG.com] [16/05/2018 10:06:51] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [10/01/2018 23:09:42] - |D| - [4433] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [20/05/2018 15:56:41] - |D| - [1732] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wizard of Legend [GOG.com] [23/05/2018 22:04:38] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [17/10/2017 08:13:20] - |D| - [1197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [22/01/2018 00:02:45] - |A| - [2286] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [12/04/2018 01:38:24] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [31/05/2018 22:28:48] - |D| - [283906799] - C:\Program Files (x86)\Adobe [19/01/2018 11:04:42] - |D| - [0] - C:\Program Files (x86)\AGEIA Technologies [31/05/2017 03:52:47] - |D| - [51265340] - C:\Program Files (x86)\ASUS [11/01/2018 00:02:30] - |AD| - [23879229] - C:\Program Files (x86)\Asus Espada Gaming Mouse [17/10/2017 08:22:19] - |D| - [37557850] - C:\Program Files (x86)\ASUSTeK COMPUTER INC [25/07/2018 13:39:16] - |D| - [20080606] - C:\Program Files (x86)\Canon [22/01/2018 00:02:43] - |AD| - [41727351] - C:\Program Files (x86)\CodeMeter [12/04/2018 01:38:20] - |D| - [205364003] - C:\Program Files (x86)\Common Files [12/04/2018 01:38:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [20/05/2018 15:55:27] - |D| - [152382622] - C:\Program Files (x86)\GOG Galaxy [10/01/2018 22:41:10] - |D| - [418177277] - C:\Program Files (x86)\Google [17/10/2017 08:00:56] - |HD| - [127778849] - C:\Program Files (x86)\InstallShield Installation Information [17/10/2017 07:53:36] - |D| - [43237102] - C:\Program Files (x86)\Intel [12/04/2018 01:38:20] - |D| - [2007595] - C:\Program Files (x86)\Internet Explorer [17/04/2018 00:01:33] - |D| - [7670189] - C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter [22/01/2018 00:08:15] - |D| - [1568369] - C:\Program Files (x86)\Microsoft SDKs [22/01/2018 00:08:15] - |D| - [384000] - C:\Program Files (x86)\Microsoft SQL Server [17/10/2017 08:20:32] - |AD| - [3242367] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [17/10/2017 08:20:33] - |D| - [343335] - C:\Program Files (x86)\Microsoft Synchronization Services [10/02/2018 09:45:45] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [12/04/2018 01:38:20] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [16/05/2018 00:42:46] - |D| - [25757] - C:\Program Files (x86)\MSBuild [11/01/2018 22:36:32] - |AD| - [14544896] - C:\Program Files (x86)\Need for Speed Most Wanted 2012 [17/10/2017 07:56:16] - |D| - [460650225] - C:\Program Files (x86)\NVIDIA Corporation [17/01/2018 22:16:55] - |D| - [782336] - C:\Program Files (x86)\OpenAL [17/04/2018 20:49:55] - |D| - [1416175] - C:\Program Files (x86)\OpenVideoCapture [17/10/2017 08:00:56] - |D| - [24119970] - C:\Program Files (x86)\Realtek [16/05/2018 00:42:46] - |D| - [38454529] - C:\Program Files (x86)\Reference Assemblies [17/10/2017 08:13:20] - |D| - [227064281] - C:\Program Files (x86)\SplitmediaLabs [10/01/2018 23:11:52] - |D| - [788767934] - C:\Program Files (x86)\Steam [03/09/2018 12:31:27] - |D| - [11435016] - C:\Program Files (x86)\SumatraPDF [17/10/2017 08:00:56] - |HD| - [0] - C:\Program Files (x86)\Temp [14/02/2018 01:22:35] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [27/08/2018 20:47:25] - |D| - [17544869] - C:\Program Files (x86)\UsbFix [17/10/2017 07:53:36] - |D| - [3247500] - C:\Program Files (x86)\VulkanRT [12/04/2018 01:38:20] - |D| - [1780768] - C:\Program Files (x86)\Windows Defender [12/04/2018 01:38:20] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [12/04/2018 18:19:21] - |D| - [3254215] - C:\Program Files (x86)\Windows Media Player [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7556440] - C:\Program Files (x86)\windows nt [12/04/2018 01:38:20] - |D| - [5370120] - C:\Program Files (x86)\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [40328] - C:\Program Files (x86)\Windows Portable Devices [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [12/04/2018 01:38:20] - |D| - [2251159] - C:\Program Files (x86)\WindowsPowerShell [10/01/2018 23:09:31] - |AD| - [5187948] - C:\Program Files (x86)\WinRAR ---------- | C:\Program Files [24/01/2018 22:31:39] - |D| - [24219] - C:\Program Files\Allplan [17/10/2017 08:21:48] - |D| - [92389] - C:\Program Files\ASUS [17/10/2017 08:25:34] - |D| - [41041291] - C:\Program Files\ASUSTeKcomputer.Inc [25/07/2018 13:37:11] - |HD| - [13417634] - C:\Program Files\CanonBJ [22/01/2018 00:02:43] - |D| - [4259816] - C:\Program Files\CodeMeter [12/04/2018 01:38:20] - |D| - [156184372] - C:\Program Files\Common Files [10/01/2018 23:12:39] - |D| - [52204959] - C:\Program Files\DAEMON Tools Lite [12/04/2018 01:38:23] - |ASH| - [174] - C:\Program Files\desktop.ini [17/10/2017 08:02:35] - |D| - [1049560] - C:\Program Files\DIFX [14/02/2018 01:27:57] - |SHD| - [0] - C:\Program Files\Fichiers communs [26/08/2018 21:42:38] - |D| - [552519643] - C:\Program Files\Git [17/10/2017 07:52:05] - |AD| - [361816600] - C:\Program Files\Intel [12/04/2018 01:38:20] - |D| - [2639926] - C:\Program Files\internet explorer [24/03/2018 13:29:48] - |D| - [198484658] - C:\Program Files\Java [27/08/2018 21:11:15] - |D| - [169160767] - C:\Program Files\Malwarebytes [17/10/2017 08:14:03] - |D| - [2824] - C:\Program Files\mcafee [17/10/2017 08:38:08] - |AD| - [3095261581] - C:\Program Files\Microsoft Office [23/05/2018 21:44:18] - |D| - [8963008] - C:\Program Files\Microsoft Office 15 [22/01/2018 00:08:15] - |AD| - [169056] - C:\Program Files\Microsoft SQL Server [17/10/2017 08:20:41] - |AD| - [4421503] - C:\Program Files\Microsoft SQL Server Compact Edition [17/10/2017 08:20:41] - |D| - [343335] - C:\Program Files\Microsoft Synchronization Services [16/05/2018 00:42:46] - |D| - [25757] - C:\Program Files\MSBuild [30/01/2018 20:42:04] - |D| - [24749] - C:\Program Files\Nemetschek [26/08/2018 21:54:36] - |D| - [44463341] - C:\Program Files\nodejs [17/10/2017 07:54:40] - |D| - [1353929283] - C:\Program Files\NVIDIA Corporation [04/03/2018 17:51:15] - |D| - [45385822] - C:\Program Files\PDFCreator [17/10/2017 08:01:09] - |D| - [55094760] - C:\Program Files\Realtek [16/05/2018 00:42:46] - |D| - [36854953] - C:\Program Files\Reference Assemblies [12/01/2018 21:39:10] - |AD| - [7133818] - C:\Program Files\rempl [31/05/2017 03:44:09] - |HD| - [0] - C:\Program Files\Uninstall Information [22/01/2018 00:02:45] - |D| - [2942209] - C:\Program Files\WIBU-SYSTEMS [12/04/2018 01:38:20] - |RD| - [19336699] - C:\Program Files\Windows Defender [12/04/2018 01:38:20] - |D| - [635392] - C:\Program Files\Windows Mail [12/04/2018 18:19:21] - |D| - [4783083] - C:\Program Files\Windows Media Player [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Multimedia Platform [12/04/2018 01:38:20] - |D| - [7823192] - C:\Program Files\windows nt [12/04/2018 01:38:20] - |D| - [6170376] - C:\Program Files\Windows Photo Viewer [12/04/2018 01:38:20] - |D| - [46576] - C:\Program Files\Windows Portable Devices [12/04/2018 01:38:20] - |D| - [106165] - C:\Program Files\Windows Security [12/04/2018 01:38:20] - |SHD| - [0] - C:\Program Files\Windows Sidebar [12/04/2018 01:38:20] - |HD| - [2969730146] - C:\Program Files\WindowsApps [12/04/2018 01:38:20] - |D| - [2501953] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [31/05/2018 22:28:48] - |D| - [9436443] - C:\Program Files (x86)\Common Files\Adobe [31/01/2018 20:48:48] - |D| - [13942800] - C:\Program Files (x86)\Common Files\BattlEye [17/10/2017 07:53:32] - |D| - [117569564] - C:\Program Files (x86)\Common Files\Intel [24/03/2018 13:32:56] - |D| - [1946184] - C:\Program Files (x86)\Common Files\Java [12/04/2018 01:38:20] - |D| - [39767819] - C:\Program Files (x86)\Common Files\microsoft shared [24/01/2018 22:28:57] - |D| - [940228] - C:\Program Files (x86)\Common Files\Nemetschek [17/10/2017 07:59:38] - |D| - [205532] - C:\Program Files (x86)\Common Files\PostureAgent [12/04/2018 01:38:20] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [10/01/2018 23:11:53] - |D| - [5672800] - C:\Program Files (x86)\Common Files\Steam [12/04/2018 01:38:20] - |D| - [15879931] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [24/08/2018 11:59:36] - |D| - [24216] - C:\Program Files\Common files\DESIGNER [18/03/2018 18:32:45] - |HD| - [992182] - C:\Program Files\Common files\EAInstaller [17/10/2017 08:06:12] - |D| - [2303008] - C:\Program Files\Common files\Intel [12/04/2018 01:38:20] - |D| - [142597293] - C:\Program Files\Common files\microsoft shared [12/04/2018 01:38:20] - |D| - [2702] - C:\Program Files\Common files\Services [12/04/2018 01:38:20] - |D| - [10264971] - C:\Program Files\Common files\system ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [16/05/2018 10:09:52] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.2E7D60730337ED1CBFB7A1AC722B2786] - [31/05/2018 22:29:05] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.00000000000000000000000000000000] - [16/05/2018 10:09:52] - |D| - [2472] - C:\WINDOWS\System32\Tasks\ASUS [MD5.BC00670BD77E94CFC4413A5D6DFB381C] - [16/05/2018 10:09:52] - |A| - [3554] - C:\WINDOWS\System32\Tasks\ASUS Live Update1 : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.A43E72D30047BA4C1D4CF361E916D154] - [16/05/2018 10:09:52] - |A| - [3544] - C:\WINDOWS\System32\Tasks\ASUS Live Update2 : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.9A20A7869600CE9181547D8463C6AF0C] - [16/05/2018 10:09:52] - |A| - [2302] - C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON : C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [MD5.AEDC8E22D7F58845F9132CC2B36C1E1A] - [16/05/2018 10:09:52] - |A| - [2924] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.A4C90D430197DE626B28A0D0B60C8981] - [16/05/2018 10:09:52] - |A| - [2214] - C:\WINDOWS\System32\Tasks\ATK Package A22126881260 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.B1D0D8E08DBEDF357B4142983F1FD85D] - [16/05/2018 10:09:52] - |A| - [2934] - C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2016 : D:\Allplan\Prg\NemDownloadHandler.exe [MD5.9334F2F7DCDFC25F60A3B626059F7781] - [16/05/2018 10:09:52] - |A| - [2934] - C:\WINDOWS\System32\Tasks\AutoUpdate Allplan 2018 : D:\Allplan\Prg\NemDownloadHandler.exe [MD5.5912F7F5C338E3B022C22F2A320EE371] - [16/05/2018 10:09:52] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.B8E2400432D8407FF916E23908590E7C] - [16/05/2018 10:09:52] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [16/05/2018 10:09:52] - |D| - [0] - C:\WINDOWS\System32\Tasks\Intel [MD5.09650088CE3965E8EB34EB949C199736] - [16/05/2018 10:09:52] - |A| - [3118] - C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [567462] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.B8829EC3A8CBF26A2D943B2E73CDB5ED] - [16/05/2018 10:09:52] - |A| - [3398] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.D271B57C704ED9FE8F7BDF6C46E504F6] - [16/05/2018 10:09:52] - |A| - [3176] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.B8FC6CCCF9BB0C866D8776CB00C01F1C] - [16/05/2018 10:09:52] - |A| - [2968] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.6A92F775294AA925AE9716569E86EC50] - [16/05/2018 10:09:52] - |A| - [2984] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.A416713998B405C15DF29DC980393AF6] - [16/05/2018 10:09:52] - |A| - [2744] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.1A919F03C70ACB361EBE07E705BA7845] - [16/05/2018 10:09:52] - |A| - [2838] - C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.9173F2CE9E5535610FEDA93AA2FBA706] - [16/05/2018 10:09:52] - |A| - [2786] - C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.EE8DBEA1DB853C947F2E0FAA4155E164] - [16/05/2018 10:09:52] - |A| - [2956] - C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.205DB51267512C525EFE500A7581C657] - [16/05/2018 10:09:52] - |A| - [2766] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.2D7246852C5055F024D464039278D6D5] - [16/05/2018 10:09:52] - |A| - [3370] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812020250-49885185-2009104261-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7CFACCA3D40F1CFA014EC6F3FD638D10] - [16/05/2018 10:09:52] - |A| - [3268] - C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1812020250-49885185-2009104261-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7C857680AB2806B7D3BBA67F1C97AF29] - [16/05/2018 10:09:52] - |A| - [2552] - C:\WINDOWS\System32\Tasks\ROG Gaming Center : "C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe" [MD5.C4DEFE179456697578CC4A86444DE4F5] - [16/05/2018 10:09:52] - |A| - [2346] - C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice : "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [MD5.4C6CC4303327A6B6000033C426FAA5C8] - [16/05/2018 10:09:52] - |A| - [2282] - C:\WINDOWS\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [MD5.00000000000000000000000000000000] - [03/09/2018 12:14:21] - |D| - [3372] - C:\WINDOWS\System32\Tasks\S-1-5-21-1812020250-49885185-2009104261-1001 [MD5.BEA7EFA37918AC9407E44CF069C942A6] - [27/08/2018 21:30:53] - |A| - [3590] - C:\WINDOWS\System32\Tasks\Skype : C:\Users\colis\AppData\Local\avertissement_de_bannissement.js [MD5.9DA212F7D7C3042F0A5CB84FD9E047BA] - [16/05/2018 10:09:52] - |A| - [2398] - C:\WINDOWS\System32\Tasks\SS3svc32Run : "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe" [MD5.AA7FBB93EB228B06AF5147CB3A6A413F] - [16/05/2018 10:09:52] - |A| - [2406] - C:\WINDOWS\System32\Tasks\SS3svc64Run : "C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe" [MD5.7CAA1271FFD5EEE7EF486DFE13C5A125] - [16/05/2018 10:09:52] - |A| - [2972] - C:\WINDOWS\System32\Tasks\Update Checker : "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" [MD5.33E2C643B06F0094679E446434E97F01] - [16/05/2018 10:09:52] - |A| - [4170] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9D83AF0-CEDC-427C-A03A-4B0134D827F4} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.28|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{68636300-E84B-4E96-875E-2881F14E61FE}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "{4886034A-F43E-481E-9CB1-1DC21589A480}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Autodesk SketchBook|Desc=Autodesk SketchBook|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1047515161-358678321-1182485124-675918906-21415711-1529155774-789380781|EmbedCtxt=Autodesk SketchBook|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{6520CBDB-5D28-456D-A3D6-03B802ED1E98}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User| "TCP Query User{9C88E2A7-C102-4C86-B269-EF2A789A910A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe|Name=League of Legends|Desc=League of Legends|Defer=User| "{C7F6E2D4-32BD-415B-8A85-C1D31B1052CD}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=3D Builder|Desc=3D Builder|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=3D Builder|Platform=2:6:2|Platform2=GTEQ| "{4AF30BF9-0F93-430D-B437-E528B8160EEA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{94A84538-5FC8-4AA6-A96C-7A30DF490714}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{4263F197-B5F0-4E5C-9615-D8973B25336F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{FB9D9381-822D-4994-B03D-A8F876B99DDA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\colis\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{B5D6EDCD-5652-4036-BECE-9CBD9CED5A72}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Desc=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3683675459-3773291521-1484585779-411256776-3272641875-4180025570-632422423|EmbedCtxt=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Platform=2:6:2|Platform2=GTEQ| "{E96BBE56-92DA-4B49-B7DB-C6871AC08C97}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Desc=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3683675459-3773291521-1484585779-411256776-3272641875-4180025570-632422423|EmbedCtxt=@{26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j?ms-resource://26720RandomSaladGamesLLC.CheckersDeluxe/Resources/ApplicationTitle}|Platform=2:6:2|Platform2=GTEQ| "{412A0A3F-68C0-46D6-94B1-97A7B1F2A944}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Démineur|Desc=Démineur|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4069314316-2345327562-3386779030-140461310-710259185-931951545-1379755714|EmbedCtxt=Démineur|Platform=2:6:2|Platform2=GTEQ| "{900DA586-A009-4FDC-A24C-9A68C1B3DC6E}"=v2.27|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader| "{B58EEF18-816C-406D-8072-DD6C253128A3}"=v2.27|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader| "UDP Query User{3576479C-42E5-4FF4-8197-216D24C3850E}D:\prog\deezloader x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader|Defer=User| "TCP Query User{BEA58634-5D59-4E33-80E8-718972551225}D:\prog\deezloader x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\prog\deezloader x64\deezloader.exe|Name=DeezLoader|Desc=DeezLoader|Defer=User| "UDP Query User{43DFBD79-8849-4445-8739-24101C7D2593}D:\jeu\into the breach\breach.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeu\into the breach\breach.exe|Name=breach|Desc=breach| "TCP Query User{3AE06EE3-C0B6-41E7-9D90-2ADF0FC46372}D:\jeu\into the breach\breach.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeu\into the breach\breach.exe|Name=breach|Desc=breach| "UDP Query User{B2F2D89B-EB00-416C-A3E3-1AAF1D423E91}D:\deezloader-win32-x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\deezloader-win32-x64\deezloader.exe|Name=Electron|Desc=Electron|Defer=User| "TCP Query User{070DF23B-BBDC-42C9-AA57-492AA81B629C}D:\deezloader-win32-x64\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\deezloader-win32-x64\deezloader.exe|Name=Electron|Desc=Electron|Defer=User| "{7B15BB70-6838-41CE-AE52-806D037735BE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-1812020250-49885185-2009104261-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{E0809A8D-152D-446D-9544-8F3C123FF905}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe|Name=Wireless PAN DHCP Server|EmbedCtxt=MyWiFiDHCPDNS| "{7F06F2C9-E66C-4906-9658-CC8BB933DEE8}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe|Name=XSplit Gamecaster| "{4DAE71CA-FB4F-47B0-901A-5424149F80CA}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe|Name=XSplit Gamecaster| "{71A865DE-C0C2-4BE0-9B3C-E7A0005F848D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe|Name=XSplit Helper Process| "{7DAC8318-D578-4095-8498-FC1248184093}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe|Name=XSplit Helper Process| "{3C1D665B-EB0C-4BDE-BFA7-234C0B4F74BC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe|Name=ROG Gaming Center|Desc=ROG Gaming Center| "{5CDB7114-09D5-4219-A95C-825137795926}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Plex|Desc=Plex|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-663319984-3691977918-1341348298-2599563705-1202581887-3444832810-199907587|EmbedCtxt=Plex|Platform=2:6:2|Platform2=GTEQ| "{E2987319-6DC8-465D-92C3-DB798F0E674C}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Plex|Desc=Plex|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-663319984-3691977918-1341348298-2599563705-1202581887-3444832810-199907587|EmbedCtxt=Plex|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{28FD410C-589E-45C0-BAA7-B8A03E3A84A9}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe|Name=DAEMON Tools Lite Service|Desc=The DAEMON Tools Lite mandatory service is responsible for remote devices.| "TCP Query User{61040785-A896-49EA-BFF7-26F09216A2CD}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{B65F812B-8BE5-4434-B604-21EFDC4E379C}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{FBB6749A-8BFA-4790-8D08-883823B3C22F}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{C35F683E-9F07-49D8-8327-CC2BFCE56536}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{8E3CE4E8-781F-4BCC-8B64-E00593BFD10C}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{0932908F-8D6F-4DAE-B7A0-F1EFF208B451}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "{E46279FF-9C1E-4D07-B331-F585BD241F81}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeterFWEx1|Edge=TRUE| "{2B1ADD13-317E-4507-85BE-0E0D0ADE0C61}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "{8A01F12A-1FD0-4A6B-882E-E423D87D0600}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe|Name=CodeMeter Runtime Server| "TCP Query User{D2B46B21-551D-4735-8370-46A03AA154AF}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "UDP Query User{DA2E058E-7CD9-4F7F-8D76-7D631C97FBC0}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "{A3D95388-5D70-479C-AB4D-EC91F8322213}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{CC799755-18CB-4978-8965-37E29280ED0D}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{5AAABC09-E16A-4C67-AA06-86E240F90E74}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ| "{6A091DD4-A342-457D-B3E6-4C15244BCA3E}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Win32WebViewHost|Desc=Win32WebViewHost|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646|EmbedCtxt=Win32WebViewHost|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1789EC34-352D-4F8B-A6B6-92B2F951073E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{CA38AC2A-76FC-4876-854D-A52D3E69E82C}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1493781645-1295257613-1020008276-2987759984-4279079501-2993282854-2167006054|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ| "{09322C75-EC0F-4979-BD92-A8D87073F10A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1493781645-1295257613-1020008276-2987759984-4279079501-2993282854-2167006054|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{21A624C1-A61C-4043-8BA8-58A95C01FFED}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{18B21336-92EB-4510-8E22-008B01D64A21}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe|Name=crashbandicootnsanetrilogy|Desc=crashbandicootnsanetrilogy| "UDP Query User{BB7E1B08-723B-4250-91B7-7C4D14A7E5C1}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe|Name=crashbandicootnsanetrilogy|Desc=crashbandicootnsanetrilogy| "{5170C638-862F-4533-9EBA-F80157C29F70}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7AE91DEA-6E4D-4BEA-8509-FE94056C1E8A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{DC659083-80F4-4F04-89F1-304856674916}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{2D295717-9335-4FC5-8641-43211B969F71}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0E0D2E18-2391-4A2A-BACC-350E09067B60}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{BA4EC6A3-20F5-45B6-A3BC-A6B4A371EA3B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CA14C6B8-197F-4F01-803F-FA06870F61F5}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{F9EF3BC2-7A7E-4AED-886C-04FDB2936A2F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C28D1ADA-DA18-4FE6-9CDF-337CB7124F13}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{ABFF0A04-43C6-4123-8030-45614CB37EA4}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D7C482EC-8333-491E-826A-1A04A7E309DD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{12C25D28-860B-4226-8A6F-30A18751A521}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{EF756E4A-9DD1-4844-B02B-81EBBB5694CD}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{23B333E8-CF34-4E26-8BAB-79BB6C759BFC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D2917D37-DAE0-4BE3-8755-FC078BF45CD6}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D9952207-D912-4EA1-BB83-8B772C7C6A53}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{49532257-B7BA-456A-BC9F-4A776EFF9891}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5D360568-CAF1-4ED0-AC0E-9DD04AA6BE57}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{40489335-1846-4391-9F6B-89DC04F3B279}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7C638194-8501-4A9C-8B0E-1D1353F2CADE}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B9B4DB66-FBDA-467A-9DA3-A04D75DEE51B}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9446202F-6EC8-4F96-BEE0-6E773B8C7C90}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{BAF16D55-BDB2-46E7-964C-5AE0BA629E58}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{12806CC3-61D8-4CBF-89F1-F9E8D4128717}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B6B309F3-30BD-47DA-98C1-A9AE5BFD543A}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{3AA8BEE1-61C7-4C68-A657-BAFCE50A4AD1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{818A99D1-2178-4924-95B3-4A1E0464218B}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{0A1F0067-6D68-453B-9D1A-372CCCAD1292}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{3CB1E63C-AF0C-4C8F-8BA5-257AA6712AC2}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4370|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C995E955-1AB3-4D9A-B4F8-04953297C8BC}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=4380|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.259.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{13C0E017-B92E-437B-81E2-21A90403E58E}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "{A17E570E-402D-4543-A489-A0C12DA56F9F}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Desc=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-792116756-2163651165-1029707900-2144380252-3717869303-3061844081-355238664|EmbedCtxt=@{A278AB0D.MarchofEmpires_3.4.0.7_x86__h6adky7gbf63m?ms-resource://A278AB0D.MarchofEmpires/Resources/MarchOfEmpires}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{DFC3E5C6-40BE-4079-9507-9E01BE7836E0}D:\jeu\star traders frontiers\startradersfrontiers.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers|Defer=User| "UDP Query User{D3155A38-DEB1-4AE0-B735-EC37889096E9}D:\jeu\star traders frontiers\startradersfrontiers.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers|Defer=User| "{952C963A-4168-4909-8FF6-025B6F551D62}"=v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers| "{2C4886D6-B2EE-404C-8575-ED02BD998ED5}"=v2.28|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeu\star traders frontiers\startradersfrontiers.exe|Name=startradersfrontiers|Desc=startradersfrontiers| "TCP Query User{E9A96DF8-98C9-4C06-AACF-4CD66F5CDAC9}C:\users\colis\appdata\local\programs\deezloader\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader\deezloader.exe|Name=deezloader.exe|Desc=deezloader.exe|Defer=User| "UDP Query User{4D79E8B3-00C5-40BC-B2D2-DCDEDE171C66}C:\users\colis\appdata\local\programs\deezloader\deezloader.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader\deezloader.exe|Name=deezloader.exe|Desc=deezloader.exe|Defer=User| "TCP Query User{D86E7C9B-846D-4B2F-91B8-09F037357E18}C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe|Name=deezloader remix.exe|Desc=deezloader remix.exe|Defer=User| "UDP Query User{86813A21-4EE6-4ACE-879F-648B109BAC11}C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\appdata\local\programs\deezloader remix\deezloader remix.exe|Name=deezloader remix.exe|Desc=deezloader remix.exe|Defer=User| "{8E6E59CA-37E6-4594-8B3A-48E46920BA6D}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{2D407C5A-82DF-4A03-83B8-0541E0090484}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{5BB8E3EE-E291-41D2-85C1-A443A558E687}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{50284AA3-9639-4B28-97AD-0F0B8FA362ED}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CCAFD30A-96A0-4807-90FD-0E188D35B003}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C8A430B5-8BA7-4733-82AD-1FF87CFE4634}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{A0F2221D-B27D-4544-8D45-CF40182D60B3}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{245B3085-614E-4C46-9357-F1EDB40B80BB}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{46C087D0-F6C7-48BD-BFE4-4FE00463E2C7}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{393941AC-71DB-49F0-9E11-E00F7BEB61C9}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{399CA386-D0D0-40D8-9491-98DC4F01B3D0}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{C45D738A-9DA9-4829-A506-43433CB8FD31}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{A70F78C4-B4AB-429B-85C3-287A84791117}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{101FAF8F-0655-4E54-86B6-70E5E806DE26}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{8470F6C5-0109-4959-B190-F38FC7041F4F}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{0F812918-7A3F-4357-9437-A2A4652F39A0}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{6750B161-60D6-4B35-9D40-10BC32A05071}C:\program files\java\jre1.8.0_161\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\java\jre1.8.0_161\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{FF3605C3-382C-42FD-B4B8-5A51530C5E9E}C:\program files\java\jre1.8.0_161\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\java\jre1.8.0_161\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{DB919BB6-EA3C-414D-BA74-EE5BB121CDF0}D:\prog\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\prog\deezloader remix\deezloader remix.exe|Name=Deezloader Remix|Desc=Deezloader Remix|Defer=User| "UDP Query User{E247D99A-88EC-4E53-82A9-DE72ADF7AA32}D:\prog\deezloader remix\deezloader remix.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\prog\deezloader remix\deezloader remix.exe|Name=Deezloader Remix|Desc=Deezloader Remix|Defer=User| "TCP Query User{3ACC1CC6-F073-4F53-A7CA-74FADAE9042C}C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe|Name=electron.exe|Desc=electron.exe|Defer=User| "UDP Query User{D296FF68-D40D-4857-88F7-DE685D552200}C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\colis\desktop\deezloaderremix\node_modules\electron\dist\electron.exe|Name=electron.exe|Desc=electron.exe|Defer=User| "{9F4BA847-8C11-4F89-B53C-6FC2161418AC}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{6FB172AD-E68C-4C9E-9F17-BC6549DFFA49}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{4473785B-509A-4191-9F36-76D1865905CD}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox gaming overlay|Desc=Xbox gaming overlay|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox gaming overlay|Platform=2:6:2|Platform2=GTEQ| "{F30D72C3-6975-48CD-AF26-75DEAD608AA9}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{C5337B05-8B68-425A-882E-C8E233DBD552}"=v2.28|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{C1BF56D6-14F2-42D0-8B50-4F87406967F1}"=v2.28|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-1812020250-49885185-2009104261-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"=C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ee986ed-9d81-43b3-b9ea-30686e6f4219}] : (PSM) [] -> @oem6.inf,%ClassName%;Intel® Power Sharing Manager [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem56.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem58.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [08/05/2015 11:07:06] - (1.0.6.1) - (ASUSTek Computer Inc. - ATK WMIACPI Utility) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [18/03/2018 18:59:15] - (23.21.13.9101) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 391.01) - C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvlddmkm.sys [29/08/2017 09:59:46] - (1.0.0.7) - (ASUS - HID minidriver for ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsRadioControl.sys [17/10/2017 07:54:59] - (3.90.1.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [18/03/2018 18:59:15] - (202.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [10/01/2018 23:13:08] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [10/01/2018 23:12:46] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: PNP Filter - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: System - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 77 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ASLDRService" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="igfxCUIService2.0.0.0" LoadOrderGroup.Name="TDI" - Service.Name="irmon" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="NetworkProvider" - Service.Name="mpssvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="Video" - Service.Name="NVDisplay.ContainerLocalSystem" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="AudioGroup" - Service.Name="VacSvc" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="afunix" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AsusPTPDrv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="bindflt" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Base" - SystemDriver.Name="dc1-controller" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Base" - SystemDriver.Name="dg_ssudbus" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="dtlitescsibus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="dtliteusbbus" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice" LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_GPIO2" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorA" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="iaStorAfs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAVC" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ibtusb" LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx" LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ItSas35i" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas35i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Netwtw04" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="Video" - SystemDriver.Name="nvlddmkm" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="nvvhci" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rt640x64" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="Filter" - SystemDriver.Name="SgrmAgent" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="base" - SystemDriver.Name="WdmCompanionFilter" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MBAMFarflt" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MBAMChameleon" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MBAMProtection" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA (@oem37.inf,%iaStorA.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ATKWMIACPIIO (ATKWMIACPI Driver) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\WINDOWS\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - MpKsl2d1c4f8e () -> \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B3020BEC-2584-4B31-902D-567F1ED398DD}\MpKsl2d1c4f8e.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - iocbios2 (iocbios2) -> \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\System32\Drivers\MbamChameleon.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - AsusPTPDrv (@oem2.inf,%AsusPTP.SvcDesc%;ASUS Touch Service) -> \SystemRoot\System32\drivers\AsusPTPFilter.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - bindflt (@%systemroot%\system32\drivers\bindflt.sys,-100) -> \SystemRoot\system32\drivers\bindflt.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - bsitf (ASUS BIOS Flash Driver) -> \SystemRoot\system32\DRIVERS\bsitf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Service d’énumérateur Bluetooth) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Pilote Bluetooth Low Energy) -> \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dc1-controller (@dc1-controller.inf,%dc1-controller.SvcDesc%;Xbox Peripherals Driver) -> \SystemRoot\System32\drivers\dc1-controller.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dg_ssudbus (@oem51.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - dtlitescsibus (@oem22.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus) -> \SystemRoot\System32\drivers\dtlitescsibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - dtliteusbbus (@oem29.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus) -> \SystemRoot\System32\drivers\dtliteusbbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HIDSwitch (@oem25.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control) -> \SystemRoot\System32\drivers\AsRadioControl.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - iaLPSS2_GPIO2 (@oem7.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_GPIO2.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_I2C (@oem38.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_I2C.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - iaStorAfs (@oem37.inf,%iaStorAfs.DisplayName%;iaStorAfs) -> \SystemRoot\System32\drivers\iaStorAfs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ibtusb (@oem28.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R)) -> \SystemRoot\system32\DRIVERS\ibtusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ICCWDT (@oem31.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT)) -> \SystemRoot\System32\drivers\ICCWDT.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - igfx () -> \SystemRoot\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0d8b06fa651db23a\igdkmd64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcDAud (@oem11.inf,%IntcAud.SvcDesc%;Son Intel(R) pour écrans) -> \SystemRoot\system32\DRIVERS\IntcDAud.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MEIx64 (@oem26.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface) -> \SystemRoot\System32\drivers\TeeDriverW8x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\ndproxy.sys,-6000) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Netwtw04 (___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit) -> \SystemRoot\System32\drivers\Netwtw04.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nvdimm (@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver) -> \SystemRoot\System32\drivers\nvdimm.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - nvlddmkm () -> \SystemRoot\System32\DriverStore\FileRepository\nvami.inf_amd64_40f9e134b62f4f99\nvlddmkm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NvStreamKms (NVIDIA KMS) -> \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - nvvad_WaveExtensible (@oem27.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM)) -> \SystemRoot\system32\drivers\nvvad64v.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - nvvhci (@oem19.inf,%ServiceDesc%;NVVHCI Enumerator Service) -> \SystemRoot\System32\drivers\nvvhci.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> \SystemRoot\System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> System32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RSP2STOR (@oem1.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2) -> \SystemRoot\system32\DRIVERS\RtsP2Stor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rt640x64 (@oem33.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver) -> \SystemRoot\System32\drivers\rt640x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ssudmdm (@oem50.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudmdm.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - TsUsbFlt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tunnel (@%SystemRoot%\System32\drivers\tunnel.sys,-501) -> System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;Pilote USB audio (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\system32\DRIVERS\usbscan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\System32\drivers\VerifierExt.sys,-1000) -> System32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WdmCompanionFilter (@%SystemRoot%\system32\drivers\WdmCompanionFilter.sys,-1000) -> system32\drivers\WdmCompanionFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\drivers\wd\WdNisDrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> system32\drivers\WudfRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Pilote de protocole d'entrée de jeu Xbox) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MBAMSwissArmy (MBAMSwissArmy) -> \SystemRoot\System32\Drivers\mbamswissarmy.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - MBAMFarflt (MBAMFarflt) -> system32\DRIVERS\farflt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - MBAMProtection (MBAMProtection) -> \SystemRoot\system32\DRIVERS\mbam.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - MBAMWebProtection (MBAMWebProtection) -> \SystemRoot\system32\DRIVERS\mwac.sys - AcceptPause: False - AcceptStop: True S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - hvcrash () -> \SystemRoot\System32\drivers\hvcrash.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\5315-4114-3937-2165] : (Solibri Model Checker v9.8.-.Solibri Inc) -> "D:\Prog\Solibri\SMCv9.8\uninstall Solibri Model Checker v9.8.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Free Convert FLAC To MP3] : (Free Convert FLAC To MP3 (remove only).-.4dots Software) -> C:\Program Files (x86)\4dots Software\Free Convert FLAC To MP3\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Git_is1] : (Git version 2.18.0.-.The Git Development Community) -> "C:\Program Files\Git\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Intel Security Software Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}] : (AudioCaptureNotificationConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB}] : (Intel(R) Serial IO.-.Intel Corporation) -> MsiExec.exe /I{0C21BBE5-F4B4-42E2-AE4B-BE210BB1B8AB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1B31F1CC-7C8B-4760-91B1-3DF6873EDC2D}] : (ProfileSwitcherCleanup.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2159D6A2-CFFE-51F3-0017-A53F85A727E3}] : (General Runtime Files for Allplan 2016-1-7 x64.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{2159D6A2-CFFE-51F3-0017-A53F85A727E3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180161F0}] : (Java 8 Update 161 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180161F0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36606417-B1C4-42C2-B5C1-67972DA63DAB}] : (ProductDaemonSetup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{36606417-B1C4-42C2-B5C1-67972DA63DAB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3CF43809-BA72-4BC7-B936-1308CE57C6E6}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{3CF43809-BA72-4BC7-B936-1308CE57C6E6} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}] : (ApoDispatchConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60130678-813A-4D4B-97E7-284F27516561}] : (Intel® PROSet/Wireless WiFi Software.-.Intel Corporation) -> MsiExec.exe /I{60130678-813A-4D4B-97E7-284F27516561} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67133B16-3310-4E5A-91DC-F4E8527A2A9C}] : (SonicMapperConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7c6a2125-4d2d-4244-916f-0ea498b7c952}] : (Intel(R) PRO/Wireless Driver.-.Intel Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81FDC114-BADF-47AA-8A08-B03661FB4991}] : (Node.js.-.Node.js Foundation) -> MsiExec.exe /I{81FDC114-BADF-47AA-8A08-B03661FB4991} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88001CF1-7D5B-4BCC-9AF1-F7F4AD2BC488}] : (SonicRadar3Setup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{88001CF1-7D5B-4BCC-9AF1-F7F4AD2BC488} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{94E05108-3E4E-4F2E-AC5F-33A1B22B779C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9B8ADE33-5DE8-4EE2-9EF4-E1EA65A37F32}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{9B8ADE33-5DE8-4EE2-9EF4-E1EA65A37F32} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ABDC630D-DC10-4991-9965-D683C8F4885D}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{ABDC630D-DC10-4991-9965-D683C8F4885D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC306567-A1B7-4208-8FED-97CF535050BC}] : (DeviceRoutingConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (NVIDIA Ansel.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 391.01.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 27.1.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (NVIDIA Update 27.1.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer] : (DisplayDriverAnalyzer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.8.0.89.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 3.90.1.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C1520A55-D4B2-43D4-8520-3C5683C94DC8}] : (NahimicSettingsConfigurator.-.ASUSTeKcomputer.Inc) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D894441F-8A5E-48A0-8894-7FA739C1A33A}] : (SonicStudio3Setup.-.ASUSTeKcomputer.Inc) -> MsiExec.exe /I{D894441F-8A5E-48A0-8894-7FA739C1A33A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E0E25843-D0D2-4947-A2C2-CFBABB4FCBDE}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{E0E25843-D0D2-4947-A2C2-CFBABB4FCBDE} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F6AA7E43-41A4-4304-BA96-A495C5788231}] : (Intel(R) Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{F6AA7E43-41A4-4304-BA96-A495C5788231} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F97C940B-7821-4DF7-917C-3EEA95D6091F}] : (CodeMeter Runtime Kit v6.50c.-.WIBU-SYSTEMS AG) -> MsiExec.exe /I{F97C940B-7821-4DF7-917C-3EEA95D6091F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9E85A10-B115-B8CC-553E-36C7FF42B05B}] : (General Runtime Files for Allplan 2018-0-2 x64.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{F9E85A10-B115-B8CC-553E-36C7FF42B05B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1207659102_is1] : (FTL: Advanced Edition.-.GOG.com) -> "D:\Jeu\FTL - Advanced Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1455998221_is1] : (MachiaVillain.-.GOG.com) -> "D:\Jeu\MachiaVillain\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1620157881_is1] : (Tooth and Tail.-.GOG.com) -> "D:\Jeu\Tooth and Tail\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\2004253604_is1] : (Into the Breach.-.GOG.com) -> "D:\Jeu\Into the Breach\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\2061814323_is1] : (Wizard of Legend.-.GOG.com) -> "D:\Jeu\Wizard of Legend\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Crash Bandicoot N Sane Trilogy_is1] : (Crash Bandicoot N Sane Trilogy.-.) -> "D:\Games\Crash Bandicoot N Sane Trilogy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Mp3 M4a Wma Converter_is1] : (Free Mp3 M4a Wma Converter V 1.6.-.KastorSoft) -> "C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Frostpunk_is1] : (Frostpunk.-.) -> "D:\Games\Frostpunk\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GOGPACKROGUELEGACY_is1] : (Rogue Legacy.-.GOG.com) -> "D:\Jeu\Rogue Legacy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Open Video Capture_is1] : (Open Video Capture version 1.1.-.) -> "C:\Program Files (x86)\OpenVideoCapture\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Snake Pass_is1] : (Snake Pass.-.) -> "D:\Jeu\Snake Pass\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Surviving Mars_is1] : (Surviving Mars.-.) -> "D:\Games\Surviving Mars\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinX YouTube Downloader_is1] : (WinX YouTube Downloader 4.0.9.-.Digiarty Software, Inc.) -> "D:\WinX_YouTube_Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] : (ASUS Splendid Video Enhancement Technology.-.ASUS) -> MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{559FA847-377D-4926-80A3-ED9E014D363A}] : (Intel(R) Wireless Bluetooth(R).-.Intel Corporation) -> MsiExec.exe /I{559FA847-377D-4926-80A3-ED9E014D363A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> C:\WINDOWS\RtCRU64.exe /u ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6599C1AB-394E-4CB0-ADCE-53A0E5E8873E}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{6599C1AB-394E-4CB0-ADCE-53A0E5E8873E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7535C402-1670-31E0-F0D0-52DC6D50AB76}] : (General Runtime Files for Allplan 2018-0-2.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{7535C402-1670-31E0-F0D0-52DC6D50AB76} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}] : (ASUS PTP Driver.-.ASUS) -> MsiExec.exe /I{7618E419-9124-4E6C-9AF4-487A6DDEC1C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}] : (Device Setup.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{8D6B05E0-F457-408C-9D13-549334D8FAE1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A39B5969-9683-49F9-AA69-F40EF0D91441}] : (XSplit Gamecaster.-.SplitmediaLabs) -> MsiExec.exe /X{A39B5969-9683-49F9-AA69-F40EF0D91441} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA67D612-0BE5-44D6-9A91-592958F754A1}] : (Intel(R) C++ Redistributables on Intel(R) 64.-.Intel Corporation) -> MsiExec.exe /X{AA67D612-0BE5-44D6-9A91-592958F754A1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package (ASUS Keyboard Hotkeys).-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824272646}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824272646} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACF41228-28D2-497C-AD8F-19005413E49D}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{ACF41228-28D2-497C-AD8F-19005413E49D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EEB4B0A5-E468-3D72-FE16-C1C202B3E314}] : (General Runtime Files for Allplan 2016-1-7.-.Nemetschek Allplan Systems GmbH) -> MsiExec.exe /I{EEB4B0A5-E468-3D72-FE16-C1C202B3E314} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] : (ASUS Live Update.-.ASUS) -> MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB47E710-6249-4EFA-BE36-E922B0612AF4}] : (CASIO FA-124.-.CASIO COMPUTER CO., LTD.) -> MsiExec.exe /X{FB47E710-6249-4EFA-BE36-E922B0612AF4} ---------- | Ports ---------- | Microsoft Specifications CheckID: Access_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ACCESSC2RINSTALLED) -> Access_PIA CheckID: Ace_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> Ace_PIA CheckID: dummy_MSCOMCTL_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> dummy_MSCOMCTL_PIA CheckID: dummy_Office_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> dummy_Office_PIA CheckID: Excel_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT EXCELC2RINSTALLED) -> Excel_PIA CheckID: Forms_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> Forms_PIA CheckID: Graph_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR POWERPOINTC2RINSTALLED OR WORDC2RINSTALLED)) -> Graph_PIA CheckID: OneNotePIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ONENOTEC2RINSTALLED) -> OneNotePIA CheckID: Outlook_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT OUTLOOKC2RINSTALLED) -> Outlook_PIA CheckID: PowerPoint_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT POWERPOINTC2RINSTALLED) -> PowerPoint_PIA CheckID: Publisher_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT PUBLISHERC2RINSTALLED) -> Publisher_PIA CheckID: SmartTag_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR WORDC2RINSTALLED)) -> SmartTag_PIA CheckID: VSCommonPIAHidden0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> VSCommonPIAHidden CheckID: Word_PIA0{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT WORDC2RINSTALLED) -> Word_PIA CheckID: AccessPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ACCESSC2RINSTALLED) -> AccessPiaReg32 CheckID: AcePiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> AcePiaReg32 CheckID: ExcelPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT EXCELC2RINSTALLED) -> ExcelPiaReg32 CheckID: FormsPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> FormsPiaReg32 CheckID: GraphPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR POWERPOINTC2RINSTALLED OR WORDC2RINSTALLED)) -> GraphPiaReg32 CheckID: OfficePiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> OfficePiaReg32 CheckID: OneNotePIAReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ONENOTEC2RINSTALLED) -> OneNotePIAReg32 CheckID: OutlookPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT OUTLOOKC2RINSTALLED) -> OutlookPiaReg32 CheckID: PowerPointPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT POWERPOINTC2RINSTALLED) -> PowerPointPiaReg32 CheckID: PublisherPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT PUBLISHERC2RINSTALLED) -> PublisherPiaReg32 CheckID: SmartTagPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR WORDC2RINSTALLED)) -> SmartTagPiaReg32 CheckID: VBEPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> VBEPiaReg32 CheckID: WordPiaReg320{90160000-008C-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT WORDC2RINSTALLED) -> WordPiaReg32 CheckID: VSTO0{90160000-008C-0000-1000-0000000FF1CE} - CLICK2RUN OR CENTENNIAL -> VSTO CheckID: VSTOCLR350{90160000-008C-0000-1000-0000000FF1CE} - CLICK2RUN OR CENTENNIAL -> VSTOCLR35 CheckID: VSTOCLR400{90160000-008C-0000-1000-0000000FF1CE} - CLICK2RUN OR CENTENNIAL -> VSTOCLR40 CheckID: VSTOIntl_10360{90160000-008C-040C-1000-0000000FF1CE} - CLICK2RUN OR CENTENNIAL -> VSTOIntl_1036 CheckID: VSTOCLR35Intl_10360{90160000-008C-040C-1000-0000000FF1CE} - CLICK2RUN OR CENTENNIAL -> VSTOCLR35Intl_1036 CheckID: VSTOCLR40Intl_10360{90160000-008C-040C-1000-0000000FF1CE} - CLICK2RUN OR CENTENNIAL -> VSTOCLR40Intl_1036 CheckID: CESG502_640{FB47E710-6249-4EFA-BE36-E922B0612AF4} - VersionNT64 = "" OR VersionNT64 < 600 -> CESG502_64 CheckID: WINSXS0{F9E85A10-B115-B8CC-553E-36C7FF42B05B} - NEWERVERSIONSINSTALLED -> WINSXS CheckID: WINSXS0{7535C402-1670-31E0-F0D0-52DC6D50AB76} - NEWERVERSIONSINSTALLED -> WINSXS CheckID: WINSXS0{2159D6A2-CFFE-51F3-0017-A53F85A727E3} - NEWERVERSIONSINSTALLED -> WINSXS CheckID: WINSXS0{EEB4B0A5-E468-3D72-FE16-C1C202B3E314} - NEWERVERSIONSINSTALLED -> WINSXS CheckID: Accessibility_Plugins0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_ACCESSIBILITY="YES" -> Accessibility_Plugins CheckID: AdobeCommonLinguistics_Big0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_LINGUISTICS="YES" -> AdobeCommonLinguistics_Big CheckID: Atmosphere_3D0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_3D="YES" -> Atmosphere_3D CheckID: MultimediaPlugin0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_MULTIMEDIA="YES" -> MultimediaPlugin CheckID: ReaderAIRIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_AIR_INTEGRATION="YES" -> ReaderAIRIntegration CheckID: ReaderBrowserIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_BROWSER_INTEGRATION="YES" -> ReaderBrowserIntegration CheckID: ReaderPDFIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_PDF_INTEGRATION="YES" -> ReaderPDFIntegration CheckID: SearchAndIndex0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_SEARCH5="YES" -> SearchAndIndex CheckID: ThumbnailPreviewHandler1{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - ADD_THUMBNAILPREVIEW="YES" -> ThumbnailPreviewHandler CheckID: UART999{559FA847-377D-4926-80A3-ED9E014D363A} - (VersionNT >= 602) -> UART CheckID: WIFI_MWT_Software0{60130678-813A-4D4B-97E7-284F27516561} - (NOT REMOVE~="ALL" AND NOT REMOVE><"WIFI_MWT_Software") AND ((PANDISABLE = "TRUE") OR ((PNP_WIFI_DEVICE_DETECTED = "TRUE") AND (PNP_CLIFFSIDE_DEVICE_DETECTED<> "TRUE"))) -> WIFI_MWT_Software CheckID: WIFI_MWT_Software1{60130678-813A-4D4B-97E7-284F27516561} - (PANDISABLE <> "TRUE") AND (NOT ((PNP_WIFI_DEVICE_DETECTED = "TRUE") AND (PNP_CLIFFSIDE_DEVICE_DETECTED<> "TRUE"))) -> WIFI_MWT_Software CheckID: WIFI_MWT_Software101{60130678-813A-4D4B-97E7-284F27516561} - (PANDISABLE <> "TRUE") AND (NOT ((PNP_WIFI_DEVICE_DETECTED = "TRUE") AND (PNP_CLIFFSIDE_DEVICE_DETECTED<> "TRUE"))) -> WIFI_MWT_Software CheckID: F_GPU_DLLS_641{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} - VersionNT64 -> F_GPU_DLLS_64 CheckID: F_Common641{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} - VersionNT64 -> F_Common64 CheckID: DotNET_Modules1{F97C940B-7821-4DF7-917C-3EEA95D6091F} - Installed OR (NETFRAMEWORK11 OR NETFRAMEWORK20 OR NETFRAMEWORK30 OR NETFRAMEWORK35 OR NETFRAMEWORK40FULL OR NETFRAMEWORK40CLIENT OR NETFRAMEWORK45 OR WIX_IS_NETFRAMEWORK_45_OR_LATER_INSTALLED) -> DotNET_Modules ---------- | CLSID (Whitelist) [HKCR\CLSID\{090746F9-9F39-42C0-920A-4852C2EDE704}] - (.-.) - D:\Prog\PDF creator\APAX.dll [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll [13/06/2018 18:51:18] [HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll [HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{1D1B5D7B-0FC9-452E-902C-12BACD4FBC20}] - (.© 2000-2017 Disc Soft Ltd. - DAEMON Tools Lite.) - C:\Program Files\DAEMON Tools Lite\DTShl32.dll [09/01/2018 12:45:02] [HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\X86\MpOav.dll" [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}] - (.© 2000-2017 Disc Soft Ltd. - DAEMON Tools Lite.) - C:\Program Files\DAEMON Tools Lite\DTShl32.dll [09/01/2018 12:45:02] [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\WINDOWS\system32\dplayx.dll [HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{3647D1DF-A67B-4882-A74E-67EEB4178F89}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [13/06/2018 18:51:22] [HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{42878933-B04C-4E90-A528-9E32BF442B14}] - (.(c) 2015 by Allplan GmbH - TODO: .) - D:\Allplan\Prg\Nall_ProjectSubstServer10.dll [30/01/2018 20:40:40] [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\WINDOWS\system32\d3dxof.dll [HKCR\CLSID\{48B58225-6478-43F6-B379-AB614AFAD95E}] - (.(c) 2015 by Allplan GmbH - TODO: .) - D:\Allplan\Prg\Nall_ProjectSubstServer10.dll [30/01/2018 20:40:40] [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{51FC9E18-6E66-4BE2-BA40-3F68213E6EC0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [13/06/2018 18:51:22] [HKCR\CLSID\{54B7D246-951E-4BEA-B551-93D178284D13}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [13/06/2018 18:51:22] [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\WINDOWS\system32\audiodev.dll [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\WINDOWS\System32\dmband.dll [HKCR\CLSID\{7D782813-B680-4A05-B683-166E6A9B2351}] - (.ZeConverter.com - ZeConverter.com.) - C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\MKVDemuxer.dll [17/04/2018 00:01:33] [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll [HKCR\CLSID\{8839A1BA-6D01-4525-98EB-723C628320F0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [13/06/2018 18:51:22] [HKCR\CLSID\{8CD668B7-AB42-4EE5-920F-17B8A0CED712}] - (.zeconverter.com. Tous droits réservés. - coreAudio.) - C:\Program Files (x86)\Kastor Free Mp3 M4a Wma Converter\av.dll [17/04/2018 00:01:33] [HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{A95B959F-64A9-43E4-A874-C8A77905854A}] - (.-.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHVer.dll [HKCR\CLSID\{BDB8E93A-5CA7-4905-9FC2-9D4AD555E257}] - (.-.) - D:\Prog\PDF creator\APAX.dll [HKCR\CLSID\{BF5A7FAA-57D1-4FCF-88C1-B9D65A6AF11D}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.33.7\psmachine.dll [HKCR\CLSID\{C06369D6-E77D-4626-9656-1256312BD576}] - (.© 2000-2017 Disc Soft Ltd. - DAEMON Tools Lite.) - C:\Program Files\DAEMON Tools Lite\DTShl32.dll [09/01/2018 12:45:02] [HKCR\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}] - (.-.) - %windir%\system32\F12\msdbg2.dll [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [12/04/2018 01:35:00] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{ceb2eb91-798d-11e5-a837-0800200c9a66}] - (.-.) - C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\NahimicV3NSControl.dll [03/08/2017 17:00:26] [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\WINDOWS\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\WINDOWS\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll [HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{e5b1c2d1-798d-11e5-a837-0800200c9a66}] - (.-.) - C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\NahimicV3NSControl.dll [03/08/2017 17:00:26] [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{ED362CB8-8F76-48BE-B727-C0534AC1EDC1}] - (.-.) - D:\Prog\PDF creator\eXPertPDFAddIn32.dll [HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll ---------- | Installer [HKCR\Installer\Products\00006109C80000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400100000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109E70000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\017E74BF9426AFE4EB639E220B16A24F] : CASIO FA-124 -> C:\WINDOWS\Installer\{FB47E710-6249-4EFA-BE36-E922B0612AF4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\01A58E9F511BCC8B55E3637CFF240BB5] : General Runtime Files for Allplan 2018-0-2 x64 [HKCR\Installer\Products\0E50B6D8754FC804D9314539438DAF1E] : Device Setup -> C:\Windows\Installer\{8D6B05E0-F457-408C-9D13-549334D8FAE1}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\1FC10088B5D7CCB4A91F7F4FDAB24C88] : SonicRadar3Setup [HKCR\Installer\Products\204C535707610E130F0D25CDD605BA67] : General Runtime Files for Allplan 2018-0-2 [HKCR\Installer\Products\216D76AA5EB06D44A9199592857F451A] : Intel(R) C++ Redistributables on Intel(R) 64 [HKCR\Installer\Products\2A6D9512EFFC3F1500715AF3587A723E] : General Runtime Files for Allplan 2016-1-7 x64 [HKCR\Installer\Products\34852E0E2D0D74942A2CFCABBBF4BCED] : Intel(R) Management Engine Components [HKCR\Installer\Products\34E7AA6F4A144034AB694A595C872813] : Intel(R) Trusted Connect Service Client [HKCR\Installer\Products\411CDF18FDABAA74A8800B6316BF9419] : Node.js -> C:\WINDOWS\Installer\{81FDC114-BADF-47AA-8A08-B03661FB4991}\NodeIcon [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110160F] : Java 8 Update 161 (64-bit) -> C:\Program Files\Java\jre1.8.0_161\\bin\javaws.exe [HKCR\Installer\Products\4FA3F4C98D12DB346AC915B79B0621FC] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\50FA96906FF400C4496034952983EDD0] : ASUS Splendid Video Enhancement Technology -> C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\5212A6C7D2D4442419F6E04A897B9C25] : Intel(R) PRO/Wireless Driver -> C:\Windows\Installer\{7C6A2125-4D2D-4244-916F-0EA498B7C952}\ARPPRODUCTICON.exe [HKCR\Installer\Products\55A0251C2B4D4D345802C365389CD48C] : NahimicSettingsConfigurator [HKCR\Installer\Products\55EC5C4023F7D2D4EA2ADF0CE3F856CC] : AudioCaptureNotificationConfigurator [HKCR\Installer\Products\5A0B4BEE864E27D3EF611C2C203B3E41] : General Runtime Files for Allplan 2016-1-7 [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5EBB12C04B4F2E24EAB4EB12B01B8BBA] : Intel(R) Serial IO [HKCR\Installer\Products\61B331760133A5E419CD4F8E25A7A2C9] : SonicMapperConfigurator [HKCR\Installer\Products\68AB67CA408033019195008142726264] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824272646}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\7033BEF4FE0A5834C9F8B4C4513013C1] : ApoDispatchConfigurator [HKCR\Installer\Products\714606634C1B2C245B1C7679D26AD3BA] : ProductDaemonSetup [HKCR\Installer\Products\748AF955D7736294083ADEE910D463A3] : Intel(R) Wireless Bluetooth(R) -> C:\Windows\Installer\{559FA847-377D-4926-80A3-ED9E014D363A}\IntelBluetooth.ico [HKCR\Installer\Products\765603CA7B1A8024F8DE79FC350505CB] : DeviceRoutingConfigurator [HKCR\Installer\Products\76E045AFC590B1A479ABD445D7CEA94F] : ASUS Live Update -> C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon2 [HKCR\Installer\Products\80150E49E4E3E2F4CAF5331A2BB277C9] : Intel(R) Chipset Device Software [HKCR\Installer\Products\82214FCA2D82C794DAF8910045314ED9] : Epic Games Launcher -> C:\Windows\Installer\{ACF41228-28D2-497C-AD8F-19005413E49D}\Installer.ico [HKCR\Installer\Products\87603106A318B4D4797E82F472155616] : Intel® PROSet/Wireless WiFi Software -> C:\Windows\Installer\{60130678-813A-4D4B-97E7-284F27516561}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8FC229B8C6A8EC148A851F57D5F7D592] : NVIDIA PhysX -> C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico [HKCR\Installer\Products\90834FC327AB7CB49B633180EC756C6E] : Intel(R) Management Engine Components [HKCR\Installer\Products\914E81674219C6E4A94F84A7D6ED1C5C] : ASUS PTP Driver -> C:\Windows\Installer\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\9695B93A38699F94AA964FE00F9D4114] : XSplit Gamecaster -> C:\Windows\Installer\{A39B5969-9683-49F9-AA69-F40EF0D91441}\XSplit.Gamecaster.exe [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\B049C79F12877FD419C7E3AE596D90F1] : CodeMeter Runtime Kit v6.50c -> C:\Windows\Installer\{F97C940B-7821-4DF7-917C-3EEA95D6091F}\CodeMeter.ico [HKCR\Installer\Products\BD683D90B42318E4D812A51F34E36D00] : ROG Gaming Center Core [HKCR\Installer\Products\CC1F13B1B8C70674191BD36F78E3CDD2] : ProfileSwitcherCleanup [HKCR\Installer\Products\D036CDBA01CD199499566D388C4F88D5] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package (ASUS Keyboard Hotkeys) -> C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\F144498DE5A80A848849F77A931C3AA3] : SonicStudio3Setup [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\FBD281CC76CF97F49903A662286EB0DD] : ROG Gaming Center -> C:\Windows\Installer\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}\_853F67D554F05449430E7E.exe ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le programme QuickDiag (1).exe version 31.8.18.1 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : eb4 Heure de début : 01d44485a227705c Heure de fin : 4294967295 Chemin d'accès de l'application : D:\Download\QuickDiag (1).exe ID de rapport : e565a133-d823-40c4-9789-93cd9f649e0d Nom complet du package défaillant : ID de l'application relative au package défaillant : ------------ Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.17134.1, horodatage : 0xcb43d9c5 Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x46c0 Heure de début de l’application défaillante : 0x01d444846b1cf2ab Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : b815e956-9054-4fd0-bcbb-5538763176d9 Nom complet du package défaillant : Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.17134.1, horodatage : 0xcb43d9c5 Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x52c Heure de début de l’application défaillante : 0x01d444846b222275 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : de7ab5a6-1b11-4e1d-af41-06b7ca1ab644 Nom complet du package défaillant : Microsoft.People_10.1807.2131.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x3624 Heure de début de l’application défaillante : 0x01d44446b9b5b436 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 7aadeca5-571e-4fca-a21d-06c400d8be67 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x22d4 Heure de début de l’application défaillante : 0x01d4444692c72faf Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 65e16be1-777e-4eda-8c5c-c6096994ddfe Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x4498 Heure de début de l’application défaillante : 0x01d444461dee62ee Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 6a68970a-f48f-4035-be3a-802b18d41706 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x48ec Heure de début de l’application défaillante : 0x01d444460b6166c4 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 170668c7-8f28-433a-a8a9-4b6fdfbf9f05 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante Microsoft.Notes.exe, version : 2.1.18.0, horodatage : 0x5aba81d8 Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000413c97 ID du processus défaillant : 0x1378 Heure de début de l’application défaillante : 0x01d444460b42b323 Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : aff8f852-fa18-447d-94d0-6b04f5ef5564 Nom complet du package défaillant : Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.17134.1, horodatage : 0xcb43d9c5 Nom du module défaillant : biwinrt.dll, version : 10.0.17134.1, horodatage : 0x695175ab Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000000e5b7 ID du processus défaillant : 0xf4 Heure de début de l’application défaillante : 0x01d444460c02084c Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll ID de rapport : 8f29443b-633f-462a-a3a2-4db4d3a39542 Nom complet du package défaillant : Microsoft.People_10.1807.2131.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x1c90 Heure de début de l’application défaillante : 0x01d44445d30d218b Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 839783e2-4129-401e-9b02-3b61b1926689 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante Microsoft.Notes.exe, version : 2.1.18.0, horodatage : 0x5aba81d8 Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000413c97 ID du processus défaillant : 0x27d8 Heure de début de l’application défaillante : 0x01d44445d2e50b47 Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : 5305e1f0-7ef1-4fb1-8200-e51e1aa4ef09 Nom complet du package défaillant : Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.17134.1, horodatage : 0xcb43d9c5 Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x5060 Heure de début de l’application défaillante : 0x01d44445cdaf9bab Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 8d921303-fcb0-4e1c-a51e-3421cdf942df Nom complet du package défaillant : Microsoft.People_10.1807.2131.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x ------------ Nom de l’application défaillante Microsoft.Notes.exe, version : 2.1.18.0, horodatage : 0x5aba81d8 Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8 Code d’exception : 0xc000027b Décalage d’erreur : 0x0000000000413c97 ID du processus défaillant : 0x3ed0 Heure de début de l’application défaillante : 0x01d44445ca7038bb Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : d84a7948-f01e-45d7-b1a2-a51b9ecc1225 Nom complet du package défaillant : Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000006a4e02 ID du processus défaillant : 0x1f20 Heure de début de l’application défaillante : 0x01d4439fdf413880 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : 8b7a6d8e-8c32-4457-9da2-e25b26b1772e Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.17134.1, horodatage : 0xcb43d9c5 Nom du module défaillant : twinapi.appcore.dll, version : 10.0.17134.137, horodatage : 0xb5d50228 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000009cad5 ID du processus défaillant : 0x4f44 Heure de début de l’application défaillante : 0x01d443b450d84580 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\twinapi.appcore.dll ID de rapport : 3fc3bce9-f495-4ae0-8e93-08be1dbc242e Nom complet du package défaillant : Microsoft.People_10.1807.2131.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000006a4e02 ID du processus défaillant : 0x5084 Heure de début de l’application défaillante : 0x01d4439fda35a91c Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : ad49bcd8-557e-4cbb-903d-a4fc518d0442 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.17134.1, horodatage : 0x5ace103a Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.17134.81, horodatage : 0x4f4899f8 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000006a4e02 ID du processus défaillant : 0x2ee8 Heure de début de l’application défaillante : 0x01d4439fc951ef88 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : 351d6f29-0601-4a2e-808b-c69e1be2b250 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante isaac-ng.exe, version : 0.0.0.0, horodatage : 0x5ae7849c Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x2c71c7b8 Code d’exception : 0xc0000374 Décalage d’erreur : 0x000d8879 ID du processus défaillant : 0x4700 Heure de début de l’application défaillante : 0x01d4438030ab4a8a Chemin d’accès de l’application défaillante : D:\Jeu\The.Binding.of.Isaac.Afterbirth.Plus.Update.22\isaac-ng.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 3dc5b5ac-692a-4066-9ec4-3bb74f89beda Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante Music.UI.exe, version : 10.18071.1171.0, horodatage : 0x5b5f3a16 Nom du module défaillant : ntdll.dll, version : 10.0.17134.228, horodatage : 0x6d15b6d7 Code d’exception : 0xc0000409 Décalage d’erreur : 0x000000000008a90f ID du processus défaillant : 0x512c Heure de début de l’application défaillante : 0x01d4437657a64cbe Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18071.11711.0_x64__8wekyb3d8bbwe\Music.UI.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 27559ca4-6f8c-4772-b2a9-642bea628cec Nom complet du package défaillant : Microsoft.ZuneMusic_10.18071.11711.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : Microsoft.ZuneMusic ------------ ----------( EOF)---------- - 7382 | 21:43:37