--------------- QuickDiag | g3n-h@ckm@n | V4_31.08.18.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 11/11/2018 16:50:22 Updated 31/08/2018 | 22:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jean- (Administrator)] - [DESKTOP-LI80V1P] (S-1-5-21-85169472-1442237754-271036338-1001) System: Microsoft Windows 10 Famille - - (10.0.16299) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1709) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk0\Partition3 Boot : Normal boot PC: Galaxy Book 12 - SAMSUNG ELECTRONICS CO., LTD. - IdNumber: 14SWR52K30000M - UUID: 5980687F-811A-184B-3137-323830144125 Processor : X64 - 2712 Mhz - Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz P03HAC.004.171122.WY.2203 - - American Megatrends Inc. - S/N: 14SWR52K30000M - P03HAC.004.171122.WY.2203 - SECCSD - 1072009 CoreTemp : 33 Celsius ----------| Extended ---------- | SoundDevice ---------- | Video Intel(R) HD Graphics 620 - Resolution: 2160x1440 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igdumdim64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igd10iumd64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igd10iumd64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_5916&SUBSYS_C14F144D&REV_02\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 620 - DriverVersion: 25.20.100.6323 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34864 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 33296 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25400 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 84480 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28672 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:12 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:3 % ---------- | Network Realtek USB FE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Qualcomm Atheros QCA61x4A Wireless Network Adapter : SENT:4,578 bytes/sec / RECVD:4,578 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:4,578 bytes/sec, / RECEIVE Maximum:4,578 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&33BA06B4&0&0 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&33BA06B4&0&3 Qualcomm Atheros QCA61x4A Wireless Network Adapter - Ethernet 802.3 - Qualcomm Atheros Communications Inc. - Status: - PnPID : PCI\VEN_168C&DEV_003E&SUBSYS_C14F144D&REV_32\4&2071B281&0&00E0 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&18E1F328&0&11 Generic Mobile Broadband Adapter - - - Status: - PnPID : WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE Realtek USB FE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : USB\VID_0BDA&PID_8152\00E04C3602A7 ---------- | Memory RAM = Total (MB) : 4094 | Free (MB) : 743 Pagefile = Total (MB) : 6242 | Free (MB) : 1133 Virtual = Total (MB) : 4194 | Free (MB) : 3873 Physical Memory 0 : Capacity: 2147483648 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Samsung - PartNumber: K3QF3F30BM-AGCF - S/N: 55000000 Physical Memory 1 : Capacity: 2147483648 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: Samsung - PartNumber: K3QF3F30BM-AGCF - S/N: 55000000 ---------- | SID Users Administrateur : [S-1-5-21-85169472-1442237754-271036338-500] DefaultAccount : [S-1-5-21-85169472-1442237754-271036338-503] Invité : [S-1-5-21-85169472-1442237754-271036338-501] jean- : [S-1-5-21-85169472-1442237754-271036338-1001] WDAGUtilityAccount : [S-1-5-21-85169472-1442237754-271036338-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 107.22 Go | Free : 69.24 Go -> NTFS (SSD) [SATA] D:\ -> [Removable] | [] | Total : 29.71 Go | Free : 28.41 Go -> FAT32 [USB] E:\ -> [Removable] | [future wdet] | Total : 59.5 Go | Free : 0.52 Go -> exFAT [USB] Disk Usage Information [3 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_LITEON&PROD_CV3-8D128\4&1984797D&0&000100 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0903\000000000903&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_IXPAND&PROD_FLASH_DRIVE&REV_\A7FE04BC7696&0 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.16299.371 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer FlashPlayer ActiveX : 31.0.0.122 ---------- | Security AV : Windows Defender Disabled AS : Avast Antivirus Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 432 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.16299.15) = C:\Windows\System32\smss.exe [29/09/2017 14:41:43] CPU Usage:0 % 604 | [Owner : Système | Parent : 564() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 14:41:43] CPU Usage:0 % 692 | [Owner : Système | Parent : 564() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.16299.15) = C:\Windows\System32\wininit.exe [29/09/2017 14:41:43] CPU Usage:0 % 740 | [Owner : Système | Parent : 684() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 14:41:43] CPU Usage:0 % 764 | [Owner : Système | Parent : 692(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.16299.699) = C:\Windows\System32\services.exe [10/11/2018 22:32:44] CPU Usage:0 % 776 | [Owner : Système | Parent : 692(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.16299.611) = C:\Windows\System32\lsass.exe [10/11/2018 22:32:41] CPU Usage:0 % 888 | [Owner : UMFD-0 | Parent : 692(wininit.exe) | 2.09 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.611) = C:\Windows\System32\fontdrvhost.exe [10/11/2018 22:33:11] CPU Usage:0 % 896 | [Owner : Système | Parent : 764(services.exe) | 1.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 952 | [Owner : Système | Parent : 764(services.exe) | 20.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1012 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 10.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:2 % 324 | [Owner : Système | Parent : 764(services.exe) | 4.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 628 | [Owner : Système | Parent : 684() | 4.72 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.16299.696) = C:\Windows\System32\winlogon.exe [10/11/2018 22:33:00] CPU Usage:0 % 388 | [Owner : UMFD-1 | Parent : 628(winlogon.exe) | 6.07 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.611) = C:\Windows\System32\fontdrvhost.exe [10/11/2018 22:33:11] CPU Usage:0 % 1076 | [Owner : DWM-1 | Parent : 628(winlogon.exe) | 49.06 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.16299.15) = C:\Windows\System32\dwm.exe [29/09/2017 14:41:41] CPU Usage:0 % 1144 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 6.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1204 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 5.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1216 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 12.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1240 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 8.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1292 | [Owner : Système | Parent : 764(services.exe) | 10.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1340 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 7.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1348 | [Owner : Système | Parent : 764(services.exe) | 5.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1464 | [Owner : Système | Parent : 764(services.exe) | 6.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1528 | [Owner : Système | Parent : 764(services.exe) | 4.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1536 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 12.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1568 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 6.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1592 | [Owner : Système | Parent : 764(services.exe) | 7.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1600 | [Owner : Système | Parent : 764(services.exe) | 3.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1708 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 5.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1736 | [Owner : Système | Parent : 764(services.exe) | 6.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1796 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 4.74 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1880 | [Owner : Système | Parent : 764(services.exe) | 5.7 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.100.6323) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igfxCUIService.exe [10/10/2018 14:17:37] CPU Usage:0 % 1916 | [Owner : Système | Parent : 764(services.exe) | 5.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1928 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 10.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1964 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 3.62 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1984 | [Owner : Système | Parent : 764(services.exe) | 7.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1996 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 9.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2144 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 8.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2216 | [Owner : Système | Parent : 764(services.exe) | 2.58 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\PanelManagerSvc.exe [12/05/2017 03:42:25] CPU Usage:0 % 2224 | [Owner : Système | Parent : 764(services.exe) | 5.67 Mo] - (.Samsung Electronics Co.,Ltd. - Samsung Radio Control Delegation Service executable.) - (2.3.0.7) = C:\Windows\System32\RCDService.exe [13/11/2017 02:29:37] CPU Usage:0 % 2232 | [Owner : Système | Parent : 764(services.exe) | 13.63 Mo] - (.- SafiService.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe [11/10/2017 03:42:25] CPU Usage:0 % 2244 | [Owner : Système | Parent : 764(services.exe) | 11.87 Mo] - (.- SamsungPenService.) - (1.0.33.0) = C:\Program Files (x86)\Samsung\Air Command\SamsungPenService.exe [28/09/2017 01:42:25] CPU Usage:0 % 2408 | [Owner : Système | Parent : 764(services.exe) | 16.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2432 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 5.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2552 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 7.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2596 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 4.85 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 2724 | [Owner : Système | Parent : 764(services.exe) | 7.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2732 | [Owner : Système | Parent : 764(services.exe) | 4.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2836 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 16.16 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 2880 | [Owner : Système | Parent : 764(services.exe) | 4.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2908 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 4.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2948 | [Owner : Système | Parent : 764(services.exe) | 17.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2996 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 11.59 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 3096 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 5.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3136 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 8.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3192 | [Owner : Système | Parent : 764(services.exe) | 11.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3440 | [Owner : Système | Parent : 764(services.exe) | 11.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3456 | [Owner : Système | Parent : 764(services.exe) | ?????] - (.AVAST Software - Avast Service.) - (18.7.4041.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [11/11/2018 06:10:43] CPU Usage:0 % 3544 | [Owner : Système | Parent : 764(services.exe) | 8.77 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.16299.371) = C:\Windows\System32\spoolsv.exe [10/11/2018 22:32:58] CPU Usage:0 % 3864 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 5.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3984 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 7.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4076 | [Owner : Système | Parent : 764(services.exe) | 5.24 Mo] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (10.0.10011.16384) = C:\Windows\System32\drivers\AdminService.exe [08/11/2017 20:32:08] CPU Usage:0 % 4084 | [Owner : Système | Parent : 764(services.exe) | 4.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4092 | [Owner : Système | Parent : 764(services.exe) | 24.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3324 | [Owner : Système | Parent : 764(services.exe) | 4.91 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.1.1.1117) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\IntelCpHeciSvc.exe [10/10/2018 14:17:38] CPU Usage:0 % 3376 | [Owner : Système | Parent : 764(services.exe) | 4.98 Mo] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - (25.20.100.6323) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\IntelCpHDCPSvc.exe [10/10/2018 14:17:38] CPU Usage:0 % 1668 | [Owner : Système | Parent : 764(services.exe) | 2.3 Mo] - (.Samsung Electronics - GripResetService.) - (1.0.0.6) = C:\Windows\System32\GripResetService.exe [07/12/2017 07:05:17] CPU Usage:0 % 3404 | [Owner : Système | Parent : 764(services.exe) | 3.07 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework.) - (8.5.10100.6838) = C:\Windows\System32\Intel\DPTF\esif_uf.exe [12/01/2017 04:00:30] CPU Usage:0 % 596 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 12.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3240 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 29.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3352 | [Owner : Système | Parent : 764(services.exe) | 11.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4120 | [Owner : Système | Parent : 764(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4148 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 4.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4160 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 1.51 Mo] - (.Microsoft Corporation - Localisateur d’appels de procédure distante.) - (10.0.16299.15) = C:\Windows\System32\Locator.exe [29/09/2017 14:41:41] CPU Usage:0 % 4168 | [Owner : Système | Parent : 764(services.exe) | 6.57 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4188 | [Owner : Système | Parent : 764(services.exe) | 28.15 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemService.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe [29/08/2017 06:42:22] CPU Usage:0 % 4228 | [Owner : Système | Parent : 764(services.exe) | 3.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4248 | [Owner : Système | Parent : 764(services.exe) | 15.57 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4256 | [Owner : Système | Parent : 764(services.exe) | 4.67 Mo] - (.Microsoft Corporation - Adaptateur inverse de performance WMI.) - (10.0.16299.402) = C:\Windows\System32\wbem\WmiApSrv.exe [10/11/2018 22:32:40] CPU Usage:0 % 4640 | [Owner : Système | Parent : 952(svchost.exe) | 8.26 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\System32\wbem\WmiPrvSE.exe [10/11/2018 22:32:32] CPU Usage:0 % 4728 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 3.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4800 | [Owner : Système | Parent : 764(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.12.16299.309) = C:\Windows\System32\SecurityHealthService.exe [10/11/2018 22:32:53] CPU Usage:0 % 5148 | [Owner : Système | Parent : 764(services.exe) | 32.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5848 | [Owner : Système | Parent : 764(services.exe) | ?????] - (.AVAST Software - Avast Behavior Shield.) - (18.7.4.992) = C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [11/11/2018 06:10:42] CPU Usage:0 % 6020 | [Owner : Système | Parent : 764(services.exe) | 7.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3912 | [Owner : Système | Parent : 764(services.exe) | 10.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5764 | [Owner : Système | Parent : 952(svchost.exe) | 5.05 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.16299.15) = C:\Windows\System32\wbem\unsecapp.exe [29/09/2017 14:42:04] CPU Usage:0 % 6280 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 4.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6712 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 16.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6868 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 6.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6404 | [Owner : Système | Parent : 764(services.exe) | 7.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1808 | [Owner : SERVICE RÉSEAU | Parent : 764(services.exe) | 12.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3112 | [Owner : Système | Parent : 764(services.exe) | 3.77 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1052) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [26/10/2017 09:12:08] CPU Usage:0 % 7064 | [Owner : Système | Parent : 764(services.exe) | 7.5 Mo] - (.Microsoft Corporation - sedsvc.) - (10.0.16299.10000) = C:\Program Files\rempl\sedsvc.exe [27/09/2018 15:06:22] CPU Usage:0 % 7092 | [Owner : Système | Parent : 764(services.exe) | 10.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3620 | [Owner : Système | Parent : 764(services.exe) | 5.49 Mo] - (.Samsung Electronics Co., Ltd. - WLAN SAR Service.) - (1.0.0.7) = C:\Windows\System32\WlSarService.exe [19/05/2017 08:38:06] CPU Usage:0 % 3612 | [Owner : Système | Parent : 764(services.exe) | 40.26 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.16299.402) = C:\Windows\System32\SearchIndexer.exe [10/11/2018 22:32:57] CPU Usage:0 % 1580 | [Owner : jean- | Parent : 3404(esif_uf.exe) | 3.76 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework Utility Application.) - (8.5.10100.6838) = C:\Windows\System32\Intel\DPTF\dptf_helper.exe [10/10/2018 11:55:58] CPU Usage:0 % 6348 | [Owner : jean- | Parent : 2216(PanelManagerSvc.exe) | 27.37 Mo] - (.- PanelManager.) - (1.0.9.0) = C:\Program Files\Samsung\PanelManager\PanelManager.exe [12/05/2017 03:42:25] CPU Usage:0 % 748 | [Owner : jean- | Parent : 4188(SamsungSystemService.exe) | 8.99 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemAgent.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe [29/08/2017 06:42:18] CPU Usage:0 % 7104 | [Owner : jean- | Parent : 2232(SafiService.exe) | 14.49 Mo] - (.- SafiAgent.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiAgent.exe [11/10/2017 03:42:24] CPU Usage:0 % 6924 | [Owner : jean- | Parent : 1592(svchost.exe) | 23.87 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.16299.15) = C:\Windows\System32\sihost.exe [29/09/2017 14:41:31] CPU Usage:0 % 772 | [Owner : jean- | Parent : 764(services.exe) | 14.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1096 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 11.17 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8833) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [10/10/2017 17:44:45] CPU Usage:0 % 1136 | [Owner : jean- | Parent : 764(services.exe) | 31.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4808 | [Owner : jean- | Parent : 1292(svchost.exe) | 13.2 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 14:42:01] CPU Usage:0 % 6516 | [Owner : Système | Parent : 764(services.exe) | 11.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1492 | [Owner : jean- | Parent : 1880(igfxCUIService.exe) | 14.95 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.100.6323) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igfxEM.exe [10/10/2018 14:17:37] CPU Usage:0 % 4588 | [Owner : jean- | Parent : 6200() | 69.13 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16299.637) = C:\Windows\explorer.exe [10/11/2018 22:33:15] CPU Usage:0 % 3728 | [Owner : jean- | Parent : 952(svchost.exe) | 7.06 Mo] - (.Intel Corporation - igfxext Module.) - (6.15.100.6323) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igfxext.exe [10/10/2018 14:17:37] CPU Usage:0 % 7404 | [Owner : jean- | Parent : 952(svchost.exe) | 35.78 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.16299.492) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [10/11/2018 22:33:09] CPU Usage:0 % 7580 | [Owner : jean- | Parent : 952(svchost.exe) | 8.67 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.16299.696) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [10/11/2018 22:33:40] CPU Usage:0 % 7628 | [Owner : jean- | Parent : 952(svchost.exe) | 19.97 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 7900 | [Owner : jean- | Parent : 952(svchost.exe) | 20.23 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 8100 | [Owner : jean- | Parent : 952(svchost.exe) | 13.02 Mo] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.16299.696) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe [10/11/2018 22:32:37] CPU Usage:0 % 4456 | [Owner : jean- | Parent : 952(svchost.exe) | 6.69 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.16299.492) = C:\Windows\System32\SettingSyncHost.exe [10/11/2018 22:33:03] CPU Usage:0 % 4436 | [Owner : jean- | Parent : 1916(svchost.exe) | 11.1 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.16299.15) = C:\Windows\System32\ctfmon.exe [29/09/2017 14:42:00] CPU Usage:0 % 7436 | [Owner : jean- | Parent : 1916(svchost.exe) | 11.69 Mo] - (.Microsoft Corporation - Clavier tactile et volet d’écriture manuscrite.) - (10.0.16299.64) = C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [07/12/2017 14:41:30] CPU Usage:0 % 4032 | [Owner : jean- | Parent : 7436(TabTip.exe) | 3 Mo] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) - (10.0.16299.15) = C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe [29/09/2017 14:42:31] CPU Usage:0 % 8276 | [Owner : jean- | Parent : 952(svchost.exe) | 5.05 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 8672 | [Owner : Système | Parent : 764(services.exe) | 10.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 8300 | [Owner : jean- | Parent : 764(services.exe) | 16.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 9384 | [Owner : jean- | Parent : 4588(explorer.exe) | 7.11 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.12.16299.15) = C:\Program Files\Windows Defender\MSASCuiL.exe [29/09/2017 14:41:19] CPU Usage:0 % 9532 | [Owner : Système | Parent : 764(services.exe) | 5.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 9604 | [Owner : jean- | Parent : 9488(CommonAgent.exe) | 7.08 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.7) = C:\Program Files\Realtek\Audio\HDA\EP64.exe [07/12/2017 06:47:14] CPU Usage:0 % 9612 | [Owner : Système | Parent : 764(services.exe) | 7.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 9656 | [Owner : jean- | Parent : 4588(explorer.exe) | 5.51 Mo] - (.Samsung Electronics Co., Ltd. - Samsung OSD.) - (1.0.11.0) = C:\Program Files\Samsung\SamsungOSD\OSD.exe [02/02/2017 07:06:55] CPU Usage:0 % 9704 | [Owner : jean- | Parent : 9692() | 25.16 Mo] - (.AVAST Software - Avast Antivirus.) - (18.7.4041.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [11/11/2018 06:12:32] CPU Usage:0 % 9724 | [Owner : jean- | Parent : 4588(explorer.exe) | 50.78 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (18.172.826.10) = C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe [10/11/2018 21:53:06] CPU Usage:0 % 10216 | [Owner : jean- | Parent : 4188(SamsungSystemService.exe) | 18.48 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemManager.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemManager.exe [29/08/2017 06:42:20] CPU Usage:0 % 9512 | [Owner : jean- | Parent : 1292(svchost.exe) | 4.4 Mo] - (.Samsung Electronics Co., Ltd. - Show Window.) - (1.0.0.30) = C:\Program Files (x86)\Show Window\Show Window.exe [10/11/2017 06:45:30] CPU Usage:0 % 9488 | [Owner : jean- | Parent : 1292(svchost.exe) | 3.22 Mo] - (.Samsung Electronics Co., Ltd. - S Agent.) - (1.1.5.8) = C:\Program Files\Samsung\S Agent\CommonAgent.exe [23/02/2016 16:40:18] CPU Usage:0 % 1324 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 18.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7160 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 7.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4596 | [Owner : jean- | Parent : 952(svchost.exe) | 12.82 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.16299.15) = C:\Windows\System32\ApplicationFrameHost.exe [29/09/2017 14:41:37] CPU Usage:0 % 10296 | [Owner : jean- | Parent : 952(svchost.exe) | 4.82 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 10376 | [Owner : jean- | Parent : 952(svchost.exe) | 8.62 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7932 | [Owner : jean- | Parent : 952(svchost.exe) | 8.36 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 7604 | [Owner : jean- | Parent : 952(svchost.exe) | 11.64 Mo] - (.Microsoft Corporation - Store.) - (11810.1001.12.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe [11/11/2018 08:28:16] CPU Usage:0 % 10256 | [Owner : jean- | Parent : 952(svchost.exe) | 4.65 Mo] - (.-.) - (8.33.0.41) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [11/11/2018 08:26:27] CPU Usage:0 % 10156 | [Owner : jean- | Parent : 1292(svchost.exe) | 16.6 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 14:42:01] CPU Usage:0 % 10900 | [Owner : jean- | Parent : 952(svchost.exe) | 12.06 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.16299.15) = C:\Windows\System32\SystemSettingsBroker.exe [29/09/2017 14:42:06] CPU Usage:0 % 2464 | [Owner : jean- | Parent : 952(svchost.exe) | 9.09 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.16299.492) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [10/11/2018 22:33:16] CPU Usage:0 % 144 | [Owner : jean- | Parent : 952(svchost.exe) | 8.03 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 10196 | [Owner : jean- | Parent : 952(svchost.exe) | 6.96 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.16299.15) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [29/09/2017 14:43:11] CPU Usage:0 % 8552 | [Owner : jean- | Parent : 952(svchost.exe) | 14.79 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 8732 | [Owner : jean- | Parent : 10896() | 178.82 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 1304 | [Owner : jean- | Parent : 8732(opera.exe) | 6.66 Mo] - (.Opera Software - Opera crash-reporter.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera_crashreporter.exe [11/11/2018 06:13:08] CPU Usage:0 % 8948 | [Owner : jean- | Parent : 8732(opera.exe) | 200.77 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 4600 | [Owner : jean- | Parent : 8732(opera.exe) | 18.01 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 8 | [Owner : jean- | Parent : 8732(opera.exe) | 7.46 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 7720 | [Owner : jean- | Parent : 8732(opera.exe) | 72.1 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 8748 | [Owner : jean- | Parent : 8732(opera.exe) | 15.59 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 3960 | [Owner : Système | Parent : 764(services.exe) | 17.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4520 | [Owner : jean- | Parent : 4588(explorer.exe) | 28.38 Mo] - (.Microsoft Corporation - Gestionnaire des tâches.) - (10.0.16299.248) = C:\Windows\System32\Taskmgr.exe [10/11/2018 22:32:58] CPU Usage:0 % 7732 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 7.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4420 | [Owner : jean- | Parent : 4520(Taskmgr.exe) | 19.35 Mo] - (.Microsoft Corporation - Microsoft Management Console.) - (10.0.16299.248) = C:\Windows\System32\mmc.exe [10/11/2018 22:33:06] CPU Usage:0 % 10880 | [Owner : jean- | Parent : 8732(opera.exe) | 45.93 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 8176 | [Owner : jean- | Parent : 8732(opera.exe) | 80.71 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 9268 | [Owner : jean- | Parent : 8732(opera.exe) | 44.9 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 2520 | [Owner : jean- | Parent : 8732(opera.exe) | 32.32 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 2632 | [Owner : jean- | Parent : 8732(opera.exe) | 345.14 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 4876 | [Owner : jean- | Parent : 8732(opera.exe) | 43.52 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 9292 | [Owner : jean- | Parent : 8732(opera.exe) | 46.4 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 228 | [Owner : jean- | Parent : 8732(opera.exe) | 78.63 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 3652 | [Owner : jean- | Parent : 8732(opera.exe) | 111.89 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 5416 | [Owner : jean- | Parent : 8732(opera.exe) | 43.9 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 10724 | [Owner : jean- | Parent : 8732(opera.exe) | 64.27 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 1864 | [Owner : jean- | Parent : 8732(opera.exe) | 42.09 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 9936 | [Owner : jean- | Parent : 8732(opera.exe) | 35.9 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 10664 | [Owner : jean- | Parent : 8732(opera.exe) | 43.16 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 5264 | [Owner : jean- | Parent : 8732(opera.exe) | 57.32 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 8596 | [Owner : jean- | Parent : 8732(opera.exe) | 98.6 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 10996 | [Owner : jean- | Parent : 8732(opera.exe) | 170.16 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 7548 | [Owner : Système | Parent : 764(services.exe) | 10.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6976 | [Owner : jean- | Parent : 8732(opera.exe) | 91.55 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 7096 | [Owner : SERVICE LOCAL | Parent : 764(services.exe) | 8.96 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 10260 | [Owner : Système | Parent : 764(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5912 | [Owner : Système | Parent : 764(services.exe) | 5.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 8648 | [Owner : jean- | Parent : 8732(opera.exe) | 108.66 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 10712 | [Owner : Système | Parent : 3612(SearchIndexer.exe) | 12.72 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.16299.402) = C:\Windows\System32\SearchProtocolHost.exe [10/11/2018 22:32:40] CPU Usage:0 % 3952 | [Owner : jean- | Parent : 8732(opera.exe) | 114.68 Mo] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.99) = C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe [11/11/2018 06:13:06] CPU Usage:0 % 10516 | [Owner : jean- | Parent : 952(svchost.exe) | 14.36 Mo] - (.Microsoft Corporation - Microsoft OneDriveFile Co-Authoring Executable.) - (18.172.826.10) = C:\Users\jean-\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe [10/11/2018 21:53:32] CPU Usage:0 % 2092 | [Owner : jean- | Parent : 952(svchost.exe) | 38.06 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.16299.492) = C:\Windows\System32\smartscreen.exe [10/11/2018 22:33:09] CPU Usage:0 % 2176 | [Owner : jean- | Parent : 8732(opera.exe) | 46.66 Mo] - (.SosVirus - QuickDiag.) - (31.8.18.1) = C:\Users\jean-\AppData\Local\Temp\scoped_dir8732_8636\quickdiag_V4_31.08.18.1.exe [11/11/2018 16:49:53] CPU Usage:0 % 1924 | [Owner : SERVICE RÉSEAU | Parent : 952(svchost.exe) | 9.72 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [10/11/2018 22:32:29] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.AVAST Software.-.Hook Library.) - (18.7.4.992) -- C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\inputhost.dll (.AVAST Software.-.Avast Shell Extension.) - (18.7.4041.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6323) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igd10iumd64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (25.20.100.6323) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igc64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.19.3.0) -- C:\Windows\System32\winsqlite3.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (25.20.100.6323) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igc64.dll (.AVAST Software.-.Hook Library.) - (18.7.4.992) -- C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\...\Run]) - User: DESKTOP-LI80V1P\jean- SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public RtHDVBg_RUNEP - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /RUNEP [HKLM\SOFTWARE\...\Run]) - User: Public OSD - (C:\Program Files\Samsung\SamsungOSD\OSD.exe [HKLM\SOFTWARE\...\Run]) - User: Public AvastUI.exe - ("C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Microsoft Print to PDF,winspool,Ne01: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=0 "MenuDropAlignment"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "RtHDVBg_RUNEP"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /RUNEP "OSD"=C:\Program Files\Samsung\SamsungOSD\OSD.exe [02/02/2017 07:06:55] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x040000000000000000000000 "RTHDVCPL"=0x040000000000000000000000 "RtHDVBg_RUNEP"=0x040000000000000000000000 "OSD"=0x040000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D33928A8E92551 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Avast Emergency Update Intel PTT EK Recertification OneDrive Standalone Update Task v2 OneDrive Standalone Update Task-S-1-5-21-85169472-1442237754-271036338-1001 Opera scheduled Autoupdate 1541913108 SAgent ShowWindow ---------- | Startings up registry ? Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=1 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [11/11/2018 16:49:57] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=776 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe.dc08f81d410d213e.tmp !\??\C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=f01ae8b6-fb02-4bca-9eb3-f24e63a "GlassSessionId"=1 ---------- | .LNK with Arguments c:\users\jean-\appdata\roaming\drpsu\internet-start.lnk - Encrypted: False - Target: C:\Windows\system32\cmd.exe - Args: (/c start hxxp://new.internet-start.net/?utm_source=beatle^&utm_medium=icon^&utm_campaign=pin) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=5 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\jean-\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\2018-11-10.jpg [10/11/2018 21:51:30] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "DelayLockInterval"=900 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0xDF1E078012000000 "CheckScreenSaverTimeChange"=1 "ScreenSaveTimeOut"=120 "MaxVirtualDesktopDimension"=2160 "MaxMonitorDimension"=2160 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100BBA6050080070000B0040000789174283779D40143003A005C00550073006500720073005C006A00650061006E002D005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0032003000310038002D00310031002D00310030002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ActiveWndTrkTimeout"=0 "AutoColorization"=1 "ImageColor"=2950525762 "PreferredUILanguages"=fr-FR "WaitToKillAppTimeout"=200 "HungAppTimeout"=200 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003A2800000000000000000000000000000100000013000000000000006B000000 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=7 "GlobalAssocChangedCounter"=33 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "SlowContextMenuEntries"=0xB083204722C5CF11876300608CC02F24FA000000BD0E0C47735D584D9CEDE91E22E23282AC0000000114020000000000C000000000000046770100006024B221EA3A6910A2DC08002B30309D8D0000000000000000000000000000000000000000000000 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=1 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0xFE44E75B00000000 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarGlomLevel"=0 "ReindexedProfile"=1 "AlwaysShowMenus"=1 "HideDrivesWithNoMedia"=0 [HKLM\Software\Policies\Microsoft\Windows\System] "DontDisplayNetworkSelectionUI"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "layoutxmlpath"=c:\users\default\appdata\local\microsoft\windows\shell\taskbarlayoutmodification.xml [07/12/2017 14:49:02] "GlobalAssocChangedCounter"=13 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 "UseOLEDTaskbarTransparency"=1 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DontDisplayNetworkSelectionUI"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=16299 "FirstLogon"=0 "PUUActive"=0x143EAC9E020000000200060085260000FB260000FB260000D20000000E000F008EB6661DFAD30000FAD300007D0A0000FB060000E20100009F080000BB620000FC000000130000005BCB4931C979D40124270000000000000100000024270000AB3F000000000000 "DP"=0xD200E8000200000002000000143EAC9E0000000000000000FADB3390BC79D401FADB3390BC79D401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100DD1301809014100CF114164CFD300080A0BA245CA0BAA45C5C1D01C011055040194D5040891D01802006010120060303535500C06463080064730800ED500180200141002881410086DF008011005C091B01DD19F2ED00800750780207D07B4AF2190040D0A05803D0A858034A2401C06D228C126D2ACE524286008084886104C4887345 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "DisableCAD"=1 "LastLogOffEndTimePerfCounter"=76434816829 "ShutdownFlags"=39 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-85169472-1442237754-271036338-1001 "LastUsedUsername"=jean- [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Users\jean-\AppData\Local\Programs\Opera\Launcher.exe" [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Users\jean-\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [10/11/2018 22:32:38] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [10/11/2018 22:32:38] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\jean-\AppData\Local\Programs\Opera\Launcher.exe"=32 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files\Realtek\Audio\HDA\EP64.exe"=0x5341435001000000000000000700000028000000E0573C00D9DD3C0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FD167B00000000000100000001000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000604CAB018134AC0101000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\jean-\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileSyncConfig.exe"=0x53414350010000000000000007000000280000006010040082C7040001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\ProgramData\CacheWrite\dskcache.exe"=0x5341435001000000000000000700000028000000102B00005FF6000001000000000000000000010571200000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005E000000000000000100000001000000 "C:\Users\jean-\Downloads\DriverPack-17-Online_1641599851.1541912349.exe"=0x5341435001000000000000000700000028000000E0740900C6D3090001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000086345700000000000100000001000000 "C:\Users\jean-\AppData\Local\Programs\Opera\55.0.2994.37\opera.exe"=0x534143500100000000000000070000002800000058CE19002BFE190001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\jean-\Downloads\SDI_R1809\SDI_x64_R1809.exe"=0x5341435001000000000000000700000028000000004E1A000000000001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\jean-\Downloads\Realtek_High_Definition_Audio_6.0.1.8454\Setup.exe"=0x5341435001000000000000000700000028000000605F12009EA9120001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CA920000000000000100000001000000 "C:\Users\jean-\AppData\Local\Programs\Opera\launcher.exe"=0x534143500100000000000000070000002800000058DE14009299150001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131571602490602647 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\ "ProductStatus"=0 "InstallTime"=0x5F3796ACF278D401 "OneTimeSqmDataSent"=1 "OOBEInstallTime"=0x0E385C4A3779D401 "ManagedDefenderProductType"=0 "BackupLocation"=C:\Program Files\Windows Defender "DisableAntiSpyware"=1 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:817::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:817::200e?: temps=28 ms R?ponse de 2a00:1450:4007:817::200e?: temps=28 ms R?ponse de 2a00:1450:4007:817::200e?: temps=28 ms R?ponse de 2a00:1450:4007:817::200e?: temps=29 ms Statistiques Ping pour 2a00:1450:4007:817::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 28ms, Maximum = 29ms, Moyenne = 28ms ---------- | @ [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://samsung17win10.msn.com/?pc=SMTE "Default_Page_URL"=http://samsung17win10.msn.com/?pc=SMTE "DisableFirstRunCustomize"=3 "Use FormSuggest"=yes "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000002A000000804A9B152BCBEAAEC003CEBFB41210852AD45E2B80FD2F41EE55B5AA470D7D082536A145884F88E456F7020000000E00000058356774517A6770783563253364 "ImageStoreRandomFolder"=oqabdi2 [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=1 "ZonesSecurityUpgrade"=0xE5419B314279D401 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [11/11/2018 06:10:49] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [29/09/2017 14:41:47] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7B5E17A5-1DFB-4269-9519-177F01849132} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7B5E17A5-1DFB-4269-9519-177F01849132} ---------- | Extensions ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings ---------- | Ext\Stats ---------- | Browser Helper Objects ---------- | Chrome ---------- | Opera ---------- | Firefox ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "DhcpNameServer"=192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4FC4FAB8-DD2C-3F8B-B378-F6EF65C0EC05}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{25FFAAD0-F4A3-4164-95FF-4461E9F35D51}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{54BDBDCB-ED26-30CA-BFFC-5B5E414C3793}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5A604D2C-E968-429B-8327-62B5CE52126D}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Classes\Applications\opera.exe] : "C:\Users\jean-\AppData\Local\Programs\Opera\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\Launcher.exe] : "C:\Users\jean-\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Launcher.exe] : "C:\Users\jean-\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: Local Service Credential UI Broker - AppID: {00944ad3-b2ad-4bcf-9202-59bf4662d521} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: IntelCpHeciSvc - AppID: {11AC3232-E7D7-49CD-ABFE-501700100B3A} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: RuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A} Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC} Name: CoreDpusSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC} Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: AvAScr - AppID: {66A841F2-956C-4631-BFE7-C90225F417D6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887} Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: IntelCpHDCPSvc - AppID: {84081F6F-8B2D-4FFE-AF7F-E72D488FABEB} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74} Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B} Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d} Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Windows.Internal.Security.SmartScreen.NetworkFiltering.NetworkFilter - AppID: {d339785e-44b3-4ce6-b01f-83a55a1b7da0} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: Microsoft Volumetric Audio Compositor - AppID: {DD7B2C49-A779-4055-BBD5-7C96F502F97F} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-503" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-3859068477-1314311106-1651661491-1685393560" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "DevicesFlow"=DevicesFlowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "smbsvcs"=lanmanserver browser "osrss"=osrss [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\AppDataLow] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Avast Software] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Browser Cleanup] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Chromium] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Clients] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\DRP] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\drpsu] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Google] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Intel] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Macromedia] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Opera Software] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Policies] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Realtek] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\RegisteredApplications] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\SyncEngines] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\sysinternals] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Wow6432Node] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Atheros] [HKLM\Software\Clients] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Samsung] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\ATHEROS] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\drpsu] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Qualcomm] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | FeatureControl [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "OneDrive.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "UNPUXHost.exe"="11000" "mshta.exe"="9999" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "mshta.exe"="9999" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" ---------- | The Created last ones ? Modified [MD5.00000000000000000000000000000000] - [11/11/2018 06:12:20] - |D| - [286643] - C:\Program Files (x86)\Mozilla Maintenance Service [MD5.5CDE14540712838961E3B63930CE8C5D] - [10/11/2018 22:33:15] - |A| - [3904304] - C:\Windows\explorer.exe [MD5.67422BB31C52F0E4697C2A413677E033] - [10/11/2018 22:32:45] - |A| - [976896] - C:\Windows\HelpPane.exe [MD5.00000000000000000000000000000000] - [11/11/2018 06:03:09] - |D| - [2046209] - C:\Windows\LastGood.Tmp [MD5.B9409DA24709883A9DAEF232E4994316] - [10/11/2018 13:40:04] - |A| - [4256] - C:\Windows\PFRO.log [MD5.263FB8547D41D08BCE3F59D935846264] - [11/11/2018 16:46:43] - |A| - [617] - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/11/2018 16:46:43] - |A| - [0] - C:\Windows\setuperr.log [MD5.00000000000000000000000000000000] - [10/11/2018 13:45:00] - |D| - [526625786] - C:\Windows\SoftwareDistribution [MD5.00000000000000000000000000000000] - [11/11/2018 08:20:44] - |D| - [6780876] - C:\Windows\UpdateAssistant [MD5.3E22255A12515C8C375A87F7A04BFB0C] - [11/11/2018 08:20:44] - |A| - [20480] - C:\Windows\Installer\SourceHash{52C1DD03-104E-4AC6-9DC6-21D585721ED1} [MD5.755B465DB05E547B84FCB5E2ABC6B121] - [10/11/2018 22:29:46] - |A| - [20480] - C:\Windows\Installer\SourceHash{91684B6D-153D-4C12-B6B1-59F7496BE44A} [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 22:29:46] - |A| - [0] - C:\Windows\Installer\wix{91684B6D-153D-4C12-B6B1-59F7496BE44A}.SchedServiceConfig.rmi [MD5.2B7002E9C7EA6B436F3A0F7C305AACD8] - [10/11/2018 22:09:17] - |A| - [511] - C:\Windows\system32\@NotifierToastIcon.png [MD5.C7567B202D1C86217A246A4E5DFD2E46] - [10/11/2018 22:32:48] - |A| - [231936] - C:\Windows\system32\aadauthhelper.dll [MD5.64D40F78623D00B075C54A0979504629] - [10/11/2018 22:32:57] - |A| - [623616] - C:\Windows\system32\aadcloudap.dll [MD5.15F695BDE38A22C16F0A102C06A26A25] - [10/11/2018 22:32:39] - |A| - [59392] - C:\Windows\system32\aadjcsp.dll [MD5.65043E8C3110E5C9E10CCE1A39B95ACF] - [10/11/2018 22:33:03] - |A| - [1238016] - C:\Windows\system32\aadtb.dll [MD5.B3DF3884831B1062762BBD3124437D70] - [10/11/2018 22:32:42] - |A| - [240640] - C:\Windows\system32\AboutSettingsHandlers.dll [MD5.8A51410FA1F05A051A005518AA5FC452] - [10/11/2018 22:32:35] - |A| - [312832] - C:\Windows\system32\AboveLockAppHost.dll [MD5.CD0720E15990B7B30868D0A330D885B3] - [10/11/2018 22:33:52] - |A| - [336384] - C:\Windows\system32\AcGenral.dll [MD5.9D51DB6E5FA80C21C39A4EDA0C17626D] - [10/11/2018 22:33:47] - |A| - [301056] - C:\Windows\system32\AcLayers.dll [MD5.B3095EC92D44D75E2C45C80E88EA7012] - [10/11/2018 22:32:45] - |A| - [5500928] - C:\Windows\system32\aclui.dll [MD5.8712F6267D6277B0D843103FAB5C31F3] - [10/11/2018 22:33:09] - |A| - [309760] - C:\Windows\system32\acmigration.dll [MD5.F284010B43126B1AC9E59A7018233E10] - [10/11/2018 22:32:33] - |A| - [186368] - C:\Windows\system32\ACPBackgroundManagerPolicy.dll [MD5.BF43A32C27A158EDFDADFFA0CFC4D15F] - [10/11/2018 22:32:37] - |A| - [79360] - C:\Windows\system32\acppage.dll [MD5.8A7B35883F5CFB0FAB9452636B95E7BC] - [10/11/2018 22:33:55] - |A| - [64000] - C:\Windows\system32\AcSpecfc.dll [MD5.4F30CAF7AAE8F252F18B67841B628681] - [10/11/2018 22:32:58] - |A| - [516096] - C:\Windows\system32\ActivationManager.dll [MD5.5B3B363AD651CAD6AC86E4B5DA0889D6] - [10/11/2018 22:33:06] - |A| - [1777664] - C:\Windows\system32\ActiveSyncProvider.dll [MD5.E67230D139EFD721BE5068D4F0992B39] - [10/11/2018 22:32:38] - |A| - [588800] - C:\Windows\system32\actxprxy.dll [MD5.268271CA8AC073C608A4ABC31D13871A] - [10/11/2018 22:32:35] - |A| - [87040] - C:\Windows\system32\adhsvc.dll [MD5.692CB7449A9609FC774301026B8A4086] - [10/11/2018 22:32:44] - |A| - [649376] - C:\Windows\system32\advapi32.dll [MD5.6C680F846EA3FE0F84C2C8F6D67BB29C] - [10/11/2018 22:33:09] - |A| - [689664] - C:\Windows\system32\aeinv.dll [MD5.EDC167DEAD0C41B9BE1C1586C6A45A63] - [10/11/2018 22:33:09] - |A| - [462848] - C:\Windows\system32\aepic.dll [MD5.EA1D962410B4F4D3AD3494A7C1752A15] - [10/11/2018 22:33:18] - |A| - [2868736] - C:\Windows\system32\aitstatic.exe [MD5.54EFF5C0838ABFCBBF1F47B5B9B5031F] - [10/11/2018 22:32:46] - |A| - [369664] - C:\Windows\system32\APHostService.dll [MD5.5DDFCD5E0C012256DAEE5A219051B345] - [10/11/2018 22:32:36] - |A| - [111544] - C:\Windows\system32\apisetschema.dll [MD5.D6C6880BD673533994FC9B35E9C1290F] - [10/11/2018 22:32:33] - |A| - [101376] - C:\Windows\system32\AppCapture.dll [MD5.CAEB6AF3A134352BBFD583CA6DF89F2C] - [10/11/2018 22:32:42] - |A| - [534528] - C:\Windows\system32\apphelp.dll [MD5.1C3B2AE4AFC859E5298D5C695961F6C4] - [10/11/2018 22:32:37] - |A| - [63656] - C:\Windows\system32\appidapi.dll [MD5.BBB70415033710D6D7D58DDF2B0A06FA] - [10/11/2018 22:32:34] - |A| - [120320] - C:\Windows\system32\appidsvc.dll [MD5.80EC3D699FE5590A5911C865F8220375] - [10/11/2018 22:32:33] - |A| - [24576] - C:\Windows\system32\appidtel.exe [MD5.BCC4309051EA72384E7D76545E8DE378] - [10/11/2018 22:32:34] - |A| - [144896] - C:\Windows\system32\appinfo.dll [MD5.E59099C0CB18D30B6C0D9C52D9C3E557] - [10/11/2018 22:32:44] - |A| - [336896] - C:\Windows\system32\AppLockerCSP.dll [MD5.20D03FC0FEBCB1D52F71CB7F4076467B] - [10/11/2018 22:33:09] - |A| - [1610752] - C:\Windows\system32\appraiser.dll [MD5.A5A600CA929194BFF81326A209D761D8] - [10/11/2018 22:32:57] - |A| - [636416] - C:\Windows\system32\AppReadiness.dll [MD5.C178FD308E153473076DB9ED6FFCC51E] - [10/11/2018 22:32:48] - |A| - [563632] - C:\Windows\system32\AppResolver.dll [MD5.3032C2E8E1EBBE4DE041C135F5FF44A9] - [10/11/2018 22:32:47] - |A| - [859648] - C:\Windows\system32\appwiz.cpl [MD5.32F593A1FA054374DDB88F60F3FBF4B3] - [10/11/2018 22:32:51] - |A| - [250368] - C:\Windows\system32\AppxAllUserStore.dll [MD5.D705A2A9BD671F776111BBB5B369E8B6] - [10/11/2018 22:32:58] - |A| - [688576] - C:\Windows\system32\AppXDeploymentClient.dll [MD5.7DDF820ABBC81CDE830EC2D775D6AAC5] - [10/11/2018 22:32:48] - |A| - [1496064] - C:\Windows\system32\AppXDeploymentExtensions.desktop.dll [MD5.C4B593A8187592BEE9E42CBAC5A0E865] - [10/11/2018 22:32:54] - |A| - [2212352] - C:\Windows\system32\AppXDeploymentExtensions.onecore.dll [MD5.E611A2D1901CE8B2E61AF055DAA4B12A] - [10/11/2018 22:33:13] - |A| - [3182080] - C:\Windows\system32\AppXDeploymentServer.dll [MD5.E5399452569B52242F196637E0315AF4] - [10/11/2018 22:32:30] - |A| - [125952] - C:\Windows\system32\AppxSysprep.dll [MD5.365FED0EC2439677A1ABC8632AFD090B] - [11/11/2018 06:10:58] - |A| - [378584] - C:\Windows\system32\aswBoot.exe [MD5.D529E228BFF36197B0502B9902DAC990] - [10/11/2018 22:32:51] - |A| - [383784] - C:\Windows\system32\atmfd.dll [MD5.FE6B10E1A858139B9FB61CDDB17CA9F9] - [10/11/2018 22:32:29] - |A| - [47104] - C:\Windows\system32\atmlib.dll [MD5.F4EA71F06346ABD6D976747DCCB7420D] - [10/11/2018 22:33:55] - |A| - [603920] - C:\Windows\system32\audiodg.exe [MD5.0A414BE36FFA16E9F20F94008E366AD6] - [10/11/2018 22:33:55] - |A| - [685056] - C:\Windows\system32\AudioEndpointBuilder.dll [MD5.AB56DC9F9794D5A5940A97026CA7ADFE] - [10/11/2018 22:33:56] - |A| - [1426672] - C:\Windows\system32\AudioEng.dll [MD5.76D4DE5D003A396ECA774BDD1DA4DBD2] - [10/11/2018 22:32:39] - |A| - [413888] - C:\Windows\system32\AUDIOKSE.dll [MD5.C9C3048A7119ABB0C5292F30CC0957B8] - [10/11/2018 22:33:52] - |A| - [1170008] - C:\Windows\system32\AudioSes.dll [MD5.57D7504862058467BA8FB8D988E6D372] - [10/11/2018 22:33:57] - |A| - [1488384] - C:\Windows\system32\audiosrv.dll [MD5.26DF06A387B99C6505AC8AE9063C68EA] - [10/11/2018 22:32:41] - |A| - [5105664] - C:\Windows\system32\AuthFWSnapin.dll [MD5.BA9FC5B6C212625033FA4BB076B8513D] - [10/11/2018 22:32:52] - |A| - [526336] - C:\Windows\system32\authui.dll [MD5.CA193EE81EF42D3B39D69736123B5768] - [10/11/2018 22:32:35] - |A| - [288768] - C:\Windows\system32\authz.dll [MD5.5A0334E3E3372652D597B0A782D74D58] - [10/11/2018 22:32:59] - |A| - [1925120] - C:\Windows\system32\AzureSettingSyncProvider.dll [MD5.307924EB13B316CFC0094CC1C2FD4857] - [10/11/2018 22:32:40] - |A| - [204264] - C:\Windows\system32\basecsp.dll [MD5.508B4888B5079FC5BBEBF92EDB2B5D98] - [10/11/2018 22:32:30] - |A| - [1670656] - C:\Windows\system32\batmeter.dll [MD5.47F5AE22BF4B378AB77512177FE6C909] - [10/11/2018 22:32:40] - |A| - [1113600] - C:\Windows\system32\bcastdvr.exe [MD5.E8ECABD0EF4490D7980747DD1780D03F] - [10/11/2018 22:32:38] - |A| - [457728] - C:\Windows\system32\bcdedit.exe [MD5.08CDA21039521CAF71891D978EF7763F] - [10/11/2018 22:32:40] - |A| - [137552] - C:\Windows\system32\bcrypt.dll [MD5.C02AAE18FAFB1BE1660072AF4FD0AD7C] - [10/11/2018 22:33:09] - |A| - [465512] - C:\Windows\system32\bcryptprimitives.dll [MD5.F6262869E673CC957C5D820C67F34D2F] - [10/11/2018 22:32:58] - |A| - [840192] - C:\Windows\system32\BFE.DLL [MD5.368342C6AAE2A07B3C3CEE757335589A] - [10/11/2018 22:33:19] - |A| - [8727552] - C:\Windows\system32\BingMaps.dll [MD5.80A9370CB3E4D0FACAA9F29D81EB995B] - [10/11/2018 22:33:01] - |A| - [814080] - C:\Windows\system32\bisrv.dll [MD5.168424450BCD688D24629C39CC5EB778] - [10/11/2018 22:32:42] - |A| - [182272] - C:\Windows\system32\BitLockerCsp.dll [MD5.9B71952C6DA6ABE5B703DDD49648DAE8] - [10/11/2018 22:32:35] - |A| - [3756032] - C:\Windows\system32\bootux.dll [MD5.5412090A6BD30C90963C1A06ED585837] - [10/11/2018 22:32:29] - |A| - [262656] - C:\Windows\system32\BrokerLib.dll [MD5.1CB708EF7EB20B5C39CB80797EF9BF9A] - [10/11/2018 22:33:00] - |A| - [248328] - C:\Windows\system32\browserbroker.dll [MD5.4519C5AD45D946572B39B2D57FFEB657] - [10/11/2018 22:32:35] - |A| - [331264] - C:\Windows\system32\browserexport.exe [MD5.6DF6C72920870AF5D39C0E3C5361B409] - [10/11/2018 22:32:34] - |A| - [153600] - C:\Windows\system32\BrowserSettingSync.dll [MD5.69AE5D398A856800E0CC4AA1EB6EC08B] - [10/11/2018 22:32:37] - |A| - [58880] - C:\Windows\system32\ByteCodeGenerator.exe [MD5.094380D265797103F3456721FC09FD44] - [10/11/2018 22:32:47] - |A| - [483840] - C:\Windows\system32\catsrvut.dll [MD5.5C916F82803C81774D13B3897D3C5140] - [10/11/2018 22:33:17] - |A| - [5195776] - C:\Windows\system32\cdp.dll [MD5.6F9F9FA8976D9A45D3C75E7A49AC9995] - [10/11/2018 22:32:43] - |A| - [484352] - C:\Windows\system32\cdpusersvc.dll [MD5.6286CBE87B64AB7D1F59E3375A2FF3F4] - [10/11/2018 22:32:35] - |A| - [188928] - C:\Windows\system32\certprop.dll [MD5.16B252604B9251685E1ABCDF25123DA8] - [10/11/2018 22:33:54] - |A| - [8065024] - C:\Windows\system32\Chakra.dll [MD5.CA24C9845B8FEE72C0003B8AE034B95B] - [10/11/2018 22:33:56] - |A| - [104960] - C:\Windows\system32\Chakradiag.dll [MD5.319D29D7DC0B2FB1480003CEF0570C29] - [10/11/2018 22:33:10] - |A| - [712528] - C:\Windows\system32\ci.dll [MD5.0C34AE2C3F0D0EEF7C2F4E8C6CFC7888] - [10/11/2018 22:32:38] - |A| - [86528] - C:\Windows\system32\cldapi.dll [MD5.29F84DD1674AE3BC501974D14C095E3C] - [10/11/2018 22:32:58] - |A| - [824904] - C:\Windows\system32\ClipSVC.dll [MD5.C5E70132CD00D314CD0F662F8EE2E4A4] - [10/11/2018 22:32:56] - |A| - [384512] - C:\Windows\system32\cloudAP.dll [MD5.E89306A046F3EFE7B58436691378EC04] - [10/11/2018 22:32:36] - |A| - [300544] - C:\Windows\system32\CloudBackupSettings.dll [MD5.0C6D3D719D71149ED670E1E8884C2D1A] - [10/11/2018 22:32:46] - |A| - [406312] - C:\Windows\system32\CloudExperienceHost.dll [MD5.0360BF95DA699F4E86A5EA2D8AA3EFCE] - [10/11/2018 22:33:05] - |A| - [436632] - C:\Windows\system32\CloudExperienceHostCommon.dll [MD5.FF7918BF603D5C43BACAD2312C2236D8] - [10/11/2018 22:32:38] - |A| - [92032] - C:\Windows\system32\CloudNotifications.exe [MD5.108F518C45C9DE6B686BD084BA7C9657] - [10/11/2018 22:32:38] - |A| - [198440] - C:\Windows\system32\CloudStorageWizard.exe [MD5.789A3A3D760237153A6E7B782432926C] - [10/11/2018 22:33:13] - |A| - [3180176] - C:\Windows\system32\combase.dll [MD5.4A06A1ED4BD35CA556B5F112A77F9A34] - [10/11/2018 22:32:40] - |A| - [661920] - C:\Windows\system32\comctl32.dll [MD5.7FF05EE65D07CABDF6F92C39D2064D8D] - [10/11/2018 22:33:00] - |A| - [1057792] - C:\Windows\system32\comdlg32.dll [MD5.73D1066EBFE3A7D39EE4D66F6C46C63A] - [10/11/2018 22:33:03] - |A| - [144896] - C:\Windows\system32\CompatTelRunner.exe [MD5.08066A6791393DC56D026EF288599C1E] - [10/11/2018 22:32:38] - |A| - [89288] - C:\Windows\system32\CompPkgSup.dll [MD5.9766948B92D01B34BF81358627A00EF5] - [10/11/2018 22:32:33] - |A| - [308736] - C:\Windows\system32\compstui.dll [MD5.37B884A0C7F80DFA7F1D36383560A76A] - [10/11/2018 22:33:04] - |A| - [1717248] - C:\Windows\system32\comsvcs.dll [MD5.8754B1C1BD7CA26428ACB01D3E660682] - [10/11/2018 22:32:43] - |A| - [157592] - C:\Windows\system32\consent.exe [MD5.8BC54762701B089D9A78DA3C15873F14] - [10/11/2018 22:32:40] - |A| - [212992] - C:\Windows\system32\container.dll [MD5.BD09EFD7B81A495C3777BC58F8E382BD] - [10/11/2018 22:32:58] - |A| - [1488288] - C:\Windows\system32\ContentDeliveryManager.Utilities.dll [MD5.FBE86E6A6837A9D682D5EC5ECFB05A61] - [10/11/2018 22:32:31] - |A| - [232960] - C:\Windows\system32\convertvhd.exe [MD5.4B64B776A3966C92AD5059A3A3E517E8] - [10/11/2018 22:32:35] - |A| - [252416] - C:\Windows\system32\coredpus.dll [MD5.8C1FEB1040175052F5C642042E18A579] - [10/11/2018 22:33:01] - |A| - [898288] - C:\Windows\system32\CoreMessaging.dll [MD5.67FBB51F6BB6306CDFF015AF331A3750] - [10/11/2018 22:33:15] - |A| - [3077272] - C:\Windows\system32\CoreUIComponents.dll [MD5.971C66154AB48E2B0BBE14D85C26AFB8] - [10/11/2018 22:32:33] - |A| - [200704] - C:\Windows\system32\CourtesyEngine.dll [MD5.60B76F7C3A0A39827FD6C39AEC138051] - [10/11/2018 22:32:51] - |A| - [870912] - C:\Windows\system32\CPFilters.dll [MD5.F71A8D267ACFB7DD05DE14785D4A4BB2] - [10/11/2018 22:32:41] - |A| - [101888] - C:\Windows\system32\CredProv2faHelper.dll [MD5.2286AD84D8FE33FF746503F995D3042A] - [10/11/2018 22:32:58] - |A| - [459776] - C:\Windows\system32\CredProvDataModel.dll [MD5.A06A55172BC0A500C71434B42AD83AE7] - [10/11/2018 22:32:44] - |A| - [262656] - C:\Windows\system32\credprovhost.dll [MD5.6A72F6A7AFC71C5F616DEF3A60E7A59A] - [10/11/2018 22:32:44] - |A| - [225792] - C:\Windows\system32\credprovs.dll [MD5.5CFAC7FF04BDF532E38A1EC5B220D746] - [10/11/2018 22:32:29] - |A| - [23552] - C:\Windows\system32\credssp.dll [MD5.2C99BD96DA2C08A4DF912A4EE468613A] - [10/11/2018 22:32:47] - |A| - [1873944] - C:\Windows\system32\crypt32.dll [MD5.57A7EC3D2B24DE7E1614EB1C9F487509] - [10/11/2018 22:32:41] - |A| - [126464] - C:\Windows\system32\cryptcatsvc.dll [MD5.2DADAE45FD2645B3BDAC96A6B7CAE1F0] - [10/11/2018 22:32:44] - |A| - [592384] - C:\Windows\system32\cryptui.dll [MD5.7EB69AE14BD62070345DEFE4F75824B0] - [10/11/2018 22:32:41] - |A| - [164864] - C:\Windows\system32\cscript.exe [MD5.6F6528AA5D7BB5CF3065FAE167419992] - [10/11/2018 22:33:45] - |A| - [7831760] - C:\Windows\system32\d3d10warp.dll [MD5.9027EA175C52B335236196A4075A2ABD] - [10/11/2018 22:33:12] - |A| - [3009736] - C:\Windows\system32\d3d11.dll [MD5.B0327832C64CF0C704A93E14612D0F8A] - [10/11/2018 22:33:05] - |A| - [1416392] - C:\Windows\system32\D3D12.dll [MD5.DE99750CF68F639683435AD1375B0F39] - [10/11/2018 22:33:03] - |A| - [1642520] - C:\Windows\system32\d3d9.dll [MD5.BD22DA95CD4C11BE4FA235D891D63573] - [10/11/2018 22:32:57] - |A| - [830464] - C:\Windows\system32\d3d9on12.dll [MD5.BD438C62BAAE1F3821A7B6B8CC21CBAB] - [10/11/2018 22:32:35] - |A| - [107520] - C:\Windows\system32\dab.dll [MD5.0EA11C30694C39A326152C66EBF24C72] - [10/11/2018 22:32:34] - |A| - [119296] - C:\Windows\system32\DafPrintProvider.dll [MD5.FB1C407BF8B1DD0744D0EDD31BE598F7] - [10/11/2018 22:32:52] - |A| - [271872] - C:\Windows\system32\DAFWSD.dll [MD5.A45B720B90F84A68AECB6E305C17B126] - [10/11/2018 22:32:30] - |A| - [84992] - C:\Windows\system32\DataStoreCacheDumpTool.exe [MD5.12B469EDEDAF69DBB39C12289D16405E] - [10/11/2018 22:32:37] - |A| - [93696] - C:\Windows\system32\davclnt.dll [MD5.297A3E1244911787921EADCA55D2A930] - [10/11/2018 22:32:56] - |A| - [535040] - C:\Windows\system32\daxexec.dll [MD5.7ACA5437F1A1ADFBFB17C225FF6638F9] - [10/11/2018 22:33:17] - |A| - [5833216] - C:\Windows\system32\dbgeng.dll [MD5.5D5CAA6D653D396CAF17799ECCA7AEF7] - [10/11/2018 22:32:47] - |A| - [666624] - C:\Windows\system32\DbgModel.dll [MD5.CBBF45E241F02F9D863497B2E60958F2] - [10/11/2018 22:32:58] - |A| - [480768] - C:\Windows\system32\dcntel.dll [MD5.2FBE8D307D281F7F165F6FD3EF3B9B5A] - [10/11/2018 22:32:35] - |A| - [311808] - C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll [MD5.C7BF3EC1D48A0B2CBC1ADA74D2FA86D8] - [10/11/2018 22:32:39] - |A| - [35368] - C:\Windows\system32\DeviceCensus.exe [MD5.07380343D749A66AC5934C608BA7E456] - [10/11/2018 22:32:35] - |A| - [356352] - C:\Windows\system32\DeviceEnroller.exe [MD5.BB8B97CFB154F3CACB1A69A63714284C] - [10/11/2018 22:32:36] - |A| - [566272] - C:\Windows\system32\DevicePairing.dll [MD5.883348A614C2A6666E8E0F2D7A4E2D1B] - [10/11/2018 22:32:39] - |A| - [100136] - C:\Windows\system32\DeviceReactivation.dll [MD5.BB73FD1329739982C2915AB827A01362] - [10/11/2018 22:32:47] - |A| - [238080] - C:\Windows\system32\DeviceSetupManager.dll [MD5.7C61103F8ADB474EA2E56F3B9B533B8A] - [10/11/2018 22:32:40] - |A| - [84992] - C:\Windows\system32\DeviceUpdateAgent.dll [MD5.E9DA385422C0E1A4456C82039735B643] - [10/11/2018 22:33:09] - |A| - [612352] - C:\Windows\system32\devinv.dll [MD5.FDB38FF469568190277A694D1BF599F5] - [10/11/2018 22:32:29] - |A| - [379392] - C:\Windows\system32\dhcpcore.dll [MD5.2D62FA8D0FB596F610BC818CF2265CA5] - [10/11/2018 22:32:29] - |A| - [298496] - C:\Windows\system32\dhcpcore6.dll [MD5.26DE1F77BFA5A95834427A6449F9DF62] - [10/11/2018 22:33:46] - |A| - [666112] - C:\Windows\system32\DHolographicDisplay.dll [MD5.F9B6DFE20798C1CAD518DDD74F7C81C7] - [10/11/2018 22:33:42] - |A| - [2637312] - C:\Windows\system32\diagtrack.dll [MD5.23E935F494FC0407AFF24788CEC40607] - [10/11/2018 22:32:43] - |A| - [474112] - C:\Windows\system32\DictationManager.dll [MD5.BE5F07BA486D34048EC9B0B40E2565DE] - [10/11/2018 22:32:39] - |A| - [165376] - C:\Windows\system32\dinput.dll [MD5.A53C3A6225F1E29923DD452B340919DE] - [10/11/2018 22:32:41] - |A| - [216576] - C:\Windows\system32\dinput8.dll [MD5.5EE46ED78742D939459BA3A7237C486B] - [10/11/2018 22:32:43] - |A| - [164864] - C:\Windows\system32\dmcertinst.exe [MD5.F77D48A838B18FCD75682DA59AEE6509] - [10/11/2018 22:32:39] - |A| - [102912] - C:\Windows\system32\dmclient.exe [MD5.BEE525570C56BB4C40FCE695672CE217] - [10/11/2018 22:32:52] - |A| - [518144] - C:\Windows\system32\dmenrollengine.dll [MD5.4FD3168268A6EDC0934B79A6C0FDA89B] - [10/11/2018 22:33:53] - |A| - [739184] - C:\Windows\system32\dnsapi.dll [MD5.1FB9A9A07395E096500EBA2417E4ECA2] - [10/11/2018 22:32:38] - |A| - [286720] - C:\Windows\system32\dnsrslvr.dll [MD5.1914F98652EE03B69B5CA3FA3E8BA4BB] - [10/11/2018 22:32:48] - |A| - [758272] - C:\Windows\system32\DolbyHrtfEnc.dll [MD5.62FF46285672FBA33833996CBA519BA7] - [10/11/2018 22:09:47] - |A| - [253440] - C:\Windows\system32\domgmt.dll [MD5.0A8B601A9E46EC8A15A9A3CEE5805D2F] - [10/11/2018 22:33:08] - |A| - [1342976] - C:\Windows\system32\dosvc.dll [MD5.E1C233826ECA1E52672052C49BD42485] - [10/11/2018 22:32:29] - |A| - [253440] - C:\Windows\system32\dot3svc.dll [MD5.DC06411C7EAF74500832231D2D6CF13B] - [10/11/2018 22:32:31] - |A| - [691200] - C:\Windows\system32\dsreg.dll [MD5.76CF3EA2EAA8ABA00C4683E9A59B4AC8] - [10/11/2018 22:32:35] - |A| - [151552] - C:\Windows\system32\dssvc.dll [MD5.A05724426389EBC1351E3D6F95CF3EAC] - [10/11/2018 22:32:48] - |A| - [334848] - C:\Windows\system32\dusmsvc.dll [MD5.BF713D9C580BC58934FED58E6562EAD5] - [10/11/2018 22:33:51] - |A| - [2858496] - C:\Windows\system32\dwmcore.dll [MD5.376A34262993DEB4FA6CB778FB5B9B07] - [10/11/2018 22:33:11] - |A| - [3161088] - C:\Windows\system32\DWrite.dll [MD5.46D2F0E302BD88193D3FEDF1FE9EF250] - [10/11/2018 22:32:51] - |A| - [703536] - C:\Windows\system32\dxgi.dll [MD5.164B7EC29CEFC6E2094DE1B3BD451369] - [10/11/2018 22:32:38] - |A| - [456704] - C:\Windows\system32\dxtmsft.dll [MD5.64566825EE87823ADFC904028CD3C0D0] - [10/11/2018 22:32:42] - |A| - [276480] - C:\Windows\system32\dxtrans.dll [MD5.3F508EE631EEBAA744C32B9A9B2D90F8] - [10/11/2018 22:32:38] - |A| - [64512] - C:\Windows\system32\EASPolicyManagerBrokerHost.exe [MD5.28342495F3755D2C7681045BC700305C] - [10/11/2018 22:32:35] - |A| - [14336] - C:\Windows\system32\EasPolicyManagerBrokerPS.dll [MD5.302A61D284C19A952BD8A140CD2A31CB] - [10/11/2018 22:33:48] - |A| - [25267200] - C:\Windows\system32\edgehtml.dll [MD5.901D21CC99BBEA7237F37C2D1C6136E7] - [10/11/2018 22:32:57] - |A| - [536064] - C:\Windows\system32\edgeIso.dll [MD5.7CF99E773C464877A988B1CEC91A787C] - [10/11/2018 22:32:40] - |A| - [200704] - C:\Windows\system32\EdgeManager.dll [MD5.D36BCEDC8E72B82DC957F711D8696A44] - [10/11/2018 22:32:33] - |A| - [83968] - C:\Windows\system32\EditBufferTestHook.dll [MD5.76C8BA3C19BA2FDA6B02906D28BF7D2F] - [10/11/2018 22:32:29] - |A| - [177152] - C:\Windows\system32\EditionUpgradeHelper.dll [MD5.115F56B5DF2E103D6D5D99044FFEF6C2] - [10/11/2018 22:32:44] - |A| - [716288] - C:\Windows\system32\EditionUpgradeManagerObj.dll [MD5.F444186533C53A4825A27F7A3B3E62CD] - [10/11/2018 22:32:41] - |A| - [255488] - C:\Windows\system32\edputil.dll [MD5.BD57476ED17768520DC2996A703E85C3] - [10/11/2018 22:32:59] - |A| - [1029536] - C:\Windows\system32\efscore.dll [MD5.A089F15CF85978796DE211D3075F0CE8] - [10/11/2018 22:32:29] - |A| - [81408] - C:\Windows\system32\efslsaext.dll [MD5.378A30A40DF26E089B46F66069BDD1F8] - [10/11/2018 22:32:29] - |A| - [57856] - C:\Windows\system32\efssvc.dll [MD5.88E11DC055F1596989FAF715EA75B816] - [10/11/2018 22:32:49] - |A| - [634880] - C:\Windows\system32\efswrt.dll [MD5.63780C98D82C438FFC4B82185CA30CB4] - [10/11/2018 22:32:44] - |A| - [434176] - C:\Windows\system32\EncDec.dll [MD5.9E15122839C37BF84C5AAFBE21D39749] - [10/11/2018 22:32:40] - |A| - [215552] - C:\Windows\system32\enrollmentapi.dll [MD5.358554029D6645AADCF103BA18D22DC7] - [10/11/2018 22:32:33] - |A| - [25088] - C:\Windows\system32\EnterpriseAppMgmtClient.dll [MD5.3BC17ABD52295C64A8BEE3CF4B244B12] - [10/11/2018 22:32:43] - |A| - [302592] - C:\Windows\system32\EnterpriseAppMgmtSvc.dll [MD5.7E80995DE12712E56B8B0ADEB442B5E7] - [10/11/2018 22:32:57] - |A| - [1574912] - C:\Windows\system32\enterprisecsps.dll [MD5.DBDFEFD6ED5B807388C1943BACCCDBE4] - [10/11/2018 22:32:33] - |A| - [88576] - C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll [MD5.07E28F922D6F686348C5A28D4CF4476B] - [10/11/2018 22:32:35] - |A| - [109568] - C:\Windows\system32\eShims.dll [MD5.9D7D33BEF975A084CDC8DC9B2B1EA3DB] - [10/11/2018 22:32:59] - |A| - [755712] - C:\Windows\system32\evr.dll [MD5.FC8442D6B1C03CCEC5A16F681DAAF201] - [10/11/2018 22:32:49] - |A| - [292864] - C:\Windows\system32\ExecModelClient.dll [MD5.6C8A6E37851EA7538820B3426E5510B7] - [10/11/2018 22:33:04] - |A| - [4772352] - C:\Windows\system32\ExplorerFrame.dll [MD5.9576E963E56024AB319403C1FD86B5DA] - [10/11/2018 22:33:45] - |A| - [975360] - C:\Windows\system32\FaceProcessor.dll [MD5.72166BD7CA6CCD71EE2DC7F72EC42862] - [10/11/2018 22:33:45] - |A| - [269720] - C:\Windows\system32\FaceProcessorCore.dll [MD5.365DDDE9AE10319ED840D9289716650D] - [10/11/2018 22:32:33] - |A| - [155136] - C:\Windows\system32\fdeploy.dll [MD5.C8F7F0ED919EEAE6F9430E65390A94AD] - [10/11/2018 22:32:29] - |A| - [58368] - C:\Windows\system32\fdPnp.dll [MD5.017CE932B1C642DD1639370200A9618D] - [10/11/2018 22:32:29] - |A| - [29184] - C:\Windows\system32\fdWNet.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - [10/11/2018 22:09:47] - |A| - [74716] - C:\Windows\system32\FeatureToastHeroImg.jpg [MD5.8DB0A301B592AAD6AB548CFCF771091E] - [10/11/2018 22:33:52] - |A| - [542208] - C:\Windows\system32\FirewallAPI.dll [MD5.D9E18DDDC08B77E634F2AFEF0CC551FF] - [10/11/2018 22:33:05] - |A| - [1967104] - C:\Windows\system32\FntCache.dll [MD5.ED595468F7BC7A29BCE97B327F7E9C80] - [10/11/2018 22:33:11] - |A| - [781384] - C:\Windows\system32\fontdrvhost.exe [MD5.473DE64499A4EA699A95D3F907C41E88] - [10/11/2018 22:32:35] - |A| - [965632] - C:\Windows\system32\fontext.dll [MD5.8FDF57C98BB3D82B6968D4606372599D] - [10/11/2018 22:32:35] - |A| - [141824] - C:\Windows\system32\FontProvider.dll [MD5.5FA260E2C8D0DA42EC862536C50D1381] - [10/11/2018 22:32:40] - |A| - [121856] - C:\Windows\system32\fontsub.dll [MD5.27F4211199EB5A8E5169020B88EE201C] - [10/11/2018 22:32:58] - |A| - [667136] - C:\Windows\system32\FrameServer.dll [MD5.D13E7221130C8AB2DEAC6CADF1C65E23] - [10/11/2018 22:32:33] - |A| - [82944] - C:\Windows\system32\frprov.dll [MD5.84471E2E955A6BD7CF9BEB7421C0734D] - [10/11/2018 22:32:45] - |A| - [306688] - C:\Windows\system32\FSClient.dll [MD5.4B72A5274B42B64ADA7CE6D89122DA35] - [10/11/2018 22:32:39] - |A| - [98272] - C:\Windows\system32\FsIso.exe [MD5.F4AE2ECB766D7FF7025F9A3F8B9EA343] - [10/11/2018 22:32:44] - |A| - [216064] - C:\Windows\system32\fwpolicyiomgr.dll [MD5.DEA580AB8F7CD6A2C27EEDCCA8124951] - [10/11/2018 22:32:49] - |A| - [1297920] - C:\Windows\system32\GamePanel.exe [MD5.27AB670019D08100BE61CB47D41E3023] - [10/11/2018 22:32:33] - |A| - [28160] - C:\Windows\system32\GamePanelExternalHook.dll [MD5.098E31F8AF7CBE1EB289F0E8C4672D1B] - [10/11/2018 22:32:37] - |A| - [2523136] - C:\Windows\system32\gameux.dll [MD5.124D05EE91361B77C6D615D55CC2F289] - [10/11/2018 22:32:46] - |A| - [174080] - C:\Windows\system32\gamingtcui.dll [MD5.A690DB93AE821579CA2DF940748A58F2] - [10/11/2018 22:32:41] - |A| - [155440] - C:\Windows\system32\gdi32.dll [MD5.18FFF79BA9DA4DB316F40D7CE94063FB] - [10/11/2018 22:33:15] - |A| - [1638528] - C:\Windows\system32\gdi32full.dll [MD5.2A137193C0599353BC5E0BD6DF483304] - [10/11/2018 22:32:47] - |A| - [1664512] - C:\Windows\system32\GdiPlus.dll [MD5.C6F7AD0B2600740E9008BB6E643838D3] - [10/11/2018 22:33:03] - |A| - [792568] - C:\Windows\system32\generaltel.dll [MD5.EDE76DE334861DA0D4BB6A2C465E9303] - [10/11/2018 22:32:58] - |A| - [496640] - C:\Windows\system32\Geolocation.dll [MD5.A6A5D33F2105FCE988BD058DAAEA9B6E] - [10/11/2018 22:32:39] - |A| - [325632] - C:\Windows\system32\GlobCollationHost.dll [MD5.44A8F60A38C87271B582FE4DEEAF73E0] - [10/11/2018 22:33:44] - |A| - [4876800] - C:\Windows\system32\gnsdk_fp.dll [MD5.A6D0AE61FDBA546491A4318721F6A5CF] - [10/11/2018 22:32:36] - |A| - [127136] - C:\Windows\system32\gpapi.dll [MD5.846347C05DBC7C49143D9723EC3714E9] - [10/11/2018 22:32:37] - |A| - [1275904] - C:\Windows\system32\gpsvc.dll [MD5.336ADF701A525A3974BB74A2E1D33C32] - [10/11/2018 22:32:48] - |A| - [471968] - C:\Windows\system32\hal.dll [MD5.4017AECCD2CCAC9DF39130FF4C93D5D3] - [10/11/2018 22:32:35] - |A| - [85504] - C:\Windows\system32\hascsp.dll [MD5.089B5DF78AF7572942D49285B9DECEC0] - [10/11/2018 22:32:38] - |A| - [325832] - C:\Windows\system32\HdcpHandler.dll [MD5.5CDBD81BBF8EEB928E9619CB0C939413] - [10/11/2018 22:32:39] - |A| - [640000] - C:\Windows\system32\HeadTrackerStorage.dll [MD5.181D4A848B7CB99E6562474BF59C44B2] - [10/11/2018 22:32:35] - |A| - [621056] - C:\Windows\system32\hgcpl.dll [MD5.677C3CDAF042D99BD402CA3C2FD03CD5] - [10/11/2018 22:32:53] - |A| - [657408] - C:\Windows\system32\hhctrl.ocx [MD5.524496D74062801DCC1749D2B306EF11] - [10/11/2018 22:32:35] - |A| - [99328] - C:\Windows\system32\hlink.dll [MD5.3FB22CE7626BF960D4959CED5E93FCCC] - [10/11/2018 22:33:45] - |A| - [17084928] - C:\Windows\system32\HologramCompositor.dll [MD5.50DE27F1F640B970BB3C7D6D273E8D60] - [10/11/2018 22:33:25] - |A| - [543232] - C:\Windows\system32\HolographicExtensions.dll [MD5.ED6BABDA09C609690F8C9C9DFA6BC8C5] - [10/11/2018 22:33:46] - |A| - [336896] - C:\Windows\system32\HolographicRuntimes.dll [MD5.66F765B1865F0EE9BB4B52D2F253F0CC] - [10/11/2018 22:32:39] - |A| - [230912] - C:\Windows\system32\HoloShellRuntime.dll [MD5.0CF1459F51A30C2D695BCC16302CBE1B] - [10/11/2018 22:32:51] - |A| - [416768] - C:\Windows\system32\html.iec [MD5.1F19647CBA14376080C8C74EEA8CD93B] - [10/11/2018 22:32:29] - |A| - [125440] - C:\Windows\system32\httpprxm.dll [MD5.1607BD94B545A080C84AB74FA4BCB345] - [10/11/2018 22:33:54] - |A| - [1069032] - C:\Windows\system32\hvax64.exe [MD5.C4450D832472A5A973082D84DED16DCF] - [10/11/2018 22:32:37] - |A| - [60320] - C:\Windows\system32\hvhostsvc.dll [MD5.93AF1D8C76264449B97A1BE60CFFECB1] - [10/11/2018 22:33:49] - |A| - [1254184] - C:\Windows\system32\hvix64.exe [MD5.401F8B3809BCA1A9A71D8825F3D7B126] - [10/11/2018 22:32:40] - |A| - [78304] - C:\Windows\system32\hvloader.dll [MD5.35F87043444504FFE9D220CA78152F81] - [10/11/2018 22:33:44] - |A| - [21754880] - C:\Windows\system32\Hydrogen.dll [MD5.4ABBF315B97DBA5053FD689ED01DE87D] - [10/11/2018 22:32:36] - |A| - [113568] - C:\Windows\system32\icfupgd.dll [MD5.E1B89703CF7A52E4A18FFC39B1AAD916] - [10/11/2018 22:32:36] - |A| - [245248] - C:\Windows\system32\icm32.dll [MD5.49E87146F7EB33F1570D4F19D3431296] - [10/11/2018 22:32:33] - |A| - [72192] - C:\Windows\system32\IcsEntitlementHost.exe [MD5.16071A66A9313085B54037B5D7D1C353] - [10/11/2018 22:32:29] - |A| - [286208] - C:\Windows\system32\icsvc.dll [MD5.F03A5454EAE669167639CA3F2EDF73B1] - [10/11/2018 22:32:29] - |A| - [309760] - C:\Windows\system32\icsvcext.dll [MD5.8E2C97F29AAC07323245584B279B843D] - [10/11/2018 22:32:36] - |A| - [112640] - C:\Windows\system32\IdCtrls.dll [MD5.B6F64637439B1CAAF9A6B96A37A83B75] - [10/11/2018 22:32:41] - |A| - [229888] - C:\Windows\system32\ie4uinit.exe [MD5.49E80B31EACFA85C923C3662CD0ADEFA] - [10/11/2018 22:32:30] - |A| - [143360] - C:\Windows\system32\IEAdvpack.dll [MD5.A57A0291CAFD8D68E719563D7300460C] - [10/11/2018 22:32:59] - |A| - [1597952] - C:\Windows\system32\ieapfltr.dll [MD5.2EC79671C5F0F09EC06985D410718C59] - [10/11/2018 22:32:47] - |A| - [392704] - C:\Windows\system32\iedkcs32.dll [MD5.23341359B39A1AFDCF84A1C9BCCE88C2] - [10/11/2018 22:33:28] - |A| - [12832768] - C:\Windows\system32\ieframe.dll [MD5.A2D646DFDABBD41986990289CB5D7F8E] - [10/11/2018 22:32:30] - |A| - [142848] - C:\Windows\system32\iepeers.dll [MD5.D68D2488D664B6D7AB4F71498ABEFCC6] - [10/11/2018 22:32:56] - |A| - [816128] - C:\Windows\system32\ieproxy.dll [MD5.E22ED27C52605C52D1ADEEF867BDE5F2] - [10/11/2018 22:32:30] - |A| - [46080] - C:\Windows\system32\iernonce.dll [MD5.67AD0DC19061BD15B4FFFFB1BAFF5FE7] - [10/11/2018 22:33:08] - |A| - [2737464] - C:\Windows\system32\iertutil.dll [MD5.5DD8C49F75649B48746B8411665E9B04] - [10/11/2018 22:32:30] - |A| - [78336] - C:\Windows\system32\iesetup.dll [MD5.852843AF82669C327630B307F8E7C0FB] - [10/11/2018 22:32:30] - |A| - [117760] - C:\Windows\system32\iesysprep.dll [MD5.32162FE7FA515D40E162985C42ABBF81] - [10/11/2018 22:32:51] - |A| - [561152] - C:\Windows\system32\ieui.dll [MD5.C1127463655F541956FF02A325996ECF] - [10/11/2018 22:32:28] - |A| - [3329] - C:\Windows\system32\ieuinit.inf [MD5.D73C516671C645189B3CF7AD3E20A2EF] - [10/11/2018 22:32:31] - |A| - [151040] - C:\Windows\system32\ieUnatt.exe [MD5.DC9D6FEDFC7DD7AB116A4FDBB8E1870F] - [10/11/2018 22:32:30] - |A| - [167424] - C:\Windows\system32\iexpress.exe [MD5.E8DDB41207863A79ED88D90CB4A97ED7] - [10/11/2018 22:32:36] - |A| - [984064] - C:\Windows\system32\IKEEXT.DLL [MD5.0E05CFA887C40A1DA00D95E8A915807E] - [10/11/2018 22:32:30] - |A| - [55808] - C:\Windows\system32\imgutil.dll [MD5.8177EE49ECE5842A693A81E5F4BDDA28] - [11/11/2018 06:13:14] - |A| - [41470] - C:\Windows\system32\IMX241_FRONT.aiqd [MD5.9171FAFE4A8968B135457787F4FDC44A] - [11/11/2018 06:13:14] - |A| - [41470] - C:\Windows\system32\IMX258_REAR.aiqd [MD5.6E7E6E2C00E4F0AF5F05A236B14C9A2B] - [10/11/2018 22:32:31] - |A| - [206848] - C:\Windows\system32\IndexedDbLegacy.dll [MD5.56320DB26C0BF067E705CA6CBD2B3A3A] - [10/11/2018 22:32:56] - |A| - [985600] - C:\Windows\system32\inetcomm.dll [MD5.CAC8A27E15D8FE20A3B91D3816DFC66A] - [10/11/2018 22:32:44] - |A| - [2083840] - C:\Windows\system32\inetcpl.cpl [MD5.400C89A76AE0EE78FC4EE330384F1F29] - [10/11/2018 22:32:30] - |A| - [85504] - C:\Windows\system32\INETRES.dll [MD5.C230B93474BE5ED902D45DA248D22E76] - [10/11/2018 22:32:33] - |A| - [134656] - C:\Windows\system32\InputLocaleManager.dll [MD5.04B3DF2C36B59699A61D4B39CFF914C0] - [10/11/2018 22:33:08] - |A| - [3126272] - C:\Windows\system32\InputService.dll [MD5.8DA5D118D664BEE3ED00A90B2BA23263] - [10/11/2018 22:32:33] - |A| - [421376] - C:\Windows\system32\InputSwitch.dll [MD5.730463EFD1F7B2BD745DB01D96E86649] - [10/11/2018 22:32:30] - |A| - [115200] - C:\Windows\system32\inseng.dll [MD5.4269BF5A7C39DE7BED6F30604CCC4F52] - [10/11/2018 22:33:05] - |A| - [1314304] - C:\Windows\system32\InstallService.dll [MD5.7DB404EFE59A39B0146427976227FB24] - [10/11/2018 22:33:01] - |A| - [452096] - C:\Windows\system32\invagent.dll [MD5.1C5867DC4091C2E23329AB984BF95604] - [10/11/2018 22:32:30] - |A| - [820224] - C:\Windows\system32\iphlpsvc.dll [MD5.F40AC719646B8E31BBDEA664CEAF28A2] - [10/11/2018 22:32:57] - |A| - [602624] - C:\Windows\system32\ipnathlp.dll [MD5.5E40DA079703587DC4E14EF221EEC597] - [10/11/2018 22:32:42] - |A| - [559616] - C:\Windows\system32\iprtrmgr.dll [MD5.6BD32F527C74BE7D2371517A58A1C8F7] - [10/11/2018 22:33:45] - |A| - [1167360] - C:\Windows\system32\ISM.dll [MD5.7135FA19C74FD3676A8F1024D4D0596A] - [10/11/2018 22:32:36] - |A| - [194048] - C:\Windows\system32\itircl.dll [MD5.1CEFD11C91824A835BB8DC7E50F4D05D] - [10/11/2018 22:32:41] - |A| - [172032] - C:\Windows\system32\itss.dll [MD5.AA11EC86D11E24863E839672D1B5E0EF] - [10/11/2018 22:32:36] - |A| - [22800] - C:\Windows\system32\iumbase.dll [MD5.D6F786705F206C119A1FBBB9D480CD36] - [10/11/2018 22:32:37] - |A| - [66720] - C:\Windows\system32\iumcrypt.dll [MD5.EBF8626AB63A7DF9D5FD39150CA5035F] - [10/11/2018 22:32:36] - |A| - [15632] - C:\Windows\system32\iumdll.dll [MD5.0EEB17E3B21A9D299CD189205D698FA9] - [10/11/2018 22:32:36] - |A| - [22208] - C:\Windows\system32\IumSdk.dll [MD5.AE4E3282F24D42422B0AF3EF0971D288] - [10/11/2018 22:32:30] - |A| - [94720] - C:\Windows\system32\JavaScriptCollectionAgent.dll [MD5.5E2969CE305872A53FAB1CACB689912D] - [10/11/2018 22:32:53] - |A| - [1263104] - C:\Windows\system32\JpMapControl.dll [MD5.301F86ECA1A5BD34E1CC6C26510DA927] - [10/11/2018 22:33:54] - |A| - [808960] - C:\Windows\system32\jscript.dll [MD5.2AFD32326EFA7CD1C3C54B5962CDED0E] - [10/11/2018 22:33:56] - |A| - [4723712] - C:\Windows\system32\jscript9.dll [MD5.1B01281FC40E54174381EF45AC0C2C89] - [10/11/2018 22:33:54] - |A| - [672768] - C:\Windows\system32\jscript9diag.dll [MD5.19937B3AB4B31523FB9CB7461E31AB1D] - [10/11/2018 22:32:38] - |A| - [114984] - C:\Windows\system32\kdnet.dll [MD5.FE90E913A7CA1E49C8E925068A3FAEBA] - [10/11/2018 22:33:01] - |A| - [945152] - C:\Windows\system32\kerberos.dll [MD5.6BE2CC3494A8FFDF13861F8A51BD84D6] - [10/11/2018 22:32:38] - |A| - [54376] - C:\Windows\system32\kernel.appcore.dll [MD5.6B6F2549BF625F1059270147B9805400] - [10/11/2018 22:32:42] - |A| - [702568] - C:\Windows\system32\kernel32.dll [MD5.3991D9296E4E3F1C3BE48F1395C8F1FD] - [10/11/2018 22:33:07] - |A| - [2515464] - C:\Windows\system32\KernelBase.dll [MD5.7919C327FE8E5C6DC970CB804D2EDF7B] - [10/11/2018 22:32:29] - |A| - [90112] - C:\Windows\system32\keyiso.dll [MD5.18A6CB8199D3DF64B8B93FFE241E43B3] - [10/11/2018 22:32:39] - |A| - [278528] - C:\Windows\system32\ksproxy.ax [MD5.A79FBB1A98459C9CFDB4E844017B4A54] - [10/11/2018 22:32:31] - |A| - [41984] - C:\Windows\system32\LaunchWinApp.exe [MD5.81DA651C930AC4C1F963B5B642B8BC70] - [10/11/2018 22:33:04] - |A| - [980448] - C:\Windows\system32\LicenseManager.dll [MD5.6A361ED0DE59D58CC633F7BB40AB950D] - [10/11/2018 22:32:29] - |A| - [48640] - C:\Windows\system32\LicenseManagerSvc.dll [MD5.79C31116EB4FBB568D89C479B4EB7081] - [10/11/2018 22:32:44] - |A| - [858920] - C:\Windows\system32\LicensingWinRT.dll [MD5.3BA01163DBF121AEE5910A77256459A7] - [10/11/2018 22:32:30] - |A| - [32256] - C:\Windows\system32\licmgr10.dll [MD5.459EC4290CF0D8269DB28FBFD6284C58] - [10/11/2018 22:32:40] - |A| - [270336] - C:\Windows\system32\ListSvc.dll [MD5.3B12C0CDD7A56CFD4379AF897678865A] - [10/11/2018 22:32:51] - |A| - [804216] - C:\Windows\system32\locale.nls [MD5.8CEA9213B0B24E8E8CBF3D3F6645B01A] - [10/11/2018 22:33:05] - |A| - [1157120] - C:\Windows\system32\localspl.dll [MD5.1B109E687B125AF3C93CC4DE8913090A] - [10/11/2018 22:32:59] - |A| - [556544] - C:\Windows\system32\LockAppBroker.dll [MD5.FDE5C19CCB50FCC709F83B4F81FE01B2] - [10/11/2018 22:32:41] - |A| - [674304] - C:\Windows\system32\LockController.dll [MD5.EAF4FD9B241935ED4C1CD75BCA6358DB] - [10/11/2018 22:32:49] - |A| - [448000] - C:\Windows\system32\LockHostingFramework.dll [MD5.FAA1479779AD5F7676D5837D2DCD52B8] - [10/11/2018 22:32:32] - |A| - [160768] - C:\Windows\system32\LockScreenContent.dll [MD5.DF510111E0E809D3EEE60CFBF646D1D5] - [10/11/2018 22:32:36] - |A| - [247480] - C:\Windows\system32\logoncli.dll [MD5.A69447F60670FAC84DE4A23A392AA6F9] - [10/11/2018 22:33:02] - |A| - [721920] - C:\Windows\system32\LogonController.dll [MD5.175B20F3504B9A0DE42879B1EA6F0DE9] - [10/11/2018 22:32:37] - |A| - [270208] - C:\Windows\system32\LsaIso.exe [MD5.204F0C3184EBABE4F7B121678D89B68C] - [10/11/2018 22:33:53] - |A| - [1548288] - C:\Windows\system32\lsasrv.dll [MD5.0F9760B796DEDE249193B1F7844104B1] - [10/11/2018 22:32:41] - |A| - [58888] - C:\Windows\system32\lsass.exe [MD5.EBA3441FAE390DB599C9B9523A262F2C] - [10/11/2018 22:33:00] - |A| - [699904] - C:\Windows\system32\lsm.dll [MD5.1C61381DA712ABACD2814CEF4514D927] - [10/11/2018 22:32:47] - |A| - [800768] - C:\Windows\system32\Magnify.exe [MD5.6CAF7FAD84922876CB076B2F495A460C] - [10/11/2018 22:32:57] - |A| - [886272] - C:\Windows\system32\MapControlCore.dll [MD5.4C60F366DDA0BFE783A26C38A6BE9CCA] - [10/11/2018 22:32:30] - |A| - [2849792] - C:\Windows\system32\MapGeocoder.dll [MD5.7E3DFD12CB1C5B5D993226F1747FCD44] - [10/11/2018 22:33:06] - |A| - [3400192] - C:\Windows\system32\MapRouter.dll [MD5.2E49551B8A2A8315C4193DBE93EC7546] - [10/11/2018 22:32:54] - |A| - [1173504] - C:\Windows\system32\MapsStore.dll [MD5.A588BF5C7532DA51890D894878874E3F] - [10/11/2018 22:32:41] - |A| - [971264] - C:\Windows\system32\MCRecvSrc.dll [MD5.565E22DDD04311C7CBD25DE977F429B1] - [10/11/2018 22:32:40] - |A| - [146432] - C:\Windows\system32\MDMAppInstaller.exe [MD5.CF565C0A44A5968CBA96AC5B2A860B75] - [10/11/2018 22:32:30] - |A| - [139264] - C:\Windows\system32\mdmmigrator.dll [MD5.B1C8D90D085EAA671E423D60F12ECBC4] - [10/11/2018 22:32:40] - |A| - [231936] - C:\Windows\system32\mdmregistration.dll [MD5.C97D9B1A233E79A3B858239D83F8CBC2] - [10/11/2018 22:32:53] - |A| - [595472] - C:\Windows\system32\mf.dll [MD5.D3EB7A4AB666F5DD7862CCFB87F6A856] - [10/11/2018 22:32:35] - |A| - [56320] - C:\Windows\system32\mf3216.dll [MD5.1090F390D244BF56406D16E2B403C03A] - [10/11/2018 22:33:57] - |A| - [1971944] - C:\Windows\system32\mfasfsrcsnk.dll [MD5.BF03FA7D74A37C5E6E9301D32B66C380] - [10/11/2018 22:32:44] - |A| - [479232] - C:\Windows\system32\MFCaptureEngine.dll [MD5.58D8B7E77DC0921397D57BAD65444CD3] - [10/11/2018 22:33:48] - |A| - [4507096] - C:\Windows\system32\mfcore.dll [MD5.BCE0D2792EB8615683F306F5379F6141] - [10/11/2018 22:32:51] - |A| - [297984] - C:\Windows\system32\mfksproxy.dll [MD5.D4B63C6A96C7B0C30541D529207E99BE] - [10/11/2018 22:33:24] - |A| - [4814336] - C:\Windows\system32\MFMediaEngine.dll [MD5.6B230EC47337BC315E0C3AE00AECB855] - [10/11/2018 22:32:59] - |A| - [1363968] - C:\Windows\system32\mfmkvsrcsnk.dll [MD5.81433E5EC823B116B1243998A2092064] - [10/11/2018 22:33:57] - |A| - [2712592] - C:\Windows\system32\mfmp4srcsnk.dll [MD5.ABE6CDA32F94D8EA6FA16D18A656F61A] - [10/11/2018 22:33:53] - |A| - [1507624] - C:\Windows\system32\mfmpeg2srcsnk.dll [MD5.1B4B0381972D94D6D75351B37F4C488E] - [10/11/2018 22:33:05] - |A| - [1203552] - C:\Windows\system32\mfnetcore.dll [MD5.90FE4A3CE3804E13E86F2C400F507E46] - [10/11/2018 22:33:08] - |A| - [1633632] - C:\Windows\system32\mfnetsrc.dll [MD5.B57DC0F60473D635FBB6544866F110B1] - [10/11/2018 22:33:09] - |A| - [1781360] - C:\Windows\system32\mfplat.dll [MD5.1E71826ADCF944709B61F1BE83F423DF] - [10/11/2018 22:32:40] - |A| - [260904] - C:\Windows\system32\mfps.dll [MD5.6C6EAACC156EAD38DCD2372D2635D5E0] - [10/11/2018 22:33:00] - |A| - [1084736] - C:\Windows\system32\mfreadwrite.dll [MD5.037FBC2FC80B77216B55F6068A07E8B9] - [10/11/2018 22:32:40] - |A| - [212880] - C:\Windows\system32\mfsensorgroup.dll [MD5.DAF28E61E214BAA8571DE6DD990128A0] - [10/11/2018 22:33:56] - |A| - [2269448] - C:\Windows\system32\mfsrcsnk.dll [MD5.57737B9D7CC844EDA1454DEBB28FE5DC] - [10/11/2018 22:33:08] - |A| - [1255056] - C:\Windows\system32\mfsvr.dll [MD5.9B9FCE8FAA72F4AB5CDE2C7A8A2FC0C3] - [10/11/2018 22:32:30] - |A| - [408064] - C:\Windows\system32\microsoft-windows-system-events.dll [MD5.3C79D487CF729AC8D9A5C7AA486D1EE7] - [10/11/2018 22:33:13] - |A| - [3124224] - C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll [MD5.ECA2489CE3AEAB6D7E7BD3E693BD6150] - [10/11/2018 22:32:42] - |A| - [222720] - C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll [MD5.6C3A5715D983576DE082A411A48C2BC8] - [10/11/2018 22:32:50] - |A| - [301056] - C:\Windows\system32\MicrosoftAccountWAMExtension.dll [MD5.6760B3B054AECE4800BA539B6E1C5CFD] - [10/11/2018 22:33:52] - |A| - [3478016] - C:\Windows\system32\mispace.dll [MD5.25A01E7B77B696693957812508D7F55D] - [10/11/2018 22:33:06] - |A| - [1936384] - C:\Windows\system32\mmc.exe [MD5.F410DF08D1B887D61155A65DDD912CE0] - [10/11/2018 22:32:38] - |A| - [341504] - C:\Windows\system32\mmcbase.dll [MD5.FDBCBC9D2B1A92E06273905633737959] - [10/11/2018 22:33:11] - |A| - [2983936] - C:\Windows\system32\mmcndmgr.dll [MD5.FE33DCD3E3D74BDE5B7DCE231AA628F0] - [10/11/2018 22:32:56] - |A| - [2186240] - C:\Windows\system32\mmgaclient.dll [MD5.40278F866D7E5BCF082482E796A6CD78] - [10/11/2018 22:32:30] - |A| - [155136] - C:\Windows\system32\mmgaproxystub.dll [MD5.63F70B6B138273448D7998E9F5988B05] - [10/11/2018 22:32:53] - |A| - [1685504] - C:\Windows\system32\mmgaserver.exe [MD5.73180F79F359D6FF6182B6976185EFC7] - [10/11/2018 22:33:04] - |A| - [1002496] - C:\Windows\system32\modernexecserver.dll [MD5.6F212BE38DCC362AC030E5DE0DA35F1A] - [10/11/2018 22:33:22] - |A| - [7145472] - C:\Windows\system32\mos.dll [MD5.7A495E62FBB3B90F60220138F44C4E89] - [10/11/2018 22:32:37] - |A| - [334240] - C:\Windows\system32\moshostcore.dll [MD5.C2009D0B514A33DAE22F174F9CD50AC6] - [10/11/2018 22:31:36] - |N| - [559880] - C:\Windows\system32\MpSigStub.exe [MD5.4ABF7D7C44354807174EC36965B49C76] - [10/11/2018 22:33:52] - |A| - [925184] - C:\Windows\system32\MPSSVC.dll [MD5.00000000000000000000000000000000] - [10/11/2018 22:29:53] - |D| - [0] - C:\Windows\system32\MRT [MD5.D78BAB4CE6CD5837EEAF4A2BFAB86615] - [10/11/2018 22:29:49] - |AC| - [136745976] - C:\Windows\system32\MRT.exe [MD5.DCD6F00342570C576CF1FC50BE3CC141] - [10/11/2018 22:32:41] - |A| - [596480] - C:\Windows\system32\mscms.dll [MD5.E0369FBA21C9EBD0237A915432CFEB81] - [10/11/2018 22:33:30] - |A| - [1463424] - C:\Windows\system32\msctf.dll [MD5.E0E75372BB921BB501ADEEF1872C0827] - [10/11/2018 22:32:33] - |A| - [826880] - C:\Windows\system32\msdtcprx.dll [MD5.5FE7C8C2DDDB0C52F4CA2935C9C83452] - [10/11/2018 22:32:56] - |A| - [757760] - C:\Windows\system32\msfeeds.dll [MD5.7EB4D9FBBBDABC10FCEDDF210A6EACB3] - [10/11/2018 22:32:30] - |A| - [73216] - C:\Windows\system32\msfeedsbs.dll [MD5.E7DDAE7010C1FDB4C0AB3A61AFE3A5F8] - [10/11/2018 22:32:30] - |A| - [14848] - C:\Windows\system32\msfeedssync.exe [MD5.6EE486D0EFA7AE6F913B500D82B354B0] - [10/11/2018 22:33:10] - |A| - [3198464] - C:\Windows\system32\msftedit.dll [MD5.79BF05DD5D6A2D7AFDD5E37F58EC723A] - [10/11/2018 22:32:30] - |A| - [14848] - C:\Windows\system32\mshta.exe [MD5.19A395871E4BCF4C2C23ECF8E72E974F] - [10/11/2018 22:33:50] - |A| - [23679488] - C:\Windows\system32\mshtml.dll [MD5.56505E3134315E9B21B64328855BAE17] - [10/11/2018 22:32:33] - |A| - [82432] - C:\Windows\system32\MshtmlDac.dll [MD5.C9749A48648149795A96B2BA870D53B1] - [10/11/2018 22:32:33] - |A| - [93696] - C:\Windows\system32\mshtmled.dll [MD5.A0576ADC4F4E986992EDDBF1EA403390] - [10/11/2018 22:33:14] - |A| - [4052480] - C:\Windows\system32\msi.dll [MD5.E1ED698D30BDEC92923A313AE0006E67] - [10/11/2018 22:32:37] - |A| - [66048] - C:\Windows\system32\msiexec.exe [MD5.A47D53FCF5CA67C7F99CB5EE342A957C] - [10/11/2018 22:32:35] - |A| - [30208] - C:\Windows\system32\msisip.dll [MD5.42DA3B0734B755E1CE8B33BCD8A2C1A2] - [10/11/2018 22:32:47] - |A| - [431616] - C:\Windows\system32\msIso.dll [MD5.72074F2A0701F07849762E5C3CDBD435] - [10/11/2018 22:33:10] - |A| - [2406456] - C:\Windows\system32\msmpeg2vdec.dll [MD5.AD4B8BEB88D6AB6960FFE553B59EC3D3] - [10/11/2018 22:32:33] - |A| - [112640] - C:\Windows\system32\msoert2.dll [MD5.C46BEF8F23E222DD2AE0C16A8D1BDC07] - [10/11/2018 22:32:30] - |A| - [159232] - C:\Windows\system32\MSOpusDecoder.dll [MD5.63C7A4EA5EA3C54D92B7D10E0B394650] - [10/11/2018 22:32:43] - |A| - [6722560] - C:\Windows\system32\mspaint.exe [MD5.DBEC7A5098819255A8784901F05D9467] - [10/11/2018 22:32:51] - |A| - [1737728] - C:\Windows\system32\MSPhotography.dll [MD5.6F3D3C7F83E3B9FC7CC7C0F3295C9443] - [10/11/2018 22:32:54] - |A| - [568832] - C:\Windows\system32\msra.exe [MD5.CDDD27C966C0B66669535DEBB9B4FAA1] - [10/11/2018 22:32:29] - |A| - [12288] - C:\Windows\system32\msrating.dll [MD5.3B2EA8F6503C3227DE8194277A195272] - [10/11/2018 22:32:33] - |A| - [126976] - C:\Windows\system32\mssitlb.dll [MD5.EE2B36737C3C4687B67B70EDF8B7782B] - [10/11/2018 22:33:00] - |A| - [863744] - C:\Windows\system32\MsSpellCheckingFacility.dll [MD5.0E9907E7DECC6E6982D80CA6BDF1F408] - [10/11/2018 22:32:39] - |A| - [179712] - C:\Windows\system32\mssph.dll [MD5.6F3EFDB32BCBDCEB3672F7EBC2C36F20] - [10/11/2018 22:32:35] - |A| - [143872] - C:\Windows\system32\mssprxy.dll [MD5.A33761C21152CD5FEBFAD19B21A05424] - [10/11/2018 22:33:17] - |A| - [2741248] - C:\Windows\system32\mssrch.dll [MD5.3FD561C8CE3F9E5ECFA26942628A2B3A] - [10/11/2018 22:32:52] - |A| - [792064] - C:\Windows\system32\mssvp.dll [MD5.8F50A925596FE12E22ADF123A6DD547C] - [10/11/2018 22:33:00] - |A| - [3630080] - C:\Windows\system32\mstsc.exe [MD5.2119FF6EC427EB05F9A7291B9B70B714] - [10/11/2018 22:33:26] - |A| - [8432640] - C:\Windows\system32\mstscax.dll [MD5.4DD4882448C4B91C2095A0A7FC14B16F] - [10/11/2018 22:32:36] - |A| - [586800] - C:\Windows\system32\msvcp110_win.dll [MD5.EBA0266F8F5AC1EF23E034BF09EE1772] - [10/11/2018 22:32:47] - |A| - [628632] - C:\Windows\system32\msvcp_win.dll [MD5.68195105C7D9A2B5DF5BB82ECA521092] - [10/11/2018 22:32:35] - |A| - [630752] - C:\Windows\system32\msvcrt.dll [MD5.CE95CE111E96A0CB34AEB81AB6F7D077] - [10/11/2018 22:33:11] - |A| - [3505664] - C:\Windows\system32\MSVidCtl.dll [MD5.94E6A29A42CDE5B8FCD6DF823A532F60] - [10/11/2018 22:32:44] - |A| - [712200] - C:\Windows\system32\MSVideoDSP.dll [MD5.41C0900B662510B6826134041FE1E8EF] - [10/11/2018 22:32:59] - |A| - [1133880] - C:\Windows\system32\MSVP9DEC.dll [MD5.93EDD8275DA27AE71678257D7B15FACA] - [10/11/2018 22:32:44] - |A| - [1055704] - C:\Windows\system32\msvproc.dll [MD5.C2049B697FAC5D94C4EB782EE4AA2C11] - [10/11/2018 22:32:52] - |A| - [1282048] - C:\Windows\system32\MSVPXENC.dll [MD5.ABA035A4C30B077E6CFABFCCEACDFBD6] - [10/11/2018 22:33:18] - |A| - [1856512] - C:\Windows\system32\msxml3.dll [MD5.0036B9051F6E512D79228C859269DE21] - [10/11/2018 22:33:00] - |A| - [2413816] - C:\Windows\system32\msxml6.dll [MD5.550BEF071FBDE328D5184C87B0E176B5] - [10/11/2018 22:09:46] - |A| - [107520] - C:\Windows\system32\musdialoghandlers.dll [MD5.AF53E45D30EB5CB921424FB40DD1D291] - [10/11/2018 22:32:53] - |A| - [402432] - C:\Windows\system32\MusNotification.exe [MD5.7A5752FB02F0F6049327C1951CA62A19] - [10/11/2018 22:32:51] - |A| - [249856] - C:\Windows\system32\MusNotificationUx.exe [MD5.658B8DA74124AA6C0FDF07B35A91B58C] - [10/11/2018 22:09:46] - |A| - [264040] - C:\Windows\system32\MusNotifyIcon.exe [MD5.AD4E90D785CD57CAE7E02792A25E7AA4] - [10/11/2018 22:32:51] - |A| - [858624] - C:\Windows\system32\MusUpdateHandlers.dll [MD5.870B3D0E1A8F6F01356BD75F2E47E0C1] - [10/11/2018 22:32:40] - |A| - [795136] - C:\Windows\system32\NaturalAuth.dll [MD5.2A265F3FE5F77F22CEA9D2785E0399C1] - [10/11/2018 22:32:33] - |A| - [374272] - C:\Windows\system32\ncbservice.dll [MD5.A7578A7B641F07BCC67E76488AB101FF] - [10/11/2018 22:32:51] - |A| - [331776] - C:\Windows\system32\ncryptprov.dll [MD5.2D18D79028AEAE257B4429D08C6F1CA5] - [10/11/2018 22:32:41] - |A| - [118360] - C:\Windows\system32\ncryptsslp.dll [MD5.62232B43114B273462D1CAAEC1D193F8] - [10/11/2018 22:32:54] - |A| - [401408] - C:\Windows\system32\ncsi.dll [MD5.71E830EDA092759585D3DB0B54382018] - [10/11/2018 22:32:33] - |A| - [109568] - C:\Windows\system32\NetDriverInstall.dll [MD5.8451E368813DE8EC59F9E84F88B071AD] - [10/11/2018 22:32:30] - |A| - [20480] - C:\Windows\system32\netevent.dll [MD5.7DBEADC144F91284718ADE81820398B0] - [10/11/2018 22:32:54] - |A| - [820224] - C:\Windows\system32\netlogon.dll [MD5.CB4AEE99CA02DC86DB1F676AC94D188A] - [10/11/2018 22:32:36] - |A| - [298496] - C:\Windows\system32\netplwiz.dll [MD5.718D8A5C4F597BE421EEDFE9B4F64191] - [10/11/2018 22:32:37] - |A| - [143264] - C:\Windows\system32\NetSetupApi.dll [MD5.E63CDE5E42666C808C43BB8E330429ED] - [10/11/2018 22:32:51] - |A| - [774560] - C:\Windows\system32\NetSetupEngine.dll [MD5.B368E739AF3F577EA8D1B256F91036AD] - [10/11/2018 22:32:48] - |A| - [308224] - C:\Windows\system32\NetSetupSvc.dll [MD5.78AE15CCCD334F0A25AE6897ABD502FC] - [10/11/2018 22:32:50] - |A| - [339872] - C:\Windows\system32\NetworkBindingEngineMigPlugin.dll [MD5.39E657F1CF7035DD705D426114EC8D7A] - [10/11/2018 22:32:32] - |A| - [234496] - C:\Windows\system32\NetworkDesktopSettings.dll [MD5.EFAD0C8C756DF51E8C6778F2A025ADC5] - [10/11/2018 22:33:11] - |A| - [3211776] - C:\Windows\system32\NetworkMobileSettings.dll [MD5.8598E34248BE85F5EAC595B2DADDE6EA] - [10/11/2018 22:32:42] - |A| - [513536] - C:\Windows\system32\newdev.dll [MD5.7CA58205EE4A2521FF4A56A9AA4780F2] - [10/11/2018 22:32:51] - |A| - [703488] - C:\Windows\system32\ngccredprov.dll [MD5.8597D9171FC142610109CF16A59D9A7D] - [10/11/2018 22:33:03] - |A| - [1081856] - C:\Windows\system32\ngcsvc.dll [MD5.C1D3841185CECED34627903346DA8014] - [10/11/2018 22:32:49] - |A| - [389120] - C:\Windows\system32\ninput.dll [MD5.FA274B36F951A5EF359CF07E2EE188D6] - [10/11/2018 22:32:35] - |A| - [79872] - C:\Windows\system32\nlaapi.dll [MD5.7F609310AC1EC8D66D912438AC792392] - [10/11/2018 22:32:49] - |A| - [366080] - C:\Windows\system32\nlasvc.dll [MD5.D5BBDB466BA2698A620192F14AB2DB65] - [10/11/2018 22:32:38] - |A| - [893440] - C:\Windows\system32\NMAA.dll [MD5.EF2D1D9B50C2D1113DF098074D91A4AB] - [10/11/2018 22:33:04] - |A| - [1043968] - C:\Windows\system32\NotificationController.dll [MD5.C1BCDEC21F6F06D39676B70AB93FFE41] - [10/11/2018 22:32:30] - |A| - [32768] - C:\Windows\system32\NotificationControllerPS.dll [MD5.52F71FC6F1F2F999E43D5EE5FD5CC66E] - [10/11/2018 22:09:17] - |A| - [278448] - C:\Windows\system32\Notifier.exe [MD5.2DFEF4C2686DAAF6290D110D1599E320] - [10/11/2018 22:32:29] - |A| - [18944] - C:\Windows\system32\nrpsrv.dll [MD5.C705010038DE66EB3A31E7DEF8291758] - [10/11/2018 22:32:38] - |A| - [43008] - C:\Windows\system32\nshhttp.dll [MD5.54407F4E774AE8AD37885BBCC0FFDB3E] - [10/11/2018 22:32:29] - |A| - [30720] - C:\Windows\system32\nsisvc.dll [MD5.C1AEC48DE676C0B00F7EA3BAEB7A4919] - [10/11/2018 22:33:23] - |A| - [1954128] - C:\Windows\system32\ntdll.dll [MD5.3B33572C855B446BDAA8609E18CF201E] - [10/11/2018 22:33:54] - |A| - [8619024] - C:\Windows\system32\ntoskrnl.exe [MD5.806E8310B07C740D8DA5E4A52A8A0DE4] - [10/11/2018 22:32:40] - |A| - [863744] - C:\Windows\system32\ntshrui.dll [MD5.89B975455D901D95C43B41FC572DA102] - [10/11/2018 22:32:31] - |A| - [147968] - C:\Windows\system32\occache.dll [MD5.C6F6297A040E1078DD82BF5F673FDD1F] - [10/11/2018 22:32:40] - |A| - [128928] - C:\Windows\system32\offlinelsa.dll [MD5.7569674FD54771E8F63879A850D23C9D] - [10/11/2018 22:32:41] - |A| - [250264] - C:\Windows\system32\offlinesam.dll [MD5.BC6B7ECF2743D512324B9E1703885505] - [10/11/2018 22:32:29] - |A| - [79360] - C:\Windows\system32\offreg.dll [MD5.13EA73094DC591BED5AACBCF369A3B95] - [10/11/2018 22:33:02] - |A| - [1338792] - C:\Windows\system32\ole32.dll [MD5.4545BB4AE3EC69370BA1464C069BC69E] - [10/11/2018 22:32:53] - |A| - [793960] - C:\Windows\system32\oleaut32.dll [MD5.3CE3F298B054FF293BAA03BA7BB34B9C] - [10/11/2018 22:32:42] - |A| - [427008] - C:\Windows\system32\OneCoreCommonProxyStub.dll [MD5.FD2978344999CFA0743EB6ACD3A41C29] - [10/11/2018 22:33:10] - |A| - [6281736] - C:\Windows\system32\OneCoreUAPCommonProxyStub.dll [MD5.10E758F8E55E2330AD65142C1C2FD3A7] - [10/11/2018 22:32:57] - |A| - [652288] - C:\Windows\system32\OneDriveSettingSyncProvider.dll [MD5.83782E4CC506B9FC2559444F11BBA04E] - [10/11/2018 22:32:37] - |A| - [892872] - C:\Windows\system32\ortcengine.dll [MD5.E0406C2951A24073AB920705A9CC9D59] - [10/11/2018 22:29:41] - |A| - [130808] - C:\Windows\system32\osrss.dll [MD5.2AE5C6285BA54B5FBAC8B62C64B40432] - [10/11/2018 22:32:39] - |A| - [210944] - C:\Windows\system32\P2P.dll [MD5.35E6495236E917BDFD9659F62EFE2E33] - [10/11/2018 22:32:41] - |A| - [423936] - C:\Windows\system32\p2psvc.dll [MD5.D44C268680739C6F1E7BAC10F6CF9B9D] - [10/11/2018 22:32:43] - |A| - [909312] - C:\Windows\system32\PayloadRestrictions.dll [MD5.74E1C6B52699D2EB48BF3C0029774F72] - [10/11/2018 22:32:29] - |A| - [67584] - C:\Windows\system32\pcadm.dll [MD5.34464266E21A9B1CF66874CBE48DF4FE] - [10/11/2018 22:32:29] - |A| - [12800] - C:\Windows\system32\pcaevts.dll [MD5.43357F53C08C52209898D9D0D8CB1B7C] - [10/11/2018 22:32:31] - |A| - [50176] - C:\Windows\system32\pcalua.exe [MD5.1BE2A6AD29A95B239E8DB281F837F5EF] - [10/11/2018 22:32:54] - |A| - [542736] - C:\Windows\system32\pcasvc.dll [MD5.8810600DB3EEA8120FC9BF3B812902D4] - [10/11/2018 22:33:10] - |A| - [18432] - C:\Windows\system32\PCShellCommonProxyStub.dll [MD5.51B153D12F8983BC02DA8C87D24D1B7C] - [10/11/2018 22:32:35] - |A| - [25088] - C:\Windows\system32\perfnet.dll [MD5.F4CD038AA9340B0C9A09E13421D7E389] - [10/11/2018 22:32:35] - |A| - [748032] - C:\Windows\system32\PhoneProviders.dll [MD5.C811E13F01FB77570B727337BBCF64B8] - [10/11/2018 22:32:39] - |A| - [791552] - C:\Windows\system32\PhoneService.dll [MD5.B4E3E0A84E2FC1DC4CC03D6CF100C9CA] - [10/11/2018 22:32:32] - |A| - [430592] - C:\Windows\system32\PhotoMetadataHandler.dll [MD5.D59CD92CE3784678C09B8DF518A8E1A6] - [10/11/2018 22:32:32] - |A| - [188416] - C:\Windows\system32\PimIndexMaintenance.dll [MD5.D6CDA8B7F265DDB16974D3EF2664DA9A] - [10/11/2018 22:32:29] - |A| - [62976] - C:\Windows\system32\PimIndexMaintenanceClient.dll [MD5.A272FE3D88EE84812B334977461DCB22] - [10/11/2018 22:32:30] - |A| - [61440] - C:\Windows\system32\pngfilt.dll [MD5.1F03903B5EA6973006B1E9ED6E35D3F3] - [10/11/2018 22:32:55] - |A| - [2117632] - C:\Windows\system32\pnidui.dll [MD5.3C899D21CE920195CA987756769B1820] - [10/11/2018 22:32:40] - |A| - [341504] - C:\Windows\system32\pnrpsvc.dll [MD5.45CE809A13CD17BBFE0B4816E37B9C90] - [10/11/2018 22:32:42] - |A| - [491264] - C:\Windows\system32\policymanager.dll [MD5.C68150067C7EE0469CF21842DD6EA7B1] - [10/11/2018 22:32:35] - |A| - [45056] - C:\Windows\system32\printfilterpipelineprxy.dll [MD5.D2E6947BAD475DAA0E1B203A85625DAA] - [10/11/2018 22:32:56] - |A| - [836608] - C:\Windows\system32\printfilterpipelinesvc.exe [MD5.5660B827F4D484E3329E3714CAED957D] - [10/11/2018 22:32:54] - |A| - [408064] - C:\Windows\system32\profsvc.dll [MD5.254792E0A7DB2C1EE72E75E98D95D626] - [10/11/2018 22:32:56] - |A| - [1778360] - C:\Windows\system32\propsys.dll [MD5.F06B4740D08CC0B4CD68C3FC4CCDA5A2] - [10/11/2018 22:32:34] - |A| - [82944] - C:\Windows\system32\provdatastore.dll [MD5.40FB59ED85686F28D54CCEAAAFD4FAA5] - [10/11/2018 22:32:51] - |A| - [432640] - C:\Windows\system32\provengine.dll [MD5.75FE3FDF28D14F1B6E0DFCF870035747] - [10/11/2018 22:32:56] - |A| - [427008] - C:\Windows\system32\provhandlers.dll [MD5.C53E3676A270126AAD93B6607BDF774B] - [10/11/2018 22:32:35] - |A| - [204288] - C:\Windows\system32\provisioningcsp.dll [MD5.27EDE94217CFF0CCAC36BD02DA8DFE38] - [10/11/2018 22:32:41] - |A| - [73216] - C:\Windows\system32\provtool.exe [MD5.0BF27B28677B73B0C19E4DD13620A62F] - [10/11/2018 22:32:39] - |A| - [436224] - C:\Windows\system32\PsmServiceExtHost.dll [MD5.728EB09C07EAA290F4E852068D0016C6] - [10/11/2018 22:32:29] - |A| - [233984] - C:\Windows\system32\psmsrv.dll [MD5.98E0EFDA157E3B407D546C0A3F0412EF] - [10/11/2018 22:32:39] - |A| - [200704] - C:\Windows\system32\puiapi.dll [MD5.E616BFB0ECAD3AFB62EFFA562577A121] - [10/11/2018 22:32:52] - |A| - [459776] - C:\Windows\system32\puiobj.dll [MD5.15DA6327829E1E0440DB2465194CFCE2] - [10/11/2018 22:32:41] - |A| - [254976] - C:\Windows\system32\PushToInstall.dll [MD5.4C5431E5B7AC5F27FF825B0FFABEF7BF] - [10/11/2018 22:33:07] - |A| - [1348608] - C:\Windows\system32\qmgr.dll [MD5.0490769A6EB5D1B97AB0CD22935C73C8] - [10/11/2018 22:33:01] - |A| - [1607168] - C:\Windows\system32\quartz.dll [MD5.3875F33EB57E7F1BB2A86B1D3BDCA2B5] - [10/11/2018 22:32:33] - |A| - [128000] - C:\Windows\system32\racpldlg.dll [MD5.BF218FF08F540B0EF42F2CAB20E667FE] - [10/11/2018 22:33:03] - |A| - [939520] - C:\Windows\system32\rasapi32.dll [MD5.54D8A771A5C32C293288E64ABE07FE50] - [10/11/2018 22:32:33] - |A| - [104960] - C:\Windows\system32\rasauto.dll [MD5.8BAD7D33FDA414CE1E37C90D787664A1] - [10/11/2018 22:32:39] - |A| - [137216] - C:\Windows\system32\raschap.dll [MD5.B377348423BE76EF5A072EB24A3192BF] - [10/11/2018 22:32:39] - |A| - [401920] - C:\Windows\system32\rascustom.dll [MD5.8E16A46C36B545F821CA4D13B460BDAC] - [10/11/2018 22:32:57] - |A| - [939520] - C:\Windows\system32\rasdlg.dll [MD5.2504824FCC332D7C1F4D0BB8434D8520] - [10/11/2018 22:32:44] - |A| - [950784] - C:\Windows\system32\rasgcw.dll [MD5.B6D5DF64A92DAFDF967D9CB21B30036D] - [10/11/2018 22:32:53] - |A| - [930816] - C:\Windows\system32\rasmans.dll [MD5.0F31945FCE3188D081C6FC23BD98EF9D] - [10/11/2018 22:32:39] - |A| - [499200] - C:\Windows\system32\rastls.dll [MD5.AFDF4CC4C644C2015B98A33E1BC534A2] - [10/11/2018 22:32:41] - |A| - [1097728] - C:\Windows\system32\rdpbase.dll [MD5.171CEBA2650AC43BC521BFC5C63F587A] - [10/11/2018 22:32:59] - |A| - [627712] - C:\Windows\system32\rdpcore.dll [MD5.419259C1048553DBCF39FDACF6F0E9E1] - [10/11/2018 22:33:05] - |A| - [2035712] - C:\Windows\system32\rdpcorets.dll [MD5.D221EC240104F5477C91C9D0268AD0BD] - [10/11/2018 22:32:32] - |A| - [216576] - C:\Windows\system32\RdpRelayTransport.dll [MD5.59257FC9875CA3F55F326B1BBADE9052] - [10/11/2018 22:32:57] - |A| - [1659904] - C:\Windows\system32\rdpserverbase.dll [MD5.EC24257674AF3B87E8C38F30D861D252] - [10/11/2018 22:32:37] - |A| - [93624] - C:\Windows\system32\rdpudd.dll [MD5.E23990F2AD13908725816FAF299C7278] - [10/11/2018 22:32:41] - |A| - [392192] - C:\Windows\system32\RDXTaskFactory.dll [MD5.180BFFC501C8C3B8539C063A648F7B54] - [10/11/2018 22:32:57] - |A| - [1570304] - C:\Windows\system32\RecoveryDrive.exe [MD5.5B67DDCA453FFBA07C4848E315B69C6B] - [10/11/2018 22:32:35] - |A| - [24064] - C:\Windows\system32\regsvr32.exe [MD5.166AD9B0672C14D197B97F31A258D898] - [10/11/2018 22:32:38] - |A| - [87384] - C:\Windows\system32\remoteaudioendpoint.dll [MD5.E91B129A61DE9F362FEA7CAA8E0311D3] - [10/11/2018 22:32:56] - |A| - [1160704] - C:\Windows\system32\reseteng.dll [MD5.1D3C3EC5405E2173EB6F5A1C222EE728] - [10/11/2018 22:33:08] - |A| - [2511360] - C:\Windows\system32\ResetEngine.dll [MD5.112F8D853ECE27672FBD7257E3CBC210] - [10/11/2018 22:32:36] - |A| - [125568] - C:\Windows\system32\rmclient.dll [MD5.629D5F4FC5E00068DA002E79555693A8] - [10/11/2018 22:32:56] - |A| - [1173584] - C:\Windows\system32\rpcrt4.dll [MD5.6145D5B0781C11EF2142D3FA3763D26A] - [10/11/2018 22:33:03] - |A| - [1116672] - C:\Windows\system32\rpcss.dll [MD5.483AA94E050F674E19DF2BB664D8F501] - [10/11/2018 22:32:47] - |A| - [203568] - C:\Windows\system32\rsaenh.dll [MD5.7D0314BA4E7BDA57D231C925DDA1F77E] - [10/11/2018 22:32:32] - |A| - [130048] - C:\Windows\system32\rshx32.dll [MD5.5652D8A0F9CB8D8376868B5021460A85] - [10/11/2018 22:32:33] - |A| - [266752] - C:\Windows\system32\rstrui.exe [MD5.8060A5DAFA23EC92DF33C452C21FFDAA] - [10/11/2018 22:32:55] - |A| - [1002952] - C:\Windows\system32\rtmcodecs.dll [MD5.4E05E95B0CF7BE0E023D81AB9AA15F12] - [10/11/2018 22:32:36] - |A| - [65992] - C:\Windows\system32\rtmmvrortc.dll [MD5.CFC6BF1458AD09748CCCE07CDE3B44C9] - [10/11/2018 22:32:59] - |A| - [1234888] - C:\Windows\system32\rtmpal.dll [MD5.7C66C26DC87BA64D6BBD57E41DF2CF7D] - [10/11/2018 22:33:17] - |A| - [4959688] - C:\Windows\system32\rtmpltfm.dll [MD5.969A44335D6F50FB061733DEA5AC0709] - [10/11/2018 22:32:43] - |A| - [172112] - C:\Windows\system32\RTWorkQ.dll [MD5.001A4DFDDBFCA32A0F70EDFCE7F22B80] - [10/11/2018 22:33:25] - |A| - [97792] - C:\Windows\system32\runexehelper.exe [MD5.2A3E2C9F75D9E4C7B9CE4038E7F37770] - [10/11/2018 22:32:51] - |A| - [899584] - C:\Windows\system32\samsrv.dll [MD5.30FA05F0212168F6E01E0274CDF55364] - [10/11/2018 22:32:36] - |A| - [82432] - C:\Windows\system32\SCardDlg.dll [MD5.93B12AC7CEAF6BA742DC13AEA349217A] - [10/11/2018 22:32:41] - |A| - [259072] - C:\Windows\system32\SCardSvr.dll [MD5.3396A6A892987E8B81289583FC416360] - [10/11/2018 22:32:33] - |A| - [198144] - C:\Windows\system32\ScDeviceEnum.dll [MD5.B7EE15B6D5EED7824B3073DD15CCD61A] - [10/11/2018 22:32:56] - |A| - [476160] - C:\Windows\system32\schannel.dll [MD5.5B527EB8712D44BAFA3548019932415B] - [10/11/2018 22:32:58] - |A| - [880640] - C:\Windows\system32\schedsvc.dll [MD5.EA631200C695C445B3F4824A367D4F92] - [10/11/2018 22:32:40] - |A| - [256000] - C:\Windows\system32\scksp.dll [MD5.6B21C98FE551E99F687DD6CDB55A8600] - [10/11/2018 22:32:42] - |A| - [222208] - C:\Windows\system32\scrobj.dll [MD5.9F59502CE682C1C627679562A5387D2A] - [10/11/2018 22:32:36] - |A| - [35744] - C:\Windows\system32\SDFHost.dll [MD5.FD6F2A160D925EA6652F42552D79814D] - [10/11/2018 22:32:42] - |A| - [388608] - C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll [MD5.B9D9DE8E1114EBB8FE5650B8B7F1279C] - [10/11/2018 22:32:38] - |A| - [225280] - C:\Windows\system32\SearchFilterHost.exe [MD5.E297C21E5DFE676865B8AC3D39446463] - [10/11/2018 22:32:57] - |A| - [982016] - C:\Windows\system32\SearchIndexer.exe [MD5.704FC7C66753EFB279BD468E345855F0] - [10/11/2018 22:32:40] - |A| - [377856] - C:\Windows\system32\SearchProtocolHost.exe [MD5.213238EE31F7FB2A0C84B8E292CEA65D] - [10/11/2018 22:32:59] - |A| - [1044976] - C:\Windows\system32\SecConfig.efi [MD5.10571AB73F1E9602D2AF5435974D4EC4] - [10/11/2018 22:32:44] - |A| - [371496] - C:\Windows\system32\sechost.dll [MD5.EBEEFB13397547D7E7D1B88BB24404BB] - [10/11/2018 22:32:35] - |A| - [27648] - C:\Windows\system32\secur32.dll [MD5.C72938C9FA368F7E680BB3FCF23FAF98] - [10/11/2018 22:32:47] - |A| - [600872] - C:\Windows\system32\securekernel.exe [MD5.CC1D832210DDF3E3C598025F643C8336] - [10/11/2018 22:32:42] - |A| - [189344] - C:\Windows\system32\SecurityHealthAgent.dll [MD5.6660372C957E3013488EC5CE960C02C0] - [10/11/2018 22:32:37] - |A| - [75168] - C:\Windows\system32\SecurityHealthProxyStub.dll [MD5.2BBC2F0C8DF38DD72AF7EC97298101C0] - [10/11/2018 22:32:53] - |A| - [519152] - C:\Windows\system32\SecurityHealthService.exe [MD5.A8A23102301BCB047B269C59167D4B8F] - [10/11/2018 22:32:57] - |A| - [1234432] - C:\Windows\system32\SEMgrSvc.dll [MD5.109A90EF5B1E771DA47C371BA9485960] - [10/11/2018 22:32:44] - |A| - [555520] - C:\Windows\system32\SensorService.dll [MD5.3C7280B0BB401D6645128A9D5B076D35] - [10/11/2018 22:32:49] - |A| - [205312] - C:\Windows\system32\sensrsvc.dll [MD5.7F7EBA3672F5FEB1F6F3A4039BF7340B] - [10/11/2018 22:32:44] - |A| - [616888] - C:\Windows\system32\services.exe [MD5.846F99625DB02B06E0581715D0C4D0C9] - [10/11/2018 22:32:29] - |A| - [387584] - C:\Windows\system32\SessEnv.dll [MD5.9253C02DF8782AA6FE66B595F555CBAC] - [10/11/2018 22:32:48] - |A| - [197632] - C:\Windows\system32\SettingMonitor.dll [MD5.7AE1FC977254F3398C7A2D4D7590CFFA] - [10/11/2018 22:32:43] - |A| - [363008] - C:\Windows\system32\SettingsEnvironment.Desktop.dll [MD5.F6396C9A0D9486D39B28B8EC9AB69227] - [10/11/2018 22:32:41] - |A| - [170496] - C:\Windows\system32\SettingsHandlers_ContentDeliveryManager.dll [MD5.BC0FDA201071EA8AD7D2BE7E9253BFC9] - [10/11/2018 22:32:45] - |A| - [332800] - C:\Windows\system32\SettingsHandlers_Notifications.dll [MD5.21EF05971A4024E424B8F0979C04528E] - [10/11/2018 22:33:17] - |A| - [4113408] - C:\Windows\system32\SettingsHandlers_nt.dll [MD5.C402E09AA10A8BEDB85690426A131F32] - [10/11/2018 22:32:41] - |A| - [168448] - C:\Windows\system32\SettingsHandlers_SIUF.dll [MD5.77CB2BD0192C00746DC9CC8C61796723] - [10/11/2018 22:32:41] - |A| - [503296] - C:\Windows\system32\SettingsHandlers_User.dll [MD5.65BF5781AFE833EBCAD1AF6F023D8DCE] - [10/11/2018 22:32:55] - |A| - [508928] - C:\Windows\system32\SettingSync.dll [MD5.05512E5D7C13AB0C9E38AB3FA56DC752] - [10/11/2018 22:32:57] - |A| - [1135104] - C:\Windows\system32\SettingSyncCore.dll [MD5.077448FDBA43596FA4372C21AFF67CBC] - [10/11/2018 22:33:03] - |A| - [967584] - C:\Windows\system32\SettingSyncHost.exe [MD5.7DC3B104CB9F145E125286B09659774B] - [10/11/2018 22:32:35] - |A| - [90624] - C:\Windows\system32\SettingSyncPolicy.dll [MD5.23E661467FA2EB68B711EA20974B4CB7] - [10/11/2018 22:32:43] - |A| - [4537040] - C:\Windows\system32\setupapi.dll [MD5.B6AE95336BCB33015D4EA0E59892960A] - [10/11/2018 22:32:42] - |A| - [201728] - C:\Windows\system32\SharedPCCSP.dll [MD5.5FD29217730A8A58CC9B200088E788B0] - [10/11/2018 22:32:31] - |A| - [421376] - C:\Windows\system32\SharedRealitySvc.dll [MD5.9EE04793D8F4EEDAB82FCAD0FF163032] - [10/11/2018 22:33:05] - |A| - [1224704] - C:\Windows\system32\ShareHost.dll [MD5.EC401EE3E2A122C9AAE1D5AE26F05FD4] - [10/11/2018 22:32:48] - |A| - [671024] - C:\Windows\system32\SHCore.dll [MD5.8C6214807FDECF8F63342EFD70E5568B] - [10/11/2018 22:33:30] - |A| - [21356936] - C:\Windows\system32\shell32.dll [MD5.84E959936BEAED3A43696628AFFFC1F1] - [10/11/2018 22:32:36] - |A| - [327008] - C:\Windows\system32\shlwapi.dll [MD5.F627EEEFA3EFC67886949658EA4B2695] - [10/11/2018 22:32:39] - |A| - [135680] - C:\Windows\system32\shsetup.dll [MD5.503256AB8B30EA0931C071C140B908D1] - [10/11/2018 22:32:49] - |A| - [276992] - C:\Windows\system32\shutdownux.dll [MD5.D248F3C64B3CD64270FF9A507B814C53] - [10/11/2018 22:32:35] - |A| - [266752] - C:\Windows\system32\SIHClient.exe [MD5.B25335B958E12D2DB48774ADBCA00910] - [10/11/2018 22:32:41] - |A| - [192920] - C:\Windows\system32\skci.dll [MD5.D3419A191F8CABEFBCE0E280265B53DA] - [10/11/2018 22:32:33] - |A| - [21504] - C:\Windows\system32\slcext.dll [MD5.AE884EB0EB1281E2BBDF6509C8149B90] - [10/11/2018 22:33:03] - |A| - [898560] - C:\Windows\system32\SmartcardCredentialProvider.dll [MD5.4C59128F49FDF67F6FFA6CF3DD6E948F] - [10/11/2018 22:33:09] - |A| - [2596352] - C:\Windows\system32\smartscreen.exe [MD5.EDDB75728AE51667D02A8A968383260B] - [10/11/2018 22:32:43] - |A| - [239104] - C:\Windows\system32\smartscreenps.dll [MD5.F4B4E405BCDE95D748F8429FCC30E668] - [10/11/2018 22:32:30] - |A| - [588800] - C:\Windows\system32\SmsRouterSvc.dll [MD5.EFAFE91A54F016498BA983ECA19649EF] - [10/11/2018 22:32:40] - |A| - [708096] - C:\Windows\system32\SndVolSSO.dll [MD5.D4F22CDF9E777345B32CEC0501334D1E] - [10/11/2018 22:32:39] - |A| - [361984] - C:\Windows\system32\SpatializerApo.dll [MD5.DF9885196765DCBB770F48CF42463F80] - [10/11/2018 22:32:31] - |A| - [262656] - C:\Windows\system32\SpatialStore.dll [MD5.2E281495E43F5B2D8DB9C5D8F98359B8] - [10/11/2018 22:33:45] - |A| - [956416] - C:\Windows\system32\Spectrum.exe [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - [10/11/2018 22:32:34] - |A| - [37888] - C:\Windows\system32\SpectrumSyncClient.dll [MD5.153F12DE99760ACC89F53848DED45679] - [10/11/2018 22:32:58] - |A| - [765952] - C:\Windows\system32\spoolsv.exe [MD5.FA5485502AAC39E157E67EF530B9C351] - [10/11/2018 22:32:33] - |A| - [496640] - C:\Windows\system32\sppcext.dll [MD5.54C61D63396F46A64C5BC546E23059F5] - [10/11/2018 22:33:14] - |A| - [1619808] - C:\Windows\system32\sppobjs.dll [MD5.CED434DA6E043B450141932D974FF8C1] - [10/11/2018 22:33:37] - |A| - [4504464] - C:\Windows\system32\sppsvc.exe [MD5.5DBDD7EFF7EEEFAACCEAD5C643F7F792] - [10/11/2018 22:32:56] - |A| - [722616] - C:\Windows\system32\sppwinob.dll [MD5.9E874B6792C5DBC2F7B89B246A4BAC4C] - [10/11/2018 22:32:35] - |A| - [365568] - C:\Windows\system32\srchadmin.dll [MD5.B8FADC95A9126277F78618D4D162B9AE] - [10/11/2018 22:32:51] - |A| - [482816] - C:\Windows\system32\srcore.dll [MD5.B4E201F2895690EA72A79787FA1CB06F] - [10/11/2018 22:33:07] - |A| - [3578368] - C:\Windows\system32\SRH.dll [MD5.90FD36D7A4E9190676243E71799BD1D2] - [10/11/2018 22:32:39] - |A| - [143872] - C:\Windows\system32\srpapi.dll [MD5.2EC02DFC530560D0C01C7428E4CC9D27] - [10/11/2018 22:32:29] - |A| - [270848] - C:\Windows\system32\srvsvc.dll [MD5.7B5E955BB63726AB625F79AA7AF7FA11] - [10/11/2018 22:32:29] - |A| - [228352] - C:\Windows\system32\ssdpsrv.dll [MD5.49204FC89B5373816D10DD4E6914512A] - [10/11/2018 22:33:57] - |A| - [184984] - C:\Windows\system32\sspicli.dll [MD5.291423035BE3A0C571ACF14148220B70] - [10/11/2018 22:33:38] - |A| - [5891640] - C:\Windows\system32\StartTileData.dll [MD5.6A72BCAA25F7755F97E99D01AF2A8190] - [10/11/2018 22:33:05] - |A| - [614160] - C:\Windows\system32\StateRepository.Core.dll [MD5.4C74FCF3B3010B5D0EAE3F12E6374E89] - [10/11/2018 22:32:41] - |A| - [417792] - C:\Windows\system32\stobject.dll [MD5.15F2382335C5759B2901BE93D081DF8C] - [10/11/2018 22:32:30] - |A| - [2666496] - C:\Windows\system32\storagewmi.dll [MD5.BA9471C7B5B02F2EDF5055CC1A1476F3] - [10/11/2018 22:32:57] - |A| - [963584] - C:\Windows\system32\StorSvc.dll [MD5.EA2324884471E2C13563EFA849022FBB] - [10/11/2018 22:32:58] - |A| - [687560] - C:\Windows\system32\StructuredQuery.dll [MD5.FF9B35E7816C61A9376149C4D706FD92] - [10/11/2018 22:32:42] - |A| - [680960] - C:\Windows\system32\sud.dll [MD5.5BA645BB55CA869ADC6A25A8F430F7F7] - [10/11/2018 22:32:35] - |A| - [248320] - C:\Windows\system32\svf.dll [MD5.ACED35B02458BC836186B90A20DEA246] - [10/11/2018 22:32:50] - |A| - [3367936] - C:\Windows\system32\SyncCenter.dll [MD5.A6AFB43933A96338CD50E890D4278ACB] - [10/11/2018 22:32:40] - |A| - [624128] - C:\Windows\system32\SyncController.dll [MD5.3109BEE37B1375D85548D64562240CFF] - [10/11/2018 22:32:50] - |A| - [324096] - C:\Windows\system32\SyncSettings.dll [MD5.EE6CEBDB3C9AAD1C80AE32878FCD17C4] - [10/11/2018 22:32:51] - |A| - [970240] - C:\Windows\system32\sysmain.dll [MD5.F29FF0B9CCFF1F99C39B1C90F0B80300] - [10/11/2018 22:32:29] - |A| - [24576] - C:\Windows\system32\sysntfy.dll [MD5.74FFACDE32B58CCB74B9EF990C7757C0] - [10/11/2018 22:32:29] - |A| - [284672] - C:\Windows\system32\SystemEventsBrokerServer.dll [MD5.200F0F66CD090CFBD8B3FB1DD0DDDD79] - [10/11/2018 22:32:44] - |A| - [508272] - C:\Windows\system32\systemreset.exe [MD5.A45D4844C4EE0528071BDE8A694E680E] - [10/11/2018 22:32:42] - |A| - [1425408] - C:\Windows\system32\SystemSettings.Handlers.dll [MD5.43FD5C58AE2FE95BB303496E35C3C202] - [10/11/2018 22:32:38] - |A| - [490496] - C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll [MD5.BFBCB573B1FAF24396FC1455917C12C1] - [10/11/2018 22:32:40] - |A| - [398824] - C:\Windows\system32\SystemSettingsAdminFlows.exe [MD5.A9F8655C9391C0CFE994491D619B1773] - [10/11/2018 22:33:02] - |A| - [4592640] - C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll [MD5.46F606C3DFC32057DA750058AAF69C5F] - [10/11/2018 22:32:57] - |A| - [175616] - C:\Windows\system32\t2embed.dll [MD5.5653A2B4FEA9469D31778371B6479232] - [10/11/2018 22:32:38] - |A| - [505344] - C:\Windows\system32\taskcomp.dll [MD5.D680547DC49CA40369817569736C944C] - [10/11/2018 22:32:58] - |A| - [1313016] - C:\Windows\system32\Taskmgr.exe [MD5.EF5DE2C2EA37E6752218D838BE0B6CF2] - [10/11/2018 22:32:30] - |A| - [36352] - C:\Windows\system32\tbauth.dll [MD5.AD1699FD799669CB79427BFD33B9BAA9] - [10/11/2018 22:32:35] - |A| - [217088] - C:\Windows\system32\tcpmon.dll [MD5.E9C39C6E8FCE5C084F2D0FF16C02EB4A] - [10/11/2018 22:32:30] - |A| - [84992] - C:\Windows\system32\tdc.ocx [MD5.FDEE0F5290465D65CC857E8C565FCBC0] - [10/11/2018 22:32:39] - |A| - [507392] - C:\Windows\system32\TDLMigration.dll [MD5.0CF99D60588AF7F198C135BABCA287F2] - [10/11/2018 22:32:42] - |A| - [208384] - C:\Windows\system32\tetheringservice.dll [MD5.4AFC829A777CAD161200F1169B6C27B1] - [10/11/2018 22:32:38] - |A| - [617312] - C:\Windows\system32\TextInputFramework.dll [MD5.9721A6BEAB8E57262FF72A64C9D5C7A5] - [10/11/2018 22:32:33] - |A| - [2490880] - C:\Windows\system32\themecpl.dll [MD5.7C5272A6CC0D18CFD5C47B4ABA766A23] - [10/11/2018 22:32:38] - |A| - [2873856] - C:\Windows\system32\themeui.dll [MD5.C8F0C26F8780B39508A07886FEB7F037] - [10/11/2018 22:33:13] - |A| - [571392] - C:\Windows\system32\TileDataRepository.dll [MD5.EA80B2C811A7F6B1C9EED312F06F26FB] - [10/11/2018 22:32:29] - |A| - [175616] - C:\Windows\system32\TimeBrokerServer.dll [MD5.5AF4B46215DD0A7CE86910E4668BAFB7] - [10/11/2018 22:32:38] - |A| - [508416] - C:\Windows\system32\timedate.cpl [MD5.B46BABA224F615C80C1CC215316F6445] - [10/11/2018 22:32:38] - |A| - [47616] - C:\Windows\system32\tokenbinding.dll [MD5.CF2A9365420A4162127F9850145A6437] - [10/11/2018 22:33:08] - |A| - [1236992] - C:\Windows\system32\TokenBroker.dll [MD5.5423A9B70C585470C5C9D855281626AB] - [10/11/2018 22:32:30] - |A| - [17408] - C:\Windows\system32\TokenBrokerCookies.exe [MD5.6F89BEA8EEEB205E10CE4CD434B470D9] - [10/11/2018 22:32:31] - |A| - [44032] - C:\Windows\system32\TokenBrokerUI.dll [MD5.3C1519F775806EC440F4DEF1B02EC153] - [10/11/2018 22:33:16] - |A| - [3405824] - C:\Windows\system32\tquery.dll [MD5.554F8E8143ECAD0127775F34FBF49D5C] - [10/11/2018 22:32:43] - |A| - [118272] - C:\Windows\system32\TSpkg.dll [MD5.989DA824E995457D98873DD21CA2B8B9] - [10/11/2018 22:32:40] - |A| - [240128] - C:\Windows\system32\TtlsAuth.dll [MD5.E4BA1324CC7C7B789A066416F3B33B05] - [10/11/2018 22:32:33] - |A| - [219648] - C:\Windows\system32\TtlsCfg.dll [MD5.6E39A1F7FCC3D9034435F93C8B41FF82] - [10/11/2018 22:32:40] - |A| - [222208] - C:\Windows\system32\TtlsExt.dll [MD5.7B4A3705A6AB2E55139A9F0CD0696BB7] - [10/11/2018 22:32:42] - |A| - [181760] - C:\Windows\system32\twext.dll [MD5.729AF3B925184841627A8F64F9CA6C75] - [10/11/2018 22:32:39] - |A| - [506880] - C:\Windows\system32\twinapi.dll [MD5.08CD5055B9EB98355655203457D3C73F] - [10/11/2018 22:32:55] - |A| - [825856] - C:\Windows\system32\twinui.appcore.dll [MD5.BFB58B4C4EB68045DACE696E6289F106] - [10/11/2018 22:33:12] - |A| - [7545344] - C:\Windows\system32\twinui.dll [MD5.AD4D2AF3BD39E54FEA73EDDE3C63022E] - [10/11/2018 22:33:25] - |A| - [2976256] - C:\Windows\system32\twinui.pcshell.dll [MD5.19E54191259D7E2F418CF9D746F65CA0] - [10/11/2018 22:32:30] - |A| - [2560] - C:\Windows\system32\tzres.dll [MD5.BDA8336E9E575C0283C78542D937E7F7] - [10/11/2018 22:32:54] - |A| - [268288] - C:\Windows\system32\ubpm.dll [MD5.572683CFA1C6DABC433C9AD5FC398D33] - [10/11/2018 22:32:59] - |A| - [1002048] - C:\Windows\system32\ucrtbase.dll [MD5.895CFB4A1F431E48885FE3863D6BABD3] - [10/11/2018 22:32:42] - |A| - [479920] - C:\Windows\system32\ucrtbase_enclave.dll [MD5.DAA89209D01484568CF0485ADAD643A3] - [10/11/2018 22:32:58] - |A| - [849920] - C:\Windows\system32\uDWM.dll [MD5.47C17153BBD1479A468694CF8811F3EB] - [10/11/2018 22:33:00] - |A| - [704000] - C:\Windows\system32\UiaManager.dll [MD5.30C6531786C373AFCF3F72F57A59AAA6] - [10/11/2018 22:32:58] - |A| - [2088448] - C:\Windows\system32\UIAutomationCore.dll [MD5.F44BB53C73EBC82B8A672E67FEFDF49A] - [10/11/2018 22:33:08] - |A| - [3995136] - C:\Windows\system32\UIRibbon.dll [MD5.ABC2B84C699AE0838575A8B7C927CB04] - [10/11/2018 22:32:30] - |A| - [584192] - C:\Windows\system32\UIRibbonRes.dll [MD5.A3CCFB8A5BD48F56EF2ACB4A427A1AC7] - [10/11/2018 22:32:38] - |A| - [151040] - C:\Windows\system32\umpo.dll [MD5.E8732956707ABBD370F17BAFFBDC8908] - [10/11/2018 22:32:29] - |A| - [293376] - C:\Windows\system32\unimdm.tsp [MD5.F0A388AA51F0DE22AA38A4BA9B04AD9E] - [10/11/2018 22:32:30] - |A| - [1245184] - C:\Windows\system32\Unistore.dll [MD5.0C05615CEA9592E405B97453D9E2D732] - [10/11/2018 22:33:09] - |A| - [2472352] - C:\Windows\system32\UpdateAgent.dll [MD5.3ECF690B9FEA24D615AEAB0C1EDB01F6] - [10/11/2018 22:32:40] - |A| - [97792] - C:\Windows\system32\updatecsp.dll [MD5.6A03377C43A34B9A2D006E17B320B610] - [10/11/2018 22:32:59] - |A| - [530944] - C:\Windows\system32\updatehandlers.dll [MD5.A10FFC968403DE26D5658DC4C611BA54] - [10/11/2018 22:32:39] - |A| - [115712] - C:\Windows\system32\updatepolicy.dll [MD5.0CE4FE9B087077A277955F51462EB43D] - [10/11/2018 22:32:30] - |A| - [235520] - C:\Windows\system32\url.dll [MD5.C1771AFF4993AC1E6C93A6099EC0A8EA] - [10/11/2018 22:33:19] - |A| - [1808384] - C:\Windows\system32\urlmon.dll [MD5.79F04C5FE59CEC9D3928DB996FDE90EC] - [10/11/2018 22:32:29] - |A| - [329216] - C:\Windows\system32\usbmon.dll [MD5.0370364D4D8846B6CF316ABBB2EDB083] - [10/11/2018 22:33:28] - |A| - [1634288] - C:\Windows\system32\user32.dll [MD5.201707DA4259ACAE6B37E474BE75D58C] - [10/11/2018 22:32:53] - |A| - [1353728] - C:\Windows\system32\usercpl.dll [MD5.DBB8DA23D912E799683A34BFBAE3EF70] - [10/11/2018 22:32:53] - |A| - [1573376] - C:\Windows\system32\UserDataService.dll [MD5.04499A41CC5210854D1DBB42A79E5389] - [10/11/2018 22:32:35] - |A| - [199168] - C:\Windows\system32\UserDeviceRegistration.dll [MD5.099D6E1F4242EE5D78D9E09D0E8BDCB9] - [10/11/2018 22:32:37] - |A| - [648704] - C:\Windows\system32\UserLanguagesCpl.dll [MD5.29D52BDF7605DBD39C2D6D089E72C6F4] - [10/11/2018 22:32:59] - |A| - [951808] - C:\Windows\system32\usermgr.dll [MD5.F9DA0FBC575D86356086D244D1698F2C] - [10/11/2018 22:32:34] - |A| - [92160] - C:\Windows\system32\usoapi.dll [MD5.A6C37370BCC7643513F173E87C98B591] - [10/11/2018 22:32:35] - |A| - [39424] - C:\Windows\system32\UsoClient.exe [MD5.551F802F6F7C184A8CE2DBC4261A0298] - [10/11/2018 22:33:00] - |A| - [1329664] - C:\Windows\system32\usocore.dll [MD5.2B5736C77D7B7FCB3277A66F0F6A277D] - [10/11/2018 22:32:34] - |A| - [100352] - C:\Windows\system32\utcutil.dll [MD5.C2B9C47EF65EDFF7CAEFF5CBE1C1CC40] - [10/11/2018 22:33:32] - |A| - [374032] - C:\Windows\system32\vac.exe [MD5.8AC759254E931E0531039B2C9EE6F44C] - [10/11/2018 22:33:56] - |A| - [591360] - C:\Windows\system32\vbscript.dll [MD5.A30C74FAB23919754CE600A80A0B4E40] - [10/11/2018 22:32:39] - |A| - [159120] - C:\Windows\system32\vertdll.dll [MD5.A8F60A16C5DA699B20C4092417351039] - [10/11/2018 22:32:30] - |A| - [55808] - C:\Windows\system32\virtdisk.dll [MD5.AE57A6E2BABE56569867BA8A12D76DEF] - [10/11/2018 22:32:30] - |A| - [17408] - C:\Windows\system32\VmApplicationHealthMonitorProxy.dll [MD5.11FB09A2C990DCFAA2B5BF1AC29E9545] - [10/11/2018 22:32:36] - |A| - [28520] - C:\Windows\system32\vmbuspipe.dll [MD5.01DF7DCAA6BFF4EFEF8B0BCB03185269] - [10/11/2018 22:32:29] - |A| - [50176] - C:\Windows\system32\vmictimeprovider.dll [MD5.F4DAC5A713AC57273A8BFCC83B84E8BF] - [10/11/2018 22:32:35] - |A| - [425984] - C:\Windows\system32\vmrdvcore.dll [MD5.58292E77A039EE1CF59412B386865C76] - [10/11/2018 22:32:56] - |A| - [689152] - C:\Windows\system32\vpnike.dll [MD5.912B2CBB6DE1FFB193B2640C51CA554B] - [10/11/2018 22:32:43] - |A| - [1661440] - C:\Windows\system32\vssapi.dll [MD5.53B56525785DDBBF34956948A08F6491] - [10/11/2018 22:33:05] - |A| - [1556992] - C:\Windows\system32\VSSVC.exe [MD5.A0B4836C489C2535795C4E71E378AD07] - [10/11/2018 22:32:54] - |A| - [975872] - C:\Windows\system32\wbiosrvc.dll [MD5.B739C2D6AD2B13E56F43BBC33EC42E91] - [10/11/2018 22:32:39] - |A| - [45056] - C:\Windows\system32\wcimage.dll [MD5.38AB5524CA5E4EA5F46469270FC34816] - [10/11/2018 22:33:04] - |A| - [892928] - C:\Windows\system32\wcmsvc.dll [MD5.DCAB9E8C7C34ACE7BC9C1935A382C361] - [10/11/2018 22:32:36] - |A| - [134656] - C:\Windows\system32\WcnApi.dll [MD5.505E50A4819CF28DCE8176DB15952D49] - [10/11/2018 22:32:39] - |A| - [465920] - C:\Windows\system32\wcncsvc.dll [MD5.FF17A8B1232A2E4386C15E2D334EA03F] - [10/11/2018 22:32:33] - |A| - [34816] - C:\Windows\system32\WcnEapAuthProxy.dll [MD5.1EA5504E81D2040C4B71DE171D2DFA4B] - [10/11/2018 22:32:33] - |A| - [36352] - C:\Windows\system32\WcnEapPeerProxy.dll [MD5.F4766FF027EAC8C0DEE720E717ECD189] - [10/11/2018 22:32:29] - |A| - [306176] - C:\Windows\system32\wc_storage.dll [MD5.A7D73A6C8F787B10B304FEA88CB3849E] - [10/11/2018 22:32:36] - |A| - [258560] - C:\Windows\system32\webcheck.dll [MD5.36947722152A5C5CE9CAA33AD84ACCB5] - [10/11/2018 22:32:42] - |A| - [217088] - C:\Windows\system32\WebClnt.dll [MD5.35362950E43529B9E3D3A9145D9E55B9] - [10/11/2018 22:32:52] - |A| - [580608] - C:\Windows\system32\webio.dll [MD5.B38B301BDE03F94F527AC54E12C0A12C] - [10/11/2018 22:32:33] - |A| - [675328] - C:\Windows\system32\webplatstorageserver.dll [MD5.2BD9DE58502F43D856266AF1E8DBC2D5] - [10/11/2018 22:32:55] - |A| - [1498112] - C:\Windows\system32\WebRuntimeManager.dll [MD5.3ADC90E13C117241350E83F4AF6401EC] - [10/11/2018 22:33:00] - |A| - [1358496] - C:\Windows\system32\webservices.dll [MD5.9FBD62A22FA9882061876D58B71A994C] - [10/11/2018 22:32:43] - |A| - [757792] - C:\Windows\system32\wer.dll [MD5.74C6DD47F55DC37050032ABD2B4FB0C3] - [10/11/2018 22:33:04] - |A| - [1816576] - C:\Windows\system32\wevtsvc.dll [MD5.5CDE5FB8CB29653671475FF0D59027BC] - [10/11/2018 22:32:30] - |A| - [144896] - C:\Windows\system32\wextract.exe [MD5.807C0614AA0B65F10E5C32B7BA7AA19B] - [10/11/2018 22:32:33] - |A| - [46080] - C:\Windows\system32\wfdprov.dll [MD5.F1010CB647AB1F4C847254C211E2FBF7] - [10/11/2018 22:32:38] - |A| - [133632] - C:\Windows\system32\wificonnapi.dll [MD5.18469551AB3A79A82D08DCCF23BFEDD7] - [10/11/2018 22:33:02] - |A| - [1343488] - C:\Windows\system32\wifinetworkmanager.dll [MD5.095BCCFD7C4C595D2B7F181847635FF8] - [10/11/2018 22:32:44] - |A| - [309248] - C:\Windows\system32\wifiprofilessettinghandler.dll [MD5.273F7201C712931688F1D066D9F07609] - [10/11/2018 22:32:49] - |A| - [461728] - C:\Windows\system32\wifitask.exe [MD5.D3B74276EE38F315B3192E0B08A245BF] - [10/11/2018 22:32:52] - |A| - [705944] - C:\Windows\system32\wimgapi.dll [MD5.B796D998074BDDAB54BB0AA7B058D9F2] - [10/11/2018 22:32:46] - |A| - [525728] - C:\Windows\system32\wimserv.exe [MD5.3AA0CE541BA121F579568033992547CD] - [10/11/2018 22:33:03] - |A| - [70136] - C:\Windows\system32\win32appinventorycsp.dll [MD5.DE68BBD39CFA2088B248E09412D2C1B0] - [10/11/2018 22:33:55] - |A| - [2086400] - C:\Windows\system32\win32kbase.sys [MD5.4D4C14AE5B195F9396CC4C74025F007C] - [10/11/2018 22:33:55] - |A| - [3661824] - C:\Windows\system32\win32kfull.sys [MD5.26DEFFCCD0776A274A747230B41E29FC] - [10/11/2018 22:32:56] - |A| - [837120] - C:\Windows\system32\win32spl.dll [MD5.38A3673FB4619A079759D2679B18639E] - [10/11/2018 22:32:41] - |A| - [96200] - C:\Windows\system32\winbrand.dll [MD5.2B37CC91502E1AE92C311D892FC313DB] - [10/11/2018 22:32:40] - |A| - [436224] - C:\Windows\system32\wincorlib.dll [MD5.379BDBB2F96B131278B17953F0D974ED] - [10/11/2018 22:32:31] - |A| - [210944] - C:\Windows\system32\Windows.ApplicationModel.Core.dll [MD5.F7EC3E2CE257E6BA7C38EB372FE7FFB5] - [10/11/2018 22:32:54] - |A| - [432640] - C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll [MD5.FBA732173590BBE0DA70C72054793BAD] - [10/11/2018 22:32:59] - |A| - [1925760] - C:\Windows\system32\Windows.ApplicationModel.Store.dll [MD5.44A396EF44738DB3114F513E570BD092] - [10/11/2018 22:32:43] - |A| - [308736] - C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.BE3498362CF57B4C6E1FDC1EBB80002B] - [10/11/2018 22:33:15] - |A| - [3186688] - C:\Windows\system32\Windows.CloudStore.dll [MD5.268F20B93BE5E6F981DA57FA0C211987] - [10/11/2018 22:33:00] - |A| - [583680] - C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll [MD5.04AD778EE6B4919A62234A95FBF9F51E] - [10/11/2018 22:33:34] - |A| - [8042496] - C:\Windows\system32\Windows.Data.Pdf.dll [MD5.2D7F599926E2103E74BCA6668E989E84] - [10/11/2018 22:33:03] - |A| - [1580032] - C:\Windows\system32\Windows.Globalization.dll [MD5.29F76B91214004E44E6A7741D71EC823] - [10/11/2018 22:32:53] - |A| - [524800] - C:\Windows\system32\windows.immersiveshell.serviceprovider.dll [MD5.5CD05499F7A7D1A223ADCBE692B12F6C] - [10/11/2018 22:32:44] - |A| - [616960] - C:\Windows\system32\Windows.Internal.Bluetooth.dll [MD5.92F1720AFB4305DA91924AC263E9762F] - [10/11/2018 22:32:41] - |A| - [329728] - C:\Windows\system32\Windows.Internal.Feedback.Analog.dll [MD5.5BC34122A1974DD18880C3EBE955BC20] - [10/11/2018 22:32:40] - |A| - [702464] - C:\Windows\system32\Windows.Internal.Management.dll [MD5.8F4573B2E4B018CA626D50EA7654F213] - [10/11/2018 22:32:30] - |A| - [31744] - C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll [MD5.ED9FC1BECA2E783FA78E3DC8955CE37B] - [10/11/2018 22:33:01] - |A| - [943104] - C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll [MD5.3314AB85DADC58E646E5200F19A9B2BB] - [10/11/2018 22:33:48] - |A| - [6793408] - C:\Windows\system32\Windows.Media.dll [MD5.A35B676B46E948D564F856B3219F08F8] - [10/11/2018 22:32:50] - |A| - [941568] - C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.586774A2C25B6EF349A4A4B2720FC643] - [10/11/2018 22:33:01] - |A| - [918528] - C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll [MD5.088D19BB161E1E25ED34BB7696533454] - [10/11/2018 22:32:31] - |A| - [111104] - C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll [MD5.165B38AFD473DE59F2145CDFE93227A6] - [10/11/2018 22:33:43] - |A| - [7385176] - C:\Windows\system32\Windows.Media.Protection.PlayReady.dll [MD5.79C87B82478CA5FBD234F23E43F9226E] - [10/11/2018 22:33:45] - |A| - [3331520] - C:\Windows\system32\Windows.Mirage.dll [MD5.34105629F82A6D84296B4D6593C28459] - [10/11/2018 22:33:45] - |A| - [882688] - C:\Windows\system32\Windows.Mirage.Internal.dll [MD5.D5570C34DBDB3802A767204D6E4F6D78] - [10/11/2018 22:33:00] - |A| - [969728] - C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll [MD5.60422C5B6ACD473260D518105C5FAD21] - [10/11/2018 22:32:54] - |A| - [887296] - C:\Windows\system32\Windows.Networking.dll [MD5.31AB95BA7E184C0C21B1B148C0A60E32] - [10/11/2018 22:32:53] - |A| - [568832] - C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll [MD5.5F1D47E0D1F527A31F5E44D54C49B5E2] - [10/11/2018 22:33:00] - |A| - [1217024] - C:\Windows\system32\Windows.Networking.Vpn.dll [MD5.6AF9E448E6305FAD56FC9B9417B1C48D] - [10/11/2018 22:32:53] - |A| - [579584] - C:\Windows\system32\Windows.Payments.dll [MD5.7466B53D8141267FC62A96110A87A852] - [10/11/2018 22:33:45] - |A| - [840440] - C:\Windows\system32\Windows.Perception.Stub.dll [MD5.6522E312912EBAEB8B64F76758058A73] - [10/11/2018 22:33:02] - |A| - [837632] - C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll [MD5.1E0C32C48955E92042BFB9E3F38386F0] - [10/11/2018 22:32:48] - |A| - [1012120] - C:\Windows\system32\Windows.Services.TargetedContent.dll [MD5.CDD63226F2EFAF5F213E17751E7E4E02] - [10/11/2018 22:32:33] - |A| - [59904] - C:\Windows\system32\Windows.Shell.Search.UriHandler.dll [MD5.BE3C0C7D5DD0CC6D02299D3B9B812F18] - [10/11/2018 22:33:16] - |A| - [4486400] - C:\Windows\system32\Windows.StateRepository.dll [MD5.1BF8BB97424C3458DA9EF96966882F22] - [10/11/2018 22:32:38] - |A| - [100248] - C:\Windows\system32\Windows.StateRepositoryBroker.dll [MD5.196829FE464FA2DC401B274829BF4204] - [10/11/2018 22:32:39] - |A| - [154520] - C:\Windows\system32\Windows.StateRepositoryClient.dll [MD5.72EA023C9B7EF1369171F38E844A4744] - [10/11/2018 22:32:56] - |A| - [1193192] - C:\Windows\system32\Windows.StateRepositoryPS.dll [MD5.CCB5C29676DB16A176A32CD05C75C146] - [10/11/2018 22:32:38] - |A| - [173568] - C:\Windows\system32\Windows.StateRepositoryUpgrade.dll [MD5.8BAB130CFD7C787524AC8F5F5E636FA6] - [10/11/2018 22:32:36] - |A| - [367344] - C:\Windows\system32\Windows.Storage.ApplicationData.dll [MD5.6BA01636F239C1C212286BEBC6762388] - [10/11/2018 22:33:35] - |A| - [7673112] - C:\Windows\system32\windows.storage.dll [MD5.3115BB3B89EB77C5C21FF320203AC56E] - [10/11/2018 22:32:54] - |A| - [599552] - C:\Windows\system32\Windows.UI.Core.TextInput.dll [MD5.DE7B761D2E55C520FB209C573B300260] - [10/11/2018 22:33:07] - |A| - [1574912] - C:\Windows\system32\Windows.UI.Cred.dll [MD5.6D05B20136FB9E5B543D9343AD8A93A5] - [10/11/2018 22:33:05] - |A| - [1717760] - C:\Windows\system32\Windows.UI.Immersive.dll [MD5.0D0EDB59740BA3D0946EF2EE428AE638] - [10/11/2018 22:33:45] - |A| - [1666048] - C:\Windows\system32\Windows.UI.Input.Inking.dll [MD5.4C14B175F5FEFB4A13711E6DAB86F7E0] - [10/11/2018 22:33:18] - |A| - [2836992] - C:\Windows\system32\Windows.UI.Logon.dll [MD5.41C300AF5BAA96DB9F42F96C45666D5F] - [10/11/2018 22:32:58] - |A| - [884736] - C:\Windows\system32\Windows.UI.Search.dll [MD5.A3492077B3B5B6D96E2D5A064287721F] - [10/11/2018 22:33:25] - |A| - [17160704] - C:\Windows\system32\Windows.UI.Xaml.dll [MD5.8294429473D5C1E3EB4A2FF868AC9850] - [10/11/2018 22:32:39] - |A| - [2890240] - C:\Windows\system32\Windows.UI.Xaml.Resources.dll [MD5.517447B8034B3059ADCE60B34787FE35] - [10/11/2018 22:32:42] - |A| - [167936] - C:\Windows\system32\Windows.UI.XamlHost.dll [MD5.89BBDACC2E47560ED14A3E79226F1A88] - [10/11/2018 22:32:53] - |A| - [1757824] - C:\Windows\system32\WindowsCodecs.dll [MD5.A6779AAAFCCF789782A78622B1076DD2] - [10/11/2018 22:33:04] - |A| - [902928] - C:\Windows\system32\winhttp.dll [MD5.59BB3651A4B783C88C1103FF1BD1CE26] - [10/11/2018 22:33:51] - |A| - [4508160] - C:\Windows\system32\wininet.dll [MD5.29043DA65FF07FF5DE114DB18C21B1AF] - [10/11/2018 22:32:51] - |A| - [1416776] - C:\Windows\system32\winload.efi [MD5.D63F136A7DCD7FE4BEE18BBFF6E57EDD] - [10/11/2018 22:32:50] - |A| - [1210688] - C:\Windows\system32\winload.exe [MD5.107DC6159F1939DC75D448A18929BBAD] - [10/11/2018 22:33:00] - |A| - [715776] - C:\Windows\system32\winlogon.exe [MD5.57EDC5930DCAB599EF96580A00245376] - [10/11/2018 22:33:08] - |A| - [1695136] - C:\Windows\system32\winmde.dll [MD5.A12079FDF55EEA190B7C27859EFBAB77] - [10/11/2018 22:32:46] - |A| - [1092640] - C:\Windows\system32\winresume.efi [MD5.0874971CC27A3E4339E29B0317541DB7] - [10/11/2018 22:32:44] - |A| - [925064] - C:\Windows\system32\winresume.exe [MD5.0263BA789E8E394B2A642F038F128A3F] - [10/11/2018 22:32:43] - |A| - [243200] - C:\Windows\system32\WinSCard.dll [MD5.E3368BAE17EE8CD64CE69D5CC585196C] - [10/11/2018 22:32:30] - |A| - [288256] - C:\Windows\system32\winsku.dll [MD5.0E426772CEA146A6DCC9B1F7DA2070EE] - [10/11/2018 22:32:52] - |A| - [532480] - C:\Windows\system32\winspool.drv [MD5.B7147831151D5519E5A80CC71CA1F73D] - [10/11/2018 22:32:30] - |A| - [66048] - C:\Windows\system32\winsrv.dll [MD5.0290ECCA31DDBC95D13CF556219E9562] - [10/11/2018 22:32:51] - |A| - [358496] - C:\Windows\system32\wintrust.dll [MD5.97E7B52BD93BEAFD37B3695E9F8229D6] - [10/11/2018 22:32:49] - |A| - [1269640] - C:\Windows\system32\WinTypes.dll [MD5.F8097F90811E9BB10F5B96262399F3C7] - [10/11/2018 22:32:29] - |A| - [276480] - C:\Windows\system32\wkssvc.dll [MD5.ABE84FDE95C0CE0DE35B1C6122491265] - [10/11/2018 22:32:36] - |A| - [417440] - C:\Windows\system32\wlanapi.dll [MD5.76F9647D47FEC7EA0A147BB77EC441B9] - [10/11/2018 22:33:51] - |A| - [461312] - C:\Windows\system32\wlansec.dll [MD5.B8A9BAD14C937192545169DF02D812C2] - [10/11/2018 22:33:01] - |A| - [2528768] - C:\Windows\system32\wlansvc.dll [MD5.5118946157DA262A20AD605D26048484] - [10/11/2018 22:32:50] - |A| - [358400] - C:\Windows\system32\Wldap32.dll [MD5.AA003DC1652D57ACD6599A9B828A462E] - [10/11/2018 22:32:39] - |A| - [70864] - C:\Windows\system32\wldp.dll [MD5.5F6AB4CB0B2C64822208D999EEF69B9C] - [10/11/2018 22:32:34] - |A| - [117248] - C:\Windows\system32\wlgpclnt.dll [MD5.23C0F1BAAC79D2F34561F6BC270A9102] - [10/11/2018 22:32:54] - |A| - [682496] - C:\Windows\system32\wlidprov.dll [MD5.717FE96AE0988B1F443EED06E6A703D4] - [10/11/2018 22:33:10] - |A| - [2223616] - C:\Windows\system32\wlidsvc.dll [MD5.D0F4EAF68D216156A911E9D3015ACBB6] - [10/11/2018 22:32:29] - |A| - [29184] - C:\Windows\system32\wmiprop.dll [MD5.D32983614B99D5639529345D095B92A8] - [10/11/2018 22:33:48] - |A| - [13713920] - C:\Windows\system32\wmp.dll [MD5.C77E3C7B242F12CF3569E34062249777] - [10/11/2018 22:32:41] - |A| - [284744] - C:\Windows\system32\wmpeffects.dll [MD5.CFAF1A187A37E2B0BBEB73100A39E2DF] - [10/11/2018 22:32:35] - |A| - [128000] - C:\Windows\system32\wmpshell.dll [MD5.D87BDF0ECDFDC74E74D8D0300C76AB4D] - [10/11/2018 22:32:40] - |A| - [433152] - C:\Windows\system32\WMVSENCD.DLL [MD5.CB2CF8CC2BE0857C2AA4D5B717BEEB1B] - [10/11/2018 22:32:42] - |A| - [624640] - C:\Windows\system32\WMVXENCD.DLL [MD5.5E3CFD7740D761E028D65F2E6F286CF2] - [10/11/2018 22:32:33] - |A| - [40448] - C:\Windows\system32\WordBreakers.dll [MD5.E89B2AB19FB8F32606102CF84395B46F] - [10/11/2018 22:32:49] - |A| - [319864] - C:\Windows\system32\wow64.dll [MD5.FA1005FC850606B8C4ADBC8057AF7075] - [10/11/2018 22:32:36] - |A| - [22392] - C:\Windows\system32\wow64cpu.dll [MD5.61A54AA5A23157ECBED1190C66A8F55C] - [10/11/2018 22:32:34] - |A| - [403968] - C:\Windows\system32\WpAXHolder.dll [MD5.BBC7B97624ABB82A1F74642FD267B92F] - [10/11/2018 22:33:07] - |A| - [1669120] - C:\Windows\system32\Wpc.dll [MD5.F4D82CDD068A56235F616B143CE929CE] - [10/11/2018 22:32:54] - |A| - [1430768] - C:\Windows\system32\WpcMon.exe [MD5.F43C5CDEE4B86785EAB054758B9D6B81] - [10/11/2018 22:32:41] - |A| - [908800] - C:\Windows\system32\WpcWebFilter.dll [MD5.DFA27421D9B3CFDEA3E89D9B86332C95] - [10/11/2018 22:32:41] - |A| - [82944] - C:\Windows\system32\wpdbusenum.dll [MD5.475E167E34D22C1FA32E875FEBB9B1E1] - [10/11/2018 22:32:38] - |A| - [223232] - C:\Windows\system32\wpd_ci.dll [MD5.9E56006E15765CBAA040B1F562EBE16E] - [10/11/2018 22:33:02] - |A| - [1249792] - C:\Windows\system32\wpnapps.dll [MD5.80E9C23B1ED245F571B8D02A153205AF] - [10/11/2018 22:33:10] - |A| - [1760768] - C:\Windows\system32\wpncore.dll [MD5.318BAFAE9498D8018C15C59E356B89EA] - [10/11/2018 22:32:33] - |A| - [565248] - C:\Windows\system32\wpnprv.dll [MD5.DD130AE4DA21FF158A0EFB74CF475407] - [10/11/2018 22:32:29] - |A| - [172544] - C:\Windows\system32\WPTaskScheduler.dll [MD5.AAA232FF889B1B0CB053ABFE634429D3] - [10/11/2018 22:32:37] - |A| - [292384] - C:\Windows\system32\wscapi.dll [MD5.D14AACF9DA196365D77BD2809B82FE76] - [10/11/2018 22:32:32] - |A| - [18944] - C:\Windows\system32\wscproxystub.dll [MD5.F865A4DB614FB1A61430D410EAF506E7] - [10/11/2018 22:32:41] - |A| - [164864] - C:\Windows\system32\wscript.exe [MD5.95E6DA58562C14947935B1C5D393A7F0] - [10/11/2018 22:32:33] - |A| - [246784] - C:\Windows\system32\wscsvc.dll [MD5.1D4727DC5B1C796553C2CA2FE05A556F] - [10/11/2018 22:32:29] - |A| - [568832] - C:\Windows\system32\WSDMon.dll [MD5.EC780BC2CBF403F4D86F8C8B93B71980] - [10/11/2018 22:32:35] - |A| - [1472000] - C:\Windows\system32\wsecedit.dll [MD5.B2A6401E9AD3AC4949C43575EDB8E0DB] - [10/11/2018 22:32:35] - |A| - [18680] - C:\Windows\system32\wshhyperv.dll [MD5.396D7399BF825F048E801B47C7CF669A] - [10/11/2018 22:32:33] - |A| - [62976] - C:\Windows\system32\wsnmp32.dll [MD5.CDAE8CD4EEFE915BB2B264336E4FD666] - [10/11/2018 22:33:02] - |A| - [1055744] - C:\Windows\system32\wuapi.dll [MD5.E56EF8F5124E6FEB100C06EA3871A275] - [10/11/2018 22:09:46] - |A| - [48112] - C:\Windows\system32\wuauclt.exe [MD5.F98CE5C7AC540856048DA2A4F7D9D838] - [10/11/2018 22:33:52] - |A| - [2785280] - C:\Windows\system32\wuaueng.dll [MD5.BFAAA171876487DE2B75005A5F033F58] - [10/11/2018 22:09:45] - |A| - [57856] - C:\Windows\system32\wuautoappupdate.dll [MD5.3882D1DE41AD201B9C965A3A342412A8] - [10/11/2018 22:09:46] - |A| - [84480] - C:\Windows\system32\wudriver.dll [MD5.2C71B1136E921A5A77E1D5E29D1150A5] - [10/11/2018 22:32:33] - |A| - [65024] - C:\Windows\system32\wups.dll [MD5.3A2CD64710295581D01895744B7BD969] - [10/11/2018 22:32:35] - |A| - [33792] - C:\Windows\system32\wups2.dll [MD5.2215177C0045404DC20F98DB09D5A474] - [10/11/2018 22:33:55] - |A| - [462336] - C:\Windows\system32\wuuhext.dll [MD5.6C8610467709509CA6389E690FFBA4CA] - [10/11/2018 22:32:36] - |A| - [170496] - C:\Windows\system32\wuuhosdeployment.dll [MD5.73720F99270A725E233924B4EC3B1465] - [10/11/2018 22:32:40] - |A| - [354304] - C:\Windows\system32\WwaApi.dll [MD5.CCB962E19697E07851D077501CE49F32] - [10/11/2018 22:32:48] - |A| - [893440] - C:\Windows\system32\WWAHost.exe [MD5.30C3502F292F05ADD3414CCB08635F9B] - [10/11/2018 22:32:53] - |A| - [549552] - C:\Windows\system32\WWanAPI.dll [MD5.02DCDAE63AB343418D7420D481FE839C] - [10/11/2018 22:33:03] - |A| - [1424896] - C:\Windows\system32\wwansvc.dll [MD5.22C33A1B30BCD0592ED357A4374C59A0] - [10/11/2018 22:32:37] - |A| - [94080] - C:\Windows\system32\wwapi.dll [MD5.59B2BBFC7157DE301DB2CA58C43F8B92] - [10/11/2018 22:33:12] - |A| - [4496896] - C:\Windows\system32\xpsrchvw.exe [MD5.79DF0E3B8597D8F6998BAF9A3E70DBD5] - [10/11/2018 22:32:41] - |A| - [386560] - C:\Windows\system32\zipfldr.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 13:45:29] - |A| - [0] - C:\Windows\system32\Drivers\144D_SAMSUNG_na_Galaxy Book 12_P03H.mrk [MD5.334BAC25FE297342B119730E699B826C] - [10/11/2018 22:32:57] - |A| - [733592] - C:\Windows\system32\Drivers\acpi.sys [MD5.9619C0D7DB55CC3A636A24A7D82B0C8E] - [10/11/2018 22:32:47] - |A| - [614304] - C:\Windows\system32\Drivers\afd.sys [MD5.DCE606F0E15E0FB75ECC02EBB3DEFA9C] - [10/11/2018 22:32:33] - |A| - [240640] - C:\Windows\system32\Drivers\ahcache.sys [MD5.654824DF0CE32C9D274C1943DEB19AEA] - [10/11/2018 22:32:38] - |A| - [180736] - C:\Windows\system32\Drivers\amdk8.sys [MD5.12C4246CE1B769B720BE0848F75AB4C1] - [10/11/2018 22:32:41] - |A| - [178688] - C:\Windows\system32\Drivers\amdppm.sys [MD5.B822E27AF26BD01DAE2043A03BB40504] - [10/11/2018 22:32:42] - |A| - [192416] - C:\Windows\system32\Drivers\appid.sys [MD5.84C4D8AE023CA9BB60694FA467141247] - [11/11/2018 06:11:06] - |A| - [201408] - C:\Windows\system32\Drivers\aswArPot.sys [MD5.049B6EFDDC6CDDF8BD63D636831FBC8B] - [11/11/2018 06:11:06] - |A| - [230512] - C:\Windows\system32\Drivers\aswbidsdrivera.sys [MD5.EF90A390599D9F9D1B90D5B825D46311] - [11/11/2018 06:11:06] - |A| - [201928] - C:\Windows\system32\Drivers\aswbidsha.sys [MD5.CA9EA76BD09459C95AA2F034A5D72B81] - [11/11/2018 06:11:06] - |A| - [346760] - C:\Windows\system32\Drivers\aswbloga.sys [MD5.E77D733E8DDB7B5ED8B0C02B1B2A0FE9] - [11/11/2018 06:11:06] - |A| - [59664] - C:\Windows\system32\Drivers\aswbuniva.sys [MD5.150708D6A0A29109DC16B3B2A38BC92E] - [11/11/2018 06:11:06] - |A| - [15360] - C:\Windows\system32\Drivers\aswElam.sys [MD5.6EEF83486C5F2219ABCE09EBBF6EE701] - [11/11/2018 06:11:06] - |A| - [185240] - C:\Windows\system32\Drivers\aswHdsKe.sys [MD5.2A692EE66D52EE66A2AAC989A555C22C] - [11/11/2018 06:11:06] - |A| - [47064] - C:\Windows\system32\Drivers\aswHwid.sys [MD5.B08E33A7709D7E9FAAC08A7BEFC008F9] - [11/11/2018 06:11:06] - |A| - [42456] - C:\Windows\system32\Drivers\aswKbd.sys [MD5.779F8900D4D44A64E3BC2EE2221CFE3A] - [11/11/2018 06:11:06] - |A| - [163376] - C:\Windows\system32\Drivers\aswMonFlt.sys [MD5.F9F3D0C8DC9CB368253FC0AECBFF0D41] - [11/11/2018 06:11:06] - |A| - [111968] - C:\Windows\system32\Drivers\aswRdr2.sys [MD5.3787CD4B671844C4D658B3FAAB50181B] - [11/11/2018 06:11:06] - |A| - [88112] - C:\Windows\system32\Drivers\aswRvrt.sys [MD5.7DCC7B90D68D5F63C6F007B0CFBD9415] - [11/11/2018 06:11:06] - |A| - [1028840] - C:\Windows\system32\Drivers\aswSnx.sys [MD5.328A8079F476E99C533452B1135A60EF] - [11/11/2018 06:11:06] - |A| - [467904] - C:\Windows\system32\Drivers\aswSP.sys [MD5.203572379396A1695C3AAF6616DAB4A0] - [11/11/2018 06:11:06] - |A| - [208640] - C:\Windows\system32\Drivers\aswStm.sys [MD5.7AAA1AB2D4D049CF58662CD7BB133B2E] - [11/11/2018 06:11:06] - |A| - [381144] - C:\Windows\system32\Drivers\aswVmm.sys [MD5.B173197D8F7801F2225A357B166F264D] - [10/11/2018 22:32:36] - |A| - [194456] - C:\Windows\system32\Drivers\ataport.sys [MD5.3CC12A09AE7293F4CD1688117B46B9BB] - [10/11/2018 22:32:38] - |A| - [59808] - C:\Windows\system32\Drivers\bam.sys [MD5.FAFAEDFC7CAFD8B8FADA6A81BAF92E3A] - [10/11/2018 22:33:57] - |A| - [34816] - C:\Windows\system32\Drivers\BasicRender.sys [MD5.355D162E52819C19396FB01A8E005A1F] - [10/11/2018 22:32:30] - |A| - [10240] - C:\Windows\system32\Drivers\beep.sys [MD5.CBD250252D5152064B3C0366BF42CF5E] - [10/11/2018 22:32:37] - |A| - [101888] - C:\Windows\system32\Drivers\bowser.sys [MD5.8E1D70E7778202D82A82E0E6710B827A] - [10/11/2018 22:32:40] - |A| - [129536] - C:\Windows\system32\Drivers\bthpan.sys [MD5.9FE6899D354BE916E1B37FA6121DDF7B] - [10/11/2018 22:33:52] - |A| - [1015296] - C:\Windows\system32\Drivers\bthport.sys [MD5.7DC141311B1DF9FA162711BBA8990ACC] - [10/11/2018 22:32:39] - |A| - [159744] - C:\Windows\system32\Drivers\cdrom.sys [MD5.CE46F05E36B2C0A667FEB7CC30022E99] - [10/11/2018 22:32:51] - |A| - [385536] - C:\Windows\system32\Drivers\cldflt.sys [MD5.F2B55209327431954BA0700B87148C86] - [10/11/2018 22:33:05] - |A| - [373656] - C:\Windows\system32\Drivers\clfs.sys [MD5.C26A48AD80D1C551B5F436A026A599B2] - [10/11/2018 22:33:09] - |A| - [677368] - C:\Windows\system32\Drivers\cng.sys [MD5.D7E6591F3D2B9FB5C4F0D05D5CF3A9F8] - [10/11/2018 22:32:42] - |A| - [150528] - C:\Windows\system32\Drivers\dfsc.sys [MD5.8C7FF86607E367E6319F7F637115D665] - [10/11/2018 22:32:36] - |A| - [94104] - C:\Windows\system32\Drivers\disk.sys [MD5.804480F177952A3B75B7AEDE79BDFF01] - [10/11/2018 22:32:35] - |A| - [38808] - C:\Windows\system32\Drivers\Diskdump.sys [MD5.64009621AAF4BC6626BC1A623A26FAD1] - [10/11/2018 22:32:31] - |A| - [46592] - C:\Windows\system32\Drivers\dmvsc.sys [MD5.47E729643369871A55E6FC88E1CBC49B] - [10/11/2018 22:32:38] - |A| - [91152] - C:\Windows\system32\Drivers\dumpfve.sys [MD5.895AE5D7784FA170505971B49D8C9158] - [10/11/2018 22:33:57] - |A| - [187296] - C:\Windows\system32\Drivers\dumpsd.sys [MD5.198277EABE39BF31B0E46108D62292FF] - [10/11/2018 22:32:32] - |A| - [25600] - C:\Windows\system32\Drivers\Dumpstorport.sys [MD5.DF6208EC938C4C511291EA163F4B1423] - [10/11/2018 22:33:52] - |A| - [2568232] - C:\Windows\system32\Drivers\dxgkrnl.sys [MD5.6FF5D05E27B800C6C79B2B7A2E6598ED] - [10/11/2018 22:32:40] - |A| - [409104] - C:\Windows\system32\Drivers\dxgmms1.sys [MD5.A42FE4A889FA6B8ECA8E74843D60EF0F] - [10/11/2018 22:32:43] - |A| - [749584] - C:\Windows\system32\Drivers\dxgmms2.sys [MD5.ECD2030E78AF8D696A2E59796CA0B798] - [10/11/2018 22:32:42] - |A| - [398744] - C:\Windows\system32\Drivers\fltMgr.sys [MD5.0425D9D2A679060CC9755449779FBA54] - [10/11/2018 22:32:39] - |A| - [62880] - C:\Windows\system32\Drivers\fsdepends.sys [MD5.B962036CAADC05E466FEB165E0974587] - [10/11/2018 22:32:35] - |A| - [34208] - C:\Windows\system32\Drivers\fs_rec.sys [MD5.2C8891C306C8F43A273BDB7C490E1C92] - [10/11/2018 22:32:57] - |A| - [727456] - C:\Windows\system32\Drivers\fvevol.sys [MD5.676DDED9855BDE7097CE58E7506B5CAE] - [10/11/2018 22:32:37] - |A| - [441248] - C:\Windows\system32\Drivers\FWPKCLNT.SYS [MD5.582578F031109BE65C15E1D8A45BA547] - [10/11/2018 22:32:30] - |A| - [8192] - C:\Windows\system32\Drivers\gpuenergydrv.sys [MD5.64C157C7AF5347706B449E7E3723B09A] - [10/11/2018 22:32:38] - |A| - [46080] - C:\Windows\system32\Drivers\hidparse.sys [MD5.540EEB77732BFC1BBB927B64FB734A11] - [10/11/2018 22:33:03] - |A| - [1102120] - C:\Windows\system32\Drivers\http.sys [MD5.885D143F8DD4E76D5F2D5AB1D13FE0B1] - [10/11/2018 22:32:39] - |A| - [77096] - C:\Windows\system32\Drivers\hvservice.sys [MD5.66710EB477D6FADE86B61C9BA9765DB9] - [10/11/2018 22:32:37] - |A| - [129432] - C:\Windows\system32\Drivers\hvsocket.sys [MD5.E3BDE6C567ED5CD7B15B2E522C120D02] - [10/11/2018 22:32:31] - |A| - [16896] - C:\Windows\system32\Drivers\hyperkbd.sys [MD5.1D7BBC4C6F33A4A6189AEA1509615DF9] - [10/11/2018 22:32:31] - |A| - [28160] - C:\Windows\system32\Drivers\HyperVideo.sys [MD5.E05247CDC6F9E6C5C1F92CA4BF59D649] - [10/11/2018 22:32:38] - |A| - [130600] - C:\Windows\system32\Drivers\intelpep.sys [MD5.7344528DFD4484CF86F36E24E7CB59B1] - [10/11/2018 22:32:41] - |A| - [199168] - C:\Windows\system32\Drivers\intelppm.sys [MD5.BF933330256DEDAFA939BEBC46D060C7] - [10/11/2018 22:32:31] - |A| - [119808] - C:\Windows\system32\Drivers\irda.sys [MD5.A3B7A93F32E110949CA01DDE7C6B991B] - [10/11/2018 22:32:35] - |A| - [22936] - C:\Windows\system32\Drivers\isapnp.sys [MD5.5CEC554765156FC7E534D8D640D98AE0] - [10/11/2018 22:32:42] - |A| - [394752] - C:\Windows\system32\Drivers\ks.sys [MD5.30C8696F5D4A97A32DD080F5D277B180] - [10/11/2018 22:33:57] - |A| - [138656] - C:\Windows\system32\Drivers\ksecdd.sys [MD5.04FBCB584136B985CEF63885AC0D1A14] - [10/11/2018 22:32:41] - |A| - [172328] - C:\Windows\system32\Drivers\ksecpkg.sys [MD5.56B6326B15A14043C82ED9EA3B817E2C] - [10/11/2018 22:32:32] - |A| - [65024] - C:\Windows\system32\Drivers\lltdio.sys [MD5.8209AC7D3F8AF41E3A14D022CD1F2040] - [10/11/2018 22:32:36] - |A| - [103320] - C:\Windows\system32\Drivers\mountmgr.sys [MD5.919839EEEFE4DA2BFF8D236A17306F00] - [10/11/2018 22:32:37] - |A| - [75776] - C:\Windows\system32\Drivers\mpsdrv.sys [MD5.DAFBC585B0EE92CE047219778C033A17] - [10/11/2018 22:32:39] - |A| - [143872] - C:\Windows\system32\Drivers\mrxdav.sys [MD5.E1A004C870BFE8021AE0174F0FD4B259] - [10/11/2018 22:32:45] - |A| - [494592] - C:\Windows\system32\Drivers\mrxsmb.sys [MD5.EC70CED325D4DF908F265A9526016254] - [10/11/2018 22:33:01] - |A| - [230304] - C:\Windows\system32\Drivers\mrxsmb20.sys [MD5.DC23D3D24C64BF3A314E34887AD86732] - [10/11/2018 22:32:32] - |A| - [31232] - C:\Windows\system32\Drivers\msfs.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/11/2018 07:37:52] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.13BAA9B1970343AE7B7028B611E52133] - [10/11/2018 22:32:43] - |A| - [279968] - C:\Windows\system32\Drivers\msiscsi.sys [MD5.804A1E2A1ADCB6ED07E2FF63F18D54A8] - [10/11/2018 22:32:36] - |A| - [33280] - C:\Windows\system32\Drivers\mskssrv.sys [MD5.1A749D2727A63191F850E37385B182B6] - [10/11/2018 22:32:41] - |A| - [377760] - C:\Windows\system32\Drivers\msrpc.sys [MD5.DD673D9422457EFCCDEE45C73C0DF241] - [10/11/2018 22:32:36] - |A| - [123800] - C:\Windows\system32\Drivers\mup.sys [MD5.90E48A2892A009DB79BA30089534C84A] - [10/11/2018 22:32:59] - |A| - [1279272] - C:\Windows\system32\Drivers\ndis.sys [MD5.E9676E94DEA144259344A15D68785B17] - [10/11/2018 22:32:31] - |A| - [65024] - C:\Windows\system32\Drivers\ndisuio.sys [MD5.8ABF5B8D5839F8DAE2E0D3165AE732F6] - [10/11/2018 22:32:36] - |A| - [62976] - C:\Windows\system32\Drivers\ndproxy.sys [MD5.80475A12D4AA90937CE69265BAFA993F] - [10/11/2018 22:32:36] - |A| - [57760] - C:\Windows\system32\Drivers\netbios.sys [MD5.E258CE8B8053518AF47610BC0486E915] - [10/11/2018 22:32:39] - |A| - [316928] - C:\Windows\system32\Drivers\netbt.sys [MD5.A09F5FB49F4A6B230B66CDB6993B5E4A] - [10/11/2018 22:32:48] - |A| - [535968] - C:\Windows\system32\Drivers\netio.sys [MD5.8AED8AF4CBF661E82CF74CBF198B0C56] - [10/11/2018 22:32:40] - |A| - [192512] - C:\Windows\system32\Drivers\netvsc.sys [MD5.EFF488F6DA45224965B30CE1AB464C08] - [10/11/2018 22:32:34] - |A| - [73216] - C:\Windows\system32\Drivers\npfs.sys [MD5.201F3764A379001168DFB2B90F7C1E57] - [10/11/2018 22:32:31] - |A| - [44544] - C:\Windows\system32\Drivers\nsiproxy.sys [MD5.83FBE04BB6C7DF4BA9D019D3CFA4F97B] - [10/11/2018 22:33:51] - |A| - [2395664] - C:\Windows\system32\Drivers\ntfs.sys [MD5.6D8A287B88F76EB47ACC6BF8E318E1FD] - [10/11/2018 22:32:30] - |A| - [7168] - C:\Windows\system32\Drivers\null.sys [MD5.7749DB5B09F93BF4F2F7AE79EF5F9F30] - [10/11/2018 22:33:51] - |A| - [529408] - C:\Windows\system32\Drivers\nwifi.sys [MD5.681E8A68C13253D23B93953FDE569120] - [10/11/2018 22:32:43] - |A| - [166304] - C:\Windows\system32\Drivers\partmgr.sys [MD5.E1A0D1714CBB5DE49B84DA769304EF2B] - [10/11/2018 22:32:54] - |A| - [362936] - C:\Windows\system32\Drivers\pci.sys [MD5.6F55F5AD830F8EA1D37ED23A0CBD7112] - [10/11/2018 22:32:36] - |A| - [53152] - C:\Windows\system32\Drivers\pcw.sys [MD5.7D9F4EB1450CFB32D708BF943C170475] - [10/11/2018 22:32:32] - |A| - [723968] - C:\Windows\system32\Drivers\PEAuth.sys [MD5.C009BE61D95CAD5F999D0F4785AEFB7B] - [10/11/2018 22:32:41] - |A| - [177664] - C:\Windows\system32\Drivers\processr.sys [MD5.BD6EF1748DC3DBACEC97B87B6252AAC7] - [10/11/2018 22:32:31] - |A| - [17920] - C:\Windows\system32\Drivers\rasacd.sys [MD5.AACA74DEF7BE3DED322411787494878B] - [10/11/2018 22:32:40] - |A| - [97280] - C:\Windows\system32\Drivers\raspptp.sys [MD5.5A47F01746FDFD2F6F547A0E4301BE71] - [10/11/2018 22:33:56] - |A| - [428448] - C:\Windows\system32\Drivers\rdbss.sys [MD5.9D7E65A15478944836C353B556F9CB87] - [10/11/2018 22:32:31] - |A| - [27136] - C:\Windows\system32\Drivers\rdpbus.sys [MD5.3F091F69F7D595C04229DDA0C55D59A6] - [10/11/2018 22:32:39] - |A| - [182784] - C:\Windows\system32\Drivers\rdpdr.sys [MD5.A4C3DC6530752AF3C78DAAC8B2B23EA7] - [10/11/2018 22:32:36] - |A| - [282528] - C:\Windows\system32\Drivers\rdyboost.sys [MD5.AF985CD2E8B9612186EF8C334AC0AA6E] - [10/11/2018 22:33:01] - |A| - [1849760] - C:\Windows\system32\Drivers\refs.sys [MD5.CE838ED8BCD553A35543B3488ADB8C47] - [10/11/2018 22:32:50] - |A| - [939304] - C:\Windows\system32\Drivers\refsv1.sys [MD5.70EFFC47D86C7A3084247614C7E68999] - [10/11/2018 22:32:32] - |A| - [43008] - C:\Windows\system32\Drivers\RfxVmt.sys [MD5.42FE8F090C876F8013CBDA4413F6E1B1] - [10/11/2018 22:32:32] - |A| - [149504] - C:\Windows\system32\Drivers\rmcast.sys [MD5.88A88DFB87FFAF1728F010D78D97EC5F] - [10/11/2018 22:32:40] - |A| - [118688] - C:\Windows\system32\Drivers\scmbus.sys [MD5.1F58E6D5C1F211DE8BF5131BF12077D1] - [10/11/2018 22:33:57] - |A| - [285080] - C:\Windows\system32\Drivers\sdbus.sys [MD5.80E9563F0B75E98482ECB7D5CBA56BBA] - [10/11/2018 22:32:40] - |A| - [97176] - C:\Windows\system32\Drivers\sdstor.sys [MD5.DA0AECA8222682F90C325E483E8115D4] - [10/11/2018 22:32:51] - |A| - [571288] - C:\Windows\system32\Drivers\spaceport.sys [MD5.FAC1DC33EF55E6F61E61DEA026BB9847] - [10/11/2018 22:33:08] - |A| - [725504] - C:\Windows\system32\Drivers\srv2.sys [MD5.60F00EE06436FC3556D7205341E1E8B6] - [10/11/2018 22:32:40] - |A| - [259072] - C:\Windows\system32\Drivers\srvnet.sys [MD5.7D975D562E5F8A9CBDBC55328F3D1200] - [10/11/2018 22:32:41] - |A| - [149400] - C:\Windows\system32\Drivers\storahci.sys [MD5.B5C44E8262AA6D3B20E45F8D2FAE54A3] - [10/11/2018 22:32:40] - |A| - [103320] - C:\Windows\system32\Drivers\stornvme.sys [MD5.7030B8CD2760FA3163D8D6C9EFA8940B] - [10/11/2018 22:33:52] - |A| - [559512] - C:\Windows\system32\Drivers\storport.sys [MD5.15599E47C28DC511F0CA3B664A257728] - [10/11/2018 22:32:32] - |A| - [79872] - C:\Windows\system32\Drivers\storqosflt.sys [MD5.4D6FF8DDBF9CC61EC95A4BF4096D52FF] - [10/11/2018 22:32:48] - |A| - [45472] - C:\Windows\system32\Drivers\storufs.sys [MD5.6FD2D01E4AD9494874A3A8BA74A8FA64] - [10/11/2018 22:32:36] - |A| - [39328] - C:\Windows\system32\Drivers\storvsc.sys [MD5.3D63A58A9DD3F984A7E3C2F2CB357E06] - [10/11/2018 22:32:31] - |A| - [64512] - C:\Windows\system32\Drivers\Synth3dVsc.sys [MD5.9DFE746EDA19E0D040B3820F381140AB] - [10/11/2018 22:32:47] - |A| - [2774528] - C:\Windows\system32\Drivers\tcpip.sys [MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - [10/11/2018 22:32:36] - |A| - [121248] - C:\Windows\system32\Drivers\tdx.sys [MD5.5FF15B7E8B11D874ECD0A2D7C4665852] - [10/11/2018 22:32:36] - |A| - [128408] - C:\Windows\system32\Drivers\tm.sys [MD5.F54728E32D67537C5A13454E23449C7A] - [10/11/2018 22:32:37] - |A| - [229272] - C:\Windows\system32\Drivers\tpm.sys [MD5.248DEE24AB2EC426ACB12425AD222262] - [10/11/2018 22:33:55] - |A| - [57344] - C:\Windows\system32\Drivers\UcmUcsi.sys [MD5.1A0D1F1FFDBFFECE8DA47DC0096A7C2A] - [10/11/2018 22:32:40] - |A| - [225696] - C:\Windows\system32\Drivers\Ucx01000.sys [MD5.A97114134A672616A807F2EC1439F566] - [10/11/2018 22:32:37] - |A| - [28576] - C:\Windows\system32\Drivers\uefi.sys [MD5.FD96B5C2479728B1ECB395440CE562A5] - [10/11/2018 22:33:06] - |A| - [555928] - C:\Windows\system32\Drivers\USBHUB3.SYS [MD5.3259EFED98AC5120CEEB5F63837D6A77] - [10/11/2018 22:32:48] - |A| - [453024] - C:\Windows\system32\Drivers\usbport.sys [MD5.446F2908C891A583BEA930226E37036E] - [10/11/2018 22:32:31] - |A| - [71680] - C:\Windows\system32\Drivers\usbser.sys [MD5.343FAE2654C428DD977BDC064FA852AA] - [10/11/2018 22:32:53] - |A| - [437664] - C:\Windows\system32\Drivers\USBXHCI.SYS [MD5.BF13071600C1A0B090BEEC159A75B133] - [10/11/2018 22:32:36] - |A| - [54688] - C:\Windows\system32\Drivers\vdrvroot.sys [MD5.274D49BBF0F3C7F193BFC13434F2F08C] - [10/11/2018 22:32:57] - |A| - [712600] - C:\Windows\system32\Drivers\vhdmp.sys [MD5.E6D8C5353865C21F48C8217456526B38] - [10/11/2018 22:32:36] - |A| - [81304] - C:\Windows\system32\Drivers\vmbkmcl.sys [MD5.F0E8663CCA6F4573CF6011DEFD0F4633] - [10/11/2018 22:32:32] - |A| - [80384] - C:\Windows\system32\Drivers\vmbkmclr.sys [MD5.8A5A3B9927832D514D3DAE87D7D692B1] - [10/11/2018 22:32:37] - |A| - [110008] - C:\Windows\system32\Drivers\vmbus.sys [MD5.12723C0F54432B4A98702110B344B030] - [10/11/2018 22:32:30] - |A| - [25088] - C:\Windows\system32\Drivers\VMBusHID.sys [MD5.DFAB4D8FE39C64EAD3A4DCBA25AAFEE0] - [10/11/2018 22:32:30] - |A| - [13312] - C:\Windows\system32\Drivers\vmgencounter.sys [MD5.3269D9C7600317EEAA6AAF3AD1A31D34] - [10/11/2018 22:32:30] - |A| - [10240] - C:\Windows\system32\Drivers\vmgid.sys [MD5.96C14A080CE15E4D8A9C7AE526F7B804] - [10/11/2018 22:32:30] - |A| - [9216] - C:\Windows\system32\Drivers\vms3cap.sys [MD5.03B1F66AB47618A6123EB0631B57A31B] - [10/11/2018 22:32:36] - |A| - [47512] - C:\Windows\system32\Drivers\vmstorfl.sys [MD5.E4FF0D44DE5AA492DEA3902D0349024E] - [10/11/2018 22:32:41] - |A| - [82840] - C:\Windows\system32\Drivers\volmgr.sys [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - [10/11/2018 22:32:41] - |A| - [401304] - C:\Windows\system32\Drivers\volsnap.sys [MD5.91A151ECECE676EA7D7C30FF440D5324] - [10/11/2018 22:32:38] - |A| - [76584] - C:\Windows\system32\Drivers\vpci.sys [MD5.0D34F98DBDF09D239533AC345C360F03] - [10/11/2018 22:32:38] - |A| - [41472] - C:\Windows\system32\Drivers\vwifimp.sys [MD5.E77B19FF6C2FFA5B19CDF62DA4953BC9] - [10/11/2018 22:32:35] - |A| - [80896] - C:\Windows\system32\Drivers\wanarp.sys [MD5.0610F02EC87DBF6BA319CB1D6B8771AE] - [10/11/2018 22:33:01] - |A| - [147872] - C:\Windows\system32\Drivers\wcifs.sys [MD5.87F462C7D37F380187BE12F079F73216] - [10/11/2018 22:32:39] - |A| - [75264] - C:\Windows\system32\Drivers\wcnfs.sys [MD5.00000000000000000000000000000000] - [10/11/2018 23:58:00] - |D| - [435288] - C:\Windows\system32\Drivers\wd [MD5.8025F81D07711A2461FEAF8FD94048AE] - [10/11/2018 22:32:47] - |A| - [770048] - C:\Windows\system32\Drivers\WdiWiFi.sys [MD5.C82198D3B33854D9578F9B09025E4293] - [10/11/2018 22:32:41] - |A| - [163744] - C:\Windows\system32\Drivers\wfplwfs.sys [MD5.4499AB24236526E5CFCE817CD02EC034] - [10/11/2018 22:32:36] - |A| - [71208] - C:\Windows\system32\Drivers\WindowsTrustedRT.sys [MD5.D1730E3D3D231BAFB4A39757FBEC4719] - [10/11/2018 22:32:36] - |A| - [31672] - C:\Windows\system32\Drivers\winhv.sys [MD5.52608B1E0541C4BBEC904F4A1F4A6C86] - [10/11/2018 22:32:35] - |A| - [62464] - C:\Windows\system32\Drivers\winhvr.sys [MD5.90DBE4DB3A8266C6E078EF6682E26B91] - [10/11/2018 22:32:40] - |A| - [225792] - C:\Windows\system32\Drivers\winnat.sys [MD5.15CB59B1D2E97169E74CF3CDABF4A6B2] - [10/11/2018 22:32:50] - |A| - [339968] - C:\Windows\system32\Drivers\wmbclass.sys [MD5.3F37CEDA8AB58CAFC44F2346D9051FB0] - [10/11/2018 22:32:44] - |A| - [155136] - C:\Windows\syswow64\aadauthhelper.dll [MD5.0DC7EF7717D2901FF42E9E4D167C58DA] - [10/11/2018 22:32:59] - |A| - [955392] - C:\Windows\syswow64\aadtb.dll [MD5.A64158A18C23A80BCF2E064B8009F9F0] - [10/11/2018 22:32:31] - |A| - [252928] - C:\Windows\syswow64\AboveLockAppHost.dll [MD5.1DD200B33764104EA2CB063ABADF0F53] - [10/11/2018 22:33:47] - |A| - [2398208] - C:\Windows\syswow64\AcGenral.dll [MD5.E76559F87F7F0A1EBE091D56E8F129BB] - [10/11/2018 22:33:47] - |A| - [372736] - C:\Windows\syswow64\AcLayers.dll [MD5.CA0518ED04AC054E5F3687F5DD8A558B] - [10/11/2018 22:32:39] - |A| - [5388800] - C:\Windows\syswow64\aclui.dll [MD5.04182E0E5ACC0E8D6990AECC508B7F0D] - [10/11/2018 22:32:38] - |A| - [68096] - C:\Windows\syswow64\acppage.dll [MD5.94CA9C635FCDF0007D9B152E51D46694] - [10/11/2018 22:33:47] - |A| - [473088] - C:\Windows\syswow64\AcSpecfc.dll [MD5.52C8C83DAC71B215D459277608A7C07B] - [10/11/2018 22:32:56] - |A| - [444928] - C:\Windows\syswow64\ActivationManager.dll [MD5.0B92E22CA7615C63D1FE8962AD40E34B] - [10/11/2018 22:33:04] - |A| - [1546752] - C:\Windows\syswow64\ActiveSyncProvider.dll [MD5.D6140C97A2803B4151A83732A9710038] - [10/11/2018 22:32:36] - |A| - [261632] - C:\Windows\syswow64\actxprxy.dll [MD5.3A718179031B96707D9202FFB06E64E3] - [10/11/2018 22:32:41] - |A| - [481552] - C:\Windows\syswow64\advapi32.dll [MD5.3822D390CD49A4DA8A38072EAB557ABD] - [10/11/2018 22:33:03] - |A| - [380936] - C:\Windows\syswow64\aepic.dll [MD5.341ACF608312D294B0DFBC35C6D0D2BC] - [10/11/2018 22:32:31] - |A| - [84480] - C:\Windows\syswow64\AppCapture.dll [MD5.27392A93FA251F6A90DF876F99CD648C] - [10/11/2018 22:32:50] - |A| - [614912] - C:\Windows\syswow64\apphelp.dll [MD5.9855E3C9AEA3DAF68A5E816A3979EAB8] - [10/11/2018 22:32:38] - |A| - [52248] - C:\Windows\syswow64\appidapi.dll [MD5.E8E8FEA931FDBF1E6D7F0B50F2945FD6] - [10/11/2018 22:32:44] - |A| - [233984] - C:\Windows\syswow64\AppLockerCSP.dll [MD5.0EE67B90C76900529828368E8D314885] - [10/11/2018 22:32:41] - |A| - [444280] - C:\Windows\syswow64\AppResolver.dll [MD5.78A588C3E0250B96FD8321AC314E2767] - [10/11/2018 22:32:45] - |A| - [755712] - C:\Windows\syswow64\appwiz.cpl [MD5.C98F1C7A9A6B6F6C61F5712A5E5245BB] - [10/11/2018 22:32:47] - |A| - [201728] - C:\Windows\syswow64\AppxAllUserStore.dll [MD5.DFC94C9A901BE42134073B9FCDB14F38] - [10/11/2018 22:32:57] - |A| - [544432] - C:\Windows\syswow64\AppXDeploymentClient.dll [MD5.7E04D46B430873BA2DB5DBE92B567CCB] - [11/11/2018 06:16:28] - |A| - [86016] - C:\Windows\syswow64\atl70.dll [MD5.3AA83651D14BED011EE9A3460F336CB1] - [11/11/2018 06:16:28] - |A| - [90112] - C:\Windows\syswow64\atl71.dll [MD5.624903DABA9471BCC6DB9A239C9D5C9C] - [10/11/2018 22:32:49] - |A| - [312616] - C:\Windows\syswow64\atmfd.dll [MD5.647C1592A54A228EED5996A813DF8F8A] - [10/11/2018 22:32:30] - |A| - [38912] - C:\Windows\syswow64\atmlib.dll [MD5.0E225DB376A5C6C6B905FA2E425FC21C] - [10/11/2018 22:33:57] - |A| - [1246432] - C:\Windows\syswow64\AudioEng.dll [MD5.AFF93F5476D7D879EA17BC5A3EC4A778] - [10/11/2018 22:32:36] - |A| - [386424] - C:\Windows\syswow64\AUDIOKSE.dll [MD5.AD5086ECDF48871999691F53A7666821] - [10/11/2018 22:33:55] - |A| - [982528] - C:\Windows\syswow64\AudioSes.dll [MD5.EA985A6D511726B5D219A4D4A2E79543] - [10/11/2018 22:32:41] - |A| - [5105664] - C:\Windows\syswow64\AuthFWSnapin.dll [MD5.FE32916A1D8EB46E7502D93E14C27A92] - [10/11/2018 22:32:48] - |A| - [455680] - C:\Windows\syswow64\authui.dll [MD5.9D97FFD3CF17D1CF5C2B7169E28AE585] - [10/11/2018 22:32:30] - |A| - [184832] - C:\Windows\syswow64\authz.dll [MD5.A58975772AE299683DE0C435BE6DC49E] - [10/11/2018 22:33:02] - |A| - [1277440] - C:\Windows\syswow64\AzureSettingSyncProvider.dll [MD5.53A654A1EC589A0E2DC587D611FE18FF] - [10/11/2018 22:32:40] - |A| - [180720] - C:\Windows\syswow64\basecsp.dll [MD5.7B9AF7AB0A6B394C4C7B76C98F24CE2F] - [10/11/2018 22:32:30] - |A| - [1663488] - C:\Windows\syswow64\batmeter.dll [MD5.19D22B6EC30077E94D50BE0EC4BEE262] - [10/11/2018 22:32:35] - |A| - [886784] - C:\Windows\syswow64\bcastdvr.exe [MD5.69FE669280B3571DF31FC1B83E2ACBAB] - [10/11/2018 22:32:37] - |A| - [97160] - C:\Windows\syswow64\bcrypt.dll [MD5.7489C5C83EA0B4618797292C058ED708] - [10/11/2018 22:32:45] - |A| - [353936] - C:\Windows\syswow64\bcryptprimitives.dll [MD5.25A1A45F85E07DA1CD8CDE4314E9FF95] - [10/11/2018 22:33:18] - |A| - [6204416] - C:\Windows\syswow64\BingMaps.dll [MD5.D9AAD89CD5D2ACB0CEAA183C594545E9] - [10/11/2018 22:32:40] - |A| - [113664] - C:\Windows\syswow64\BitLockerCsp.dll [MD5.556F2B248BE79615271876189FEB6F2A] - [10/11/2018 22:32:30] - |A| - [124928] - C:\Windows\syswow64\BrowserSettingSync.dll [MD5.55A5C226494526C328A165E56C0425CC] - [10/11/2018 22:32:31] - |A| - [48128] - C:\Windows\syswow64\ByteCodeGenerator.exe [MD5.00EF9C60666CD4AA5C834F87A0AD1236] - [10/11/2018 22:32:43] - |A| - [408576] - C:\Windows\syswow64\catsrvut.dll [MD5.1DFEEB2B59D7AE7F514CE22D36A896C4] - [10/11/2018 22:33:10] - |A| - [3181568] - C:\Windows\syswow64\cdp.dll [MD5.38DC6EBC67962A2596427AEAFCCFD880] - [10/11/2018 22:33:56] - |A| - [6015488] - C:\Windows\syswow64\Chakra.dll [MD5.3B97FFE0D135F8A37635BDE8659AC7C7] - [10/11/2018 22:32:57] - |A| - [79360] - C:\Windows\syswow64\Chakradiag.dll [MD5.2559A609DBC6CAFD2AFE03D1F4865265] - [10/11/2018 22:32:37] - |A| - [76288] - C:\Windows\syswow64\cldapi.dll [MD5.FF27694FCFBEFA89CD9DA36A65316974] - [10/11/2018 22:32:35] - |A| - [236544] - C:\Windows\syswow64\CloudBackupSettings.dll [MD5.25145A131EA1589BA23848778D784E21] - [10/11/2018 22:33:05] - |A| - [354200] - C:\Windows\syswow64\CloudExperienceHostCommon.dll [MD5.F2C0A4009D5B447345E5F1F9AB673376] - [10/11/2018 22:32:36] - |A| - [77552] - C:\Windows\syswow64\CloudNotifications.exe [MD5.483DF47D6383D7E545180F767406E455] - [10/11/2018 22:32:37] - |A| - [166408] - C:\Windows\syswow64\CloudStorageWizard.exe [MD5.74CF7757A41B0416FB45AEAC52BD5952] - [10/11/2018 22:33:10] - |A| - [2386320] - C:\Windows\syswow64\combase.dll [MD5.814CFB7B6D61211C02A15BF1D3A192BE] - [11/11/2018 06:16:28] - |A| - [170920] - C:\Windows\syswow64\comct232.ocx [MD5.50F9E631CA79D0CE9C2F4143ED90C455] - [11/11/2018 06:16:28] - |A| - [416408] - C:\Windows\syswow64\comct332.ocx [MD5.307E2A8D261CDC3512D92AD064F5D3E7] - [10/11/2018 22:32:37] - |A| - [572312] - C:\Windows\syswow64\comctl32.dll [MD5.F5564D7F69C7BDEF4E078F610431D426] - [11/11/2018 06:16:28] - |A| - [617896] - C:\Windows\syswow64\comctl32.ocx [MD5.0A215C24A2EC8CCEC65F4192E5C57A83] - [10/11/2018 22:32:54] - |A| - [842240] - C:\Windows\syswow64\comdlg32.dll [MD5.9A4D0F97F0D84F877B388D4A12D90B6B] - [11/11/2018 06:16:28] - |A| - [163480] - C:\Windows\syswow64\comdlg32.ocx [MD5.E960B5AF45C9A4080BF84BD337A5458C] - [10/11/2018 22:32:36] - |A| - [73424] - C:\Windows\syswow64\CompPkgSup.dll [MD5.F524BE75046D4CB3323AFFA297BA87B7] - [10/11/2018 22:32:33] - |A| - [288768] - C:\Windows\syswow64\compstui.dll [MD5.EB82B1C31B92F4F674C124C5ADB2AEAF] - [10/11/2018 22:33:03] - |A| - [1353216] - C:\Windows\syswow64\comsvcs.dll [MD5.4C24C90FE03AAB4B95E0CED1A6BB7560] - [10/11/2018 22:32:39] - |A| - [149504] - C:\Windows\syswow64\container.dll [MD5.BE5F30C12439CDA8EFC46E7B8E817222] - [10/11/2018 22:33:00] - |A| - [1124768] - C:\Windows\syswow64\ContentDeliveryManager.Utilities.dll [MD5.B56B2B7F8E7767DD1863D11252F3E209] - [10/11/2018 22:32:40] - |A| - [566736] - C:\Windows\syswow64\CoreMessaging.dll [MD5.1DF1EBF1F649EDA4D07C5BAFB42A453B] - [10/11/2018 22:33:09] - |A| - [2316440] - C:\Windows\syswow64\CoreUIComponents.dll [MD5.070FCDA14266FFB5193E7FED1A0EE13A] - [10/11/2018 22:32:48] - |A| - [699904] - C:\Windows\syswow64\CPFilters.dll [MD5.04BB4B99A09E5F2F731FBD3DE7843FA4] - [10/11/2018 22:32:41] - |A| - [78336] - C:\Windows\syswow64\CredProv2faHelper.dll [MD5.BF0DD9BE96CCA1217B612E8395F35C3D] - [10/11/2018 22:32:56] - |A| - [381440] - C:\Windows\syswow64\CredProvDataModel.dll [MD5.BEC7C17D84AE27F739DBD7D3AA02DFFE] - [10/11/2018 22:32:44] - |A| - [218112] - C:\Windows\syswow64\credprovhost.dll [MD5.6087E891E4CE0A633C41A935914EDCCB] - [10/11/2018 22:32:43] - |A| - [192512] - C:\Windows\syswow64\credprovs.dll [MD5.56B10788B1272945A4612801736545EC] - [10/11/2018 22:32:29] - |A| - [19456] - C:\Windows\syswow64\credssp.dll [MD5.BD104AE1416B5B146071D2A06DBB1C86] - [10/11/2018 22:32:51] - |A| - [1575896] - C:\Windows\syswow64\crypt32.dll [MD5.BECA45641D7C13280B4CFD8048332E18] - [10/11/2018 22:32:43] - |A| - [547840] - C:\Windows\syswow64\cryptui.dll [MD5.B72160D3B4550F16B015B6847B1E561D] - [10/11/2018 22:32:40] - |A| - [143360] - C:\Windows\syswow64\cscript.exe [MD5.204EAF5B1792A2E7C6DD4FC6A7FF44E2] - [10/11/2018 22:33:46] - |A| - [5615968] - C:\Windows\syswow64\d3d10warp.dll [MD5.22DC4F2C169CF7D9D320FBA7ED5A6741] - [10/11/2018 22:33:09] - |A| - [2338272] - C:\Windows\syswow64\d3d11.dll [MD5.BEBBADCE3A72432C3DC0480303F739BA] - [10/11/2018 22:33:02] - |A| - [1123464] - C:\Windows\syswow64\D3D12.dll [MD5.DA426B074E12B3A47B848D2A31E66E1C] - [10/11/2018 22:33:01] - |A| - [1474680] - C:\Windows\syswow64\d3d9.dll [MD5.32BEFC02B90C23EF2D04E945790AFA85] - [10/11/2018 22:32:54] - |A| - [557056] - C:\Windows\syswow64\d3d9on12.dll [MD5.726D67D732E805B677E4341FCAAE1FCF] - [10/11/2018 22:32:31] - |A| - [91648] - C:\Windows\syswow64\DafPrintProvider.dll [MD5.7654386CAEA3D5F306DFCB4BA852423D] - [10/11/2018 22:32:37] - |A| - [78848] - C:\Windows\syswow64\davclnt.dll [MD5.76C7CD1CA24248F588C6187278612FD0] - [10/11/2018 22:32:54] - |A| - [374272] - C:\Windows\syswow64\daxexec.dll [MD5.36D13A1DFAA81166AB9C87B9BA232D48] - [10/11/2018 22:33:13] - |A| - [4839424] - C:\Windows\syswow64\dbgeng.dll [MD5.B4BC9143CC3E79BF54D56FAAEDD869CC] - [10/11/2018 22:32:34] - |A| - [471040] - C:\Windows\syswow64\DbgModel.dll [MD5.9981490539D5BBBC72FFBE3AB35BFCE7] - [11/11/2018 06:16:28] - |A| - [218776] - C:\Windows\syswow64\dblist32.ocx [MD5.C8A81273DA2C3920E7033F0FF08DBFC2] - [10/11/2018 22:32:37] - |A| - [504832] - C:\Windows\syswow64\DevicePairing.dll [MD5.441987412F61E1DE5FF84F53886D79E4] - [10/11/2018 22:32:36] - |A| - [79256] - C:\Windows\syswow64\DeviceReactivation.dll [MD5.66EEE5CB93EB985144E37668D7102D72] - [10/11/2018 22:32:29] - |A| - [314880] - C:\Windows\syswow64\dhcpcore.dll [MD5.0D7BFC2A08BC5B523BF397B631DE9E3F] - [10/11/2018 22:32:29] - |A| - [257536] - C:\Windows\syswow64\dhcpcore6.dll [MD5.46FEF9525AD7BB9CC6E56774082640BA] - [10/11/2018 22:32:42] - |A| - [351232] - C:\Windows\syswow64\DictationManager.dll [MD5.FE5D6DB1A5FD75A8B2C628E6B2437BFF] - [10/11/2018 22:32:34] - |A| - [138752] - C:\Windows\syswow64\dinput.dll [MD5.40C907501CAFB63C0C5F8F430B61886F] - [10/11/2018 22:32:40] - |A| - [178176] - C:\Windows\syswow64\dinput8.dll [MD5.48FD4B9B94D69CD741380F7CD11CAFEE] - [10/11/2018 22:32:51] - |A| - [440832] - C:\Windows\syswow64\dmenrollengine.dll [MD5.677721DE2125B0B65EB52754591A8D56] - [10/11/2018 22:33:55] - |A| - [596648] - C:\Windows\syswow64\dnsapi.dll [MD5.082659C01AC2985A1D3A084F88CC8C94] - [10/11/2018 22:33:55] - |A| - [2465792] - C:\Windows\syswow64\dwmcore.dll [MD5.6D28491FA35533FF842AA0E857373926] - [10/11/2018 22:33:08] - |A| - [2577920] - C:\Windows\syswow64\DWrite.dll [MD5.066CB398DDE5E6A30DBAE15A1FC881C4] - [10/11/2018 22:32:56] - |A| - [590944] - C:\Windows\syswow64\dxgi.dll [MD5.C2E45A1B7A9E64E556FB133972522297] - [10/11/2018 22:32:36] - |A| - [397824] - C:\Windows\syswow64\dxtmsft.dll [MD5.29B0F87E9719F060215565427D7C0054] - [10/11/2018 22:32:35] - |A| - [268288] - C:\Windows\syswow64\dxtrans.dll [MD5.89935425309CE508E3A73D6FE35F682C] - [10/11/2018 22:33:47] - |A| - [18946048] - C:\Windows\syswow64\edgehtml.dll [MD5.376D92507893F32FE858896A2528FDE7] - [10/11/2018 22:32:42] - |A| - [344576] - C:\Windows\syswow64\edgeIso.dll [MD5.A1CCD41A35E9A36885C11BDD0E65B60E] - [10/11/2018 22:32:37] - |A| - [155136] - C:\Windows\syswow64\EdgeManager.dll [MD5.20B198BCE18175872A30739A03C4AD3F] - [10/11/2018 22:32:30] - |A| - [174592] - C:\Windows\syswow64\EditionUpgradeHelper.dll [MD5.83FDC0F1671944CE208AF63A4950EF60] - [10/11/2018 22:32:47] - |A| - [662216] - C:\Windows\syswow64\EditionUpgradeManagerObj.dll [MD5.988381570DA910D027CE366374314E9D] - [10/11/2018 22:32:40] - |A| - [232960] - C:\Windows\syswow64\edputil.dll [MD5.C9764599F10D42020862F313DB492DD1] - [10/11/2018 22:32:52] - |A| - [466432] - C:\Windows\syswow64\efswrt.dll [MD5.CDE43F9933B41D6A209325929E55084F] - [10/11/2018 22:32:41] - |A| - [380928] - C:\Windows\syswow64\EncDec.dll [MD5.B1AB0C8429D62396A2E7F21C7171E35D] - [10/11/2018 22:32:31] - |A| - [181760] - C:\Windows\syswow64\enrollmentapi.dll [MD5.BEC53D453B0CA811A93207D469D75998] - [10/11/2018 22:32:31] - |A| - [16384] - C:\Windows\syswow64\EnterpriseAppMgmtClient.dll [MD5.8B61739D53D930459AEF0A45ACCBB50E] - [10/11/2018 22:32:58] - |A| - [662208] - C:\Windows\syswow64\evr.dll [MD5.D0DA38CCFF3CD23F74842E9350F4CC0A] - [10/11/2018 22:32:45] - |A| - [242176] - C:\Windows\syswow64\ExecModelClient.dll [MD5.78ECF80299B700E66486A2D58144A3B3] - [10/11/2018 22:33:12] - |A| - [3484848] - C:\Windows\syswow64\explorer.exe [MD5.051E1C425AFCCCA7774485EB2E016D94] - [10/11/2018 22:33:04] - |A| - [4384768] - C:\Windows\syswow64\ExplorerFrame.dll [MD5.7AEB8E015BA434B3053DE93D9EB057EB] - [10/11/2018 22:32:37] - |A| - [129536] - C:\Windows\syswow64\fdeploy.dll [MD5.1B96735472A878AD85592F0334EC25E3] - [10/11/2018 22:32:29] - |A| - [48128] - C:\Windows\syswow64\fdPnp.dll [MD5.C7A76E53B32A2343F38E9CC9E828492D] - [10/11/2018 22:32:29] - |A| - [25088] - C:\Windows\syswow64\fdWNet.dll [MD5.AB37FC984562EF4B8F748AF49BB1231B] - [10/11/2018 22:33:55] - |A| - [374784] - C:\Windows\syswow64\FirewallAPI.dll [MD5.54DC6BCFEF11DFC9CC4C00CB57890D69] - [10/11/2018 22:33:09] - |A| - [650728] - C:\Windows\syswow64\fontdrvhost.exe [MD5.047A3D70979DDDCB2C8B33F3B56F5E4B] - [10/11/2018 22:32:34] - |A| - [908800] - C:\Windows\syswow64\fontext.dll [MD5.448F8C240449939B0CB97F39EDBEBEC6] - [10/11/2018 22:32:40] - |A| - [96768] - C:\Windows\syswow64\fontsub.dll [MD5.6197BFFCE473AC63D8178BA2AE9C1EB2] - [10/11/2018 22:32:44] - |A| - [236032] - C:\Windows\syswow64\FSClient.dll [MD5.FB2F8886B7963FAE2D4E113BE6175EF0] - [10/11/2018 22:32:44] - |A| - [176128] - C:\Windows\syswow64\fwpolicyiomgr.dll [MD5.DAD9F2721D7CF53B1086B8A847D6F543] - [10/11/2018 22:32:58] - |A| - [963584] - C:\Windows\syswow64\GamePanel.exe [MD5.C492E666DE1589555FBC9B565CD8B6A3] - [10/11/2018 22:32:49] - |A| - [2413568] - C:\Windows\syswow64\gameux.dll [MD5.7EF681053E42D85DD92AC4191448FFF0] - [10/11/2018 22:32:44] - |A| - [136704] - C:\Windows\syswow64\gamingtcui.dll [MD5.A80CF168C3CF4650F02A27FA22873508] - [10/11/2018 22:32:39] - |A| - [133904] - C:\Windows\syswow64\gdi32.dll [MD5.ECE05A894A274224306A9467BB7B3761] - [10/11/2018 22:33:12] - |A| - [1433264] - C:\Windows\syswow64\gdi32full.dll [MD5.F8BBECAA36A95081C6406A54ADA09A12] - [10/11/2018 22:32:43] - |A| - [1470976] - C:\Windows\syswow64\GdiPlus.dll [MD5.5CE936FD859679BCE159E0A8C4B94F69] - [10/11/2018 22:32:56] - |A| - [366592] - C:\Windows\syswow64\Geolocation.dll [MD5.1E91815C329345AD54FE08BF7A98F749] - [10/11/2018 22:33:45] - |A| - [4171264] - C:\Windows\syswow64\gnsdk_fp.dll [MD5.5C93EAC5FFA5AAAEEE71E7AFB82AB13B] - [10/11/2018 22:32:37] - |A| - [225288] - C:\Windows\syswow64\HdcpHandler.dll [MD5.16308115D8C87AAF8D2FC684A8026905] - [10/11/2018 22:32:43] - |A| - [576512] - C:\Windows\syswow64\hgcpl.dll [MD5.A337279439568BDCEEFB66F0CCFEB2A3] - [10/11/2018 22:32:44] - |A| - [540672] - C:\Windows\syswow64\hhctrl.ocx [MD5.B50F5C1F65B53564DA720FACCFB88AA1] - [10/11/2018 22:32:36] - |A| - [99840] - C:\Windows\syswow64\hlink.dll [MD5.9FFDC8ED3B2261C6EC0EF2B4C893BD5B] - [10/11/2018 22:32:34] - |A| - [181760] - C:\Windows\syswow64\HoloShellRuntime.dll [MD5.0D39CE935744E80D4B17687967A6532D] - [10/11/2018 22:32:42] - |A| - [340480] - C:\Windows\syswow64\html.iec [MD5.D6DFCAAA26F7081B309CA16298523EC9] - [10/11/2018 22:32:38] - |A| - [230912] - C:\Windows\syswow64\icm32.dll [MD5.800427263F85FDB6DCB853AD54C41B0C] - [10/11/2018 22:32:32] - |A| - [96256] - C:\Windows\syswow64\IdCtrls.dll [MD5.5FFCF010BC7879214146ECEB661AC0F4] - [10/11/2018 22:32:30] - |A| - [120320] - C:\Windows\syswow64\IEAdvpack.dll [MD5.7C637A0F4ED26D2F60B27A4F955C6F90] - [10/11/2018 22:32:59] - |A| - [1475072] - C:\Windows\syswow64\ieapfltr.dll [MD5.F927E11965F1EDA7F9726F482531CAD1] - [10/11/2018 22:32:43] - |A| - [344064] - C:\Windows\syswow64\iedkcs32.dll [MD5.F32593F94F6B9B22E933C0B098FD42AA] - [10/11/2018 22:33:23] - |A| - [11925504] - C:\Windows\syswow64\ieframe.dll [MD5.D9BBA1B7456562F484F2F1E79D7B1467] - [10/11/2018 22:32:30] - |A| - [133632] - C:\Windows\syswow64\iepeers.dll [MD5.D17725FD87C56E7FF8586EFE6CFF70F2] - [10/11/2018 22:32:41] - |A| - [365568] - C:\Windows\syswow64\ieproxy.dll [MD5.D42F18F9E37C27A9238A2EC567B7B946] - [10/11/2018 22:32:30] - |A| - [38400] - C:\Windows\syswow64\iernonce.dll [MD5.6F05214B77607D606CBB0E0E71D8636A] - [10/11/2018 22:33:08] - |A| - [2216392] - C:\Windows\syswow64\iertutil.dll [MD5.C191093254976AD3589EA942D2BCF983] - [10/11/2018 22:32:30] - |A| - [70144] - C:\Windows\syswow64\iesetup.dll [MD5.088C6A5E7856CC582543485DE3E2A9C7] - [10/11/2018 22:32:30] - |A| - [98304] - C:\Windows\syswow64\iesysprep.dll [MD5.FF2EF8AF7DE0EA8FC5C2EC80950ECAF5] - [10/11/2018 22:32:44] - |A| - [475648] - C:\Windows\syswow64\ieui.dll [MD5.C1127463655F541956FF02A325996ECF] - [10/11/2018 22:32:28] - |A| - [3329] - C:\Windows\syswow64\ieuinit.inf [MD5.827E3C18E13B7FF90B7BB24FE78E3084] - [10/11/2018 22:32:31] - |A| - [123392] - C:\Windows\syswow64\ieUnatt.exe [MD5.5905887875F87E10146E301FC5F16347] - [10/11/2018 22:32:30] - |A| - [152064] - C:\Windows\syswow64\iexpress.exe [MD5.D9A3919CAE425168C8EAB63F3E820A37] - [10/11/2018 22:32:30] - |A| - [43520] - C:\Windows\syswow64\imgutil.dll [MD5.1EBCB219A2896F8961BE2EB59C8BF76A] - [10/11/2018 22:32:33] - |A| - [162304] - C:\Windows\syswow64\IndexedDbLegacy.dll [MD5.BA829AECF1E87E08DFA61F0A3BD4AAF5] - [10/11/2018 22:32:50] - |A| - [897024] - C:\Windows\syswow64\inetcomm.dll [MD5.E1936270DC771A21C48700C309B6893B] - [10/11/2018 22:32:44] - |A| - [2014720] - C:\Windows\syswow64\inetcpl.cpl [MD5.09601707C469D7FB5D4A6700AC25F067] - [10/11/2018 22:32:30] - |A| - [84992] - C:\Windows\syswow64\INETRES.dll [MD5.50B7D9B4C9B97A008BEA00F118D6C4BB] - [10/11/2018 22:33:07] - |A| - [2349568] - C:\Windows\syswow64\InputService.dll [MD5.E8476A80897B574D8C15EFD7E3575CD8] - [10/11/2018 22:32:40] - |A| - [329728] - C:\Windows\syswow64\InputSwitch.dll [MD5.1F72A8E652C34C55029808FCD1AEA208] - [10/11/2018 22:32:30] - |A| - [97280] - C:\Windows\syswow64\inseng.dll [MD5.EFC0942C387256B31F304D3A1B24F136] - [10/11/2018 22:33:03] - |A| - [1008640] - C:\Windows\syswow64\InstallService.dll [MD5.7EAE5AAA7F7392A361A67AA128AC53CF] - [10/11/2018 22:32:47] - |A| - [514560] - C:\Windows\syswow64\iprtrmgr.dll [MD5.64E6A7C3561E12A93267FA497694D04C] - [10/11/2018 22:32:38] - |A| - [162304] - C:\Windows\syswow64\itircl.dll [MD5.AE79A4607987D2EAFB47FFC033A1A699] - [10/11/2018 22:32:40] - |A| - [150528] - C:\Windows\syswow64\itss.dll [MD5.FDF2DF009331F6E04D03EBC8AFE1B00E] - [10/11/2018 22:32:30] - |A| - [72704] - C:\Windows\syswow64\JavaScriptCollectionAgent.dll [MD5.9899EC0006B2521B731DC84C57CD8134] - [10/11/2018 22:32:54] - |A| - [981504] - C:\Windows\syswow64\JpMapControl.dll [MD5.C35150C2A6306450CBAAA96BD9E89187] - [10/11/2018 22:33:57] - |A| - [664576] - C:\Windows\syswow64\jscript.dll [MD5.C453F1FB6295EA8128FAFD30843A5C78] - [10/11/2018 22:33:57] - |A| - [3662336] - C:\Windows\syswow64\jscript9.dll [MD5.603DCED158DADAAEA63FC55A1911C54F] - [10/11/2018 22:32:57] - |A| - [539136] - C:\Windows\syswow64\jscript9diag.dll [MD5.9EF3DE69CA010F45A56D0B6BED7C9896] - [10/11/2018 22:32:59] - |A| - [773120] - C:\Windows\syswow64\kerberos.dll [MD5.F4EC8E1F0236746581356B806D7EE868] - [10/11/2018 22:32:37] - |A| - [47608] - C:\Windows\syswow64\kernel.appcore.dll [MD5.03DAF9DB8E0576C05C3E054D482EB613] - [10/11/2018 22:32:41] - |A| - [595448] - C:\Windows\syswow64\kernel32.dll [MD5.8AA6A8D0D8A285618186C8468A1BEF59] - [10/11/2018 22:33:06] - |A| - [1933224] - C:\Windows\syswow64\KernelBase.dll [MD5.52FA4FF4BC1865172AB3AD6DA6969B8F] - [10/11/2018 22:32:29] - |A| - [71680] - C:\Windows\syswow64\keyiso.dll [MD5.3AA9A2B7FB715C24C90AEB0A38E0F057] - [10/11/2018 22:32:33] - |A| - [233984] - C:\Windows\syswow64\ksproxy.ax [MD5.9CEED6E21BF4E53A3EE25D4624E3BC07] - [10/11/2018 22:33:03] - |A| - [749864] - C:\Windows\syswow64\LicenseManager.dll [MD5.7609E2A0AE7DDA0AFABFA4A334B073ED] - [10/11/2018 22:32:44] - |A| - [727848] - C:\Windows\syswow64\LicensingWinRT.dll [MD5.335EC3A0133B2C608B70496614DED4BA] - [10/11/2018 22:32:30] - |A| - [27136] - C:\Windows\syswow64\licmgr10.dll [MD5.3B12C0CDD7A56CFD4379AF897678865A] - [10/11/2018 22:32:51] - |A| - [804216] - C:\Windows\syswow64\locale.nls [MD5.9F087ACEF8B372C70455F6FFE99A8E1B] - [10/11/2018 22:32:56] - |A| - [456704] - C:\Windows\syswow64\LockAppBroker.dll [MD5.E9FFC3057B2D0C129FB623926C489C22] - [10/11/2018 22:32:36] - |A| - [186520] - C:\Windows\syswow64\logoncli.dll [MD5.3D2877F0082222C28516A711C972E4D2] - [10/11/2018 22:29:47] - |A| - [25440] - C:\Windows\syswow64\Luadgmgt.dll [MD5.2D426F46BF2AD22C46BF772F94481039] - [10/11/2018 22:32:43] - |A| - [731136] - C:\Windows\syswow64\Magnify.exe [MD5.42437241EDBBAB64C916D73F334504D3] - [10/11/2018 22:32:41] - |A| - [706048] - C:\Windows\syswow64\MapControlCore.dll [MD5.D79777458AA58C17A6A3FE137A0693D4] - [10/11/2018 22:32:30] - |A| - [1948672] - C:\Windows\syswow64\MapGeocoder.dll [MD5.ECB50CA14DB029BAB3EF6A2DEB3AC4A9] - [10/11/2018 22:33:04] - |A| - [2409984] - C:\Windows\syswow64\MapRouter.dll [MD5.455941DE967B579A3D5D8066B8DE79FC] - [11/11/2018 06:16:28] - |A| - [212112] - C:\Windows\syswow64\mci32.ocx [MD5.AE1701B7048E97981DDB9D1F15EEDA91] - [10/11/2018 22:32:39] - |A| - [669184] - C:\Windows\syswow64\MCRecvSrc.dll [MD5.2A0C578A0F0D9281330CB0943F930337] - [10/11/2018 22:32:32] - |A| - [194560] - C:\Windows\syswow64\mdmregistration.dll [MD5.E5EBA18A6B253ED288A2EDDF8D8A1E81] - [10/11/2018 22:32:43] - |A| - [551696] - C:\Windows\syswow64\mf.dll [MD5.78FC87079D2E9FD51BFC00F48D8119F5] - [10/11/2018 22:32:35] - |A| - [43008] - C:\Windows\syswow64\mf3216.dll [MD5.30FA7D73EBDC30392C73E2733F0116D9] - [10/11/2018 22:33:57] - |A| - [1377088] - C:\Windows\syswow64\mfasfsrcsnk.dll [MD5.5D3C0F40336B490EDE971C394CFB8F78] - [11/11/2018 06:16:28] - |A| - [1024000] - C:\Windows\syswow64\mfc70.dll [MD5.A4CCA3F3145BA93383DFB126EC61C695] - [11/11/2018 06:16:28] - |A| - [40960] - C:\Windows\syswow64\mfc70chs.dll [MD5.A0502BCED5C98A51E7E305029BD4009B] - [11/11/2018 06:16:28] - |A| - [45056] - C:\Windows\syswow64\mfc70cht.dll [MD5.054809EA25F0110122B17835E94848F2] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\mfc70deu.dll [MD5.3F0E5AD6604D6585C2219D6688514817] - [11/11/2018 06:16:28] - |A| - [57344] - C:\Windows\syswow64\mfc70enu.dll [MD5.D88BE83455C13B80B1AB103E82052F33] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\mfc70esp.dll [MD5.8F59C1FB4C18F08C0D4D24550E2F7375] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\mfc70fra.dll [MD5.78C3F9FFBC860D2153D6470BC65556FE] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\mfc70ita.dll [MD5.8448C67B7FF7A65AEAA25747D0E861B7] - [11/11/2018 06:16:28] - |A| - [49152] - C:\Windows\syswow64\mfc70jpn.dll [MD5.E83773E9ED198BB59C072B453AF4F797] - [11/11/2018 06:16:28] - |A| - [49152] - C:\Windows\syswow64\mfc70kor.dll [MD5.C440493ABF8CF179FF3351357C1EB426] - [11/11/2018 06:16:28] - |A| - [1017344] - C:\Windows\syswow64\mfc70u.dll [MD5.0EAD1C87DC75863E7CFF7B2691C1B90C] - [11/11/2018 06:16:28] - |A| - [1060864] - C:\Windows\syswow64\MFC71.dll [MD5.F0C3773C480C8E8FD8DD8BF82689D390] - [11/11/2018 06:16:28] - |A| - [40960] - C:\Windows\syswow64\MFC71CHS.DLL [MD5.B80E70737148130AC3975F84E88ED8B0] - [11/11/2018 06:16:28] - |A| - [45056] - C:\Windows\syswow64\MFC71CHT.DLL [MD5.92436C5844333188D8746079640419BF] - [11/11/2018 06:16:28] - |A| - [65536] - C:\Windows\syswow64\MFC71DEU.DLL [MD5.DF8241122459E097DD393B74D3ABF64E] - [11/11/2018 06:16:28] - |A| - [57344] - C:\Windows\syswow64\MFC71ENU.DLL [MD5.B1219D49B804F8D20D4A812E9AA773FB] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\MFC71ESP.DLL [MD5.4CF93C1BD454AC576D787FC8256E3D58] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\MFC71FRA.DLL [MD5.A31727B0310F97C279B4278A44D68F2E] - [11/11/2018 06:16:28] - |A| - [61440] - C:\Windows\syswow64\MFC71ITA.DLL [MD5.DCDB167567AAD5A54EF6096324F7A67B] - [11/11/2018 06:16:28] - |A| - [49152] - C:\Windows\syswow64\MFC71JPN.DLL [MD5.337E4EDA92C2858386E0072F604FE2D3] - [11/11/2018 06:16:28] - |A| - [49152] - C:\Windows\syswow64\MFC71KOR.DLL [MD5.1A53510BFE257CE75CB6EA4D596243BE] - [11/11/2018 06:16:28] - |A| - [1054208] - C:\Windows\syswow64\MFC71u.dll [MD5.10410E04AD337D4EC0DBCA9B02C5E4C9] - [10/11/2018 22:32:50] - |A| - [454080] - C:\Windows\syswow64\MFCaptureEngine.dll [MD5.884FD835F0A26A328FDBE3EB2F24AD63] - [10/11/2018 22:33:53] - |A| - [4668176] - C:\Windows\syswow64\mfcore.dll [MD5.EBB5B4DA61EF6C862F93BD672A2A141F] - [10/11/2018 22:32:48] - |A| - [201728] - C:\Windows\syswow64\mfksproxy.dll [MD5.3539091FB267DDB155936BD517388525] - [10/11/2018 22:33:17] - |A| - [4248064] - C:\Windows\syswow64\MFMediaEngine.dll [MD5.BACFC25E43BB8B5D6DECA0D4564004EC] - [10/11/2018 22:32:57] - |A| - [821248] - C:\Windows\syswow64\mfmkvsrcsnk.dll [MD5.DF37BC3CB604FE6D60FF200540227712] - [10/11/2018 22:33:56] - |A| - [2462704] - C:\Windows\syswow64\mfmp4srcsnk.dll [MD5.2D3C1ACA95568850D860DD9EB0FD80BC] - [10/11/2018 22:33:57] - |A| - [1017056] - C:\Windows\syswow64\mfmpeg2srcsnk.dll [MD5.5244E275BE355536AEF4BB53CFC41369] - [10/11/2018 22:33:04] - |A| - [1132088] - C:\Windows\syswow64\mfnetcore.dll [MD5.DA10E08DC258BAD3DC67EF59687C8EEB] - [10/11/2018 22:33:06] - |A| - [1652872] - C:\Windows\syswow64\mfnetsrc.dll [MD5.7D42FEA87A7B4E515CE07F538039E83D] - [10/11/2018 22:33:06] - |A| - [1524776] - C:\Windows\syswow64\mfplat.dll [MD5.154214E46D01B682D5BC805A670250CD] - [10/11/2018 22:32:40] - |A| - [130608] - C:\Windows\syswow64\mfps.dll [MD5.9AE00438B293991B43F8BD7C59425815] - [10/11/2018 22:33:03] - |A| - [1033584] - C:\Windows\syswow64\mfreadwrite.dll [MD5.7F86306F9C91D63566556265E06D5381] - [10/11/2018 22:32:42] - |A| - [193248] - C:\Windows\syswow64\mfsensorgroup.dll [MD5.F351E1769F03B3215E5834E17E10AAD0] - [10/11/2018 22:33:57] - |A| - [1456104] - C:\Windows\syswow64\mfsrcsnk.dll [MD5.AE0F7535EF06AF37DD994D37E0761B67] - [10/11/2018 22:33:05] - |A| - [1149280] - C:\Windows\syswow64\mfsvr.dll [MD5.4676D80B0DF7C59350EE149737B00212] - [10/11/2018 22:32:41] - |A| - [133632] - C:\Windows\syswow64\Microsoft.Bluetooth.Proxy.dll [MD5.20F0FDEAB29EC969E542F92D56BC0A8A] - [10/11/2018 22:32:46] - |A| - [220672] - C:\Windows\syswow64\MicrosoftAccountWAMExtension.dll [MD5.2A13B01C0E7E877B7B5BF87D912FEAE7] - [10/11/2018 22:33:55] - |A| - [2864640] - C:\Windows\syswow64\mispace.dll [MD5.88E23DAF98F708E2803F1CA66DDEC081] - [10/11/2018 22:33:04] - |A| - [1488896] - C:\Windows\syswow64\mmc.exe [MD5.9C512EA78BCA946584B56C98E8D902C6] - [10/11/2018 22:32:31] - |A| - [301056] - C:\Windows\syswow64\mmcbase.dll [MD5.2C7E93985BF751751AE48EFCB171D870] - [10/11/2018 22:33:07] - |A| - [2427904] - C:\Windows\syswow64\mmcndmgr.dll [MD5.BFF50ADF8CC5C1C151752A1CA8B429D5] - [10/11/2018 22:32:39] - |A| - [1428480] - C:\Windows\syswow64\mmgaclient.dll [MD5.3E2EA3513ED7AF84C367FE1DC7B70544] - [10/11/2018 22:32:30] - |A| - [62976] - C:\Windows\syswow64\mmgaproxystub.dll [MD5.85CAFA8A4E1516B38F2B409DBED8F49F] - [10/11/2018 22:32:36] - |A| - [1060352] - C:\Windows\syswow64\mmgaserver.exe [MD5.F317C5B2A30932435494E0CD576E0207] - [10/11/2018 22:33:22] - |A| - [6118400] - C:\Windows\syswow64\mos.dll [MD5.061902202BF0DE086B9A148B2F40C352] - [10/11/2018 22:32:41] - |A| - [537088] - C:\Windows\syswow64\mscms.dll [MD5.8D8AAD175C9779503A68136E49EEA2B4] - [11/11/2018 06:16:28] - |A| - [660120] - C:\Windows\syswow64\mscomct2.ocx [MD5.766F501B61C22723536AF696A74133D4] - [11/11/2018 06:16:28] - |A| - [1070232] - C:\Windows\syswow64\mscomctl.ocx [MD5.D60FD0C924C0172B5AD2967E8473FFCD] - [11/11/2018 06:16:28] - |A| - [119960] - C:\Windows\syswow64\mscomm32.ocx [MD5.7951488EB6F201564D5C6D35B40452AB] - [10/11/2018 22:33:31] - |A| - [1323408] - C:\Windows\syswow64\msctf.dll [MD5.552088FF7667D59E29D3231077B92D30] - [11/11/2018 06:16:28] - |A| - [279192] - C:\Windows\syswow64\msdatgrd.ocx [MD5.C0393287EC3D0098932BC6DD7753CE50] - [11/11/2018 06:16:28] - |A| - [253080] - C:\Windows\syswow64\msdatlst.ocx [MD5.2C0E473ABAA7F84F332F66C2221B3EB7] - [10/11/2018 22:32:29] - |A| - [707584] - C:\Windows\syswow64\msdtcprx.dll [MD5.959315775A3EDD649A7C6B535F6ED522] - [10/11/2018 22:33:02] - |A| - [340480] - C:\Windows\syswow64\msexcl40.dll [MD5.EE68EB9D3DD974FE30B4846F98F1CD94] - [10/11/2018 22:32:50] - |A| - [669184] - C:\Windows\syswow64\msfeeds.dll [MD5.6092BA0CC502F3F1E7C9E15AA7BC707E] - [10/11/2018 22:32:30] - |A| - [64000] - C:\Windows\syswow64\msfeedsbs.dll [MD5.2DAAB612B55CC7C09076C66492A8A4C7] - [10/11/2018 22:32:30] - |A| - [13824] - C:\Windows\syswow64\msfeedssync.exe [MD5.151229FE0011294475AF03E2FBBAF33B] - [11/11/2018 06:16:28] - |A| - [259736] - C:\Windows\syswow64\msflxgrd.ocx [MD5.ECAA3D1451DBAE5B5E8C69740BF88ECA] - [10/11/2018 22:33:08] - |A| - [2762752] - C:\Windows\syswow64\msftedit.dll [MD5.D19D5DDC8D6446B8E08161012461210D] - [11/11/2018 06:16:28] - |A| - [444328] - C:\Windows\syswow64\MShflxgd.ocx [MD5.7C94C627DB30B00F70E2911BFF2FD7EF] - [10/11/2018 22:32:30] - |A| - [13312] - C:\Windows\syswow64\mshta.exe [MD5.ED0F9EBFEB765731C2A875571BBB4F5C] - [10/11/2018 22:33:46] - |A| - [19359744] - C:\Windows\syswow64\mshtml.dll [MD5.53924134EA878417820AF4774C4B9E98] - [10/11/2018 22:32:30] - |A| - [64000] - C:\Windows\syswow64\MshtmlDac.dll [MD5.5A3510EF73ED604C44F9550274658BAC] - [10/11/2018 22:32:31] - |A| - [78336] - C:\Windows\syswow64\mshtmled.dll [MD5.C15353A25E77BD265CE38A4E91CDB218] - [10/11/2018 22:33:12] - |A| - [4053504] - C:\Windows\syswow64\msi.dll [MD5.B1DD9C48AA6DC1F2E236ADC96189319A] - [10/11/2018 22:32:39] - |A| - [59904] - C:\Windows\syswow64\msiexec.exe [MD5.BED46F55AF9A7B495EC0F2DE0CB5AD3F] - [11/11/2018 06:16:28] - |A| - [131728] - C:\Windows\syswow64\msinet.ocx [MD5.87D55DB930784DD4CB69BB181ADAB618] - [10/11/2018 22:32:35] - |A| - [26624] - C:\Windows\syswow64\msisip.dll [MD5.0AC33FA3AB74AD61B0573D41504B8C62] - [10/11/2018 22:32:47] - |A| - [369664] - C:\Windows\syswow64\msIso.dll [MD5.6926A51273635E15EECB4AF206AACF52] - [10/11/2018 22:32:49] - |A| - [1311744] - C:\Windows\syswow64\msjet40.dll [MD5.9D1D5B434B7BC82A9167CA2D01000F78] - [11/11/2018 06:16:28] - |A| - [179352] - C:\Windows\syswow64\msmask32.ocx [MD5.17ED96A86D54827BE9BA2FAFC836C787] - [10/11/2018 22:33:05] - |A| - [2255112] - C:\Windows\syswow64\msmpeg2vdec.dll [MD5.541E45F0DE693BAAB7F8B40B488580A0] - [10/11/2018 22:32:31] - |A| - [97792] - C:\Windows\syswow64\msoert2.dll [MD5.3B55A4EB9AF85099BA665F370D16304B] - [10/11/2018 22:32:35] - |A| - [136704] - C:\Windows\syswow64\MSOpusDecoder.dll [MD5.29E1E6FF2BD32317ACBFFEBD2E811FC2] - [10/11/2018 22:32:31] - |A| - [6532096] - C:\Windows\syswow64\mspaint.exe [MD5.B9C0D4F2BF3BCA9A56FEF594CC5BE466] - [10/11/2018 22:32:34] - |A| - [1348608] - C:\Windows\syswow64\MSPhotography.dll [MD5.DB605CE020000C370781658FECF360D9] - [10/11/2018 22:32:29] - |A| - [10752] - C:\Windows\syswow64\msrating.dll [MD5.FBA2D470F7E8EC774F1A275664813582] - [10/11/2018 22:32:32] - |A| - [343552] - C:\Windows\syswow64\msrd3x40.dll [MD5.A4930013B4BCCE83018A5EFD0C088999] - [10/11/2018 22:32:38] - |A| - [101376] - C:\Windows\syswow64\msscript.ocx [MD5.0D5A7783A481F02BED5A0A564B6D8439] - [10/11/2018 22:32:57] - |A| - [713216] - C:\Windows\syswow64\MsSpellCheckingFacility.dll [MD5.FEDCCE5B9670528E15D34BAEC7A2004A] - [10/11/2018 22:32:35] - |A| - [145408] - C:\Windows\syswow64\mssph.dll [MD5.5C0084DBF9979BA50D52A0574D36A3E5] - [10/11/2018 22:32:34] - |A| - [59392] - C:\Windows\syswow64\mssprxy.dll [MD5.1656B8A966AE2AEC7E95F86272882D10] - [10/11/2018 22:33:12] - |A| - [2184192] - C:\Windows\syswow64\mssrch.dll [MD5.1E27A0F62EBE8277C61B89C3747CC45D] - [11/11/2018 06:16:28] - |A| - [130712] - C:\Windows\syswow64\msstdfmt.dll [MD5.FC1E1896F31DAE6E8C68D95A645C9B1A] - [11/11/2018 06:16:28] - |A| - [108696] - C:\Windows\syswow64\MSSTKPRP.DLL [MD5.66FA7326BAE620E2A31E38D5514915DA] - [10/11/2018 22:32:43] - |A| - [721920] - C:\Windows\syswow64\mssvp.dll [MD5.CF8964466D129910CE72AE661EAF58D9] - [10/11/2018 22:33:01] - |A| - [3430400] - C:\Windows\syswow64\mstsc.exe [MD5.E2B201109C20BA7E261D2AE35BFE2423] - [10/11/2018 22:33:18] - |A| - [7812608] - C:\Windows\syswow64\mstscax.dll [MD5.D577EAF2B7E74DFDA9D9DFF6DC54C37A] - [11/11/2018 06:16:29] - |A| - [1355776] - C:\Windows\syswow64\msvbvm50.dll [MD5.07B8A966FA4D08B797DE3FCC5C67EAB6] - [11/11/2018 06:16:28] - |A| - [54784] - C:\Windows\syswow64\msvci70.dll [MD5.35E8431ACDDB1F236393CF661738F5FD] - [10/11/2018 22:32:41] - |A| - [417368] - C:\Windows\syswow64\msvcp110_win.dll [MD5.D04F7AACA2319A3BCDB2C5D5DD6F6026] - [11/11/2018 06:16:28] - |A| - [487424] - C:\Windows\syswow64\MSVCP70.DLL [MD5.1874BBAD9AE4C993B74B7ABAA8B9D535] - [11/11/2018 06:16:28] - |A| - [503808] - C:\Windows\syswow64\msvcp71.dll [MD5.768CBCA4A69C1E9901215018AB850E75] - [10/11/2018 22:32:41] - |A| - [505160] - C:\Windows\syswow64\msvcp_win.dll [MD5.8D8A3965D5D4CCBBE4489DA028CEF6FC] - [11/11/2018 06:16:28] - |A| - [339968] - C:\Windows\syswow64\msvcr70.dll [MD5.837B1E310F2AA8B20F07A9B1CE90AC4F] - [11/11/2018 06:16:28] - |A| - [344064] - C:\Windows\syswow64\msvcr71.dll [MD5.C52BF7DC4864653FFF45ECC634B65F9B] - [10/11/2018 22:32:35] - |A| - [769096] - C:\Windows\syswow64\msvcrt.dll [MD5.DF252F37880142ED5574C2BE4DADF5A7] - [11/11/2018 06:16:28] - |A| - [210944] - C:\Windows\syswow64\msvcrt10.dll [MD5.0664ECFC89D1B287860A71FA38033CF7] - [10/11/2018 22:33:07] - |A| - [2329088] - C:\Windows\syswow64\MSVidCtl.dll [MD5.F9DD92E21937DC1354EDF46339582F25] - [10/11/2018 22:32:38] - |A| - [574960] - C:\Windows\syswow64\MSVideoDSP.dll [MD5.C31B3A1DD41B538A860C3A668DC080D0] - [10/11/2018 22:33:01] - |A| - [1383784] - C:\Windows\syswow64\MSVP9DEC.dll [MD5.8A28280B2E9D42C6C85AC94D3B08CEC1] - [10/11/2018 22:32:57] - |A| - [1059248] - C:\Windows\syswow64\msvproc.dll [MD5.1A9B89B3ACC71F45F01C24C557A32FAA] - [10/11/2018 22:32:50] - |A| - [1286144] - C:\Windows\syswow64\MSVPXENC.dll [MD5.57325D394119DB3D3B3CF8A3BBFDA5CA] - [11/11/2018 06:16:28] - |A| - [127640] - C:\Windows\syswow64\mswinsck.ocx [MD5.AE591EEF88B097CD37F68356CC47AC6C] - [10/11/2018 22:33:19] - |A| - [1587712] - C:\Windows\syswow64\msxml3.dll [MD5.9DACDC14260D0422367E342E9E70C5A8] - [10/11/2018 22:32:59] - |A| - [1991280] - C:\Windows\syswow64\msxml6.dll [MD5.62C208F510D0A8F18F43DE85B809AE84] - [10/11/2018 22:32:49] - |A| - [275968] - C:\Windows\syswow64\ncryptprov.dll [MD5.7887DD78F1017ED6154C7B5E988D7F03] - [10/11/2018 22:32:41] - |A| - [105384] - C:\Windows\syswow64\ncryptsslp.dll [MD5.5F7E26B061421A442D4C28D87E62E679] - [10/11/2018 22:32:30] - |A| - [20480] - C:\Windows\syswow64\netevent.dll [MD5.453191DC1804BEA45BEB335D2675A03E] - [10/11/2018 22:32:48] - |A| - [658432] - C:\Windows\syswow64\netlogon.dll [MD5.5063C164CDB4914B96371AAF9DEB4E64] - [10/11/2018 22:32:31] - |A| - [221184] - C:\Windows\syswow64\netplwiz.dll [MD5.D8127658477648CF075A82AF48DED62E] - [10/11/2018 22:32:51] - |A| - [564640] - C:\Windows\syswow64\NetSetupEngine.dll [MD5.B8D9DA34E644EEE70610C6BC49F3AAFA] - [10/11/2018 22:32:42] - |A| - [483328] - C:\Windows\syswow64\newdev.dll [MD5.3B6F976D4AA6D833E77E14C1FACD58F8] - [10/11/2018 22:32:51] - |A| - [571904] - C:\Windows\syswow64\ngccredprov.dll [MD5.80BE54E3F6D02EB0C73437DE0E849B66] - [10/11/2018 22:32:46] - |A| - [328704] - C:\Windows\syswow64\ninput.dll [MD5.56C81BBD2C727B43ABC5FC7B135D3BA5] - [10/11/2018 22:32:35] - |A| - [63488] - C:\Windows\syswow64\nlaapi.dll [MD5.1E60A516C148F6A14FBEBBD6E84C2143] - [10/11/2018 22:32:36] - |A| - [35328] - C:\Windows\syswow64\nshhttp.dll [MD5.6EEBD05E6535D4627EF59BE92521913F] - [10/11/2018 22:33:24] - |A| - [1614664] - C:\Windows\syswow64\ntdll.dll [MD5.449EC93966F08434A78DD2E260F61419] - [10/11/2018 22:32:30] - |A| - [796160] - C:\Windows\syswow64\ntshrui.dll [MD5.CD54AE745B0BC46EEE0F858524B796FF] - [10/11/2018 22:32:31] - |A| - [126464] - C:\Windows\syswow64\occache.dll [MD5.1279BCEF6FC0D14701B64CC2ABA5BFB3] - [10/11/2018 22:32:40] - |A| - [115104] - C:\Windows\syswow64\offlinelsa.dll [MD5.4F32D82F6BEEC073514A813380AC2D4A] - [10/11/2018 22:32:40] - |A| - [221592] - C:\Windows\syswow64\offlinesam.dll [MD5.0987DE12F35268B4ACE122BD49275504] - [10/11/2018 22:32:29] - |A| - [58880] - C:\Windows\syswow64\offreg.dll [MD5.6E3022EE000DDFC2B082530C1D666078] - [10/11/2018 22:32:58] - |A| - [1002640] - C:\Windows\syswow64\ole32.dll [MD5.8E65A7E8D9C25624A634272D45B80C97] - [10/11/2018 22:32:48] - |A| - [594056] - C:\Windows\syswow64\oleaut32.dll [MD5.070377B840D3C991F64BDDC683219615] - [10/11/2018 22:32:30] - |A| - [89088] - C:\Windows\syswow64\olepro32.dll [MD5.6BEF063F2C8C065D27E7AC0EF2568160] - [10/11/2018 22:32:39] - |A| - [195072] - C:\Windows\syswow64\OneCoreCommonProxyStub.dll [MD5.39C1BD1C25576FAE97D0F2C108946031] - [10/11/2018 22:33:02] - |A| - [2993728] - C:\Windows\syswow64\OneCoreUAPCommonProxyStub.dll [MD5.2FEC4165D32E4586D4E7F7CE2A2C8334] - [10/11/2018 22:32:56] - |A| - [534016] - C:\Windows\syswow64\OneDriveSettingSyncProvider.dll [MD5.3480674AB5CB33E9765554C691E5A08A] - [10/11/2018 22:32:37] - |A| - [649672] - C:\Windows\syswow64\ortcengine.dll [MD5.2B87AEEC9C40E28B79BC88BEADF868C6] - [10/11/2018 22:32:39] - |A| - [174592] - C:\Windows\syswow64\P2P.dll [MD5.686DF71AEAC3A14506D549579BEC111D] - [10/11/2018 22:32:35] - |A| - [662528] - C:\Windows\syswow64\PayloadRestrictions.dll [MD5.FC0831DE773FEDF6A050CE02955C6D4F] - [10/11/2018 22:32:36] - |A| - [13312] - C:\Windows\syswow64\PCShellCommonProxyStub.dll [MD5.8C0C30BDD3CE3FC34A59B4B101162ED3] - [10/11/2018 22:32:29] - |A| - [21504] - C:\Windows\syswow64\perfhost.exe [MD5.00CB919465D369EFEEB6206B7329A7D7] - [10/11/2018 22:32:35] - |A| - [22016] - C:\Windows\syswow64\perfnet.dll [MD5.341E09E0EFC804C0F7C23AF8F3EBE6D7] - [10/11/2018 22:32:35] - |A| - [336384] - C:\Windows\syswow64\PhotoMetadataHandler.dll [MD5.7DB44D8D5AAA1890044E8B9EE2E4BF50] - [11/11/2018 06:16:28] - |A| - [104088] - C:\Windows\syswow64\picclp32.ocx [MD5.643981D9878EE7AE4407831B309A624A] - [10/11/2018 22:32:29] - |A| - [51712] - C:\Windows\syswow64\PimIndexMaintenanceClient.dll [MD5.353D58208E390A3E97960D9132549F54] - [10/11/2018 22:32:30] - |A| - [57856] - C:\Windows\syswow64\pngfilt.dll [MD5.3424A8C1C1098B7B5253A0160130F546] - [10/11/2018 22:32:48] - |A| - [422592] - C:\Windows\syswow64\policymanager.dll [MD5.13D3FD3993E36A115EE8154E61F051AF] - [10/11/2018 22:32:56] - |A| - [1555784] - C:\Windows\syswow64\propsys.dll [MD5.05AE52B85897B127FB41EDA66DE27F71] - [10/11/2018 22:32:32] - |A| - [175104] - C:\Windows\syswow64\puiapi.dll [MD5.2302BC814B4C3EED1803F742CF53A13D] - [10/11/2018 22:32:45] - |A| - [380416] - C:\Windows\syswow64\puiobj.dll [MD5.D135E6F9EDDBC13B4FBA15BDD34E7067] - [10/11/2018 22:32:57] - |A| - [1508864] - C:\Windows\syswow64\quartz.dll [MD5.0B0C861030404F800AD1B3AED3ECCF6F] - [10/11/2018 22:33:02] - |A| - [862208] - C:\Windows\syswow64\rasapi32.dll [MD5.4412AB1AD854AEA2236BA91F76025854] - [10/11/2018 22:32:39] - |A| - [118272] - C:\Windows\syswow64\raschap.dll [MD5.8C7F032B5C4C5F57215C194CA0C5E306] - [10/11/2018 22:32:56] - |A| - [862208] - C:\Windows\syswow64\rasdlg.dll [MD5.03D830B99C082FF00BD47B3BB87A216A] - [10/11/2018 22:32:43] - |A| - [856576] - C:\Windows\syswow64\rasgcw.dll [MD5.5A7236224908F9D1F6EFDC4B75EEDDCB] - [10/11/2018 22:32:40] - |A| - [447488] - C:\Windows\syswow64\rastls.dll [MD5.3B033A0E5B95423CA7CD246D0634E530] - [10/11/2018 22:32:51] - |A| - [956928] - C:\Windows\syswow64\rdpbase.dll [MD5.63FE21A2435A312D0F7603F528624EFC] - [10/11/2018 22:32:58] - |A| - [535552] - C:\Windows\syswow64\rdpcore.dll [MD5.90E4D8B9C5E893D78CD430A937407639] - [10/11/2018 22:33:00] - |A| - [1486336] - C:\Windows\syswow64\rdpserverbase.dll [MD5.96AA838D5326B695FE4B613A0B355232] - [10/11/2018 22:32:35] - |A| - [20992] - C:\Windows\syswow64\regsvr32.exe [MD5.74E8280C6512A4A2CC5B81DB2EABCA55] - [10/11/2018 22:32:40] - |A| - [74992] - C:\Windows\syswow64\remoteaudioendpoint.dll [MD5.14BB5CF93C7D69D019423C73C60AA856] - [11/11/2018 06:16:28] - |A| - [219288] - C:\Windows\syswow64\richtx32.ocx [MD5.629AC8C9CBDD74B8B9D54DB513F8D79F] - [10/11/2018 22:32:36] - |A| - [99240] - C:\Windows\syswow64\rmclient.dll [MD5.72FD126E60D7B2138EAA92CEA75BE70A] - [10/11/2018 22:32:38] - |A| - [777912] - C:\Windows\syswow64\rpcrt4.dll [MD5.F93F223D2BE61294ABBAE7DAC50A1275] - [10/11/2018 22:32:45] - |A| - [185896] - C:\Windows\syswow64\rsaenh.dll [MD5.B98FC4E03EFE0A4618F55B717999EC2A] - [10/11/2018 22:32:56] - |A| - [854976] - C:\Windows\syswow64\rtmcodecs.dll [MD5.470EE236394512EA55E79369CED249F8] - [10/11/2018 22:32:36] - |A| - [54720] - C:\Windows\syswow64\rtmmvrortc.dll [MD5.8159946E891BA8883942F43B10DF9EEF] - [10/11/2018 22:32:59] - |A| - [921032] - C:\Windows\syswow64\rtmpal.dll [MD5.193F73A6EF5E9C8504578604FDC0642D] - [10/11/2018 22:33:16] - |A| - [3903944] - C:\Windows\syswow64\rtmpltfm.dll [MD5.B37F4F7B61970640DC868578C964A5C8] - [10/11/2018 22:32:42] - |A| - [140592] - C:\Windows\syswow64\RTWorkQ.dll [MD5.7932ADABA5560660BD6611F452E15065] - [10/11/2018 22:32:54] - |A| - [406016] - C:\Windows\syswow64\schannel.dll [MD5.4EB3248D1CC646AED08953D6BD2A4522] - [10/11/2018 22:32:41] - |A| - [235520] - C:\Windows\syswow64\scksp.dll [MD5.08FBB521C850836280C42F3A51E419BC] - [10/11/2018 22:32:42] - |A| - [206336] - C:\Windows\syswow64\scrobj.dll [MD5.C9BC8119AC509BA3842A78468B69A076] - [10/11/2018 22:32:37] - |A| - [288768] - C:\Windows\syswow64\Search.ProtocolHandler.MAPI2.dll [MD5.CD5C635A1900BC617D1F8D7476CC96B3] - [10/11/2018 22:32:32] - |A| - [199680] - C:\Windows\syswow64\SearchFilterHost.exe [MD5.A7991AB5C90F0F52EFDDA3891B037760] - [10/11/2018 22:32:57] - |A| - [826880] - C:\Windows\syswow64\SearchIndexer.exe [MD5.FDCEA9C96F0C50A5FDCBE70946448D94] - [10/11/2018 22:32:41] - |A| - [324608] - C:\Windows\syswow64\SearchProtocolHost.exe [MD5.40FB50AE0B91EEF97AB98C9F4AB445DC] - [10/11/2018 22:32:42] - |A| - [268536] - C:\Windows\syswow64\sechost.dll [MD5.D7AB2A83F76824232D3369961B3E896A] - [10/11/2018 22:32:35] - |A| - [23040] - C:\Windows\syswow64\secur32.dll [MD5.F405B01AD58218BC0C02DDF3D28A5557] - [10/11/2018 22:32:31] - |A| - [124928] - C:\Windows\syswow64\sendmail.dll [MD5.A3941E454899041C8D860119B9918237] - [10/11/2018 22:32:29] - |A| - [339456] - C:\Windows\syswow64\SessEnv.dll [MD5.4DC52A665378788E2B6F8748D673E693] - [10/11/2018 22:32:45] - |A| - [169472] - C:\Windows\syswow64\SettingMonitor.dll [MD5.D52C744E0F22E970088268FB78D40476] - [10/11/2018 22:32:53] - |A| - [402432] - C:\Windows\syswow64\SettingSync.dll [MD5.B5EE49FF45E707B724F3D8D8A28BC018] - [10/11/2018 22:32:59] - |A| - [935424] - C:\Windows\syswow64\SettingSyncCore.dll [MD5.ADC122BCCFDEC09B043CF2E5ED5C184E] - [10/11/2018 22:33:02] - |A| - [832952] - C:\Windows\syswow64\SettingSyncHost.exe [MD5.EF021A2F0460523591D478A64FE2879B] - [10/11/2018 22:32:35] - |A| - [74240] - C:\Windows\syswow64\SettingSyncPolicy.dll [MD5.52FF3F6896651EE727063028E5452439] - [10/11/2018 22:32:34] - |A| - [26112] - C:\Windows\syswow64\setup16.exe [MD5.F254DD8493F7F749A7992D66FFD27C49] - [10/11/2018 22:32:54] - |A| - [4382032] - C:\Windows\syswow64\setupapi.dll [MD5.97E37B7DC478FB28B09D770716A7B3F0] - [10/11/2018 22:33:03] - |A| - [997376] - C:\Windows\syswow64\ShareHost.dll [MD5.5FD02663F35F9A3F1B19E807B6114EE7] - [10/11/2018 22:32:53] - |A| - [550176] - C:\Windows\syswow64\SHCore.dll [MD5.8037F6510D6A49F78502E24D7C80AFE1] - [10/11/2018 22:33:21] - |A| - [20290152] - C:\Windows\syswow64\shell32.dll [MD5.4B5FFEB58E510852D07C9FF26B668F86] - [10/11/2018 22:32:36] - |A| - [279472] - C:\Windows\syswow64\shlwapi.dll [MD5.76BBDE4C2A91DBB4CD656CC2840ADB80] - [10/11/2018 22:32:39] - |A| - [110080] - C:\Windows\syswow64\shsetup.dll [MD5.D0E732A3FC63AB837B6BC6D9D223AA68] - [10/11/2018 22:32:33] - |A| - [19456] - C:\Windows\syswow64\slcext.dll [MD5.C66166250655AFB521129231208F318D] - [10/11/2018 22:33:00] - |A| - [625152] - C:\Windows\syswow64\SmartcardCredentialProvider.dll [MD5.F4B48BB3F404C00C322E09D58476BEB1] - [10/11/2018 22:32:43] - |A| - [160256] - C:\Windows\syswow64\smartscreenps.dll [MD5.9C9D0C423707637BFAECF4EF7B9D37D6] - [10/11/2018 22:32:42] - |A| - [676352] - C:\Windows\syswow64\SndVolSSO.dll [MD5.9EB21EE497A716717E015B17DD38636C] - [10/11/2018 22:32:32] - |A| - [271872] - C:\Windows\syswow64\SpatializerApo.dll [MD5.34D737A0D07277088D5E50FA5B4293E9] - [10/11/2018 22:32:33] - |A| - [481792] - C:\Windows\syswow64\sppcext.dll [MD5.10204B5E7BFF059D87848F0BD0E0F0E9] - [10/11/2018 22:32:40] - |A| - [403968] - C:\Windows\syswow64\sppcomapi.dll [MD5.86FC1A7104F34A974834C58B8544EDCD] - [10/11/2018 22:32:30] - |A| - [332288] - C:\Windows\syswow64\srchadmin.dll [MD5.130EEB06981B74AAA69A25130BCA47DA] - [10/11/2018 22:33:06] - |A| - [2859520] - C:\Windows\syswow64\SRH.dll [MD5.3AA1516E1F89CD60AA12A01C473FA885] - [10/11/2018 22:32:39] - |A| - [125440] - C:\Windows\syswow64\srpapi.dll [MD5.7422C3656AD7BBF3182E7EC7E214957D] - [10/11/2018 22:33:57] - |A| - [123520] - C:\Windows\syswow64\sspicli.dll [MD5.A1F910366AE150EA2215A9C94526B703] - [10/11/2018 22:33:04] - |A| - [527864] - C:\Windows\syswow64\StateRepository.Core.dll [MD5.A608CA372905FB1D36A735343451FE58] - [10/11/2018 22:32:42] - |A| - [383488] - C:\Windows\syswow64\stobject.dll [MD5.2F8D43F082459EA107705677D99AA420] - [10/11/2018 22:32:29] - |A| - [1980928] - C:\Windows\syswow64\storagewmi.dll [MD5.75B34450304498DD42B7CAFC67D9F1A2] - [10/11/2018 22:32:58] - |A| - [559984] - C:\Windows\syswow64\StructuredQuery.dll [MD5.42EB38A0D300A8723794659F6957FE93] - [10/11/2018 22:32:42] - |A| - [653312] - C:\Windows\syswow64\sud.dll [MD5.7DF30A0CF7DE5DF85B5DB2645F161817] - [10/11/2018 22:32:44] - |A| - [3287040] - C:\Windows\syswow64\SyncCenter.dll [MD5.27FF5A1AA9858C2D4F0A0416C3501DD7] - [10/11/2018 22:32:31] - |A| - [524800] - C:\Windows\syswow64\SyncController.dll [MD5.90AD1B513F3D0FFFFAEC3B5D678FDE1C] - [10/11/2018 22:32:47] - |A| - [243200] - C:\Windows\syswow64\SyncSettings.dll [MD5.D06C58D3691A7F09A36923291E9915EF] - [10/11/2018 22:32:33] - |A| - [315904] - C:\Windows\syswow64\sysdm.cpl [MD5.25A010E52C6B8C94C1F00A849D210433] - [11/11/2018 06:16:28] - |A| - [84624] - C:\Windows\syswow64\sysinfo.ocx [MD5.F88E792BABEA5C3AC73F2F085226DCAA] - [10/11/2018 22:32:54] - |A| - [133632] - C:\Windows\syswow64\t2embed.dll [MD5.3F2B4D475AC8ED3F30E5A857EE413F7F] - [11/11/2018 06:16:28] - |A| - [222360] - C:\Windows\syswow64\tabctl32.ocx [MD5.AC42C6689277F98B4A7FA0A18B393E96] - [10/11/2018 22:32:29] - |A| - [371200] - C:\Windows\syswow64\taskcomp.dll [MD5.A4A6D271FE357663479CCEFD9C620AF1] - [10/11/2018 22:32:58] - |A| - [1250528] - C:\Windows\syswow64\Taskmgr.exe [MD5.7CED307FA413C9BA1E8D762CEA00C770] - [10/11/2018 22:32:30] - |A| - [30720] - C:\Windows\syswow64\tbauth.dll [MD5.F779D209F6FB1B8CF25F9FCABE014967] - [10/11/2018 22:32:30] - |A| - [74240] - C:\Windows\syswow64\tdc.ocx [MD5.D5C8986C1AC0F5CCFF5B36D84DAE7D5F] - [10/11/2018 22:32:34] - |A| - [2462208] - C:\Windows\syswow64\themecpl.dll [MD5.81F24AEBB800C56179E5D2EBABBC49BD] - [10/11/2018 22:32:35] - |A| - [2815488] - C:\Windows\syswow64\themeui.dll [MD5.9B547D7FC518A62EC2E1B7DD181E8CE2] - [10/11/2018 22:33:46] - |A| - [452608] - C:\Windows\syswow64\TileDataRepository.dll [MD5.ADBCF0F6F438C509AE8CFF276D3D4062] - [10/11/2018 22:32:31] - |A| - [463360] - C:\Windows\syswow64\timedate.cpl [MD5.1CAD95428D1F17F6FC03A6B1A76D7B27] - [10/11/2018 22:32:37] - |A| - [35328] - C:\Windows\syswow64\tokenbinding.dll [MD5.C20A3CAAE775FDBE2847D5701C986E8B] - [10/11/2018 22:33:04] - |A| - [920064] - C:\Windows\syswow64\TokenBroker.dll [MD5.3C35F53D16282A5B892685C4C1280D2C] - [10/11/2018 22:32:30] - |A| - [15360] - C:\Windows\syswow64\TokenBrokerCookies.exe [MD5.6D9DF4768CEAC6798002FAEA42A07DCA] - [10/11/2018 22:32:31] - |A| - [37888] - C:\Windows\syswow64\TokenBrokerUI.dll [MD5.1FEAA9F014E1F72DFD83DA745078524D] - [10/11/2018 22:33:11] - |A| - [2677248] - C:\Windows\syswow64\tquery.dll [MD5.6F7CCD986159E2FC544E4CE349F29CB6] - [10/11/2018 22:32:43] - |A| - [98304] - C:\Windows\syswow64\TSpkg.dll [MD5.EBB966D5D1DA9F55E2527EA46A4C2131] - [10/11/2018 22:32:35] - |A| - [178176] - C:\Windows\syswow64\TtlsAuth.dll [MD5.82ED68D7C9E7E0BA0CB90FF6069FA439] - [10/11/2018 22:32:31] - |A| - [164352] - C:\Windows\syswow64\TtlsCfg.dll [MD5.DAB67699D26B78F1BDF3F948C59DA75B] - [10/11/2018 22:32:40] - |A| - [158208] - C:\Windows\syswow64\twext.dll [MD5.F500780AEBEC7326D63FD51CA1BF2C85] - [10/11/2018 22:32:44] - |A| - [433664] - C:\Windows\syswow64\twinapi.dll [MD5.539296663A3DAF45C1BD9D519829A7BC] - [10/11/2018 22:32:36] - |A| - [697344] - C:\Windows\syswow64\twinui.appcore.dll [MD5.4D774D6A1E45E6798C27524CA070A936] - [10/11/2018 22:33:06] - |A| - [6466560] - C:\Windows\syswow64\twinui.dll [MD5.6B7588DDAF839EA920B825AAEF682715] - [10/11/2018 22:32:30] - |A| - [2560] - C:\Windows\syswow64\tzres.dll [MD5.4C27CE05ABAD90EB02F6D87E6EBF90DD] - [10/11/2018 22:33:02] - |A| - [1145104] - C:\Windows\syswow64\ucrtbase.dll [MD5.7C91A0284C3BE85296CECF986BC4C9A4] - [10/11/2018 22:32:52] - |A| - [466432] - C:\Windows\syswow64\UiaManager.dll [MD5.5382B15F692F9EFD113367EA91C666DD] - [10/11/2018 22:32:48] - |A| - [1668096] - C:\Windows\syswow64\UIAutomationCore.dll [MD5.CAC03A7B2E6034BF68A20AD92FB41E3C] - [10/11/2018 22:33:09] - |A| - [3490816] - C:\Windows\syswow64\UIRibbon.dll [MD5.F82F7AC64EAE0C4110B5D9D2AEE40D21] - [10/11/2018 22:32:30] - |A| - [584192] - C:\Windows\syswow64\UIRibbonRes.dll [MD5.DB40D2D74478E3BE07BB08CC24BFBA9E] - [10/11/2018 22:32:29] - |A| - [253952] - C:\Windows\syswow64\unimdm.tsp [MD5.9C3652626FBEEA98EFC1C751F54DE1E6] - [10/11/2018 22:32:30] - |A| - [966656] - C:\Windows\syswow64\Unistore.dll [MD5.4FC7DB01116C14A6C58C740698437815] - [10/11/2018 22:32:38] - |A| - [98304] - C:\Windows\syswow64\updatepolicy.dll [MD5.5033CBC73D3957D6ECDAD0DA38B7EC81] - [10/11/2018 22:32:30] - |A| - [233472] - C:\Windows\syswow64\url.dll [MD5.4ABDEF57F67D5FB8FA798C82E6E952D6] - [10/11/2018 22:33:19] - |A| - [1565696] - C:\Windows\syswow64\urlmon.dll [MD5.D0B9CBCAEAE963F74AC910ADF47F2F50] - [10/11/2018 22:32:29] - |A| - [4608] - C:\Windows\syswow64\user.exe [MD5.5D41A00F6ED104C9639D5CBF0D38A1D6] - [10/11/2018 22:33:28] - |A| - [1528904] - C:\Windows\syswow64\user32.dll [MD5.65316876798BD589A05781B6B68BBCD9] - [10/11/2018 22:32:50] - |A| - [1230848] - C:\Windows\syswow64\usercpl.dll [MD5.039BDAA1C6A50FEA69BA170D071C0506] - [10/11/2018 22:32:31] - |A| - [160256] - C:\Windows\syswow64\UserDeviceRegistration.dll [MD5.2D4F3342630DB4E1592AA5CEDE775B72] - [10/11/2018 22:32:44] - |A| - [559104] - C:\Windows\syswow64\UserLanguagesCpl.dll [MD5.3498ACDDCF5A3EA89A207122934D1046] - [10/11/2018 22:32:34] - |A| - [65536] - C:\Windows\syswow64\usoapi.dll [MD5.73978DD6DD93DFD1FDD83620AE604DD4] - [11/11/2018 06:16:28] - |A| - [722192] - C:\Windows\syswow64\Vb40032.dll [MD5.1CE92DF3A3FC063B66BCC52344873DEE] - [10/11/2018 22:33:57] - |A| - [463360] - C:\Windows\syswow64\vbscript.dll [MD5.B55FF9CC8010601EBC5ED52BF57A2C30] - [10/11/2018 22:32:30] - |A| - [48640] - C:\Windows\syswow64\virtdisk.dll [MD5.1454D47AF54831F8FF59210825EA8698] - [10/11/2018 22:32:59] - |A| - [1159680] - C:\Windows\syswow64\vssapi.dll [MD5.DA00A8ED9201E0293C8D1EF38315B4B8] - [10/11/2018 22:32:39] - |A| - [97280] - C:\Windows\syswow64\WcnApi.dll [MD5.74DFA3493E51A942A4C2F89254FE3EF6] - [10/11/2018 22:32:39] - |A| - [235008] - C:\Windows\syswow64\webcheck.dll [MD5.C5FABC086E613BB7B0826EA564DC922B] - [10/11/2018 22:32:44] - |A| - [190464] - C:\Windows\syswow64\WebClnt.dll [MD5.4A2B80BD4CEFAA5548601B76A16E2B2B] - [10/11/2018 22:32:50] - |A| - [462848] - C:\Windows\syswow64\webio.dll [MD5.A5BDF0F9A9252FE5E9A81542D80BFEDD] - [10/11/2018 22:32:32] - |A| - [459776] - C:\Windows\syswow64\webplatstorageserver.dll [MD5.F308C9718D84DC576345940DF074AA97] - [10/11/2018 22:32:58] - |A| - [1075984] - C:\Windows\syswow64\webservices.dll [MD5.C1AFB3BEFBE4B68F8332C4649C8398CE] - [10/11/2018 22:32:44] - |A| - [640024] - C:\Windows\syswow64\wer.dll [MD5.F0BCD5D25B955F1DA115EA4A64D5FD14] - [10/11/2018 22:32:30] - |A| - [136192] - C:\Windows\syswow64\wextract.exe [MD5.A011152FDCF4CA7251B0038B077047AB] - [10/11/2018 22:32:47] - |A| - [592800] - C:\Windows\syswow64\wimgapi.dll [MD5.28B52AC97D9194CF128F03A381F276D0] - [10/11/2018 22:33:57] - |A| - [2901504] - C:\Windows\syswow64\win32kfull.sys [MD5.812E9241C7844424DFE2985846070CFD] - [10/11/2018 22:32:41] - |A| - [83216] - C:\Windows\syswow64\winbrand.dll [MD5.A0C135507DB0167282168F3E5BDCC396] - [10/11/2018 22:32:33] - |A| - [309248] - C:\Windows\syswow64\wincorlib.dll [MD5.84EF8242B5B2B9E3036398AED7C46E2E] - [10/11/2018 22:32:31] - |A| - [162304] - C:\Windows\syswow64\Windows.ApplicationModel.Core.dll [MD5.AB9B72133CD867EEB89A9831BE8BDE43] - [10/11/2018 22:32:50] - |A| - [315392] - C:\Windows\syswow64\Windows.ApplicationModel.LockScreen.dll [MD5.CC811E2D58465654DC2562867521648F] - [10/11/2018 22:33:03] - |A| - [1490856] - C:\Windows\syswow64\Windows.ApplicationModel.Store.dll [MD5.9EC72380FCE884CB4A0C678F8EA7AA56] - [10/11/2018 22:32:42] - |A| - [246272] - C:\Windows\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.332947F929C12BE29402E8636F20E667] - [10/11/2018 22:33:24] - |A| - [6588416] - C:\Windows\syswow64\Windows.Data.Pdf.dll [MD5.3F2BEA2FF5CFCB54A1CC72235774D89E] - [10/11/2018 22:33:02] - |A| - [1240064] - C:\Windows\syswow64\Windows.Globalization.dll [MD5.3E58599D26AFE1761F87CECD252B9EB5] - [10/11/2018 22:32:35] - |A| - [430080] - C:\Windows\syswow64\Windows.Internal.Bluetooth.dll [MD5.1C9C38A788F22AEAC21ED2B9C54ECD3F] - [10/11/2018 22:32:37] - |A| - [516608] - C:\Windows\syswow64\Windows.Internal.Management.dll [MD5.0251CAD1B6C180A67A089DFA2D716548] - [10/11/2018 22:32:56] - |A| - [621568] - C:\Windows\syswow64\Windows.Media.BackgroundMediaPlayback.dll [MD5.C179D1218AD113537E309CB9323B15DF] - [10/11/2018 22:33:53] - |A| - [6014688] - C:\Windows\syswow64\Windows.Media.dll [MD5.D2ACB013E86EAB5C56587C44734E7399] - [10/11/2018 22:32:42] - |A| - [620544] - C:\Windows\syswow64\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.6C41D581CB2C832619F7290F2A0BA19B] - [10/11/2018 22:32:56] - |A| - [604672] - C:\Windows\syswow64\Windows.Media.Playback.MediaPlayer.dll [MD5.73256E92AA201252E82BD8A711B6A1FD] - [10/11/2018 22:32:31] - |A| - [56832] - C:\Windows\syswow64\Windows.Media.Playback.ProxyStub.dll [MD5.55AC76A913BB698511FE002168E56E83] - [10/11/2018 22:33:42] - |A| - [6482264] - C:\Windows\syswow64\Windows.Media.Protection.PlayReady.dll [MD5.1BAB35A0EC536FC2D4B741659207B6B9] - [10/11/2018 22:33:45] - |A| - [2491120] - C:\Windows\syswow64\Windows.Mirage.dll [MD5.19DA70310693C4231D3EFF03EB4EDFD9] - [10/11/2018 22:33:46] - |A| - [618496] - C:\Windows\syswow64\Windows.Mirage.Internal.dll [MD5.D01EFC2E14294C12094102545CC85EC3] - [10/11/2018 22:32:59] - |A| - [891904] - C:\Windows\syswow64\Windows.Networking.BackgroundTransfer.dll [MD5.343D98F99A919964216DC60A1AD34C69] - [10/11/2018 22:32:53] - |A| - [660480] - C:\Windows\syswow64\Windows.Networking.dll [MD5.94E8B4EBA0DA649AC0A6D8B5FC7DAE9D] - [10/11/2018 22:32:54] - |A| - [941568] - C:\Windows\syswow64\Windows.Networking.Vpn.dll [MD5.A2B45051F3DA399BA1B83599E2E23726] - [10/11/2018 22:32:53] - |A| - [405504] - C:\Windows\syswow64\Windows.Payments.dll [MD5.4EB540B4A1A428DF59A27E7FB3F885A8] - [10/11/2018 22:33:46] - |A| - [506256] - C:\Windows\syswow64\Windows.Perception.Stub.dll [MD5.3F51E3B936974BAA26CB7C96793E55E1] - [10/11/2018 22:32:59] - |A| - [598528] - C:\Windows\syswow64\Windows.Security.Authentication.Web.Core.dll [MD5.EAE9E8A3AEA8955C854EB572DF461F4A] - [10/11/2018 22:32:53] - |A| - [746904] - C:\Windows\syswow64\Windows.Services.TargetedContent.dll [MD5.131891D46023A4624CC9DA2A068317A5] - [10/11/2018 22:33:12] - |A| - [3979696] - C:\Windows\syswow64\Windows.StateRepository.dll [MD5.1FA0115DBEDD4006FB65246768DEC991] - [10/11/2018 22:32:38] - |A| - [89504] - C:\Windows\syswow64\Windows.StateRepositoryBroker.dll [MD5.B9DBAC940038A737E63BE80FDD7CE70A] - [10/11/2018 22:32:38] - |A| - [123808] - C:\Windows\syswow64\Windows.StateRepositoryClient.dll [MD5.A06DF410D350562F0FD699E98FD0FE84] - [10/11/2018 22:32:44] - |A| - [542856] - C:\Windows\syswow64\Windows.StateRepositoryPS.dll [MD5.2251D76E2BE4AF1C40BB1D8127846DED] - [10/11/2018 22:32:36] - |A| - [147456] - C:\Windows\syswow64\Windows.StateRepositoryUpgrade.dll [MD5.48ECCD9FF5FAB136BC86538C6FB6581D] - [10/11/2018 22:32:36] - |A| - [289824] - C:\Windows\syswow64\Windows.Storage.ApplicationData.dll [MD5.0DB91C3B1F2810931F47B842FE88B84F] - [10/11/2018 22:33:28] - |A| - [6087040] - C:\Windows\syswow64\windows.storage.dll [MD5.65E56E51EB7A2A664CCBDED8CFA72AA4] - [10/11/2018 22:32:54] - |A| - [464384] - C:\Windows\syswow64\Windows.UI.Core.TextInput.dll [MD5.48750BBEB489B5E50E79707DB5462DB8] - [10/11/2018 22:33:04] - |A| - [981504] - C:\Windows\syswow64\Windows.UI.Cred.dll [MD5.39CB8103B31D73464452424AE495DA9E] - [10/11/2018 22:33:01] - |A| - [1510912] - C:\Windows\syswow64\Windows.UI.Immersive.dll [MD5.6BE2B2B64DC32BCD7BB145466F114B37] - [10/11/2018 22:33:46] - |A| - [1321472] - C:\Windows\syswow64\Windows.UI.Input.Inking.dll [MD5.7622424210B39B004D9F0B8FA12100CF] - [10/11/2018 22:32:59] - |A| - [695296] - C:\Windows\syswow64\Windows.UI.Search.dll [MD5.59BFC0F33DF1C159A56C2E523E2A0FDF] - [10/11/2018 22:33:16] - |A| - [13704192] - C:\Windows\syswow64\Windows.UI.Xaml.dll [MD5.AC36BA1674C606189C95E498415A42D9] - [10/11/2018 22:32:42] - |A| - [132608] - C:\Windows\syswow64\Windows.UI.XamlHost.dll [MD5.5D320952A868EB0EADDD9641B461BCA2] - [10/11/2018 22:32:55] - |A| - [1503504] - C:\Windows\syswow64\WindowsCodecs.dll [MD5.13AA31B4DF50F17FDBBA86A70409755C] - [10/11/2018 22:33:01] - |A| - [704080] - C:\Windows\syswow64\winhttp.dll [MD5.ACED45EA17FC165F89457D1EC5647606] - [10/11/2018 22:33:55] - |A| - [4044800] - C:\Windows\syswow64\wininet.dll [MD5.02BF610B95E05855DD612D57D3183E82] - [10/11/2018 22:32:52] - |A| - [1558856] - C:\Windows\syswow64\winmde.dll [MD5.28A88CF98C90AD6156004A5579947F9C] - [10/11/2018 22:32:43] - |A| - [180224] - C:\Windows\syswow64\WinSCard.dll [MD5.BA6A61A00365044876F945A06A4D6493] - [10/11/2018 22:32:32] - |A| - [247296] - C:\Windows\syswow64\winsku.dll [MD5.A41DA2106D422477C0E25BD98E64E941] - [10/11/2018 22:32:49] - |A| - [420352] - C:\Windows\syswow64\winspool.drv [MD5.D7FA944EE38FBCEA993A1CCD01BD7785] - [10/11/2018 22:32:48] - |A| - [285144] - C:\Windows\syswow64\wintrust.dll [MD5.BDCE5E5BFC67B7D0CA6530E69B20BB0A] - [10/11/2018 22:32:52] - |A| - [832648] - C:\Windows\syswow64\WinTypes.dll [MD5.0D8C53EF58FDA3925609164DFC9EEFDE] - [10/11/2018 22:32:44] - |A| - [319488] - C:\Windows\syswow64\Wldap32.dll [MD5.0B795428742EDA68BF5C22C12BFA28E7] - [10/11/2018 22:32:38] - |A| - [61032] - C:\Windows\syswow64\wldp.dll [MD5.2EA24AC64D38D4ECE807041E92DF194B] - [10/11/2018 22:32:35] - |A| - [98304] - C:\Windows\syswow64\wlgpclnt.dll [MD5.A6ECF31E43274FA7EC787E8C1CD2FFB2] - [10/11/2018 22:32:54] - |A| - [531968] - C:\Windows\syswow64\wlidprov.dll [MD5.CEA51371971E187F478C5933F5BF4E91] - [10/11/2018 22:32:29] - |A| - [25088] - C:\Windows\syswow64\wmiprop.dll [MD5.831D17702D85AE9073A1D6AB0DE68F6B] - [10/11/2018 22:33:53] - |A| - [12730880] - C:\Windows\syswow64\wmp.dll [MD5.9B05BEEACF372ADAC85BF47849672597] - [10/11/2018 22:32:38] - |A| - [251200] - C:\Windows\syswow64\wmpeffects.dll [MD5.AEB5990B57D37C21D5F3A5B069B05F78] - [10/11/2018 22:32:35] - |A| - [103424] - C:\Windows\syswow64\wmpshell.dll [MD5.975890347C7998063E77E2C6F249878C] - [10/11/2018 22:32:41] - |A| - [392704] - C:\Windows\syswow64\WMVSENCD.DLL [MD5.0C3AB19FF0B062AD808C9DAD2CCE3D56] - [10/11/2018 22:32:44] - |A| - [681472] - C:\Windows\syswow64\WMVXENCD.DLL [MD5.12032766EBEF355306956B6C6B62535B] - [10/11/2018 22:33:05] - |A| - [1342464] - C:\Windows\syswow64\Wpc.dll [MD5.5D4932C317C6BCE0BAB1369D85963A3A] - [10/11/2018 22:32:41] - |A| - [636416] - C:\Windows\syswow64\WpcWebFilter.dll [MD5.71A81B527764597DF8D22958D5CD726D] - [10/11/2018 22:33:01] - |A| - [975360] - C:\Windows\syswow64\wpnapps.dll [MD5.D968CB0D323A9A54B5E81A2A4F239C0F] - [10/11/2018 22:32:35] - |A| - [258808] - C:\Windows\syswow64\wscapi.dll [MD5.74D90548993E4DC4CC4CBC5AF8B96417] - [10/11/2018 22:32:31] - |A| - [12800] - C:\Windows\syswow64\wscproxystub.dll [MD5.36BAFF05F1DD34DFFE6D0D100282288F] - [10/11/2018 22:32:39] - |A| - [147456] - C:\Windows\syswow64\wscript.exe [MD5.3E8DBDE2536682E3EA33BAB970197F90] - [10/11/2018 22:32:45] - |A| - [1332736] - C:\Windows\syswow64\wsecedit.dll [MD5.BE0D487494FCFF4B4E7D29A333BAF0DF] - [10/11/2018 22:32:36] - |A| - [16600] - C:\Windows\syswow64\wshhyperv.dll [MD5.39E63D680474BB0DDDB3D57BFC881FD7] - [10/11/2018 22:32:35] - |A| - [52736] - C:\Windows\syswow64\wsnmp32.dll [MD5.2DD0772405E534841BBF2D812B22218E] - [10/11/2018 22:32:59] - |A| - [825856] - C:\Windows\syswow64\wuapi.dll [MD5.1EFB575D7E2A8234DCC9D4531070106E] - [10/11/2018 22:09:46] - |A| - [67072] - C:\Windows\syswow64\wudriver.dll [MD5.F8E50658DDA49765A5C49CD90F3A4294] - [10/11/2018 22:32:33] - |A| - [30208] - C:\Windows\syswow64\wups.dll [MD5.660E6FB6972DB04E74C45C040D4DDE8C] - [10/11/2018 22:32:38] - |A| - [293888] - C:\Windows\syswow64\WwaApi.dll [MD5.6C1767F8AD6F0E704CBCA37C6E483ED1] - [10/11/2018 22:32:43] - |A| - [793400] - C:\Windows\syswow64\WWAHost.exe [MD5.A2E0419D7FBDFEFA19F5BB53556A22EB] - [10/11/2018 22:32:36] - |A| - [450936] - C:\Windows\syswow64\WWanAPI.dll [MD5.653DB51549B7CB7EC76EB8562D260D4F] - [10/11/2018 22:32:36] - |A| - [73896] - C:\Windows\syswow64\wwapi.dll [MD5.414CF6ED0142DAB4BDFC7AE95558AD4C] - [10/11/2018 22:33:09] - |A| - [3418112] - C:\Windows\syswow64\xpsrchvw.exe [MD5.D07878AB6E404AD22759759B4CFB47BC] - [10/11/2018 22:32:40] - |A| - [346112] - C:\Windows\syswow64\zipfldr.dll ---------- | Drives D: [19/05/2017 20:14:13] - |A| - (.ENC Security Systems BV - SanDisk SecureAccessV3.) - [16556320] - (6.0.19.0) - D:\SanDiskSecureAccessV3_win.exe E: [29/10/2018 10:19:22] - |A| - (.-.) - [377] - (0.0.0.0) - E:\MONTRE ESPI (D) - Raccourci.lnk [29/10/2018 10:26:40] - |A| - (.-.) - [15582048] - (0.0.0.0) - E:\ApplicationManager_v0905_rv198726(1_1)_STD_APM180612-01.exe [29/10/2018 10:26:41] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9 Setup .) - [58232776] - (9.0.6.0) - E:\ashampoo_snap_9_9.0.6_sm.exe [29/10/2018 10:26:45] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Video Optimizer Pro Setup .) - [92712216] - (1.0.0.0) - E:\ashampoo_video_optimizer_pro_1.0.0_sm.exe [29/10/2018 10:26:51] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [10513112] - (6.0.2800.1168) - E:\BingDesktopSetup.exe [29/10/2018 10:26:53] - |A| - (.Pehoricab - Tuhosanebe Setup .) - [1877816] - (5.5.1.3) - E:\BitlordSetup_VRhuSJ_1625885219.exe [29/10/2018 10:26:53] - |A| - (.Copyright © 2015 - Cameyo.Player.) - [15142784] - (1.0.0.0) - E:\Cameyo.exe [29/10/2018 10:27:00] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1174128] - (3.0.0.2816) - E:\CyberLink_PhotoDirector_Downloader.exe [29/10/2018 10:27:00] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1174200] - (3.0.0.2816) - E:\CyberLink_YouCam_Downloader.exe [29/10/2018 10:27:00] - |A| - (.-.) - [1035970816] - (0.0.0.0) - E:\CyberLinkDirectorSuite7.0_Trial_DRS180831-01_TR180913-025.exe [29/10/2018 10:28:00] - |A| - (.Copyright©2017 Wondershare. - wondershare-filmora-(fr)_setup_full1084.exe.) - [1038440] - (2.0.9.2) - E:\filmora_setup_full1084 (1).exe [29/10/2018 10:28:01] - |A| - (.Copyright©2017 Wondershare. - wondershare-filmora-(fr)_setup_full1084.exe.) - [1038440] - (2.0.9.2) - E:\filmora_setup_full1084.exe [29/10/2018 10:28:01] - |A| - (.Mozilla - Firefox.) - [45955760] - (18.5.0.0) - E:\firefox-65.0a1.fr.win64.installer.exe [29/10/2018 10:28:05] - |A| - (.(c) 2015 Nero AG and its affiliates - NeroInstaller.) - [3269816] - (1.12.0.1) - E:\Nero2019-1.12.0.1_stub_trial.exe [29/10/2018 10:28:05] - |A| - (.Copyright (c) 2012 Flexera Software LLC. - Setup Launcher Unicode.) - [78864656] - (9.0.1.9107) - E:\NTI_Media_Maker_9.0.1.9107_Express_Trial (1).exe [29/10/2018 10:28:13] - |A| - (.-.) - [259584] - (1.0.5.0) - E:\OTH.exe [29/10/2018 10:28:14] - |A| - (.-.) - [299058632] - (0.0.0.0) - E:\PhotoDirector_10_0_2103_69885_GM2_1_Es_Essential_PTD180725-03.exe [29/10/2018 10:28:32] - |A| - (.? Kakao Corp. - PotPlayer Setup File.) - [22416064] - (1.7.3344.0) - E:\potplayer-1-7-3344.exe [29/10/2018 10:28:33] - |A| - (.©IObit. - Smart Defrag 6 .) - [14526296] - (6.1.0.118) - E:\smart-defrag-setup (1).exe [29/10/2018 10:28:35] - |A| - (.©IObit. - Smart Defrag 6 .) - [14526296] - (6.1.0.118) - E:\smart-defrag-setup.exe [29/10/2018 10:28:37] - |A| - (.© 1999-2017 Code Sector. - TeraCopy Setup .) - [4575312] - (3.2.6.0) - E:\teracopy.exe [29/10/2018 10:28:38] - |A| - (.Copyright © 2018 Wondershare. - Wondershare TidyMyMusic Setup .) - [19475696] - (1.6.0.3) - E:\tidymymusic-bing_full1701.exe [29/10/2018 10:28:41] - |A| - (.-.) - [27257680] - (1.0.0.0) - E:\U_4.9.5718.72544%20(Prod)_Free_YOU180806-03.exe [29/10/2018 10:28:43] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [475760] - (3.0.2.3014) - E:\UAppInst.exe [29/10/2018 10:28:43] - |A| - (.-.) - [64759928] - (1.0.0.0) - E:\UWebinar_4.9.0.3313.226446_PLK180813-01.exe [29/10/2018 10:28:47] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [476344] - (3.0.2.3014) - E:\UWebinarInst.exe [29/10/2018 10:28:47] - |A| - (.Adlice Software Copyright © 2015 - WhyIGotInfected.) - [329800] - (2.2.0.0) - E:\WhyIGotInfected.exe [29/10/2018 10:28:48] - |A| - (.Adlice Software Copyright © 2015 - WhyIGotInfected.) - [292424] - (2.1.0.0) - E:\WhyIGotInfected-WIGI-_2.1.0.0.exe [29/10/2018 10:28:48] - |A| - (.-.) - [24285912] - (0.0.0.0) - E:\x-video-cutter2-fr.exe [29/10/2018 10:28:50] - |A| - (.-.) - [24392312] - (0.0.0.0) - E:\x-video-splitter2-fr.exe [29/10/2018 10:28:51] - |A| - (.-.) - [305486616] - (0.0.0.0) - E:\YouCam_8.0.0925.0a_Essential_Essential_YUC180820-01.exe ---------- | C: [10/11/2018 21:51:27] - |SHD| - [258] - C:\$RECYCLE.BIN [MD5.8CFAB5EBF1DAE268019842252096348A] - [07/12/2017 07:38:45] - |ASH| - (.-.) - [72] - (0.0.0.0) - C:\bootTel.dat [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 13:44:34] - |ASH| - (.-.) - [1676763136] - (0.0.0.0) - C:\hiberfil.sys [07/12/2017 07:02:19] - |D| - [131204] - C:\Intel [11/11/2018 16:55:17] - |D| - [278417] - C:\Look_my_hardware [11/11/2018 08:18:50] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 13:40:06] - |ASH| - (.-.) - [2199642112] - (0.0.0.0) - C:\pagefile.sys [29/09/2017 14:46:33] - |D| - [0] - C:\PerfLogs [29/09/2017 14:46:33] - |RD| - [7715707317] - C:\Program Files [29/09/2017 14:46:33] - |RD| - [304983965] - C:\Program Files (x86) [29/09/2017 14:46:33] - |HD| - [1238174713] - C:\ProgramData [11/11/2018 16:50:09] - |D| - [68685] - C:\QuickDiag [MD5.FEAA8D11063A8BDAA9EFD4AD0E119D78] - [11/11/2018 16:50:22] - |A| - (.-.) - [460521] - (0.0.0.0) - C:\QuickDiag.txt [07/12/2017 14:48:59] - |HD| - [1158477351] - C:\recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2018 13:40:06] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [10/11/2018 13:40:04] - |SHD| - [0] - C:\System Volume Information [29/09/2017 09:45:11] - |RD| - [27134367579] - C:\Users [29/09/2017 09:45:11] - |D| - [40600809073] - C:\Windows ---------- | C:\Windows [MD5.A486C15BA34B4C23677AA34F47CE2C0D] - [07/12/2017 07:01:45] - |A| - (.-.) - [1078] - (0.0.0.0) - C:\Windows\ACU.ico [29/09/2017 14:46:33] - |D| - [802] - C:\Windows\addins [29/09/2017 14:46:33] - |D| - [7588902] - C:\Windows\appcompat [29/09/2017 14:46:33] - |D| - [10007682] - C:\Windows\apppatch [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\AppReadiness [29/09/2017 14:46:33] - |RD| - [864027302] - C:\Windows\assembly [29/09/2017 14:46:33] - |D| - [692493] - C:\Windows\bcastdvr [MD5.55F49769891E4DC7CAB3E293E1238888] - [29/09/2017 14:41:23] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [65536] - (10.0.16299.15) - C:\Windows\bfsvc.exe [29/09/2017 14:46:33] - |D| - [38348967] - C:\Windows\Boot [MD5.858E05B3B6DFA5EF109DEB0A16704119] - [07/12/2017 23:39:33] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [29/09/2017 14:46:33] - |D| - [2486864] - C:\Windows\Branding [29/09/2017 14:37:01] - |D| - [0] - C:\Windows\CbsTemp [MD5.2A38BEB15CC1F2D59423AFC874926FBA] - [07/12/2017 07:12:59] - |A| - (.-.) - [1568] - (0.0.0.0) - C:\Windows\comsetup.log [MD5.A155FFABF2F04265A97274CCAB44D773] - [07/12/2017 14:08:15] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\Windows\core.xml [MD5.A155FFABF2F04265A97274CCAB44D773] - [29/09/2017 15:43:11] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\Windows\CoreSingleLanguage.xml [MD5.BD1868AC684B5AD6C0A2A7A1C764FA1F] - [07/12/2017 07:05:29] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\Csup.txt [29/09/2017 14:46:33] - |D| - [11482410] - C:\Windows\Cursors [07/12/2017 14:20:25] - |D| - [107520] - C:\Windows\de-DE [29/09/2017 14:46:33] - |D| - [3463] - C:\Windows\debug [29/09/2017 14:46:33] - |D| - [7976228351] - C:\Windows\DeliveryOptimization [MD5.050C668A459D689E7C033DBCA4417642] - [07/12/2017 07:12:58] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\Windows\diagerr.xml [29/09/2017 14:46:33] - |D| - [6496731] - C:\Windows\diagnostics [MD5.050C668A459D689E7C033DBCA4417642] - [07/12/2017 07:12:58] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\Windows\diagwrn.xml [29/09/2017 15:41:15] - |D| - [0] - C:\Windows\DigitalLocker [29/09/2017 14:46:33] - |SD| - [65] - C:\Windows\Downloaded Program Files [MD5.02A0A7BCAE9D6DAFD4922C2D81F14A64] - [29/09/2017 14:48:46] - |A| - (.-.) - [4785] - (0.0.0.0) - C:\Windows\DtcInstall.log [29/09/2017 14:46:33] - |HD| - [59968] - C:\Windows\ELAMBKUP [07/12/2017 14:35:07] - |D| - [47104] - C:\Windows\en-GB [29/09/2017 15:41:15] - |D| - [49664] - C:\Windows\en-US [07/12/2017 14:11:38] - |D| - [107520] - C:\Windows\es-ES [MD5.5CDE14540712838961E3B63930CE8C5D] - [10/11/2018 22:33:15] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3904304] - (10.0.16299.637) - C:\Windows\explorer.exe [29/09/2017 14:46:33] - |RSD| - [357033240] - C:\Windows\Fonts [07/12/2017 14:15:54] - |D| - [109568] - C:\Windows\fr-FR [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\GameBarPresenceWriter [29/09/2017 14:46:33] - |D| - [82778173] - C:\Windows\Globalization [29/09/2017 14:46:33] - |D| - [5622226] - C:\Windows\Help [MD5.67422BB31C52F0E4697C2A413677E033] - [10/11/2018 22:32:45] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [976896] - (10.0.16299.402) - C:\Windows\HelpPane.exe [MD5.620517DFE23E0DEB918F70538DF8AD67] - [29/09/2017 14:41:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.16299.15) - C:\Windows\hh.exe [29/09/2017 14:46:33] - |D| - [173069680] - C:\Windows\IME [29/09/2017 14:46:33] - |RD| - [7853860] - C:\Windows\ImmersiveControlPanel [29/09/2017 14:44:34] - |D| - [75855657] - C:\Windows\INF [29/09/2017 14:46:33] - |D| - [5932356143] - C:\Windows\InfusedApps [29/09/2017 14:46:33] - |D| - [38118841] - C:\Windows\InputMethod [29/09/2017 14:46:33] - |SHD| - [187279974] - C:\Windows\Installer [07/12/2017 14:30:10] - |D| - [107008] - C:\Windows\it-IT [29/09/2017 14:46:33] - |D| - [94163] - C:\Windows\L2Schemas [11/11/2018 06:03:09] - |D| - [2046209] - C:\Windows\LastGood.Tmp [29/09/2017 14:46:33] - |D| - [262144] - C:\Windows\LiveKernelReports [29/09/2017 09:45:14] - |D| - [80152556] - C:\Windows\Logs [MD5.F270A4A28D92F689EAECF0223257A703] - [07/12/2017 23:39:23] - |A| - (.-.) - [1380] - (0.0.0.0) - C:\Windows\lsasetup.log [29/09/2017 14:46:33] - |RSD| - [20331141] - C:\Windows\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [29/09/2017 14:42:00] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [29/09/2017 14:46:33] - |RD| - [1121252951] - C:\Windows\Microsoft.NET [29/09/2017 14:46:33] - |D| - [3298] - C:\Windows\Migration [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\ModemLogs [MD5.D4EE18887818F0782C0D72F1D67AAB5E] - [07/12/2017 07:10:42] - |A| - (.(c) Samsung Electronics. - Conditional Caller.) - [1731072] - (1.0.0.1) - C:\Windows\MSetCaller.exe [07/12/2017 14:12:44] - |D| - [968482] - C:\Windows\MSetup [07/12/2017 14:25:05] - |D| - [107520] - C:\Windows\nl-NL [MD5.15750221BBFFA36C055D656C46899460] - [29/09/2017 14:41:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [246784] - (10.0.16299.15) - C:\Windows\notepad.exe [29/09/2017 15:42:03] - |D| - [1322658] - C:\Windows\OCR [29/09/2017 14:46:33] - |RD| - [65] - C:\Windows\Offline Web Pages [10/10/2017 17:41:56] - |D| - [4205253] - C:\Windows\Panther [29/09/2017 14:46:33] - |D| - [4606] - C:\Windows\Performance [MD5.B9409DA24709883A9DAEF232E4994316] - [10/11/2018 13:40:04] - |A| - (.-.) - [4256] - (0.0.0.0) - C:\Windows\PFRO.log [29/09/2017 14:46:33] - |D| - [1909629] - C:\Windows\PLA [29/09/2017 14:46:33] - |D| - [6623820] - C:\Windows\PolicyDefinitions [07/12/2017 23:39:31] - |D| - [9057247] - C:\Windows\Prefetch [29/09/2017 14:46:33] - |RD| - [2166045] - C:\Windows\PrintDialog [29/09/2017 14:46:33] - |D| - [4038827] - C:\Windows\Provisioning [MD5.14A3681D6247758B1F4880022ABEE0D7] - [29/09/2017 14:41:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [335872] - (10.0.16299.15) - C:\Windows\regedit.exe [29/09/2017 14:46:33] - |D| - [1071164] - C:\Windows\Registration [29/09/2017 14:46:33] - |D| - [3022848] - C:\Windows\rescache [29/09/2017 14:46:33] - |D| - [3918415] - C:\Windows\Resources [07/12/2017 07:00:50] - |D| - [830338] - C:\Windows\RSTLog [MD5.2F887699ECB55E01D486700FB67E8805] - [07/12/2017 06:47:14] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2856800] - (1.0.7.2) - C:\Windows\RtlExUpd.dll [MD5.294DF39F9DCF1DC2EB384F835661B06E] - [07/12/2017 07:05:49] - |A| - (.-.) - [6284] - (0.0.0.0) - C:\Windows\Samsung.png [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\SchCache [29/09/2017 14:46:33] - |D| - [122082] - C:\Windows\schemas [10/10/2017 17:46:07] - |D| - [149836] - C:\Windows\sec [MD5.69D0E0C0848937803A2B0D73F2F0F533] - [07/12/2017 07:03:20] - |A| - (.(c) . All right reserved. - Time Sync Utility.) - [1630256] - (1.0.2.0) - C:\Windows\SecTimeSync.exe [29/09/2017 14:46:33] - |D| - [1119368] - C:\Windows\security [07/12/2017 23:39:23] - |D| - [47966898] - C:\Windows\ServiceProfiles [29/09/2017 09:45:11] - |D| - [154235632] - C:\Windows\servicing [29/09/2017 14:49:45] - |D| - [42] - C:\Windows\Setup [MD5.263FB8547D41D08BCE3F59D935846264] - [11/11/2018 16:46:43] - |A| - (.-.) - [617] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/11/2018 16:46:43] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [29/09/2017 14:46:33] - |D| - [53789184] - C:\Windows\ShellExperiences [29/09/2017 15:41:49] - |D| - [15974064] - C:\Windows\SKB [10/11/2018 13:45:00] - |D| - [526625786] - C:\Windows\SoftwareDistribution [29/09/2017 14:46:33] - |D| - [312959272] - C:\Windows\Speech [29/09/2017 14:46:33] - |D| - [269790662] - C:\Windows\Speech_OneCore [MD5.B3FBABDA876CFA2B4695471D5348F59F] - [29/09/2017 14:42:06] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.16299.15) - C:\Windows\splwow64.exe [29/09/2017 14:46:33] - |AD| - [1993343] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [29/09/2017 14:46:38] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [29/09/2017 09:45:11] - |D| - [6737897013] - C:\Windows\System32 [29/09/2017 14:46:34] - |D| - [203884985] - C:\Windows\SystemApps [29/09/2017 14:46:34] - |D| - [31261290] - C:\Windows\SystemResources [29/09/2017 09:45:15] - |AD| - [1713928226] - C:\Windows\SysWOW64 [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\TAPI [29/09/2017 14:46:34] - |D| - [6] - C:\Windows\Tasks [29/09/2017 14:46:34] - |D| - [615283285] - C:\Windows\Temp [29/09/2017 14:46:34] - |D| - [13428736] - C:\Windows\TextInput [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\tracing [29/09/2017 14:46:34] - |D| - [7680] - C:\Windows\twain_32 [MD5.F6C33A8A65C6AF007812EED398D783B2] - [29/09/2017 14:42:16] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\Windows\twain_32.dll [11/11/2018 08:20:44] - |D| - [6780876] - C:\Windows\UpdateAssistant [29/09/2017 14:46:34] - |D| - [12420] - C:\Windows\Vss [29/09/2017 14:46:34] - |D| - [32195506] - C:\Windows\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [29/09/2017 14:46:38] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [29/09/2017 14:41:58] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [07/12/2017 23:43:17] - |A| - (.-.) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.02BD03E57C66CB40AEDB7039E93E7CB0] - [29/09/2017 14:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.16299.15) - C:\Windows\winhlp32.exe [29/09/2017 09:45:11] - |D| - [12807544156] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [29/09/2017 14:41:16] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.0D5D4E344F5581C954355D7164DD4BE1] - [29/09/2017 14:41:38] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.16299.15) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System [11/11/2018 06:16:29] - |A| - [935632] - C:\Windows\System\Vb40016.dll (Copyright © 1987-1995 Microsoft Corp.) - (Visual Basic 4.0 runtime library) [11/11/2018 06:16:29] - |A| - [271264] - C:\Windows\System\vbrun100.dll () - () [11/11/2018 06:16:29] - |A| - [356992] - C:\Windows\System\vbrun200.dll (Copyright © 1987-1992 Microsoft Corp) - (Visual Basic 2.0 runtime library) [11/11/2018 06:16:29] - |A| - [398416] - C:\Windows\System\Vbrun300.dll (Copyright © 1987-1993 Microsoft Corp) - (Visual Basic 3.0 runtime library) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [20/10/2017 02:16:36] - C:\Windows\Installer\39e2.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:21:34] - C:\Windows\Installer\39e9.msi : (Intel(R) Management Engine Driver - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:18] - C:\Windows\Installer\39f0.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:42] - C:\Windows\Installer\39f7.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:50] - C:\Windows\Installer\39fe.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:21:22] - C:\Windows\Installer\3a05.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2017 16:25:02] - C:\Windows\Installer\3a0c.msi : (Intel(R) Trusted Connect Service Client x64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2017 16:21:30] - C:\Windows\Installer\3a13.msi : (Intel(R) Trusted Connect Service Client x86 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2016 11:34:12] - C:\Windows\Installer\3a1a.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:01:24] - C:\Windows\Installer\3ea5.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/05/2017 08:38:06] - C:\Windows\Installer\3eac.msi : (WlSarService - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:02:01] - C:\Windows\Installer\3eb4.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/10/2016 11:16:02] - C:\Windows\Installer\4abb.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/08/2017 03:30:28] - C:\Windows\Installer\7eda.msi : ( - Samsung) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2017 08:04:38] - C:\Windows\Installer\7eef.msi : ( - Samsung) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2017 06:48:12] - C:\Windows\Installer\7ef6.msi : (Show Window - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2016 16:40:24] - C:\Windows\Installer\7efb.msi : ( - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/02/2017 09:58:16] - C:\Windows\Installer\7f00.msi : ( - Samsung Electronics) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:01:24] - [53248] - C:\Windows\Installer\{18373B57-4FC3-4B1A-95B3-A7E5DCA577F7}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [07/12/2017 07:06:00] - [109207] - C:\Windows\Installer\{5493FC89-21E8-4D88-BCA1-4D33F1410968}\_853F67D554F05449430E7E.exe () - () [07/12/2017 07:02:02] - [59664] - C:\Windows\Installer\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [07/12/2017 07:06:13] - [372526] - C:\Windows\Installer\{87A08690-781E-4A8E-8300-775A2EA02932}\icon.exe () - () [07/12/2017 07:06:59] - [138667] - C:\Windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_853F67D554F05449430E7E.exe () - () [07/12/2017 07:06:59] - [138667] - C:\Windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_C99CA1BB496FD6B48BD347.exe () - () ---------- | %System%\*.in* [10/11/2018 22:32:28] - [3329] - C:\Windows\System32\ieuinit.inf [07/12/2017 23:46:15] - [6252240] - C:\Windows\System32\PerfStringBackup.INI [29/09/2017 14:41:57] - [60124] - C:\Windows\System32\tcpmon.ini [29/09/2017 14:41:41] - [2307] - C:\Windows\System32\WimBootCompress.ini [10/11/2018 22:32:28] - [3329] - C:\Windows\Syswow64\ieuinit.inf [29/09/2017 14:42:13] - [2307] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.0645E96FF7AE238CA9C3A58CD7CBA798] - |ASH| - [07/12/2017 23:42:08] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc276D.tmp.LOG1 [MD5.02DCEE11FE637CE305917DEB887FF9B8] - |ASH| - [07/12/2017 23:42:08] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc276D.tmp.LOG2 [MD5.2A51FAF04036C364A2675DD1EBA65742] - |ASH| - [07/12/2017 23:42:08] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc277E.tmp.LOG1 [MD5.6286869D3DA9E62B6CC276560E28B55E] - |ASH| - [07/12/2017 23:42:08] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc277E.tmp.LOG2 [MD5.B3B01480734CAA7E82737DE7D510936A] - |ASH| - [07/12/2017 23:42:08] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc278F.tmp.LOG1 [MD5.AF3063A844399A241F72167CBCCD51B1] - |ASH| - [07/12/2017 23:42:08] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc278F.tmp.LOG2 [MD5.9EC38FAD64F2BD37A353EF351B36E9D2] - |ASH| - [07/12/2017 23:41:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B65.tmp.LOG1 [MD5.C222951788D5C99490E48065DA9D2261] - |ASH| - [07/12/2017 23:41:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B65.tmp.LOG2 [MD5.D9A72E79F24F47E65F1F5AE8619278FB] - |ASH| - [07/12/2017 23:41:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B85.tmp.LOG1 [MD5.BE319DDE6387B6F74A7E07AD25F55406] - |ASH| - [07/12/2017 23:41:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B85.tmp.LOG2 [MD5.92CA14347A4146142A2EC29BA71B769C] - |ASH| - [07/12/2017 23:42:09] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B87.tmp.LOG1 [MD5.D4871EA84E8A475F5349054C25369468] - |ASH| - [07/12/2017 23:42:09] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B87.tmp.LOG2 [MD5.73D735B5F1F3A1FF6CB542902258E262] - |ASH| - [07/12/2017 23:41:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B96.tmp.LOG1 [MD5.F058A550BA59A08326D35370871EDF21] - |ASH| - [07/12/2017 23:41:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2B96.tmp.LOG2 [MD5.2E8234D7D6BE83F676371C29905894A1] - |ASH| - [07/12/2017 23:42:10] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2E76.tmp.LOG1 [MD5.F918D724066D0DA9948A67F3FF24D635] - |ASH| - [07/12/2017 23:42:10] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc2E76.tmp.LOG2 [MD5.C95230A8395BCA056F16510B8CE81C41] - |ASH| - [07/12/2017 23:41:43] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc326D.tmp.LOG1 [MD5.5803E14A7FCAACB95700C30FC8F62DB9] - |ASH| - [07/12/2017 23:41:43] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc326D.tmp.LOG2 [MD5.D037F5AD27B5BD339BBBD29F1E8BBAEA] - |ASH| - [07/12/2017 23:42:12] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3954.tmp.LOG1 [MD5.F2E2C7936F392BEB1E93801CF1EBE261] - |ASH| - [07/12/2017 23:42:12] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3954.tmp.LOG2 [MD5.ABB8C45C78DF8654327C14D4D9DFB233] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B15.tmp.LOG1 [MD5.221DF34B330640D287531DDD44BAA00C] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B15.tmp.LOG2 [MD5.8D488020E1E6D044205CF248021B90C0] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B35.tmp.LOG1 [MD5.D10B26EA7099B24A117D8A10889A10F5] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B35.tmp.LOG2 [MD5.5A9D7349278C8EB65CBB087B72E76059] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B45.tmp.LOG1 [MD5.01096E34E793CB856041CD55B4D60BAB] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B45.tmp.LOG2 [MD5.DB690881F57B7D4F88CE3B3866AD63AD] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B66.tmp.LOG1 [MD5.638E86591C2CA2CB86EAF717FA704EEE] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B66.tmp.LOG2 [MD5.9FBAC2EA1A8554D760A16192A0C7ACE7] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B86.tmp.LOG1 [MD5.B323F193AEA86C81F89FF5535C0A8584] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3B86.tmp.LOG2 [MD5.394D57A5F03197259BF7F98339D5D310] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3BC5.tmp.LOG1 [MD5.0C418DD922209432F5528CFD35676A0F] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3BC5.tmp.LOG2 [MD5.E5CBD9309A0982DCD106C3363F44B5BD] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3BE6.tmp.LOG1 [MD5.D934D269AAB519E846BDD1FDAB16C47A] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3BE6.tmp.LOG2 [MD5.2D2732FFA707EE28B68B087DFED95702] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3BF6.tmp.LOG1 [MD5.1A4D16FA9D6CDC44E864DA8C4C015B69] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3BF6.tmp.LOG2 [MD5.BE4D9807B14A0ACB180C482D39BE35F1] - |ASH| - [07/12/2017 23:41:45] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3C03.tmp.LOG1 [MD5.F40DEE39532B40C3A05DE79C6086FA81] - |ASH| - [07/12/2017 23:41:45] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3C03.tmp.LOG2 [MD5.69C91F825653CDF4D42D0216F483444A] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3C26.tmp.LOG1 [MD5.A9F74F2752A6D9B8BC987EB6D23DFC60] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3C26.tmp.LOG2 [MD5.67E9AB34DA577D1D76A0BF47A27D058D] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3C85.tmp.LOG1 [MD5.59150315C5ED74376683312C3C51B1B6] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3C85.tmp.LOG2 [MD5.6781A2528DCD83720B3E7A7F1613C36D] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3CC4.tmp.LOG1 [MD5.5836A92932B1797930F5F093C0AA8AA0] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3CC4.tmp.LOG2 [MD5.CAD6C94992D8D599912CED78DC5731DD] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3CF4.tmp.LOG1 [MD5.EF9670314A9BFDCDE669471272E76784] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3CF4.tmp.LOG2 [MD5.613FB1F379E0165A8A9C1CB045C7B816] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D15.tmp.LOG1 [MD5.FD0ED9ECEE8768D1444B395F825B2410] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D15.tmp.LOG2 [MD5.B8FFBB4FF5783705AC8AAF930AD36ACC] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D25.tmp.LOG1 [MD5.32C78877D4767AC285323889580FD476] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D25.tmp.LOG2 [MD5.7E50F19E6320A3862CCBE9B2D8AAA424] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D36.tmp.LOG1 [MD5.57EF52CAB3B26A47E381D3729CBFBC37] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D36.tmp.LOG2 [MD5.93965415E641210F88ACF299E65C89FF] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D56.tmp.LOG1 [MD5.64F46ACD3B649E3776CDEFFF1481AB9D] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D56.tmp.LOG2 [MD5.6DEF841A7C9F0F200914DC41695AF4F3] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D76.tmp.LOG1 [MD5.AA7330E9A483DF9EE855E8F7CA1E9557] - |ASH| - [07/12/2017 23:39:32] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D76.tmp.LOG2 [MD5.864212C82DA5C1CBB46F16E1C273A057] - |ASH| - [07/12/2017 23:41:46] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D8B.tmp.LOG1 [MD5.29B7DA4D15591D5B86294C9802CBC13A] - |ASH| - [07/12/2017 23:41:46] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D8B.tmp.LOG2 [MD5.54F62EF00723154AF79D42C8799C86AB] - |ASH| - [07/12/2017 23:41:46] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D9B.tmp.LOG1 [MD5.4188C7BAC81B20ACECB7129DBD3E9E66] - |ASH| - [07/12/2017 23:41:46] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3D9B.tmp.LOG2 [MD5.B70C376F925BBB24BE533DE74D8DB1B1] - |ASH| - [07/12/2017 23:39:33] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3FD9.tmp.LOG1 [MD5.90850D8E6FD934DBA5012E508E189A39] - |ASH| - [07/12/2017 23:39:33] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc3FD9.tmp.LOG2 [MD5.20BE4FDD03E7FB9BEF4629DBB42CDD41] - |ASH| - [07/12/2017 23:39:52] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc8937.tmp.LOG1 [MD5.F74975A3F8C59CDEA6191397FE453CED] - |ASH| - [07/12/2017 23:39:52] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\Temp\amc8937.tmp.LOG2 [MD5.00000000000000000000000000000000] - |D| - [11/11/2018 06:12:04] - [345.3 Ko] - C:\Windows\Temp\avast_ash2 [MD5.00000000000000000000000000000000] - |D| - [10/11/2018 22:32:14] - [884.72 Ko] - C:\Windows\Temp\C9E87019-B412-491D-803A-A4D8D1FE9A0955c.1d4793cd64758e3 [MD5.9D9BA05EA35261D9DD5856AC47250750] - |A| - [11/11/2018 06:17:21] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\Temp\FailureReportMetadata_11352.txt [MD5.AB22EA6D90FD384422F5B8F4B0E5C15C] - |A| - [11/11/2018 06:17:22] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\Temp\FailureReportMetadata_11355.txt [MD5.74C55F11380AA9B3FF978701A523F26F] - |A| - [11/11/2018 06:17:23] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\Temp\FailureReportMetadata_11358.txt [MD5.00000000000000000000000000000000] - |D| - [11/11/2018 06:12:01] - [147117.16 Ko] - C:\Windows\Temp\Firefox64en [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/11/2018 16:55:21] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/11/2018 16:55:21] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/11/2018 06:17:04] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\GeoInfo.tmp [MD5.5C34BC19ACB14DA8AFD044BBBC103B13] - |A| - [10/11/2018 22:31:36] - (.-.) - [39.19 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [11/11/2018 09:26:48] - [449368.05 Ko] - C:\Windows\Temp\NET [MD5.0C56E210DFD6149DEB6ABE158571CAF0] - |A| - [10/11/2018 22:09:25] - (.-.) - [100.59 Ko] - (0.0.0.0) - C:\Windows\Temp\sa.9N0866FS04W8_0__.Public.InstallAgent.dat [MD5.ECC0E555A0D9E2D70010454867CD1148] - |A| - [10/11/2018 22:09:31] - (.-.) - [102.95 Ko] - (0.0.0.0) - C:\Windows\Temp\sa.9NBLGGH18846_0__.Public.InstallAgent.dat [MD5.FC21BA15828124FDBF1CBCF5395EA69B] - |A| - [10/11/2018 22:09:28] - (.-.) - [117.55 Ko] - (0.0.0.0) - C:\Windows\Temp\sa.9NBLGGH2JHXJ_0__.Public.InstallAgent.dat [MD5.D61B014585B1A158BBCB0AFD458BCE69] - |A| - [10/11/2018 22:09:26] - (.-.) - [110.38 Ko] - (0.0.0.0) - C:\Windows\Temp\sa.9WZDNCRFHVFW_0__.Public.InstallAgent.dat [MD5.4B84ABA7CDBBB52BDD12C0835ADB5269] - |A| - [10/11/2018 22:09:22] - (.-.) - [115.55 Ko] - (0.0.0.0) - C:\Windows\Temp\sa.9WZDNCRFJ3TJ_0__.Public.InstallAgent.dat [MD5.B13AF738AA8BE55154B2752979D76827] - |A| - [10/11/2018 13:44:54] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\Windows\Temp\tem5C29.tmp [MD5.3620A5E0A8D4FB3F9B3687C86265A0DF] - |A| - [11/11/2018 00:10:16] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_5083.tmp [MD5.BF3D04E4C77C779D79902B64E8B6A088] - |A| - [11/11/2018 00:10:16] - (.-.) - [320 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_50B3.tmp [MD5.194BAFE9D0674B5B1E40C12021F3A089] - |A| - [11/11/2018 00:10:16] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_50E3.tmp [MD5.97D175A8FC3CD36049D9F403AB3E55CB] - |A| - [11/11/2018 00:10:17] - (.-.) - [128 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_5122.tmp [MD5.4974787021D0BCB590D98E9B20B1AC4D] - |A| - [10/11/2018 22:29:40] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_59FF.tmp [MD5.35CF2D3842A635BBFAA277B2292A740D] - |A| - [11/11/2018 00:10:28] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_7E8E.tmp [MD5.E7046E302D7D2E86062D507F30604221] - |A| - [11/11/2018 00:10:29] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_8110.tmp [MD5.C8E21526C73675C7AC55E513BDBD7CCA] - |A| - [11/11/2018 00:10:29] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_8269.tmp [MD5.45C6ECB7B10CE0309EF6830549418A8C] - |A| - [11/11/2018 00:10:30] - (.-.) - [256 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_84BB.tmp [MD5.6A714E92C31CC703F292299C6E5BF1EB] - |A| - [07/12/2017 06:47:33] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\Temp\USetup.iss [MD5.00000000000000000000000000000000] - |D| - [11/11/2018 06:11:30] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:15] - [0 Ko] - C:\Windows\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 14:41:41] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [29/09/2017 14:41:27] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [29/09/2017 14:41:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 14:41:33] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [29/09/2017 14:41:50] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png [MD5.2B7002E9C7EA6B436F3A0F7C305AACD8] - |A| - [10/11/2018 22:09:17] - (.-.) - [0.5 Ko] - (0.0.0.0) - C:\Windows\System32\@NotifierToastIcon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [29/09/2017 14:41:56] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 14:41:58] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [29/09/2017 14:42:07] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\Windows\System32\@WiFiNotificationIcon.png [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [29/09/2017 14:41:33] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 14:41:41] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [29/09/2017 14:41:31] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [29/09/2017 14:41:31] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\@WwanSimLockIcon.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:14] - [2985.4 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\af-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22 Ko] - C:\Windows\System32\am-ET [MD5.6DBFE2F49ADAA2E3683B93B437133734] - |A| - [07/12/2017 14:42:40] - (.-.) - [431.94 Ko] - (0.0.0.0) - C:\Windows\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [2591.88 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [299 Ko] - C:\Windows\System32\ar-SA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\as-IN [MD5.365FED0EC2439677A1ABC8632AFD090B] - |A| - [11/11/2018 06:10:58] - (.Copyright (c) 2018 AVAST Software - Avast start-up scanner.) - [369.71 Ko] - (18.7.4041.0) - C:\Windows\System32\aswBoot.exe [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [29/09/2017 14:41:25] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [287 Ko] - C:\Windows\System32\bg-BG [MD5.B64CA388DA910ED3CFA4D1218A3FB710] - |A| - [10/10/2018 11:20:01] - (.Copyright (C) 2016, BayHubTech/O2Micro. - BayHubTech/O2Micro SD/MMC Icon.) - [632.41 Ko] - (1.0.0.5) - C:\Windows\System32\bhtv5Icon.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5155.71 Ko] - C:\Windows\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\bs-Latn-BA [MD5.5712256A8FAB555CC50AEAC2A899A17A] - |A| - [29/09/2017 14:41:41] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [180.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0.1 Ko] - C:\Windows\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [112295.48 Ko] - C:\Windows\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [72279.06 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:21] - [1658.41 Ko] - C:\Windows\System32\cAVS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [23 Ko] - C:\Windows\System32\chr-CHER-US [MD5.A45B720B90F84A68AECB6E305C17B126] - |A| - [10/11/2018 22:32:30] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [203.41 Ko] - C:\Windows\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:20:25] - [3368.5 Ko] - C:\Windows\System32\de [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [44964.55 Ko] - C:\Windows\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 14:41:26] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png [MD5.26206C944AD7CDD1F50DD58868B32F7F] - |A| - [19/03/2017 11:30:58] - (.-.) - [64.38 Ko] - (0.0.0.0) - C:\Windows\System32\defaultCpff.aiqb [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [29/09/2017 14:41:25] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [29/09/2017 14:46:41] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [880.5 Ko] - C:\Windows\System32\DiagSvcs [MD5.5FF3FA1BFBB0CD05534F650EA27A6651] - |A| - [29/09/2017 14:41:45] - (.-.) - [90.75 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [9903.32 Ko] - C:\Windows\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [1127.34 Ko] - C:\Windows\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:04] - [142575.97 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [2691002.66 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [398 Ko] - C:\Windows\System32\dsc [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [29/09/2017 14:41:25] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [29/09/2017 14:41:25] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [29/09/2017 14:41:25] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin [MD5.4D1B8C9983D257EE86B6CC57C639E8E5] - |A| - [29/09/2017 14:41:12] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\Windows\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [381.5 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:16] - [3118 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [17092.43 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [25300.6 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:38] - [3381 Ko] - C:\Windows\System32\es [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [44179.42 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [298.5 Ko] - C:\Windows\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [266.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [29422.66 Ko] - C:\Windows\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\fa-IR [MD5.9576E963E56024AB319403C1FD86B5DA] - |A| - [10/11/2018 22:33:45] - (.-.) - [952.5 Ko] - (0.0.0.0) - C:\Windows\System32\FaceProcessor.dll [MD5.72166BD7CA6CCD71EE2DC7F72EC42862] - |A| - [10/11/2018 22:33:45] - (.-.) - [263.4 Ko] - (0.0.0.0) - C:\Windows\System32\FaceProcessorCore.dll [MD5.812CDFD967D2E82A3D24FCAA5784749D] - |A| - [29/09/2017 14:41:33] - (.-.) - [1325.65 Ko] - (0.0.0.0) - C:\Windows\System32\FaceTrackerInternal.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [10/11/2018 22:09:47] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [346 Ko] - C:\Windows\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\fil-PH [MD5.9D66F316387ED25102D9A75236BF3CBD] - |A| - [07/12/2017 23:39:23] - (.-.) - [216.84 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:15:55] - [3403 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [306.5 Ko] - C:\Windows\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [45084.1 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\ga-IE [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [29/09/2017 14:42:03] - (.-.) - [89 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/12/2017 07:03:13] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\gl-ES [MD5.44A8F60A38C87271B582FE4DEEAF73E0] - |A| - [10/11/2018 22:33:44] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4762.5 Ko] - (3.10.5.5585) - C:\Windows\System32\gnsdk_fp.dll [MD5.D3294ACCC2B60A8754801D392C3E1820] - |A| - [07/12/2017 07:05:17] - (.- GripResetService.) - [21 Ko] - (1.0.0.6) - C:\Windows\System32\GripResetService.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [284 Ko] - C:\Windows\System32\he-IL [MD5.4CD16A9C15397E1FAD5F19E35A13BE58] - |A| - [29/09/2017 14:41:27] - (.-.) - [215.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [278 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [352.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:41] - [124.21 Ko] - C:\Windows\System32\hydrogen [MD5.A565537F1580872AE5B95D0CA457D780] - |A| - [29/09/2017 14:41:23] - (.-.) - [44.4 Ko] - (0.0.0.0) - C:\Windows\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.FC7A71725A4887AD88FB4A0B764FFBF4] - |RA| - [29/09/2017 14:41:30] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1856 Ko] - (59.1.0.0) - C:\Windows\System32\icuin.dll [MD5.FB96578635DB1CFC08871A599539349E] - |RA| - [29/09/2017 14:41:30] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1309.5 Ko] - (59.1.0.0) - C:\Windows\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27 Ko] - C:\Windows\System32\ig-NG [MD5.3655EE3169C2654B12A273B430AFBD8A] - |A| - [24/02/2017 10:20:54] - (.-.) - [279.95 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCPL.cpl [MD5.19C3C8394B1A8EBE7CF61A8C0221C024] - |A| - [29/09/2017 14:41:25] - (.-.) - [168.5 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:01:24] - [2848.42 Ko] - C:\Windows\System32\ihvmanager [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [24877.17 Ko] - C:\Windows\System32\IME [MD5.922D5BABA5B7BA8253C6257B26FEDA6C] - |A| - [19/03/2017 11:30:58] - (.-.) - [188.18 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_CM500RF05SW700_SKY.cpf [MD5.1DE08BB9D54D2B2931D3A39695892511] - |A| - [19/03/2017 11:30:58] - (.-.) - [186.9 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_CM500RF05SW700_SKY_Video.cpf [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - |A| - [10/10/2018 11:56:10] - (.-.) - [162.62 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FN50FF-562H_SKY.cpf [MD5.CFC5B24CA92142B55EF237208466205E] - |A| - [19/03/2017 11:30:58] - (.-.) - [162.38 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FN50FF469H_SKY.cpf [MD5.8177EE49ECE5842A693A81E5F4BDDA28] - |A| - [11/11/2018 06:13:14] - (.-.) - [40.5 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FRONT.aiqd [MD5.29A8CA39130FCC8647014CFF162C608C] - |A| - [19/03/2017 11:30:58] - (.-.) - [221.56 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_NSMM4D5_SKY.cpf [MD5.AA6EFEDA4D5C5E22FF8EEB15CEF88098] - |A| - [19/03/2017 11:30:58] - (.-.) - [216.24 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_NSMM4D5_SKY_Video.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - |A| - [10/10/2018 11:56:10] - (.-.) - [167.33 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - |A| - [10/10/2018 11:56:10] - (.-.) - [167.26 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_START2FRONT_SKY_Video.cpf [MD5.9171FAFE4A8968B135457787F4FDC44A] - |A| - [11/11/2018 06:13:14] - (.-.) - [40.5 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_REAR.aiqd [MD5.6CF0A4151CEBBD50664EF4C35EC94434] - |A| - [19/03/2017 11:30:58] - (.-.) - [311.39 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY.cpf [MD5.E172D9B2DF8542B9BA124338476D65A8] - |A| - [19/03/2017 11:30:58] - (.-.) - [309.15 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_4KVideo.cpf [MD5.D5082A13FF3DA91F6DE930951F6DA404] - |A| - [19/03/2017 11:30:58] - (.-.) - [312.56 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_HD120fpsVideo.cpf [MD5.1EF7FF713DD0E3DC8D969E77CABBAE3C] - |A| - [19/03/2017 11:30:58] - (.-.) - [311.37 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_Video.cpf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.B98C0E77C3C1034303C20843DE05455E] - |A| - [29/09/2017 14:41:31] - (.-.) - [180.11 Ko] - (0.0.0.0) - C:\Windows\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [6389.5 Ko] - C:\Windows\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:21] - [58589.61 Ko] - C:\Windows\System32\Intel [MD5.45383117C89EC931144ABADC3391F6DC] - |A| - [24/02/2017 10:20:55] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [141.64 Ko] - (2.1.1.0) - C:\Windows\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:30:11] - [3368.5 Ko] - C:\Windows\System32\it [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [42914.56 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [270.91 Ko] - C:\Windows\System32\ja-jp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\ka-GE [MD5.C781EC82ED4F82C42ABE87774B56009C] - |A| - [19/03/2017 14:35:14] - (.-.) - [457.41 Ko] - (0.0.0.0) - C:\Windows\System32\KBL_AIC64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [262 Ko] - C:\Windows\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\ky-KG [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [29/09/2017 14:41:25] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [33 Ko] - C:\Windows\System32\lb-LU [MD5.20DDB5ABC9A250C2C99356CABF238DEE] - |A| - [19/03/2017 14:35:20] - (.-.) - [11949.91 Ko] - (0.0.0.0) - C:\Windows\System32\libia_cp64.dll [MD5.B209D959831AEF092817ECF8756F71B3] - |A| - [29/09/2017 14:41:58] - (.-.) - [776 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE [MD5.F2E9643DC05CD824F0E5525E5C940714] - |A| - [13/11/2017 02:29:30] - (.Copyright (C) 2016 - Samsung Modem Loader Service executable.) - [438.1 Ko] - (2.3.0.7) - C:\Windows\System32\MdmLdrSvc.exe [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [29/09/2017 14:41:25] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\mi-NZ [MD5.00000000000000000000000000000000] - |SD| - [07/12/2017 23:39:23] - [3.7 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5644.24 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [47126.6 Ko] - C:\Windows\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\ml-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\mn-MN [MD5.2CF0B546AA8A9863D54367948BF8AAB9] - |A| - [07/12/2017 07:11:19] - (.-.) - [1.08 Ko] - (0.0.0.0) - C:\Windows\System32\Modellist.txt [MD5.6E1EF1F6FBB2002AE726199EA2EDFACE] - |RA| - [10/11/2017 08:13:14] - (.-.) - [30433.5 Ko] - (0.0.0.0) - C:\Windows\System32\modem.bin [MD5.00000000000000000000000000000000] - |HD| - [07/12/2017 07:03:18] - [31068.88 Ko] - C:\Windows\System32\modem_core [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [10/11/2018 22:29:53] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [4180.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [70.74 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [334 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\ne-NP [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [29/09/2017 14:42:03] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:25:05] - [3369.5 Ko] - C:\Windows\System32\nl [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36508.39 Ko] - C:\Windows\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [3781.5 Ko] - C:\Windows\System32\Nui [MD5.34FFABE8384D7FD3A39D0A0073058FE7] - |A| - [07/12/2017 07:03:23] - (.-.) - [47.94 Ko] - (0.0.0.0) - C:\Windows\System32\nv_data.bin [MD5.19C3C27105083637FCF230BF0C04E0E0] - |A| - [07/12/2017 07:03:23] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\System32\nv_data.bin.md5 [MD5.B910E47C485808E59BC56E9FECE71E2A] - |A| - [07/12/2017 07:03:23] - (.-.) - [3.51 Ko] - (0.0.0.0) - C:\Windows\System32\nv_log.txt [MD5.5D4A5E27D573738E0C8C8FF4C0715DAF] - |A| - [29/09/2017 14:46:43] - (.-.) - [17.16 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [16916.6 Ko] - C:\Windows\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [29/09/2017 14:41:25] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\pa-IN [MD5.AD93D5412F3A30D74D6FD5D7053CCB48] - |A| - [12/05/2017 03:42:25] - (.-.) - [375.45 Ko] - (0.0.0.0) - C:\Windows\System32\PanelManagerSvc.exe [MD5.5EEFF6091B73B227972F341B6EDC8E02] - |A| - [07/12/2017 14:20:30] - (.-.) - [206.22 Ko] - (0.0.0.0) - C:\Windows\System32\perfc007.dat [MD5.82CDE7A83F20A2C8E81A4B5C3E82A152] - |A| - [29/09/2017 14:48:30] - (.-.) - [190.19 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.3B8BE06239681817D3C39C0A5F9A4917] - |A| - [07/12/2017 14:11:42] - (.-.) - [211.61 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00A.dat [MD5.2C671BFA00AFA8B8AB7697E5D3E4A936] - |A| - [07/12/2017 14:15:59] - (.-.) - [208.79 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.9E408E512445B5BFAB8EA49845F07E05] - |A| - [07/12/2017 14:30:15] - (.-.) - [202.39 Ko] - (0.0.0.0) - C:\Windows\System32\perfc010.dat [MD5.F37ED40AB4EF57F884373D3F8A07077D] - |A| - [07/12/2017 14:25:09] - (.-.) - [210.38 Ko] - (0.0.0.0) - C:\Windows\System32\perfc013.dat [MD5.C6A00700213A4CDFAC7B02FAABC2FA10] - |A| - [07/12/2017 14:20:30] - (.-.) - [39.57 Ko] - (0.0.0.0) - C:\Windows\System32\perfd007.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [29/09/2017 14:48:30] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.08728AEF33BBAC5884423C1597E74A29] - |A| - [07/12/2017 14:11:42] - (.-.) - [42.92 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00A.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2017 14:15:59] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.4F32511BD6124C1B65C8F7FCD244A82B] - |A| - [07/12/2017 14:30:15] - (.-.) - [38.93 Ko] - (0.0.0.0) - C:\Windows\System32\perfd010.dat [MD5.2BE9CA3C244098FEE4EFFC7855AB7602] - |A| - [07/12/2017 14:25:09] - (.-.) - [44.38 Ko] - (0.0.0.0) - C:\Windows\System32\perfd013.dat [MD5.0BFA4CFE7F2299D2D0D3F65E2D304CEA] - |A| - [07/12/2017 14:20:30] - (.-.) - [856.2 Ko] - (0.0.0.0) - C:\Windows\System32\perfh007.dat [MD5.B7C29B27D5A4BF0888813E9A089E19C5] - |A| - [29/09/2017 14:48:30] - (.-.) - [826.13 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.EF83DCF72D8D8421C2D866863D4B8636] - |A| - [07/12/2017 14:11:42] - (.-.) - [900.02 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00A.dat [MD5.8F26D7226C15E6ED07F39E72F95E9AF9] - |A| - [07/12/2017 14:15:59] - (.-.) - [962.66 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.B39207D13E9E7E0BA3D8619ED5099FF2] - |A| - [07/12/2017 14:30:15] - (.-.) - [892.57 Ko] - (0.0.0.0) - C:\Windows\System32\perfh010.dat [MD5.A73E1A6649AE49217830A4C04A8F526B] - |A| - [07/12/2017 14:25:09] - (.-.) - [899.47 Ko] - (0.0.0.0) - C:\Windows\System32\perfh013.dat [MD5.AAD2B887B3DB148EEB59DA3BE76DDF78] - |A| - [07/12/2017 23:46:15] - (.-.) - [6105.7 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:11:19] - [353.13 Ko] - C:\Windows\System32\Phonexml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [358.5 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [731.5 Ko] - C:\Windows\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [2642.92 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [29/09/2017 14:42:04] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [359.5 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [355 Ko] - C:\Windows\System32\pt-PT [MD5.D4B1F2DC3E5B06F2034C93670A96090C] - |A| - [19/03/2017 14:35:34] - (.-.) - [15148.91 Ko] - (0.0.0.0) - C:\Windows\System32\pvl64.dll [MD5.68910CB09A74980DCD4BF93EB5F8435B] - |A| - [19/03/2017 14:35:40] - (.-.) - [907.9 Ko] - (0.0.0.0) - C:\Windows\System32\pvl_perspective_control64.dll [MD5.49D5AB1E25D19B89A9BC7A3D880F5F2F] - |A| - [19/03/2017 14:35:46] - (.-.) - [124.91 Ko] - (0.0.0.0) - C:\Windows\System32\pvl_skin_smoothing_denoising64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\quz-PE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\RasToast [MD5.49A390CA472675F87262798CBD46BBEA] - |A| - [13/11/2017 02:29:37] - (.Copyright (C) 2016 - Samsung Radio Control Delegation Service executable.) - [460.1 Ko] - (2.3.0.7) - C:\Windows\System32\RCDService.exe [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [29/09/2017 14:41:23] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\removehypervisor.mof [MD5.E17EAD4E09FB96BD6DB717CB605B17F1] - |A| - [29/09/2017 14:42:06] - (.-.) - [8.86 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList [MD5.8286304CD9A20E2A4621D931F1CEF5CB] - |A| - [29/09/2017 14:42:06] - (.-.) - [8.28 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\restore [MD5.D07E424408708A52CC5680F2C552EE5A] - |A| - [07/12/2017 07:04:05] - (.-.) - [17.07 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.001A4DFDDBFCA32A0F70EDFCE7F22B80] - |A| - [10/11/2018 22:33:25] - (.-.) - [95.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\rw-RW [MD5.0EF31C4363277197B9528FDC80128B7E] - |A| - [19/01/2017 21:30:00] - (.Copyright (C) 2017 -.) - [26.61 Ko] - (1.0.48.0) - C:\Windows\System32\SamsungSystemAgentInstaller.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [29/09/2017 14:43:11] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\sd-Arab-PK [MD5.99F86B98160742F3395A688D70B45FF5] - |A| - [13/11/2017 02:29:37] - (.-.) - [162.6 Ko] - (0.0.0.0) - C:\Windows\System32\SecRilProxy.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [6.92 Ko] - C:\Windows\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [29/09/2017 14:42:04] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\si-LK [MD5.55AA2F021E09B07B7F36E1C1F439C1E8] - |A| - [07/12/2017 14:12:45] - (.-.) - [241.46 Ko] - (0.0.0.0) - C:\Windows\System32\SingleBom.xml [MD5.9600A53FFCD61F92ED1933AF66EF2E42] - |A| - [07/12/2017 14:12:45] - (.-.) - [951.41 Ko] - (0.0.0.0) - C:\Windows\System32\SingleBom2.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [283 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [279.5 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 23:39:23] - [11249.79 Ko] - C:\Windows\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [306.28 Ko] - C:\Windows\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [29/09/2017 14:41:25] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [16409.02 Ko] - C:\Windows\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - |A| - [10/11/2018 22:32:34] - (.-.) - [37 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [8419.4 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [15890.48 Ko] - C:\Windows\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [39202.67 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5256.14 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.61 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [282 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 14:42:07] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat [MD5.047BCF71FB0E5EC754437879E8DAA7F6] - |A| - [29/09/2017 14:42:00] - (.-.) - [56.38 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [6360 Ko] - C:\Windows\System32\sru [MD5.1BA92CDCF58B0D7D298CC09799B4D431] - |A| - [29/09/2017 14:41:25] - (.-.) - [410 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [341 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\sw-KE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [1588.56 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [945.28 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\System32\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [544.86 Ko] - C:\Windows\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [29/09/2017 14:41:57] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\te-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [260 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22.5 Ko] - C:\Windows\System32\ti-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:03:18] - [330.69 Ko] - C:\Windows\System32\ToastGenerator [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [336 Ko] - C:\Windows\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [29/09/2017 14:42:07] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [29/09/2017 14:42:07] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [277.5 Ko] - C:\Windows\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [2739.52 Ko] - C:\Windows\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\ur-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\System32\uz-Latn-UZ [MD5.DD4447DFCB5018987FDA850C6BCDE2A7] - |A| - [07/12/2017 07:11:19] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\VersionID.txt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\vi-VN [MD5.F6580F5D0408FCD200F535F08BEA1C18] - |A| - [23/11/2016 01:22:56] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [259.28 Ko] - (1.0.33.0) - C:\Windows\System32\vulkan-1-1-0-33-0.dll [MD5.264389FE2D13E56CF28C2D9497099A12] - |A| - [20/08/2018 19:51:12] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [946.8 Ko] - (1.1.82.1) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.264389FE2D13E56CF28C2D9497099A12] - |A| - [20/08/2018 19:51:12] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [946.8 Ko] - (1.1.82.1) - C:\Windows\System32\vulkan-1.dll [MD5.324D0656179A6237150B851A03F2FB17] - |A| - [23/11/2016 01:22:24] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-33-0.exe [MD5.98B539DEC46604CA5C23C7770F976A5F] - |A| - [20/08/2018 19:51:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [253.3 Ko] - (1.1.82.1) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.98B539DEC46604CA5C23C7770F976A5F] - |A| - [20/08/2018 19:51:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [253.3 Ko] - (1.1.82.1) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [144717.29 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [85843.8 Ko] - C:\Windows\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [29/09/2017 14:41:40] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [80360.42 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.1E38A547C9380DAB0F0692E1EE9CC5B3] - |A| - [29/09/2017 14:41:27] - (.-.) - [102.5 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [10904.4 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [81224 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5286.48 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [634.31 Ko] - C:\Windows\System32\winrm [MD5.63CFE4B848F85D1883FE8D9F1820B667] - |A| - [19/05/2017 08:38:06] - (.Copyright (C) 2015 Samsung Electronics Co., Ltd. - WLAN SAR Service.) - [54.5 Ko] - (1.0.0.7) - C:\Windows\System32\WlSarService.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\wo-SN [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [29/09/2017 14:42:07] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png [MD5.D224E07A6F89FD14C3FD8A83127811CC] - |A| - [29/09/2017 14:41:43] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml [MD5.200BCDE9B44C32B1633B68A9AADA8AAA] - |A| - [29/09/2017 14:41:25] - (.-.) - [78 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [260.04 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [225.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\zu-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 14:42:13] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 14:42:11] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 14:42:24] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 14:42:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:15] - [2001.4 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22 Ko] - C:\Windows\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [280.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [265.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.B64CA388DA910ED3CFA4D1218A3FB710] - |A| - [10/10/2018 11:20:01] - (.Copyright (C) 2016, BayHubTech/O2Micro. - BayHubTech/O2Micro SD/MMC Icon.) - [632.41 Ko] - (1.0.0.5) - C:\Windows\SysWOW64\bhtv5Icon.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [23 Ko] - C:\Windows\SysWOW64\chr-CHER-US [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 14:42:09] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png [MD5.26206C944AD7CDD1F50DD58868B32F7F] - |A| - [19/03/2017 11:30:58] - (.-.) - [64.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\defaultCpff.aiqb [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [200.5 Ko] - C:\Windows\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [8038.7 Ko] - C:\Windows\SysWOW64\Dism [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1079.58 Ko] - C:\Windows\SysWOW64\downlevel [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [3526.29 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1.04 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [358.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [3118 Ko] - C:\Windows\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [13663.06 Ko] - C:\Windows\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [21167.31 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:40] - [3128 Ko] - C:\Windows\SysWOW64\es [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36790.04 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [277 Ko] - C:\Windows\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [247.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [25308.16 Ko] - C:\Windows\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\fa-IR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [325 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\fil-PH [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:15:56] - [3149.5 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [284 Ko] - C:\Windows\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [37532.15 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\SysWOW64\gd-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\gl-ES [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [10/11/2018 22:33:45] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\Windows\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [266.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.3A7F920893FD6F49BC4CC07B72914013] - |A| - [29/09/2017 14:42:09] - (.-.) - [188.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [258 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [331 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.F0851D76262FF35F76156F628A04099B] - |RA| - [29/09/2017 14:42:11] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1602.5 Ko] - (59.1.0.0) - C:\Windows\SysWOW64\icuin.dll [MD5.40E2D734687DAF397D472B70FC305781] - |RA| - [29/09/2017 14:42:11] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1131.5 Ko] - (59.1.0.0) - C:\Windows\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27 Ko] - C:\Windows\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [20706.67 Ko] - C:\Windows\SysWOW64\IME [MD5.922D5BABA5B7BA8253C6257B26FEDA6C] - |A| - [19/03/2017 11:30:58] - (.-.) - [188.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_CM500RF05SW700_SKY.cpf [MD5.1DE08BB9D54D2B2931D3A39695892511] - |A| - [19/03/2017 11:30:58] - (.-.) - [186.9 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_CM500RF05SW700_SKY_Video.cpf [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - |A| - [10/10/2018 11:56:10] - (.-.) - [162.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_FN50FF-562H_SKY.cpf [MD5.CFC5B24CA92142B55EF237208466205E] - |A| - [19/03/2017 11:30:58] - (.-.) - [162.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_FN50FF469H_SKY.cpf [MD5.29A8CA39130FCC8647014CFF162C608C] - |A| - [19/03/2017 11:30:58] - (.-.) - [221.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_NSMM4D5_SKY.cpf [MD5.AA6EFEDA4D5C5E22FF8EEB15CEF88098] - |A| - [19/03/2017 11:30:58] - (.-.) - [216.24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_NSMM4D5_SKY_Video.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - |A| - [10/10/2018 11:56:10] - (.-.) - [167.33 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - |A| - [10/10/2018 11:56:10] - (.-.) - [167.26 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_START2FRONT_SKY_Video.cpf [MD5.6CF0A4151CEBBD50664EF4C35EC94434] - |A| - [19/03/2017 11:30:58] - (.-.) - [311.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY.cpf [MD5.E172D9B2DF8542B9BA124338476D65A8] - |A| - [19/03/2017 11:30:58] - (.-.) - [309.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_4KVideo.cpf [MD5.D5082A13FF3DA91F6DE930951F6DA404] - |A| - [19/03/2017 11:30:58] - (.-.) - [312.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_HD120fpsVideo.cpf [MD5.1EF7FF713DD0E3DC8D969E77CABBAE3C] - |A| - [19/03/2017 11:30:58] - (.-.) - [311.37 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_Video.cpf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.4F6BFC6464D620149C2BB60243C6A3B8] - |A| - [29/09/2017 14:42:11] - (.-.) - [146.33 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [218.5 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.9509BE5D2D8C161D1CC99FD6B123F1D7] - |A| - [24/02/2017 10:20:55] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [117.16 Ko] - (2.1.1.0) - C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\is-IS [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:30:12] - [3116 Ko] - C:\Windows\SysWOW64\it [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [35606.25 Ko] - C:\Windows\SysWOW64\it-IT [MD5.214F51F66802C851F1C50BC662EDA828] - |A| - [19/03/2017 14:35:10] - (.-.) - [398.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\KBL_AIC.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [249 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\ky-KG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [33 Ko] - C:\Windows\SysWOW64\lb-LU [MD5.67E645B1AECCCD2256BAAE19CF7C82DA] - |A| - [24/02/2017 10:20:56] - (.-.) - [144.64 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libEGL.dll [MD5.7A4A5073E06F23DC9E4133694E383A01] - |A| - [24/02/2017 10:20:56] - (.-.) - [129.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libGLESv1_CM.dll [MD5.4F4C04283A158F4EFD216873B2EAD2B1] - |A| - [24/02/2017 10:20:56] - (.-.) - [163.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libGLESv2.dll [MD5.D6834D1BA5633B96C628EC62AFE9241C] - |A| - [19/03/2017 14:35:16] - (.-.) - [10144.91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libia_cp.dll [MD5.9153AC92F959BBB897C5709EBDA3212C] - |A| - [07/12/2017 07:35:11] - (.-.) - [0.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Master.log [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [3036.44 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [815.4 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\ml-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.DF252F37880142ED5574C2BE4DADF5A7] - |A| - [11/11/2018 06:16:28] - (.-.) - [206 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\msvcrt10.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [70.74 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [315 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:25:06] - [3116.5 Ko] - C:\Windows\SysWOW64\nl [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [30721.23 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [656.72 Ko] - C:\Windows\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\pa-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [336.5 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [2642.9 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [338.5 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [333.5 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.D5315B9A346EA9AEAD836DBCE8FED34A] - |A| - [19/03/2017 14:35:32] - (.-.) - [15023.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl.dll [MD5.6BE006E30928C81322196A1949B042E2] - |A| - [19/03/2017 14:35:38] - (.-.) - [749.91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl_perspective_control.dll [MD5.70A36915F333E318C67E463375F192BF] - |A| - [19/03/2017 14:35:44] - (.-.) - [108.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl_skin_smoothing_denoising.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [261.5 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:24] - [2210.31 Ko] - C:\Windows\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [329.5 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\rw-RW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\si-LK [MD5.55AA2F021E09B07B7F36E1C1F439C1E8] - |A| - [07/12/2017 14:12:45] - (.-.) - [241.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SingleBom.xml [MD5.9600A53FFCD61F92ED1933AF66EF2E42] - |A| - [07/12/2017 14:12:45] - (.-.) - [951.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SingleBom2.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [261 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [259 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [306.28 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [4321.4 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [9070.45 Ko] - C:\Windows\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1319.31 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.61 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\sq-AL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [262 Ko] - C:\Windows\SysWOW64\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 14:42:27] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.30FE146E2F0712AFEEA1ECF3E0EA270C] - |A| - [29/09/2017 14:42:09] - (.-.) - [302 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [321.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [241 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22.5 Ko] - C:\Windows\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [316.5 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\tt-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [257 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\vi-VN [MD5.1083642C30E7A3F79D565698BC1B70E4] - |A| - [23/11/2016 01:23:44] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [265.28 Ko] - (1.0.33.0) - C:\Windows\SysWOW64\vulkan-1-1-0-33-0.dll [MD5.3A978D041118C37280181C061A917074] - |A| - [20/08/2018 19:51:10] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [816.8 Ko] - (1.1.82.1) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.3A978D041118C37280181C061A917074] - |A| - [20/08/2018 19:51:10] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [816.8 Ko] - (1.1.82.1) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.900B60ECDDF695C0A55CA7C82AD75668] - |A| - [23/11/2016 01:23:14] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-33-0.exe [MD5.9E292131F77D25CA078B7C33984806E5] - |A| - [20/08/2018 19:51:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [229.3 Ko] - (1.1.82.1) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.9E292131F77D25CA078B7C33984806E5] - |A| - [20/08/2018 19:51:24] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [229.3 Ko] - (1.1.82.1) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [31305.17 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:18] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.ACC1181C0AA4D01B537F53A1CC33E766] - |A| - [29/09/2017 14:42:09] - (.-.) - [90 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [10045.02 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5286.49 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:18] - [634.31 Ko] - C:\Windows\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\wo-SN [MD5.E1FEDF746C5EE63886B06756867F728C] - |A| - [11/10/2017 03:42:25] - (.Copyright (C) 2012 - WSABI.) - [42.28 Ko] - (1.0.0.3) - C:\Windows\SysWOW64\wsabi.dll [MD5.12D91C9A9837995A137ACE4B2E674918] - |A| - [29/09/2017 14:42:09] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:41] - [50.78 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [220.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [214.5 Ko] - C:\Windows\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\zu-ZA ---------- | Shell Folders [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\jean-\AppData\Roaming [10/11/2018 21:48:41] "Local AppData"=C:\Users\jean-\AppData\Local [10/11/2018 21:48:41] "CD Burning"=C:\Users\jean-\AppData\Local\Microsoft\Windows\Burn\Burn [10/11/2018 21:52:28] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Libraries [10/11/2018 21:51:12] "My Video"=C:\Users\jean-\Videos [10/11/2018 21:48:41] "My Pictures"=C:\Users\jean-\OneDrive\Images [11/11/2018 08:19:33] "Desktop"=C:\Users\jean-\OneDrive\Bureau [11/11/2018 08:19:34] "History"=C:\Users\jean-\AppData\Local\Microsoft\Windows\History [10/11/2018 21:48:41] "NetHood"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Network Shortcuts [10/11/2018 21:48:41] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\jean-\Contacts [10/11/2018 21:51:12] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\jean-\AppData\Local\Microsoft\Windows\RoamingTiles [10/11/2018 21:51:12] "Cookies"=C:\Users\jean-\AppData\Local\Microsoft\Windows\INetCookies [10/11/2018 21:48:41] "Favorites"=C:\Users\jean-\Favorites [10/11/2018 21:48:41] "SendTo"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\SendTo [10/11/2018 21:48:41] "Start Menu"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu [10/11/2018 21:48:41] "My Music"=C:\Users\jean-\Music [10/11/2018 21:48:41] "Programs"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/11/2018 21:48:41] "Recent"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Recent [10/11/2018 21:48:41] "PrintHood"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [10/11/2018 21:48:41] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\jean-\Searches [10/11/2018 21:51:12] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\jean-\Downloads [10/11/2018 21:48:41] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\jean-\AppData\LocalLow [10/11/2018 21:48:42] "Startup"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/11/2018 21:51:12] "Administrative Tools"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/11/2018 21:51:12] "Personal"=C:\Users\jean-\OneDrive\Documents [11/11/2018 08:19:29] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\jean-\Links [10/11/2018 21:48:41] "Cache"=C:\Users\jean-\AppData\Local\Microsoft\Windows\INetCache [10/11/2018 21:48:41] "Templates"=C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Templates [10/11/2018 21:48:41] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\jean-\Saved Games [10/11/2018 21:48:41] "Fonts"=C:\Windows\Fonts [29/09/2017 14:46:33] [HKU\S-1-5-21-85169472-1442237754-271036338-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies "Desktop"=C:\Users\jean-\OneDrive\Bureau [11/11/2018 08:19:34] "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=C:\Users\jean-\OneDrive\Images [11/11/2018 08:19:33] "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=C:\Users\jean-\OneDrive\Documents [11/11/2018 08:19:29] "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "{F42EE2D3-909F-4907-8871-4C22FC0BF756}"=C:\Users\jean-\OneDrive\Documents [11/11/2018 08:19:29] "{0DDD015D-B06C-45D5-8C4C-F59713854639}"=C:\Users\jean-\OneDrive\Images [11/11/2018 08:19:33] "{B7BEDE81-DF94-4682-A7D8-57A52620B86F}"=C:\Users\jean-\OneDrive\Images\Captures d’écran [11/11/2018 08:19:34] "{AB5FB87B-7CE2-4F83-915D-550846C9537B}"=C:\Users\jean-\OneDrive\Images\Pellicule [11/11/2018 08:19:34] "{339719B5-8C47-4894-94C2-D8F77ADD44A6}"=C:\Users\jean-\OneDrive\Images [11/11/2018 08:19:33] "{767E6811-49CB-4273-87C2-20F355E1085B}"=C:\Users\jean-\OneDrive\Images\Pellicule [11/11/2018 08:19:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/09/2017 14:46:33] "Common AppData"=C:\ProgramData [29/09/2017 14:46:33] "Common Desktop"=C:\Users\Public\Desktop [29/09/2017 14:46:33] "Common Documents"=C:\Users\Public\Documents [29/09/2017 14:46:33] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/09/2017 14:46:33] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [29/09/2017 14:46:33] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 14:46:33] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [29/09/2017 14:46:33] "CommonMusic"=C:\Users\Public\Music [29/09/2017 14:46:33] "CommonPictures"=C:\Users\Public\Pictures [29/09/2017 14:46:33] "CommonVideo"=C:\Users\Public\Videos [29/09/2017 14:46:33] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [29/09/2017 14:46:33] "Common AppData"=C:\ProgramData [29/09/2017 14:46:33] "Common Desktop"=C:\Users\Public\Desktop [29/09/2017 14:46:33] "Common Documents"=C:\Users\Public\Documents [29/09/2017 14:46:33] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/09/2017 14:46:33] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [29/09/2017 14:46:33] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 14:46:33] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [29/09/2017 14:46:33] "CommonMusic"=C:\Users\Public\Music [29/09/2017 14:46:33] "CommonPictures"=C:\Users\Public\Pictures [29/09/2017 14:46:33] "CommonVideo"=C:\Users\Public\Videos [29/09/2017 14:46:33] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [jean-] [11/11/2018 06:03:05] - |D| - [56] - C:\Users\jean-\.cache [10/11/2018 21:51:12] - |RD| - [298] - C:\Users\jean-\3D Objects [10/11/2018 21:48:41] - |HD| - [1812825530] - C:\Users\jean-\AppData [10/11/2018 21:51:12] - |RD| - [412] - C:\Users\jean-\Contacts [10/11/2018 21:48:41] - |RD| - [18942446654] - C:\Users\jean-\Downloads [10/11/2018 21:48:41] - |RD| - [6181] - C:\Users\jean-\Favorites [10/11/2018 21:51:11] - |SHD| - [25308] - C:\Users\jean-\IntelGraphicsProfiles [10/11/2018 21:48:41] - |RD| - [1945] - C:\Users\jean-\Links [10/11/2018 21:51:33] - |HD| - [456] - C:\Users\jean-\MicrosoftEdgeBackups [10/11/2018 21:48:41] - |RD| - [504] - C:\Users\jean-\Music [10/11/2018 21:48:41] - |AH| - [2097152] - C:\Users\jean-\NTUSER.DAT [10/11/2018 21:48:41] - |ASH| - [585728] - C:\Users\jean-\ntuser.dat.LOG1 [10/11/2018 21:48:41] - |ASH| - [524288] - C:\Users\jean-\ntuser.dat.LOG2 [10/11/2018 21:48:41] - |ASH| - [65536] - C:\Users\jean-\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TM.blf [10/11/2018 21:48:41] - |ASH| - [524288] - C:\Users\jean-\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TMContainer00000000000000000001.regtrans-ms [10/11/2018 21:48:41] - |ASH| - [524288] - C:\Users\jean-\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TMContainer00000000000000000002.regtrans-ms [10/11/2018 21:48:42] - |SH| - [20] - C:\Users\jean-\ntuser.ini [10/11/2018 21:53:06] - |RAD| - [5134943826] - C:\Users\jean-\OneDrive [10/11/2018 21:48:41] - |RD| - [282] - C:\Users\jean-\Saved Games [10/11/2018 21:51:12] - |RD| - [1868] - C:\Users\jean-\Searches [10/11/2018 21:48:41] - |RD| - [504] - C:\Users\jean-\Videos [10/11/2018 21:48:41] - |D| - [1099090828] - C:\Users\jean-\AppData\Local [10/11/2018 21:48:42] - |D| - [949849] - C:\Users\jean-\AppData\LocalLow [10/11/2018 21:48:41] - |D| - [712784853] - C:\Users\jean-\AppData\Roaming [11/11/2018 06:12:37] - |D| - [0] - C:\Users\jean-\AppData\Local\AVAST Software [11/11/2018 06:16:47] - |D| - [0] - C:\Users\jean-\AppData\Local\CEF [10/11/2018 21:53:05] - |D| - [19095556] - C:\Users\jean-\AppData\Local\Comms [10/11/2018 21:51:10] - |D| - [1085050] - C:\Users\jean-\AppData\Local\ConnectedDevicesPlatform [11/11/2018 08:39:24] - |D| - [6394053] - C:\Users\jean-\AppData\Local\CrashDumps [11/11/2018 08:39:15] - |D| - [0] - C:\Users\jean-\AppData\Local\DBG [11/11/2018 08:20:35] - |D| - [1197629] - C:\Users\jean-\AppData\Local\ElevatedDiagnostics [11/11/2018 00:07:12] - |AH| - [7446] - C:\Users\jean-\AppData\Local\IconCache.db [11/11/2018 06:16:23] - |D| - [8940887] - C:\Users\jean-\AppData\Local\Intel [10/11/2018 21:51:11] - |D| - [0] - C:\Users\jean-\AppData\Local\LoopBackService [10/11/2018 21:48:41] - |D| - [233865272] - C:\Users\jean-\AppData\Local\Microsoft [10/11/2018 21:51:23] - |D| - [73646] - C:\Users\jean-\AppData\Local\MicrosoftEdge [11/11/2018 08:48:41] - |D| - [0] - C:\Users\jean-\AppData\Local\OneDrive [11/11/2018 06:11:56] - |D| - [361637736] - C:\Users\jean-\AppData\Local\Opera Software [10/11/2018 21:51:11] - |D| - [54663451] - C:\Users\jean-\AppData\Local\Packages [10/11/2018 22:08:31] - |D| - [0] - C:\Users\jean-\AppData\Local\PackageStaging [11/11/2018 00:10:35] - |D| - [0] - C:\Users\jean-\AppData\Local\PanelManager [10/11/2018 22:09:22] - |D| - [0] - C:\Users\jean-\AppData\Local\PlaceholderTileLogoFolder [11/11/2018 06:11:37] - |D| - [358256579] - C:\Users\jean-\AppData\Local\Programs [10/11/2018 21:51:17] - |D| - [0] - C:\Users\jean-\AppData\Local\Publishers [11/11/2018 00:10:35] - |D| - [0] - C:\Users\jean-\AppData\Local\SafiAgent [10/11/2018 21:48:41] - |D| - [53873523] - C:\Users\jean-\AppData\Local\Temp [10/11/2018 21:51:11] - |D| - [0] - C:\Users\jean-\AppData\Local\VirtualStore [10/11/2018 21:50:28] - |SD| - [949849] - C:\Users\jean-\AppData\LocalLow\Microsoft [10/11/2018 21:51:11] - |D| - [0] - C:\Users\jean-\AppData\Roaming\Adobe [11/11/2018 06:16:48] - |D| - [1912182] - C:\Users\jean-\AppData\Roaming\AVAST Software [11/11/2018 06:00:00] - |D| - [669575993] - C:\Users\jean-\AppData\Roaming\DRPSu [10/11/2018 21:48:41] - |SD| - [857914] - C:\Users\jean-\AppData\Roaming\Microsoft [11/11/2018 06:11:37] - |D| - [40438764] - C:\Users\jean-\AppData\Roaming\Opera Software [10/11/2018 21:51:12] - |SH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [10/11/2018 21:48:41] - |RD| - [22520] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/11/2018 21:48:41] - |RD| - [3888] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [10/11/2018 21:48:41] - |RD| - [2921] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/11/2018 21:51:12] - |RD| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/11/2018 21:51:12] - |SH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/11/2018 21:48:41] - |D| - [170] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [11/11/2018 06:11:50] - |A| - [1366] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk [10/11/2018 21:53:06] - |A| - [2403] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [10/11/2018 21:51:12] - |RD| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/11/2018 21:48:41] - |RD| - [3496] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [10/11/2018 21:48:41] - |RD| - [7754] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [10/11/2018 21:51:12] - |SH| - [174] - C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [07/12/2017 23:42:11] - |RHD| - [196] - C:\Users\Public\AccountPictures [29/09/2017 14:46:33] - |RHD| - [2960] - C:\Users\Public\Desktop [29/09/2017 14:46:38] - |ASH| - [174] - C:\Users\Public\desktop.ini [29/09/2017 14:46:33] - |RD| - [278] - C:\Users\Public\Documents [29/09/2017 14:46:33] - |RD| - [174] - C:\Users\Public\Downloads [29/09/2017 14:46:33] - |RHD| - [1174] - C:\Users\Public\Libraries [29/09/2017 14:46:33] - |RD| - [380] - C:\Users\Public\Music [29/09/2017 14:46:33] - |RD| - [380] - C:\Users\Public\Pictures [29/09/2017 14:46:33] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [11/11/2018 06:06:54] - |D| - [14245170] - C:\ProgramData\AVAST Software [07/12/2017 07:05:27] - |D| - [91350] - C:\ProgramData\Broadcom [07/12/2017 06:47:34] - |AD| - [0] - C:\ProgramData\CacheWrite [07/12/2017 07:00:43] - |D| - [148858936] - C:\ProgramData\Intel [07/12/2017 07:10:18] - |A| - [2064264] - C:\ProgramData\MakeMarkerFile.exe [07/12/2017 07:10:18] - |A| - [3004] - C:\ProgramData\MakeMarkerFile.xml [29/09/2017 14:46:33] - |SD| - [1050756956] - C:\ProgramData\Microsoft [07/12/2017 23:42:23] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [07/12/2017 07:00:12] - |D| - [20891695] - C:\ProgramData\Package Cache [11/11/2018 07:38:34] - |D| - [0] - C:\ProgramData\Packages [29/09/2017 14:46:33] - |D| - [0] - C:\ProgramData\regid.1991-06.com.microsoft [07/12/2017 07:05:31] - |D| - [776964] - C:\ProgramData\Samsung [29/09/2017 14:46:33] - |D| - [0] - C:\ProgramData\SoftwareDistribution [29/09/2017 14:46:33] - |D| - [15446] - C:\ProgramData\USOPrivate [07/12/2017 06:57:09] - |D| - [471040] - C:\ProgramData\USOShared [29/09/2017 15:42:41] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [29/09/2017 14:46:38] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [29/09/2017 14:46:33] - |RD| - [49525] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/09/2017 14:46:33] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [29/09/2017 14:46:33] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [29/09/2017 14:46:33] - |RD| - [21770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [11/11/2018 06:12:36] - |A| - [1979] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk [29/09/2017 14:46:38] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [11/11/2018 06:12:21] - |A| - [1005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [29/09/2017 14:43:11] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [29/09/2017 14:46:33] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [07/12/2017 07:06:02] - |D| - [4307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [29/09/2017 14:46:33] - |D| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [29/09/2017 14:46:33] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 14:46:38] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [07/12/2017 07:02:02] - |D| - [1793479] - C:\Program Files (x86)\Bluetooth Suite [29/09/2017 14:46:33] - |D| - [131939519] - C:\Program Files (x86)\Common Files [29/09/2017 14:46:37] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [07/12/2017 06:47:14] - |HD| - [46931576] - C:\Program Files (x86)\InstallShield Installation Information [07/12/2017 07:00:44] - |D| - [17951216] - C:\Program Files (x86)\Intel [29/09/2017 14:46:33] - |D| - [2048907] - C:\Program Files (x86)\Internet Explorer [29/09/2017 14:46:33] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [11/11/2018 06:12:20] - |D| - [286643] - C:\Program Files (x86)\Mozilla Maintenance Service [10/10/2017 17:45:23] - |D| - [25757] - C:\Program Files (x86)\MSBuild [07/12/2017 07:01:24] - |D| - [6830294] - C:\Program Files (x86)\Qualcomm [07/12/2017 06:47:14] - |D| - [4886729] - C:\Program Files (x86)\Realtek [10/10/2017 17:45:23] - |D| - [44260609] - C:\Program Files (x86)\Reference Assemblies [07/12/2017 07:05:14] - |D| - [21559691] - C:\Program Files (x86)\Samsung [07/12/2017 07:06:13] - |D| - [2399176] - C:\Program Files (x86)\Show Window [07/12/2017 06:47:14] - |HD| - [0] - C:\Program Files (x86)\Temp [07/12/2017 07:03:13] - |D| - [861048] - C:\Program Files (x86)\VulkanRT [29/09/2017 14:46:33] - |D| - [2085128] - C:\Program Files (x86)\Windows Defender [29/09/2017 14:46:33] - |D| - [627712] - C:\Program Files (x86)\Windows Mail [29/09/2017 15:41:40] - |D| - [3712455] - C:\Program Files (x86)\Windows Media Player [29/09/2017 14:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Multimedia Platform [29/09/2017 14:46:33] - |D| - [8293570] - C:\Program Files (x86)\windows nt [29/09/2017 14:46:33] - |D| - [5598000] - C:\Program Files (x86)\Windows Photo Viewer [29/09/2017 14:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Portable Devices [29/09/2017 14:46:33] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [29/09/2017 14:46:33] - |D| - [2782427] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [11/11/2018 06:07:29] - |D| - [1021896545] - C:\Program Files\AVAST Software [29/09/2017 14:46:33] - |D| - [94327958] - C:\Program Files\Common Files [29/09/2017 14:46:37] - |ASH| - [174] - C:\Program Files\desktop.ini [07/12/2017 07:00:14] - |D| - [117802061] - C:\Program Files\Intel [29/09/2017 14:46:33] - |D| - [2672494] - C:\Program Files\internet explorer [11/11/2018 06:12:15] - |D| - [149927834] - C:\Program Files\Mozilla Firefox [10/10/2017 17:45:23] - |D| - [25757] - C:\Program Files\MSBuild [07/12/2017 06:47:24] - |D| - [26127208] - C:\Program Files\Realtek [10/10/2017 17:45:23] - |D| - [45455017] - C:\Program Files\Reference Assemblies [10/11/2018 22:29:46] - |D| - [3315358] - C:\Program Files\rempl [07/12/2017 07:04:09] - |D| - [122767476] - C:\Program Files\Samsung [07/12/2017 23:39:37] - |HD| - [0] - C:\Program Files\Uninstall Information [29/09/2017 14:46:33] - |RD| - [33980165] - C:\Program Files\Windows Defender [29/09/2017 14:46:33] - |D| - [638976] - C:\Program Files\Windows Mail [29/09/2017 15:41:40] - |D| - [5481963] - C:\Program Files\Windows Media Player [29/09/2017 14:46:33] - |D| - [49680] - C:\Program Files\Windows Multimedia Platform [29/09/2017 14:46:33] - |D| - [8561346] - C:\Program Files\windows nt [29/09/2017 14:46:33] - |D| - [6376248] - C:\Program Files\Windows Photo Viewer [29/09/2017 14:46:33] - |D| - [49688] - C:\Program Files\Windows Portable Devices [29/09/2017 14:46:33] - |D| - [96941] - C:\Program Files\Windows Security [29/09/2017 14:46:33] - |SHD| - [0] - C:\Program Files\Windows Sidebar [29/09/2017 14:46:33] - |HD| - [6072996279] - C:\Program Files\WindowsApps [29/09/2017 14:46:33] - |D| - [3158149] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [07/12/2017 07:02:17] - |D| - [0] - C:\Program Files (x86)\Common Files\Atheros [07/12/2017 07:03:05] - |D| - [106497925] - C:\Program Files (x86)\Common Files\Intel [29/09/2017 14:46:33] - |D| - [14286008] - C:\Program Files (x86)\Common Files\microsoft shared [07/12/2017 07:01:22] - |D| - [73833] - C:\Program Files (x86)\Common Files\Qualcomm [29/09/2017 14:46:33] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [29/09/2017 14:46:33] - |D| - [11079051] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [11/11/2018 06:10:57] - |D| - [4076640] - C:\Program Files\Common files\AVAST Software [29/09/2017 14:46:33] - |D| - [78541341] - C:\Program Files\Common files\microsoft shared [29/09/2017 14:46:33] - |D| - [2702] - C:\Program Files\Common files\Services [29/09/2017 14:46:33] - |D| - [11707275] - C:\Program Files\Common files\system ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [07/12/2017 23:39:31] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.DBA7DCAFAE3BA58A8B4DCCC5F2229070] - [11/11/2018 06:11:15] - |A| - [3990] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [11/11/2018 06:11:29] - |D| - [3996] - C:\Windows\System32\Tasks\Avast Software [MD5.09650088CE3965E8EB34EB949C199736] - [07/12/2017 07:00:48] - |A| - [3118] - C:\Windows\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.00000000000000000000000000000000] - [29/09/2017 14:46:34] - |D| - [526536] - C:\Windows\System32\Tasks\Microsoft [MD5.B449FC46283C6EB90F5587DA40C6CC95] - [07/12/2017 23:42:48] - |A| - [2764] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7653C02C22F5615D3AB6DF661DE8431B] - [10/11/2018 21:54:27] - |A| - [3372] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-85169472-1442237754-271036338-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.7C14A5C5702D2B54E6A33BC3ED9F6A07] - [11/11/2018 06:11:53] - |A| - [4236] - C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1541913108 : C:\Users\jean-\AppData\Local\Programs\Opera\launcher.exe [MD5.9868BB984AE031B9D537DD3F7F088717] - [07/12/2017 07:06:43] - |A| - [2322] - C:\Windows\System32\Tasks\SAgent : "C:\Program Files\Samsung\S Agent\CommonAgent.exe" [MD5.00000000000000000000000000000000] - [07/12/2017 07:06:37] - |D| - [2430] - C:\Windows\System32\Tasks\Samsung [MD5.00000000000000000000000000000000] - [07/12/2017 07:03:20] - |D| - [2908] - C:\Windows\System32\Tasks\SecTimeSync [MD5.0FD61292CA2B2008E1FAF57F31171579] - [07/12/2017 07:06:13] - |A| - [2268] - C:\Windows\System32\Tasks\ShowWindow : "C:\Program Files (x86)\Show Window\Show Window.exe" [MD5.00000000000000000000000000000000] - [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{E1EB56F1-85A6-4387-A8AE-5D38EBC72CCD}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-85169472-1442237754-271036338-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{DDF6792C-3BC4-4AC0-8BB4-1BD7F4CB2557}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe|Name=Samsung System Agent| "{A20101A7-7E62-4C33-B183-A4149585476D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{C4838C36-52D1-4C81-9A31-BB05BF32135C}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{983F99D4-FE20-44F3-AB55-A4C2BD687918}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ| "{2DCF7836-00AE-4B45-93F2-7A76924451F0}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C0D87C9D-EE86-49A1-844A-407026675D66}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Minecraft for Windows 10|Desc=Minecraft for Windows 10|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-1958404141-86561845-1752920682-3514627264-368642714-62675701-733520436|EmbedCtxt=Minecraft for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{24C52061-5C27-4D30-80C3-240D7989F910}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Minecraft for Windows 10|Desc=Minecraft for Windows 10|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-1958404141-86561845-1752920682-3514627264-368642714-62675701-733520436|EmbedCtxt=Minecraft for Windows 10|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{025E14D9-9855-4C48-9C46-00B27E14B3EE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| "{17FDB3F5-80F1-487B-A2E9-218992127AE3}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "{AD607CCD-1434-4E13-9F61-CB3C69A1E307}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\jean-\AppData\Local\Temp\7ZipSfx.000\bin\tools\aria2c.exe|Name=DriverPack aria2c.exe| "{CB639959-F027-4446-A35D-157D0C0BBB83}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe|Name=Avast Emergency Update| "{06FC94C6-1BA7-4B93-8BFE-A3F2B3C55345}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe|Name=Avast Emergency Update| "{0C10879B-0F99-46AE-92E0-A195F1C3EEE4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\jean-\AppData\Local\Programs\Opera\55.0.2994.37\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| "{C25226FB-0804-4538-AB69-C682E86F621E}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\jean-\AppData\Local\Programs\Opera\56.0.3051.99\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| "{AE64B205-4134-46AB-8977-64B6567ACB4A}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|Desc=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-4248244739-1195083218-694258176-94989366-335876269-79066479-1955954467|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|Platform=2:6:2|Platform2=GTEQ| "{C576668B-B2BC-4490-8109-100B44C1AC47}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{94F041FE-E468-4728-9613-C13DE58AAF21}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{46186273-CA40-486F-B051-E33C34D5F63D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B3EA4923-5AC6-4A96-B68F-DA4F71E438ED}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{E578E784-D886-496A-B6C9-9415B91DCCED}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A2673AB4-3418-4B7A-AFFB-29BDE4DF1A66}C:\users\jean-\downloads\sdi_r1809\sdi_x64_r1809.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\jean-\downloads\sdi_r1809\sdi_x64_r1809.exe|Name=sdi_x64_r1809.exe|Desc=sdi_x64_r1809.exe|Defer=User| "UDP Query User{94D34D5C-5EF7-4C6A-8066-474C5FF32CAF}C:\users\jean-\downloads\sdi_r1809\sdi_x64_r1809.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\jean-\downloads\sdi_r1809\sdi_x64_r1809.exe|Name=sdi_x64_r1809.exe|Desc=sdi_x64_r1809.exe|Defer=User| "{F325BFE4-A30C-4924-B935-6A3EB22D0730}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Samsung Notes|Desc=Samsung Notes|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2319996878-402160400-1732427392-1247446112-3351234178-1901033953-1076141780|EmbedCtxt=Samsung Notes|Platform=2:6:2|Platform2=GTEQ| "{2781D8DF-4171-4592-85D7-ECDD636843ED}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{C209DD25-9007-4BF8-93FD-BA68DA0B7696}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{6D2F45A1-4E5E-4449-B874-E73122F1CC0A}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{7A093D0E-BE0E-47D0-9E7B-7659AB00DF1D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{D960F481-5C0E-48EF-8A0F-1FE96123AA71}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=50001-50200|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{70576635-7B92-4345-8D20-B0A5A666767B}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=50001-50200|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5A3ADC63-4166-42B4-AE89-8F297B5DDB31}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{E0E687BA-B073-4AEF-A1D5-5765ED8344B5}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D3A55F08-FFE7-4F30-8261-9AC85F46FE76}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Public|IFType=Wireless|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{423EB507-787D-4DD3-85E1-998DF2BCBE37}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Public|IFType=Wireless|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{5FFC7A3C-6895-40D9-8636-D7AAA56B09E6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{D5851507-C62D-4732-848B-0389E423BA45}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{6A6CD317-E75F-4109-B92C-B6F4BD39427D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{28341EA7-2D1B-49C4-8A61-0F7EC558A3EF}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-85169472-1442237754-271036338-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c3077fcd-9c3c-482f-9317-460712f23efd}] : (DPTF) [] -> @oem14.inf,%ClassName%;Intel(R) Dynamic Platform and Thermal Framework [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D2C30470-3890-4CC2-86D4-FBDB08727EB6}] : (msgpiowin32) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [12/05/2017 03:42:25] - (1.0.0.1) - (Samsung Electronics Co.,Ltd. - Samsung AMOLED panel driver) - C:\Windows\system32\DRIVERS\SAMOPanel.sys [11/10/2017 03:42:24] - (1.0.0.0) - (Samsung Electronics Co.,Ltd. - Samsung Firmware Interface Driver) - C:\Windows\System32\drivers\SafiDrv.sys [08/11/2017 20:32:32] - (12.0.0.722) - (Qualcomm Atheros, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver) - C:\Windows\System32\drivers\Qcamain10x64.sys [19/01/2017 21:29:42] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\AppNodeEnum.sys [03/02/2017 08:40:22] - (0.0.0.0) - ( -) - C:\Windows\System32\drivers\TchS2Helper.sys [28/09/2017 01:42:25] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\PenS2Helper.sys [08/11/2017 20:32:08] - (10.0.0.709) - (Qualcomm - BT Filter) - C:\Windows\system32\DRIVERS\btfilter.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: PNP Filter - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: System - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 77 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 78 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Antivirus" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="igfxCUIService2.0.0.0" LoadOrderGroup.Name="TDI" - Service.Name="irmon" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="Base" - Service.Name="MdmLdrSvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="Base" - Service.Name="PanelManagerSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="Base" - Service.Name="RCD" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="Base" - Service.Name="SafiService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="Base" - Service.Name="Samsung Pen Service" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="aswElam" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="aswKbd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="aswMonFlt" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswRdr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswRvrt" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="aswSnx" LoadOrderGroup.Name="FSFilter Security Enhancer" - SystemDriver.Name="aswSP" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="aswStm" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswVmm" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="BHTPCRDR" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CSI2HostControllerDriver" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_acpi" LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_cpu" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Base" - SystemDriver.Name="esif_lf" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice" LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_GPIO2" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_UART2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorA" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAC" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx" LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="IntcAudioBus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="IntcOED" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip" LoadOrderGroup.Name="Base" - SystemDriver.Name="MdmIf" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ModemCtrl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="PenS2Helper" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Qcamain10x64" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rtux64w10" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="Base" - SystemDriver.Name="SafiDrv" LoadOrderGroup.Name="Base" - SystemDriver.Name="SAMOPanel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="supportdriver" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="TchS2Helper" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wdnsfltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wmbclass" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsha.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswblog (aswblog) -> system32\drivers\aswbloga.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniva.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswElam (aswElam) -> system32\drivers\aswElam.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iaStorAC (@oem57.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller) -> System32\drivers\iaStorAC.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdrivera.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswHdsKe (aswHdsKe) -> system32\drivers\aswHdsKe.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SafiDrv (@oem5.inf,%SafiDrv.SVCDESC%;SafiDrv Service) -> \SystemRoot\System32\drivers\SafiDrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SAMOPanel (@oem24.inf,%SAMOPanel.SVCDESC%;SAMOPanel Service) -> \SystemRoot\system32\DRIVERS\SAMOPanel.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - AppNodeEnum (@oem37.inf,%AppNodeEnum.SVCDESC%;AppNodeEnum Service) -> \SystemRoot\system32\DRIVERS\AppNodeEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - aswHwid (aswHwid) -> system32\drivers\aswHwid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BcmGnssBus (@oem39.inf,%BcmGnssDriver.SVCDESC%;Broadcom GNSS Bus Driver disk) -> \SystemRoot\System32\drivers\BcmGnssBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BHTPCRDR () -> \SystemRoot\System32\drivers\bhtpcrdr.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BtFilter (BtFilter) -> \SystemRoot\system32\DRIVERS\btfilter.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Service d’énumérateur Bluetooth) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - bthl2cap (@bthl2cap.inf,%bthl2cap_desc%;Microsoft Bluetooth Protocol Support Driver) -> \SystemRoot\system32\DRIVERS\bthl2cap.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver) -> \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Pilote pour Batterie à méthode de contrôle ACPI Microsoft) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CSI2HostControllerDriver (@oem46.inf,%CSI2HostControllerDriver.SVCDESC%;Intel(R) CSI2 Host Controller services) -> \SystemRoot\System32\drivers\CSI2HostControllerDriver.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - dptf_acpi () -> \SystemRoot\System32\drivers\dptf_acpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - dptf_cpu () -> \SystemRoot\System32\drivers\dptf_cpu.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - esif_lf () -> \SystemRoot\system32\DRIVERS\esif_lf.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wGenCounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Miniport HID Microsoft Bluetooth) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Pilote de classe HID Microsoft) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iacamera64 (@oem30.inf,%iacamera64.DeviceDesc%;Intel(R) AVStream Camera 2500) -> \SystemRoot\system32\DRIVERS\iacamera64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iactrllogic (@oem47.inf,%iactrllogic.SVCDESC%;Intel(R) Control Logic) -> \SystemRoot\System32\drivers\iactrllogic64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - iaLPSS2_GPIO2 (@oem52.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_GPIO2.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_I2C (@oem53.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_I2C.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_UART2 (@oem54.inf,%iaLPSS2_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_UART2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ICCWDT (@oem44.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT)) -> \SystemRoot\System32\drivers\ICCWDT.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - igfx () -> \SystemRoot\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b846bbf1e81ea3cf\igdkmd64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IMX241 (@oem45.inf,%IMX241.SVCDESC%;Camera Sensor IMX241) -> \SystemRoot\System32\drivers\imx241.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IMX258 (@oem26.inf,%IMX258.SVCDESC%;Camera Sensor IMX258) -> \SystemRoot\System32\drivers\imx258.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IntcAudioBus (@oem2.inf,%IntcAudioBus.SVCDESC%;Intel(R) Smart Sound Technology (Intel(R) SST) Bus) -> \SystemRoot\System32\drivers\IntcAudioBus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IntcDAud (@oem17.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio) -> \SystemRoot\system32\DRIVERS\IntcDAud.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IntcOED (@oem3.inf,%IntcOED.SVCDESC%;Intel(R) Smart Sound Technology (Intel(R) SST) OED) -> \SystemRoot\System32\drivers\IntcOED.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - invdimm (@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver) -> \SystemRoot\System32\drivers\invdimm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Pilote de la classe Clavier) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MdmIf (@oem20.inf,%MdmIfSvcDesc%;Modem Interface driver for Xmm726x) -> \SystemRoot\System32\Drivers\MdmIf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MEIx64 (@oem51.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface) -> \SystemRoot\System32\drivers\TeeDriverW8x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ModemCtrl (@oem20.inf,%ModemCtrlSvcDesc%;ModemCtrl Service) -> \SystemRoot\System32\drivers\ModemCtrl.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mshidkmdf () -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\todo.sys,-101;NDIS Proxy) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - NTFS () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nvdimmn (@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver) -> \SystemRoot\System32\drivers\nvdimmn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PenS2Helper (@oem33.inf,%PenS2Helper.SVCDESC%;PenS2Helper Service) -> \SystemRoot\system32\DRIVERS\PenS2Helper.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> \SystemRoot\System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Qcamain10x64 (@oem60.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver) -> \SystemRoot\System32\drivers\Qcamain10x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> \SystemRoot\System32\drivers\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - rtux64w10 (@rtux64w10.inf,%Rtlunic.Service.DispName%;Realtek USB FE/GbE NIC Family Windows 10 64-bit Driver) -> \SystemRoot\System32\drivers\rtux64w10.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SkcController (@oem25.inf,%SkcController.SVCDESC%;Intel(R) Control Logic) -> \SystemRoot\System32\drivers\SkcController.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - supportdriver (@oem50.inf,%supportdriver.SVCDESC%;Intel(R) Imaging Signal Processor 2500) -> \SystemRoot\System32\drivers\iaisp64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TchS2Helper (@oem32.inf,%TchS2Helper.SVCDESC%;TchS2Helper Service) -> \SystemRoot\System32\drivers\TchS2Helper.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - tsusbflt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> System32\drivers\TsUsbFlt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - VirtualButtons (@oem55.inf,%VirtualButtons%;Intel(R) Virtual Buttons) -> \SystemRoot\System32\drivers\VirtualButtons.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vnvdimm (@vnvdimm.inf,%vnvdimm.SvcDesc%;Microsoft virtual NVDIMM device driver) -> \SystemRoot\System32\drivers\vnvdimm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\drivers\wd\WdNisDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wdnsfltr (Windows Defender Network Stream Filter Driver) -> system32\drivers\wdnsfltr.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wmbclass (@netwmbclass.inf,%wmbclass.Service.DispName%;USB Mobile Broadband Adapter Driver) -> \SystemRoot\System32\drivers\wmbclass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}] : (S Agent.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{0052BF58-5307-4F7D-A379-8F4EC9212FA8} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06886E89-6E1B-4DD9-87F9-B9E25F63D74F}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{06886E89-6E1B-4DD9-87F9-B9E25F63D74F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{125B62DE-4575-4D4D-982F-AB6F9E913B54}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{125B62DE-4575-4D4D-982F-AB6F9E913B54} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20CA507E-24AA-4741-87CF-CC1B250790B7}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{258E992F-46AD-45FB-B83B-0CE0EC6FC549}] : (Intel(R) Management Engine Driver.-.Intel Corporation) -> MsiExec.exe /I{258E992F-46AD-45FB-B83B-0CE0EC6FC549} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}] : (Qualcomm Atheros Bluetooth Installer (64).-.Qualcomm Atheros) -> MsiExec.exe /X{628988B4-3FA5-4EA6-BAA3-DA640F6718BD} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81520FC5-3518-40E9-9803-70CE8A801D07}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{81520FC5-3518-40E9-9803-70CE8A801D07} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8B4DBB94-B69B-4C4F-AADD-C10CFB220F1F}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{8B4DBB94-B69B-4C4F-AADD-C10CFB220F1F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C0C78593-1CF0-4CD8-A80C-191FE561F5A5}] : (WlSarService.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{C0C78593-1CF0-4CD8-A80C-191FE561F5A5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C442}] : (Intel(R) Trusted Connect Service Client x64.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C442} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D21EED26-59C0-4315-BDCC-D682496465E9}] : (Samsung Recovery.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{D21EED26-59C0-4315-BDCC-D682496465E9} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DF4E2424-348F-4227-9096-8EA478DFAB4E}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{DF4E2424-348F-4227-9096-8EA478DFAB4E} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5493FC89-21E8-4D88-BCA1-4D33F1410968}] : (Air Command.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{5493FC89-21E8-4D88-BCA1-4D33F1410968} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56C76A75-BF3A-41E9-96D6-929E058DD38F}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{56C76A75-BF3A-41E9-96D6-929E058DD38F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{87A08690-781E-4A8E-8300-775A2EA02932}] : (Show Window.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{87A08690-781E-4A8E-8300-775A2EA02932} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C441}] : (Intel(R) Trusted Connect Service Client x86.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C441} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CDB4F12C-2E9E-48CC-8591-663964C1BAE3}] : (Samsung System Agent.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{CDB4F12C-2E9E-48CC-8591-663964C1BAE3} ---------- | Ports ---------- | Microsoft Specifications ---------- | CLSID (Whitelist) [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll [29/09/2017 14:42:13] [HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll [HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\X86\MpOav.dll" [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{3647D1DF-A67B-4882-A74E-67EEB4178F89}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [10/11/2018 22:33:45] [HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{51FC9E18-6E66-4BE2-BA40-3F68213E6EC0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [10/11/2018 22:33:45] [HKCR\CLSID\{54B7D246-951E-4BEA-B551-93D178284D13}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [10/11/2018 22:33:45] [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll [HKCR\CLSID\{8839A1BA-6D01-4525-98EB-723C628320F0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [10/11/2018 22:33:45] [HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}] - (.-.) - %windir%\system32\F12\msdbg2.dll [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [29/09/2017 14:42:24] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll [HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll ---------- | Installer [HKCR\Installer\Products\09680A78E187E8A4380077A5E20A9223] : Show Window -> C:\windows\Installer\{87A08690-781E-4A8E-8300-775A2EA02932}\icon.exe [HKCR\Installer\Products\30DD1C25E4016CA4D96C125D5827E11D] : UpdateAssistant [HKCR\Installer\Products\39587C0C0FC18DC48AC091F15E165F5A] : WlSarService [HKCR\Installer\Products\4242E4FDF84372240969E84A87FDBAE4] : Intel(R) Management Engine Components [HKCR\Installer\Products\4B8898265AF36AE4AB3AAD46F07681DB] : Qualcomm Atheros Bluetooth Installer (64) -> C:\windows\Installer\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C14] : Intel(R) Trusted Connect Service Client x86 [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C24] : Intel(R) Trusted Connect Service Client x64 [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5CF0251881539E04893007ECA808D170] : Intel(R) Chipset Device Software [HKCR\Installer\Products\62DEE12D0C955134DBCC6D289446569E] : Samsung Recovery -> C:\windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\75B373813CF4A1B4593B7A5ECD5A777F] : Qualcomm Atheros Setup -> C:\windows\Installer\{18373B57-4FC3-4B1A-95B3-A7E5DCA577F7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\85FB25007035D7F43A97F8E49C12F28A] : S Agent [HKCR\Installer\Products\98CF39458E1288D4CB1AD4331F149086] : Air Command -> C:\windows\Installer\{5493FC89-21E8-4D88-BCA1-4D33F1410968}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\98E68860B1E69DD4789F9B2EF5367DF4] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\C21F4BDCE9E2CC8458196693461CAB3E] : Samsung System Agent [HKCR\Installer\Products\D6B48619D35121C46B1B957F94B64EA4] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\ED26B5215754D4D489F2BAF6E919B345] : Intel(R) Management Engine Components [HKCR\Installer\Products\F299E852DA64BF548BB3C00ECEF65C94] : Intel(R) Management Engine Driver ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante backgroundTaskHost.exe, version : 10.0.16299.15, horodatage : 0x290d9f78 Nom du module défaillant : biwinrt.dll, version : 10.0.16299.15, horodatage : 0x8f6712a3 Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000000e38d ID du processus défaillant : 0x2ba8 Heure de début de l’application défaillante : 0x01d479d6b64d7d33 Chemin d’accès de l’application défaillante : C:\Windows\system32\backgroundTaskHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\biwinrt.dll ID de rapport : 56509f2b-7372-4e33-b8c0-349d42122e23 Nom complet du package défaillant : Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SystemSettings.exe, version : 10.0.16299.15, horodatage : 0x7640753d Nom du module défaillant : ntdll.dll, version : 10.0.16299.665, horodatage : 0x2e74e364 Code d’exception : 0xc0000409 Décalage d’erreur : 0x00000000000a4e10 ID du processus défaillant : 0x2628 Heure de début de l’application défaillante : 0x01d4798f60b41832 Chemin d’accès de l’application défaillante : C:\Windows\ImmersiveControlPanel\SystemSettings.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 4035a3a4-ea50-48fe-a748-a032fe32a9aa Nom complet du package défaillant : windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : microsoft.windows.immersivecontrolpanel ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ ShellExperienceHost (7368,P,0) TILEREPOSITORYS-1-5-21-85169472-1442237754-271036338-1001: Une tentative d’ouverture de l’appareil « \\.\C: » contenant « C:\ » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération va échouer en indiquant l’erreur -1032 (0xfffffbf8). ------------ ShellExperienceHost (7368,P,0) TILEREPOSITORYS-1-5-21-85169472-1442237754-271036338-1001: Une tentative d’ouverture de l’appareil « \\.\C: » contenant « C:\ » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération va échouer en indiquant l’erreur -1032 (0xfffffbf8). ------------ ShellExperienceHost (7368,P,0) TILEREPOSITORYS-1-5-21-85169472-1442237754-271036338-1001: Une tentative d’ouverture de l’appareil « \\.\C: » contenant « C:\ » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération va échouer en indiquant l’erreur -1032 (0xfffffbf8). ------------ ShellExperienceHost (7368,P,0) TILEREPOSITORYS-1-5-21-85169472-1442237754-271036338-1001: Une tentative d’ouverture de l’appareil « \\.\C: » contenant « C:\ » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération va échouer en indiquant l’erreur -1032 (0xfffffbf8). ------------ ShellExperienceHost (7368,P,0) TILEREPOSITORYS-1-5-21-85169472-1442237754-271036338-1001: Une tentative d’ouverture de l’appareil « \\.\C: » contenant « C:\ » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération va échouer en indiquant l’erreur -1032 (0xfffffbf8). ------------ ShellExperienceHost (7368,P,0) TILEREPOSITORYS-1-5-21-85169472-1442237754-271036338-1001: Une tentative d’ouverture de l’appareil « \\.\C: » contenant « C:\ » a échoué en indiquant l’erreur système 5 (0x00000005) : « Accès refusé.  ». L’opération va échouer en indiquant l’erreur -1032 (0xfffffbf8). ------------ Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. ------------ Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON. ------------ Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0x80072EE7 Arguments de la ligne de commande : RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=0567073a-7d74-403b-b2d5-6b35da372d8d;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 ------------ L’acquisition de la licence d’utilisateur final a échoué. hr=0x80072EE7 Id Sku=0567073a-7d74-403b-b2d5-6b35da372d8d ------------ Détails de l’échec d’acquisition de la licence. hr=0x80072EE7 ------------ Le démarrage de cette application a été plus long que l’habitude ce qui a entraîné une dégradation des performances du processus de démarrage du système : Nom du fichier : Devic Nom convivial : Version : Durée totale : 28888ms Durée de la dégradation : 21388ms Heure de l’incident (UTC) : ?2018?-?11?-?11T07:13:08.764978900Z ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} et l’APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} au SID DESKTOP-LI80V1P\jean- de l’utilisateur (S-1-5-21-85169472-1442237754-271036338-1001) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Microsoft.Windows.ContentDeliveryManager_10.0.16299.637_neutral_neutral_cw5n1h2txyewy du conteneur d’applications (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} et l’APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants. ------------ ----------( EOF)---------- - 7564 | 16:58:50